marionnet-0.90.6+bzr508.orig/0000755000175000017500000000000013175722672014603 5ustar lucaslucasmarionnet-0.90.6+bzr508.orig/motherboard_builder.ml0000644000175000017500000001437013175722671021155 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2009, 2010 Jean-Vincent Loddo Copyright (C) 2009, 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) open Gettext;; #load "include_type_definitions_p4.cmo" ;; INCLUDE DEFINITIONS "motherboard_builder.mli" ;; module Make (S : sig val st:State.globalState end) = struct open S let w = st#mainwin (* ---------------------------------------- Reactive window title ---------------------------------------- *) (* Reactive setting: st#project_filename -> w#window_MARIONNET#title *) let update_main_window_title : Thunk.id = Cortex.on_commit_append (st#project_paths#filename) (fun _ filename -> (* previous and commited state *) let title = match filename with | None -> Initialization.window_title | Some filename -> Printf.sprintf "%s - %s" (Initialization.window_title) (filename) in w#window_MARIONNET#set_title (title)) (* ---------------------------------------- Reactive sensitiveness ---------------------------------------- *) (* Note: why the GC doesn't free this structure (and the related trigger)? *) let update_project_state_sensitiveness = Cortex.group_pair ~on_commit:(fun (_,_) (filename, nodes) -> (* previous and commited state *) (* Convenient aliases: *) let wa = (st#sensitive_when_Active) in let wr = (st#sensitive_when_Runnable) in let wn = (st#sensitive_when_NoActive) in (* --- *) let active = (filename <> None) in let runnable = active && (not (Queue.is_empty nodes)) in let () = Log.printf2 "update_project_state_sensitiveness: state project is: active=%b runnable=%b\n" (active) (runnable) in match active, runnable with | false, _ -> StackExtra.iter (fun x->x#misc#set_sensitive false) (wa); StackExtra.iter (fun x->x#misc#set_sensitive false) (wr); StackExtra.iter (fun x->x#misc#set_sensitive true) (wn); (* --- *) | true, false -> StackExtra.iter (fun x->x#misc#set_sensitive true) (wa); StackExtra.iter (fun x->x#misc#set_sensitive false) (wr); StackExtra.iter (fun x->x#misc#set_sensitive false) (wn); (* --- *) | true, true -> StackExtra.iter (fun x->x#misc#set_sensitive true) (wa); StackExtra.iter (fun x->x#misc#set_sensitive true) (wr); StackExtra.iter (fun x->x#misc#set_sensitive false) (wn); ) (* end of ~on_commit *) (* --- *) (st#project_paths#filename) (* first member of the group *) (st#network#nodes) (* second member of the group *) (* Reactive setting: st#network#nodes -> cable's menu sensitiveness. Forbid cable additions if there are not enough free ports; explicitly enable them if free ports are enough: *) let update_cable_menu_entries_sensitiveness : unit = (* The previous and commited state are ignored. This kind of code (on_commit) is outside a critical section, so we can comfortably re-call st#network methods: *) let reaction _ _ = let () = Log.printf1 "update_cable_menu_entries_sensitiveness: updating %d widgets\n" (StackExtra.length st#sensitive_cable_menu_entries) in let condition = st#network#are_there_almost_2_free_endpoints in (StackExtra.iter (fun x->x#misc#set_sensitive condition) st#sensitive_cable_menu_entries) in let _ = Cortex.on_commit_append (st#network#nodes) (reaction) in let _ = Cortex.on_commit_append (st#network#cables) (reaction) in () (* Called in marionnet.ml before entering the main loop: *) let sensitive_widgets_initializer () = let () = StackExtra.iter (fun x->x#misc#set_sensitive false) (st#sensitive_when_Active) in let () = StackExtra.iter (fun x->x#misc#set_sensitive false) (st#sensitive_when_Runnable) in let () = StackExtra.iter (fun x->x#misc#set_sensitive true) (st#sensitive_when_NoActive) in (* --- *) let () = StackExtra.iter (fun x->x#misc#set_sensitive false) (st#sensitive_cable_menu_entries) in () (* ---------------------------------------- Reactive sketch ---------------------------------------- *) (* --- *) let () = let d = st#network#dotoptions in let update = (fun _ _ -> st#refresh_sketch) in let _ = Cortex.on_commit_append (d#iconsize) (update) in let _ = Cortex.on_commit_append (d#rankdir) (update) in let _ = Cortex.on_commit_append (d#curved_lines) (update) in let _ = Cortex.on_commit_append (d#shuffler) (update) in let _ = Cortex.on_commit_append (d#nodesep) (update) in let _ = Cortex.on_commit_append (d#labeldistance) (update) in let _ = Cortex.on_commit_append (d#extrasize) (update) in () (* ---------------------------------------- Debugging ---------------------------------------- *) (* Debugging: press F5 for immediately exiting the gtk main loop (only in the toplevel) *) let _ = if !Sys.interactive then let stars = "*************************************" in Printf.kfprintf flush stdout "%s\nPress F5 to switch to the toplevel.\n%s\n\n" stars stars; ignore (st#mainwin#toplevel#event#connect#key_press ~callback:(fun k -> (match (GdkEvent.Key.keyval k) = GdkKeysyms._F5 with | true -> Printf.kfprintf flush stdout "%s\nYou are now in the toplevel.\nType:\nGMain.Main.main ();;\nto come back to the Marionnet window.\n%s\n\n" stars stars; GtkMain.Main.quit () | false -> () ); false)) else () end marionnet-0.90.6+bzr508.orig/message_passing.ml0000644000175000017500000000520313175722671020304 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2007, 2008 Luca Saiu Copyright (C) 2010 Jean-Vincent Loddo Copyright (C) 2007, 2008, 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) (** A general-purpose message-passing facility, with transparent thread synchronization *) class ['a] queue = object(self) val elements = ref [] val mutex = Mutex.create () val empty_condition = Condition.create () (** This is not synchronized *) method private __empty = !elements = [] method enqueue x = Mutex.lock mutex; elements := !elements @ [x]; Condition.signal empty_condition; Mutex.unlock mutex (* This allows the user to use the queue as a deque, for 'urgent' messages, like thread termination requests: *) method prepend x = Mutex.lock mutex; elements := x :: !elements; Condition.signal empty_condition; Mutex.unlock mutex method dequeue : 'a = Mutex.lock mutex; while self#__empty do Condition.wait empty_condition mutex; done; let result = match !elements with x :: rest -> elements := rest; x | _ -> assert false in Mutex.unlock mutex; result end;; (* let queue = new queue;; let make_producer () = Thread.create (fun () -> while true do queue#enqueue (Random.int 1000); done) ();; let make_consumer = let consumer_next_id = ref 1 in fun () -> let id = ! consumer_next_id in consumer_next_id := !consumer_next_id + 1; Thread.create (fun () -> while true do Log.printf "From consumer %i: got %i\n" id (queue#dequeue); flush_all (); done) ();; let w = new task_runner;; let make_producer x = Thread.create (fun () -> while true do w#schedule (fun () -> Log.printf "%i" x; flush_all ()); done) ();; let _ = make_producer 1;; let _ = make_producer 2;; let _ = make_producer 3;; let _ = make_producer 4;; let _ = make_producer 5;; let _ = make_producer 6;; Unix.sleep 30;; w#terminate;; *) marionnet-0.90.6+bzr508.orig/scripts/0000755000175000017500000000000013175722671016271 5ustar lucaslucasmarionnet-0.90.6+bzr508.orig/scripts/marionnet_telnet.sh0000755000175000017500000000734313175722671022206 0ustar lucaslucas#!/bin/bash # This file is part of Marionnet, a virtual network laboratory # Copyright (C) 2017 Jean-Vincent Loddo # Copyright (C) 2017 Université Paris 13 # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # --- # Usage: marionnet_telnet.sh HOST PORT TIMEOUT # Add a timeout functionality to the standard program `telnet' # --- # Check dependencies: type -t telnet &>/dev/null || exit 127 type -t grep &>/dev/null || exit 127 type -t rm &>/dev/null || exit 127 # --- function usage { local EXIT_CODE=${1:-0} echo "Usage: marionnet_telnet.sh HOST [PORT] [TIMEOUT]" echo "---" echo "Add a timeout functionality to the standard program \`telnet'." echo "By default, PORT is set to 23, TIMEOUT is set to 30 (seconds)." echo "---" echo "This utility is called by marionnet (on ports 2601..2612) to" echo "activate Quagga terminals (CISCO-IOS-like commands)." exit $EXIT_CODE } # I dont want suppose the presence of `mktemp': function simple_mktemp { local RESULT="${TMPDIR:-/tmp}/simple_mktemp".$RANDOM if [[ -f $RESULT ]]; then simple_mktemp; else >$RESULT echo $RESULT; fi } # I suppose `grep', `rm' (and `telnet', of course) here: function is_host_accepting_connections { local HOST=${1:-"172.23.0.1"} local PORT=${2:-"2601"} # --- shift 2 || return 3 # invalid call # --- local TIMEOUT=${1:-"3"} # --- local TMPFILE=$(simple_mktemp) # --- telnet $HOST $PORT 1>$TMPFILE 2>/dev/null & # job %1 local TELNET_PID="$!" # --- (sleep $TIMEOUT; kill -9 $TELNET_PID) &>/dev/null & # job %2 local KILLER_PID="$!" # --- wait $TELNET_PID &>/dev/null # --- local JOB1_CODE=$? kill -9 $TELNET_PID $KILLER_PID &>/dev/null # --- local RESULT=2 # host/port unavailable (timeout expired) # --- if [[ $JOB1_CODE = 1 ]] && grep -q "Connected to $HOST" $TMPFILE; then RESULT=0 # connection accepted elif [[ $JOB1_CODE = 1 ]]; then RESULT=1 # connection refused, but the host is answering: the port is not (already?) open. fi # --- rm -f $TMPFILE # --- return $RESULT } # Main: if [[ $1 = "-h" || $1 = "--help" ]]; then usage 0; fi # else continue: HOST="$1" shift 1 || usage 3 # --- PORT="${1:-23}" # the default telnet port is 23 # --- TOTAL_TIMEOUT="${2:-"30"}" # 30 seconds by default MAX_TRIALS="10" # 10 trials, no more TIMEOUT="$((TOTAL_TIMEOUT/MAX_TRIALS))" # 3 seconds per trial (10 trials) by default [[ $TIMEOUT -lt 1 ]] && TIMEOUT=1 # --- TIME=0 while [[ $TIME -lt $TOTAL_TIMEOUT ]]; do # --- is_host_accepting_connections "$HOST" "$PORT" "$TIMEOUT" 2>/dev/null; LAST_ERROR_CODE=$? # --- case $LAST_ERROR_CODE in # --- # Do it now: 0) exec telnet $HOST $PORT;; # --- # Sleep now because `is_host_accepting_connections' has returned immediately in this case: 1) sleep $TIMEOUT;; # --- esac TIME=$((TIME+TIMEOUT)) done # --- # Just before exiting: # --- case $LAST_ERROR_CODE in 1) echo "Connection refused by $HOST on port $PORT" 1>&2 ;; 2) echo "Timeout exceeded trying to connect to $HOST on port $PORT" 1>&2 ;; esac # --- Fail with the last observed error code: exit $LAST_ERROR_CODE marionnet-0.90.6+bzr508.orig/scripts/can-directory-host-sparse-files.sh0000755000175000017500000000277013175722671024747 0ustar lucaslucas#!/bin/bash # This file is part of Marionnet, a virtual network laboratory # Copyright (C) 2007 Jean-Vincent Loddo # Copyright (C) 2007 Luca Saiu # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program. If not, see . DIR=${1:-$PWD} [[ -d "$DIR" ]] || { echo "Directory doesn't exist. Exiting." exit 3 } >&2 # The mounted directory containing $DIR: # (note that df resolves symlinks, relative paths and paths not in normal form) MOUNTED_DIR=$(df -P "$DIR" | tail -n -1 | awk '{print $NF}') # The related filesystem type: FSTYPE=$(mount -l | awk '$3 == "'${MOUNTED_DIR}'" {print $5}') [[ -n "$FSTYPE" ]] || { echo "Cannot determine the filesystem type. Exiting." exit 2 } >&2 # Check if the filesystem type belongs the white list. # Note that apparently xfs no longer supports sparse files in Ubuntu 12.04 (kernel 3.2). WHITE_LIST="reiserfs reiser4 ext4 ext4dev ext3 ext2 udf ntfs jfs ufs tmpfs vxfs xiafs" echo "$WHITE_LIST" | grep -qw "$FSTYPE" exit $? marionnet-0.90.6+bzr508.orig/uml/0000755000175000017500000000000013175722671015377 5ustar lucaslucasmarionnet-0.90.6+bzr508.orig/uml/startup.old/0000755000175000017500000000000013175722671017656 5ustar lucaslucasmarionnet-0.90.6+bzr508.orig/uml/startup.old/marionnet_grab_config0000755000175000017500000000216013175722671024117 0ustar lucaslucas#!/bin/sh # This file is part of Marionnet, a virtual network laboratory # Copyright (C) 2007 Luca Saiu # Copyright (C) 2007 Jean-Vincent Loddo # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program. If not, see . #DIR="/boot/"$(date "+%d-%m-%Y.%Hh%M") DIR="/mnt/hostfs/report-"$(date "+%d-%m-%Y.%Hh%Mm%Ss") mkdir -p "$DIR" 2>/dev/null pushd "$DIR" cp /root/.bash_history bash_history cfg2html -H -S -f -l # Copy the HTML version of the report and the latest bash history into the hostfs path: cp *.html ../report.html cp bash_history ../bash_history.text #gzip * popd marionnet-0.90.6+bzr508.orig/uml/startup.old/marionnet_source_cmdline0000644000175000017500000000173413175722671024655 0ustar lucaslucas# This file is part of Marionnet, a virtual network laboratory # Copyright (C) 2007 Luca Saiu # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program. If not, see . # This should be executed with 'source', as it updates the shell # environment: # This should be executed with 'source', as it updates the shell # environment: cat /proc/cmdline | tr " " "\n" > /tmp/cmdline source /tmp/cmdline &> /dev/null rm /tmp/cmdline marionnet-0.90.6+bzr508.orig/uml/startup.old/DEPENDENCIES.png0000644000175000017500000012476613175722671022232 0ustar lucaslucasPNG  IHDRed]bKGD IDATxw|[8WdIֶa;N< +$2.Җnm/r/J e].PlJ4؎{He~,ˎly:zu;a~B!B! B!B7pA!B!2 B!BE\B!B!L&Ȝbx<j\.pvvFa/ '܌bd2TfH$r@ -KHHo9X,t# Uv=b07uݑonw8SI$Id2E|@f( Bh9N&B\.jf2X@Oz\.fre@~ ABneٜN'd4FF¨"͌ A42B#&4".+"23q. x2aR0A4ӗH$qqq4 ȰX,p82fd2 f  a (Yjô 4XoiX.x^LBEI( F@l=*oDt@0.K#Zrz$"ceB89h4Z,Qb6F#,l6hn@%mY__l'X:& ǃ\PՇrWH-d2L,D"X,Hd2,cd|&T%!3a4!o2 tO83 ` :sZTM6zk s6Z@) v3C$T0PH+4- a^ aR GpR)p!H$]|>_,Ӆ>,2fC>f0 ltpDRB*Ot) -BpL9 =eA@` hCwe) `E- (x\ÉDgj, LDw!#츊 `0F W@Ha IBBX,P8,__LK JZD~v02an<.9x xIW(WY,U\fJpeB$d11};!:nppPJp9HDpCjwe9M"- _ ob= LUDa BP*jZ1&V?s€4a+Tji0 T] N4M,@r.#D[f1`b|? ?EpP@ -$2`$-46֓REh$jT4ܵ b%d2A`T*T*{r(Asdr: h4Bxf4z DQk%i8^ry[hŊdTt: sf/|;#M09aa6Y2CX^4y^V700;88388CCCtˤ$h0T*JhGZB^/]P@(NGFp8**==^juZZZJJFIIIILLop<ZVҕ###w|~p--0KBhyh0AEjᅷ===tH$T5 e=ϏO@!AwWzzziv2]]]===t6ʤ$ 1/XP(M9B6 vww]]]0cχKNNNnnŋo488x'NA]^^^VVVVVV^^d"4'yVΟ?OMH$DγBSv{{{! !ZE-qI^ѣG9_GGnhhhmmmoo؊H$b_*>vwG3::nkkj6x⒒k޽}Quu@ Xl4VZ#4~sssMMMuuuMMMssOOOߺu;6m[qp>ɠY,ŋˋh9'Z-tlmm?u0]l__b444! 0t-((X'!P L00BSSp8yyyt9=o۷wަ&Dy 6^#4 /qqqׯ߾}ۋ.d  #G=z",:...|^VBhV>uԩSjkkO:fie͚5srN>}Ç՝? Ⲳ2/]ЀBs>{,sX S-_~Ŋr<)`x?쳃l߾}۶mk׮E0B ݻ~Nm۶;wnڴ)..n{ze``~#GΞ=b,Yb ̃,uuueee3-0jRe |W3s"L B(rZԘ@|k^|ׯB_}UMMw}W[[t:Jʕ+!2]X'o&aq3)*Z- s6m۶.l۶m y[_"o@ ذaÖ-[Y2nȑ#||Օu_7oNLL2{L/[pOH kPvm߿?Z-ڴi?qƅ3 7vرcB8rW_}uo>oPeggdxwyG{?jL&`ìuv25>>xر??я~?я~$|p!ECCCK/t;w^{NlJP[[ŋ#SHx pe&iw}W\LdÇ^nݎ;ݓ%$,n)yl.Z0YIa޽|M&Ӻun]v i^裏>쳹=_!%pHQxZ{%ɳ>k׮q7C{<O(qNo̙3T7|.J-zF#)u=\eeP(]t'|2޷xx{^{*G&uϟ?UW ¤jl?^,˭*Hjs=oFL|>o榛nh4'11K/ݿpm6ۏ~#RP8'xT ҧzrMX?liZΤ$HtWwttLx§'=OLa^xaժU 妤\{_|Ec8ar8Ϊ7XW_}Nw\W^yե?4}לMaqj,nres1r HR>}piXzaRpz#'\uUG,]h4/Ie^{-!h[\\Lٳgτ{$GM 3#3\s9A?`X۶mt! qy|~Z*>v /@bzu\[lR o|*G kΝۏk?xŊ5?&Gl9ZoeñaÆ]mܸԑ0LDOѦf0az"3S$ # =~Ip!EfAijj뮻\%K9߿JoɓQ\Maq` f'+awé !'dX,멧5̀Q O>R>x_\s5z>{p``588hoBJ%\-u6s4މ3'l sHuuufffzz:СC/yeeeuuu&{!HҀ5k׮پ}޽{F}g !˗/اFnXB'x"^{5N^}Ux8D~l3=!TfS;|uGyr [l  r+'< P{{e]r_|h,kn,n$,n&7C ̈́v$-ByM6o kyBĄQ f{y<޺uz{{ۏ>(..EfIfo&!$;;r\.'>3ȓ1q9 iI~ sвe-Zܷk t՜s`֫&xrJB_ܹs\xz---%/[wo8@ל?"dXPP@~~WSSoCQ*#_~W\VB}2sRRRByי+MXf'zB^XX8D0{)À l˖-?O_y啶\-/.L>cXѺp7x#*{O <,n"9!7oԅrem&#^}UBȮ]~jx=Ѓ>'L lɏB~l6_,Z[.|W1YY_Ny?Bn~&y2;n:G!3#O!yjiii~{:| >t̥kjnn!Jfl6LCrMrLWv?0x@׌0?&y# 1kX,FT}'t@0cf) 8-B3ޞ| "0ym6VƀDjp}}95 ]wݕDرcz+*O <,n"9!7oԅrem&#ѢR~N9x_~IٷoWTfOH~]]] "Ro@0GGQp`:޿|RTVꔔ!!y2;nd M!y.zW9g3w}WTTtNj !^|>Ir@&.LLLzp}Q]w?hȯQIv$*6q'%8\xz| .׬YV]]SOڵK$۷'?t$5Yv{EíBq7F%U 7,n b[R䤧k u֭[.!!ammmZ6###1os222#G\ /|W1Y$&&*J.k H$#'c9S83Eׯx!?["d2A7'Ƀ6O#cG8Z|#|PMO=ODp8k֬y{コ:BȁO!\-1I0dOq1rɂ: IDATiiiJ,n<,n`qA$%Es17|s.(>>]tEGwx<ǎ >5jއ_ N&y衇~?w_C³ȍKH6Ϲy.&Z2YYY_|q@7HB^{V_~厎p8ZZZ򗿬^Q*Q< !D,u85550a#~6Lo$o5ׇ~xxx`0TUUAfڒo^L&#ASmMX|˄|*OA$_|ۭ͞|IBHBBBcx!Wx'K.!\yf>KOOO47ɓ'b=sr˗//((7&o5X| 7a1`e$%Es᤹/'L7n$_~?LMz饗B^}0rsݷ~P(lhh𽵶r?¬?ɬ/`XK,zv=###` {/ /O>do yNj_yB011;Zt7Ox_t_p<pAIIɓO>ɬLXrj':(Ly>.?~?ܿӧy<ކ 6o޼aÆJ#4'a 8ܪ/`o>|./g:ulll_zƍ׮]b X!4K`q`!dx꯿СCCCCjK.ٺue]T_~_lii⋯]v%%%$1iPUUomݺ0i/}FH$ZzW\YQQ,!koo?uTMMÇ|>_nnW_e˖xX1V{С/r޽qqqK.]vʕ+KJJn!'OVWWw"hÆ ۶mKc:/^w۶m]w֭[c4ЅjnnO~n;ΎS P>ٳG>zh[[KOO(//SZ <ٳgkkkO:U[[{i,W^nݺիWTX'szzz;vcǎrEEE%%%%%%eee%%%3< !tlOc4\naaW\r⸸Xt\f?_X.)Sg"f!W_ݻw߾} ⪫7l0 X,uuuN~SSQ*y)///**Zxq|||!,Z__n}}ncǨOy$՝>}RRRRZZZZZZPPxbD" vwtt444յ{^Dtdɒ3Q觹o߾nJknذ!555֩Cz}}n{۷o߾}e˦3r%hhh85tr8B?By<֖fNGKqqLhhh9}tkk!T1/WH"Bvۻ h44R^^3Oƽ{ݻou\k׮]j՚5kJKKHyd2j|wfYPlٲ.۲eKTfJހKB ---l !2ʒ36=|>_ggg[[6ϝ;r! rK6Fq:Νyx遒.%%p?BEhwwwWW37t݄Dȁ1Sw8Ǐo9b0Be RVV4"4Ϲ'O9r 7\fͺu֮][PPݘ\hN@*J333-N@^oWWWGGGgggWWWggggggOOV/^\PPG n_+E"􌌌tXR#PH^w``.62ilC|ocalqq\NЬ2<< 3C766\.SQQvZL1dۙmjD"KvvvffFh4|>?G`j r4Li4<;p8 p8`R  V5JJMM9bBj}}}4@qqq)))I23t?:)z&قM₂l j09T}}}__!D.ÿLU\\lVjuZZZJJ Ԓ1BM;88388;00c' !|>_VRSS1%t:]OOO7t^j:%%%%%ERi4RT*J%>!4澾>N۫i_BHbbbjjjVV5 hnٳ\khh$x\ZTT3kppٳ---gϞIK~?aȈU"Re<G4og4a8(JZP( EJJb< !-NSkZVz^zl@[(&|>\~/]V q8R dJ<"2X?FM+944444z=,CA Bs-$CYV82ܳ.1g2nc fddn(333%%%IF(j\.a=0 -}BǼ?8}+ZB3LPBt:Bc|j5@g=7Tyinne ϧkSRRfOCVk L ZͮP(`^ŋCl%//oOn8.|>f -iZ'11111Q.'20e,!122b0F uPhT*űQhNZ"ۡ!V Bb\.dr<soA#4Gy^`4 saef] kJfC3LlttBX,J[D𚚚J{T*L200#z{{iX.àlP(ed\"a \(LF0RT.KRD" "ɤR)Pvd2fd2 ,5&_i٘OHH!nP(O!E/6`e305kmBBB~)BX,Fd2Y,l6X,s@I*sfw\JJOO!fpA^;TcCWnpN𚖖%b+ .d6C?hAH$ d2H$@ HB!ϗJ qhX,bЅQa6GGGd&X \J$0?Vkp hcXc@\\D"42 BHR)χ;rl6\.lٜNht:VutttBDC'SG y-&-Xv1hBp8U*T.c)38NZǠ!Nǜl;>>9Y/cf \b V%7MӐbX2L Mub,IR#y<^BBkb13PX,h4|>x,l& 6+jBl")rl6 82W2cX#4)75-r x;d</)))>>^.C 'xM||H$ B!L 4|>zf3BvGGGrYVrr8&tZVX 0D$}J~w?Th^E"g&ۘ rH0::jq ,r9H?H\rrZOT.\jvXf16pFL,@$!vÌ@%X$q\. Oـ2!!@KB`?PLD A!P$FMB8ZV!QzC5FL& LDCSJ"BX, "Cw-okDNgggc[ZZzzz|>_||Enve4!'1`nv,X % WD#piQBït)(XHW4Mh5B\Z0" d & BPx~DŽ +d2^$ vkO.õ'R)ԂR)Ç!4Pg^Cv#HR:p OLfᦲD"bPErZT!#lҨ };Q} . QpY`8d¨KzRh uk6`Pt{F@Cb͂kҷGGA@CғJ'=zP>vN }rnR@ vɓ'Oljjjlllhh0,255u{ (>2=(7+M( !a:'vPo@.DAѯ#ph6 " awzY2 ^!8°tBh /C¦LC̕4pl>dLLb6h02gf;a2 EA_<҂n1xb`Ed4(@s z/ jmm)8M# ySf0Fw4At j%Z݋z`VC-pZرc4xAEẺ R.`-EO;F^7882&rRw@2e  0]Zؽ!4ew`nF)CreTadM8ʀ<-~pf 49zk[[[uuuBSΞ=200@Q*+V||h,b}={:!!H!49{ٱcGWWWfffӂBlNVf *++7oC.]*JcRB!4Wa jժ̪* 4k'O JNN^jW\QTTCB!Pta bvUUUc:-ca444f"TYY",8D!BM t3Ϝ>},iAht}z<"B!b.]+V,Z . wYf"P(V\Is8X!B(BQk׮w}gXN Bf;u [,6]PPPYYyf"B!f {y'O8 !BaimmeڱcDXpB!X~?i@h>+++;zʕ+cfq" IDAT'NKWWMHH(//g Xوb{uBB!4 (---,,€ B^䘦&@Q˖-!’CB!|5]fݯO?fcfjvE޽",r<)E!Bh"qɒ%~ڵkci eeetP~~H$uJpHB!4a .hoPJJJeew ̸X'!BY.EӞ={?wf'FGGO>M#,mmmn;...??!B! RP4>|xÆ N BrH$*--""Bh..ES~~~IIIUU\lt:Ϝ9C#,FSTTC*++SSScRB!* e{F UUU|b8IC pmm-K!B!!eΝ[xG}4<<[o>| %%%:ihMMMMMM4CˋK^^ˍubB! }e999 B!4ah2Lc=C1 2,֩C8q9sd2XbaBs}sυ z^Rfg>a!)B( Fo~^ć",YB-Y|Q7ts=v-!=\˗FGGB 0Dɓ4CpBRNNNGGG?/]tӃB€ B駟^uUC97IBsnW `6qB #<\ZZZb$BM \~!E\.v=@atv`immx<|>KJX!4CsssVrGyIB!4)pA(j|>ߖ-[^#={6xBXr%s88B WiiiCCbۙ+B!ЬiddDz<b| \!B>,8D!3ۿ-Plvyy'b*BE.Eٱc֭[fC3BV=v!@PQQA#,%%%$)E^4dpyDZMB!"綾^{? hOsX~@ !B4CJ+h!&kG P*NB!"U﮻:zo qY'?޽{;|~f:uFXZ[[- .((ܱcDXpB|555 6`!C Bp\ٳnXc'^zoSǏ.כP^^Oh... B `P*'.._!B(Ri{j ǃ=\f >v:q-C b0!*j7|3B \iӦX:A!$`S钗n۶ .~vvv2v?NZ4rݻw!P|{ۿ_.cBM)Bsnw8<b!l6I1~rYV)i[C VoGGG#:DBJKKBa||1+,K&ѷl6[*ҷqqq̇p\HD BBH$rtW</!!"9NNf{ ~\T||%KΜ9r8NaaaiiiYYYiiiyyyRRRLҌ>d2B,%dbf%4'\o #|겲\d2 @ P.@T* |n HHHx/B!@`4 WxL&Hʮ5͑'`0Z0h7o<">a}>ۀ~pݣm@pjBpA<&p$ ÑdpVy 2a2~_ ZpnU\\|=-Y fFtZVp8,ju:F Nl6CB=àyH$qqqP0rfc<\rI1p!V!v3 f'P#ˑ7#,Dj`Y&x]1 !_P!rN 2L(Җs@H>{"1#23"3a.xpDX`22"B.C }ᦐT*d1P/BT#sq~^Oln&T 9 v zV; B\.dr<`샀O@(1 h4/0?Q*J2yJJNNf%C!ˬt: 1+\.7iLrrrRR3Br9j.Z ,Kkkkkkkssssssccc{{;LgT*}l0`yxxX 3gLHHKpLbbRTsq(Z ^N^z=t̶X,VTJRP$''SB$|#4{Ō ?^u愄dP( eB nZ-DUt:z~pp0d$(PV @(B~__'eۇ=<&`%3. EJJBP(j**JRJ M100000088߯jt:]__:t&T%\p‚Rk[hzt:A *rPmcNH/RSSU*j4:{fA!402, jhH9(&!+#xZv`p*1FѤgddi4Z N aaOjZVRLMMp8zF6AONG'q&//oѢEYYY!4`% l6[wwwooo___WWsvQpÐR=-;= 1Y،㥥A&---======---999?0I+ݝ0?@ ΆKOIKKS*8,B1G b 衡!BH\\FȀ׬,; !" L:|GGGGG,tvv "55V222RSSBr:}}}'1]]]Zn 윜 6N}rrrFF48 E:Ic]c^/!DP,Z(///g CY.!0+0],Z94CBjZ@tܹsuuuĀLvvvff&c:;ynJggaٙyyyyyyp333(-(nMwtt@.;BZf`/^}aBh qϟolllnn>{ٳgV+!Ab++Y@ xp8좢1x_4&뛚`@Pbb"VpB($M ~f䔖.]$''b:!@-fkiiinnnjj׶62==(??ѢEf:!4E###ΝkoorSSS{{;xQ8&%\.WSSSCCCCCY!rBK.]dI~~~RRRv{kkkKK 6 Hd,]tҥr<։Eb\G]]݉'?~ĉfCEEEx!sш3GYk4e;o&MҤMפFW)-PP@@v*3#32.G "nWE- ݠ{M,8?ĴMӒG7'7M{+w1Mkk Ο?…+Wtwwx脄sBBBpp0eاT*rss鍫cbbO~]wu]l 0E]%??_׋I&ѽs" LʂWүMzFhh(Μ}'5ɓ'O̬D)))iiiӧO6mj^u…FD2mڴ9s̝;7)) ܾ;voxZ5kVzzzjjj||3p 1`u󙙙gĉ{ f̘10L.]:p#G ]w53fL4itt/(R=zd2L&/xhJJJN8qĉfs\r...lW0Zsrr>}ݼyS,s=۶m={vll,ۥә3g!cfF[s0JӧOU ;zczʕ+'NWZ%.]qƙ3gnG57oٳg߾}'N\t… XFжX&XGo>>>? _rrr?~%KH˗]v֬YlhOz?Ν;#\211ѣcǎ͛7>Y./744|ן}٬Y|\.]#1:N)xm:vڵkN4dd%%%zAh8~.qd"P(iӦu֍f ]v bѢE>;fhU8huV.k2zzz7nصkg}裏⋾l0[YY٪U8Nbbݻ5 |B?eި}ݩS|??+W~cw2ɩ2JcyyyI$e˖UTTW$}h0^{gg瘘={·~2L---k֬qwwz{zz;wnڵ<sܹ}]ջwwwoٲ%))I$D[tAȖqL&ӧ~.J'L϶Oa;f1>ދQ׿[bX$>|ؖҩ{Os޽t/9tPjjy'|bs믿w͇Z̙3{Ojƙ-=pիWQ\\R;Ć6+]E#}hu:ݼy=ʔM477?|׎8Q^^_,Yd4v˝3gNQQ۵ b`B555> +k_}.+ٲdƘ{ϛ7o042xꩧ\|ժU{ismH!ꫯt#G̛7|̀Gvvv7#[&r`Bs=gaPPБ#GJeUUՒ%K!wu׀=;rrrJO|ؖuh孷ʚ¾|"-,駟f+ 6]k -L6l _p!44?~CCgdDnmm5ls;===XVxE ácg1M[, !MMM#466BD"=erL|>%i +]|L,FHDill]-=ʔMۙΎ7lbGydԩlW1찊WV1_h孷ʚ¾|"-,1l֭ht[8 }855iii%%%.\غukFFD"o?a}FLdy/`ͼĢY_M&?^TTDĢCfGC+7F^>\mw~/a9?'2쨖LeTVVFFF]Ű*`3, E,sStttkkRd堁ԩS?#Nv!ۈrrMܹs/xiii>}rrr!'N|l =Rz˖-QQQtԩSCNTT!رc| !0l/qqq˗/q`Ԕ{l->):thh=ڔ~J{z6;&ܹS(ylbɓ'gffvvv]*fPIϟgZ.\` m_C{뭬)FfyɌ W0 | \]]W^=>/@1o !K,o3f|z_'g|{Ȗ 35o쳧_e%""/ݻVH IDAT9 XE;!]Y8{!jZڵkڴitLF~+t+-]_|MBVM/XhKO2>bZ9wv\]뽽-[Ɯ]2&aUV1ӟ!aaagϞ:{,X8ZYS 27oeɌUv\ ?v-#IfXDCbHG }y̟pFLn޳ӢLc=eӻe֭?TbѮjg̘ѻfGSOq~>ۭsjk~N{Ȁ={Ozn bgNǒ 6p8g}Zĉd֬YUUUl2,*-XP ČKBxkOٳ'&&m޼9>aÆ0>흖sN@lHWW׆ <<d:ydFFF@@DqqqO??Lmooo+ނn5ɤmF'.g͚e~ =ʔ91LK,ŞoT*;;海^^^oV2*QQQd˖-淶*4Ud*..\\\<=={ׯB|||f[geM1Lܢe%3>|8::Z,ܹrC.&g߾}&Lp8?~:瘙vTXXOJ$W^yeTGZvBkͽ>3za;Bf͚v!g._Лm/Y͛lW0 8Es'##pFq…AAA6m2sphg tF[ܾm۶M<9&&߼ysuu͛% ۥ @ xW_ Xz'Ŏ^X-[ܹsK/DYr%uo/?W>tPHHu[ܸq?/.\p9s渺]~LFG=~kݗ-[_jܹ\>zWXvivcrq-u,PXXxO~~~k׮ݰa}o0捲{ѣG^x)--m֬Yw})SF ObsP^Ƽ['Lp}-\pዷ૯:p@nn,X0o}i,nVj?x…3gtuu%&&Ο?>}:>p1WSS?t:LFɓ'`S Juڵ+LYf%%%LReff:u*;;~4y>}z\\vT1d?3gΟ?? ƈ1tnCAA` LIIDlW 7nܸqի7n0)f<<<خth4W\?ggg777M:5999)))!!!** [jjjrss]U]]- ҦM&ٮ` FCʺzjEEhr'N.t:]qq7 _^XXXXXj !ryyy999̞OBBB\\\TTTDDDdddpp0Bjnn.)))***---**1yqf4oRZZZ^^^__O `d TTTvTJA|111...l>ߜ򊊊JJJJ%!D GEEE d^p%ӁvBsXXXttt\\dp\j1trBCCCBB透۵ءV+++kjjjkk@MM =;bvIcc#PՄHӿt#JY.NyKEEEIIISS!ㅄLhCBBpA2L566Bappp@@@PP@`` .? }j555UUU555 BX, a╀lg=5554y)--yfUUUeeBzxx͍ݲv:F*4^yf}}}OO!5$$$44488x„ 4^ A{KUUU]]TWW+ HqqqrG&܂= 4444444555661`%((?(((005VKUUO555z"Jry@@L& dr$aFP544666644)F򐐐`F5.#h4**mlllhh;] BPC !\..q\.jnFG*~@>Oi'._PPnWC`4o޼YSSP( *& }}}[d2EV777暚&UX!8;;@__@:LPnG`8 pq*i"XWWG&zX,fooo8/aSZgg' P{G*osss[[B\.)Sd2L&5`uuu1o}}BbL" LJy xT*itNa7773?Bw@@/kNQC{W^D!JR;3`>,J=<ب[VwtttwwwvvT*VT*5VmooVT# / , Vh4mmmFV˘BmeL C[҄WWWrZ&8!D*r\Ge"wwwCsf4b2D"hL C<4 G6z_nҸz !F&2&8vQVB7.D>TJS<0rNxggV;:5Bܜ>á0/dV+}9XWaX/tuuѻ\^+q"` UZ^Њ̺Z7XktA(X{A,rtHO@}"mWS;9K>Sf"b^>3/G9ٷ`hLW sr+_l v9gfMAyPe%@,3yX,vvv,134bg@+ظ j0[Ô>LY?`<8$tbUboab+\;Ϗ2!6}2?b`XhNlq8/rժUle !p3.v;C`g\ !p3.v;C`g\ !p3.v;C`g\ !p3.v;C`g\c2خgܹ.]b6ҴZ3Nsss+c :uW1@8NJJ LJSի9NO999_~!@X|}}gΜ)t|I0X\κuz7:99s=#_ g qss?>KU GvZ</vuue$Gxb`Xf ppDBpŊ|>>H$ .d$zj^Oqvvٮl1Ll}0 rr{V8AxUVB<==.7(0 FcGGEcgg``{-2ݝᘷBH4|"APխ]]]*MRӇtX(JB}$,0UADB!qwwH$bX,{xx9%J<q !tww755յ k4x|xɒ%[li4Vk2{?T43V{wʫooofX&K$-m1 ---uuu4XilllhhojjR(mmm̘^^^L`5xyy`,`X6LgٝEäKS'JżP$r???L+i⊁0N!pFPTREEEeeeWW<&rՕ.82VҢP( ESSS}}}CCCcc#M !|v{0(V[[[RRRZZZrKiiV%`aNkhh4rQQQaaaHa`,Ah,))-.. =3***&&&******444((H&]2XRT4)---,,,.....2L</44/IIIqqqb 8ܼ܂FO蘘oooSŷ^~]p𤤤Ąᾜ pGuK.]t555'D"+e4+** KJJzkrrԩSSSSLvB1L.]x˗ F trrr||;et:]aaaNNrrrz}``[RSSB!eieee??Awi΂`@ZڵkHK.D{ٓ'Oxl mmmG=uTfffeeˌ3̙3wD\nG]][]]]gϞhѢ(q z'O$q4dIKKlWcP~~>M^Ν;ёvi0 pkmmݷo333|ޛxb777Kh4;w:p@}}}\\\FFƪU&Nvi0. p{ڹs޽{y<322>Dv]0~\p᫯믫f̘qƌ c ؁Rsμ'x׿5 ̙3;v8x𠛛?&::`lB}oV]jՓO>vQڵk׮] Wp`۷o뭷?}Ǭ-999'44tgp_il?|XXϷeF?s=,HADDēO>Y]]mlgG_RYY%$$lذAPd 0!pϟ:u37ry+EtxʕhŊ lii_wt:ݼylܮkjj3oajo޽`J}˗?u!)'/`p O}ݷqF !\/ 555:ȑ#ŋ=i7W>}333388_2ȑ#Jjɒ%~'NH$۷ojYYY˖-[rtf_ >}իu IDATV*)((ӟp^|A{֦_0999J' <:μeΝV cWTT?wyZ`4pF|B.Ē/!LK9111ymڴi%%%'k&K۳ú>[d2ـb`_v!0ᢹ`{^Z|kL4yVƬ5k֘_leL&clmm5Ӗ6OOOPHbQ }hB!m1L\.\\\\4MccO[L_(vww^hQkkc={Y\e:[LV/hp8==='Ů+V/B`)E0pfΜi{iii%%%.\غukFFD"o?cq>g44LA̮>kXq9s洶nܸwbKي -Z-^;.`8јv!uUr9!sY㥥=!8qb3=q:ZXX\YB塡3-.\磏>ZlZ~' ~ah/wpzŋlI\\\JJ֭[.<$xӦM՝G}GG9sߚW_BZ`gD=SgΜ:}4=Lfκu!O?[[[}E{1-ZD9Juܹ#l۶m;䴅BOqڷo6J}'MMMk֬ap Յ fΜcQQYYYDDgssyvp #ٳ:Ϡ}K3˗/ʥsrrSKs.z~Nּ# 3ҥK:z}m>\~G}4`I8IFSLyGmv-0=䓟}۵rx3fX ,سgOLL  ڼy]GްaCXXNKK۹s;;#O?ݰaX,^tٳgibǏo۶-11Q(Yf1 Ξ={}xzz>c?H[o6$$ġ.|JJJ͛׿Z`t]&/Z^n]aa+ζ몬_~-PL:uԩM͈sݻwpR}47>3<370B`d{7J>#ޯqm֬YuHv90^{m׮]۶m2eJ^^=}FlFv˲eΝ;Q__K+WڧıcӦM ,Xd? JٮF=\"??Æ ?oW_}uh'р>)999++ٙz_OOϞ={^~垞;vddd]8">>ŋ|'Ly涶6r{y„ >?Oa޽ O>ڵkKJJ-;vx뭷3226n8c r|Ass5k?GGG]5\j~sμ'nܸtwwg.1ǎ۹s=<<~'x"<<`lBsν{r8/_|ѢEq[b 3gt: y< F*J$@rR)!X,vvvfsuuxVnhZdjooPVwww[+̰Z6ḋ=<Fwww$3 8XX>.#R.c`g\ !p3.v;C`g\ !p3.v;C`g\ !p3.v;C`g\ !p3.v;]¹s纻[<==)))#^ d2]ʕ+8߳"Q"dI0X8<ϧ|ŋ8>.ebϧ Ã>8 pp,wvvۼyF$,.g:΢׿8\l~̙3gR pp8\.w͚5g`P8x"gguqxpJ d^zuҤI,Ï$jݺuYEH[F.j͚5">vZA)E+&&rƍ[ǵ~zBHRRхv[{{;=dKBZF!.Bdjoo+ʞQ_)gInnnNNN@@...'''777:puuY`O8/T*Je[[[GGRjJtzShڎޮT*g3e L8bN.~ych4*8;;bZT*nnnBP$I$>ARJnnn4 )04XioogRX\(JRX,-Bz$ $ Lp\B} H$"xtwwg<z״3smgZ5L&徾2AۄdR(uuuuuu 4[illd؝e2Y@@ Sp8v |hhhWd2L&eRcHkhhuuu%Q<==}}}r9>rooovGR117662Bhlld.OK×`:Ccu\`tҲ2JNrPP( -SOOBR(4r~~~&L0+J..`ƍJuu50aBxxxxxxhh(=!$$^Y. C}}}UUUuuuuuuYYYyyyyyyUU=ۛ _"""cbbU ^/---((qFAA׋t:@  n ,2 TVVpBBBbcc&N ʕ+W^˻~zqqN oXXؤƅߖB`'MK/ p>477ӄrѓ&Mb@cLccc~~7sss]hR)M^/` .@!===yyygΜ9{+W*++ !'ONMM=%%erZvڕ+W.^x̙zggɓ'I$k`:~}vD2}t8yd>v@qq1=",33M2eժUK. a:`񢱱_S ̙3ޙ3gx<Μ9sǏO4iҥ˖-KLLd4` 1>;p@VVP(7o޲e-Zvic^?}>\[[lٲuql#v0,L&w}wojj:xC=zڒpBCCGxF-fXχ|[f??sD DDD /ձ].cGOO_|nڴi'NXf, \L&N}.9!dݶ;|7]RJ7|ֶiӦɮ-1u]~UU?駟FFFKJ`x.cDqq#Fyꩧr9sӥ3jƍ]]]/_~>g<4BCCAll~h;a)))e֬YGa&Eřʖ,Y"HqZmܟ'BRi溺LcƼkRo턐ֵkzxxx{{K ap8==='>>WjP(|駋ϟczaQ7p8Y*w%<LK%捏<-:l~X|"---}VB޽{N7o[bMMM~~~-Lm-ݻwB,X{YYϹ?|r:j'X}C[}żQPxzzBd2YSS_:gFv-`8`tꫯy7|3dp/!jMM4uq?B -PfcM"f$0L7mɲ5-n!8Q`u-'h`:@@(-Z翛ʅ {~E{Fc___YYUQ[[+Ju:_'Bd`\^PP0gYYVx!l:,//4 /_ȠhXAAAWWWhh(nJ}''?pVu=~ s޽zVMپ}hl9z/b1]'L&駟B9kj.==cvf0$IVVۅ̎!icectt4![ZZl{pRٳ +O˙wB<=='eŊcǎM8wGEEBʘ>5660{S9ii+WSfH4^iԖ-[!***"+SHRBHee%ۅᦹXiiifffggg@@۵ԝ;wE"Qww78 V-/_ꫯZleƍ'NDLOZ- g2P7mrz޶Ts\2>>d(zgٲeӷ:?ոrJZZZ޹s#Gnn2mL`pss<ЪɉU婬*lپlۨP(/_NH_E$)))<<^,bD"YDi 5kX6~cժU---.]ڷoK//\;XL[&hnP ve R455UVڵ6mIӢيV-tS<Dgxxxٲe|>u>h+W}6U!pXbqoohdY*bb@UV>}R^^>ہlONnB*))ᡡҥKV}~njovIfi;y& B|ٳa޽va~rza8.XJJf ܄KBVyyy:N*[֬Y/roB lrrr*+++**2[k:!;tBFͭ͵PXXcٜ{С9-zӧ~i(..n۶myyy_uEE Ε\./++ۼy3ۅ=o޼v!3Jl?Gfa1;wL=i8(F2z oIDAT瞛C 6B\\\8euRoLJI˄M=^XjwZH$ÿ+!$88᧞z*66`0] V,n_|O?ZUUv-ӣA}Y6m:~xtt4 ώ;fʕ+YYYaaawժUG=|l~第,Pּsꄣp8?0>>xdf!+"j˖->>>;w/hbovHHñi bt!_NLL[Y/pׯomm-))a,zz~ǎŻw޻w+M_駟w}z$''d2{ Tk..]` ~ɂjŊgϞeIϞ>6]FȨ>#Bȋ/ha}vfffZZZRRիW8*pp---w...NJJׯ__ op兼R 榵㑑c.#22̙35557n߿oo/uTR ]]]/^ő3gΤGEEdÇ744 mpxX8p)ј}T.v]7o'HLLLLL\r%tR+ L`0ƍn2aaa˗/{G]\\.`rySSSCCCSSScccss^'>L‚e,0[\`L&SkkkSSSsssSSӭ[ܹc4]]]cbbbcc###W@@%FFFC ]|yLLL\\\LL'D0njmmmkkSՄ.F×p 44]582ɤP(ޏy[>#QQQ4^FvOV𥵵>PTB0000$$$000000(((((>rVJrJ#xzzGDDX +\` utt+ \. h}D"D" Q,;Occc====== GTT*JP(:::f3!Ϗ pX$X6>>RNR|jLOPo,]~,fh||\m[TvwwwuuTQڟѿ;V$ ]$%HG ,hAR)Jf6Rje>oPK( @E|xFVh4f``@jZ``ztl< Z388h2!ABL& ?a[yI!&aB777B3D(Օѣ=3/ \l 8.vy\6^eIENDB`marionnet-0.90.6+bzr508.orig/uml/startup.old/Makefile0000644000175000017500000000011013175722671021306 0ustar lucaslucasdot: DEPENDENCIES.dot dot -Tpng -o DEPENDENCIES.png DEPENDENCIES.dot marionnet-0.90.6+bzr508.orig/uml/startup.old/DEPENDENCIES.dot0000644000175000017500000000066613175722671022224 0ustar lucaslucas digraph deps { "/etc/init.d/marionnet_prepare_shutdown" -> "/usr/sbin/marionnet_source_cmdline"; "/etc/init.d/marionnet_prepare_shutdown" -> "/usr/sbin/marionnet_grab_config"; "/etc/init.d/marionnet_prepare_startup" -> "/usr/sbin/marionnet_source_cmdline"; "/usr/sbin/marionnet_grab_config" -> "/usr/bin/cfg2html"; "/usr/bin/cfg2html" -> "/usr/bin/cfg2html-linux"; "marionnet-xterm-title.sh"; } marionnet-0.90.6+bzr508.orig/uml/startup.old/LOCATIONS0000644000175000017500000000033713175722671021137 0ustar lucaslucas/usr/sbin/marionnet_grab_config /usr/sbin/marionnet_source_cmdline /etc/init.d/marionnet_prepare_startup /etc/init.d/marionnet_prepare_shutdown /etc/init.d/marionnet-xterm-title.sh /usr/bin/cfg2html /usr/bin/cfg2html-linux marionnet-0.90.6+bzr508.orig/uml/startup.old/marionnet_prepare_shutdown0000755000175000017500000000346713175722671025263 0ustar lucaslucas#!/bin/bash # This file is part of Marionnet, a virtual network laboratory # Copyright (C) 2007 Luca Saiu # Copyright (C) 2007 2013 Jean-Vincent Loddo # Copyright (C) 2007 2013 Université Paris 13 # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program. If not, see . echo -n "Marionnet shutdown tuning... " set -x ########################################### # Source-ing kernel command line # ########################################### # Read kernel command line variables into this shell's environment: # Expected variables: hostname hostfs ubd0s export $(tr $temporary_file && \ mv -f $temporary_file "$FILE" fi } # Remove the host name from /etc/hosts: the user might change it # when the virtual machine is off: remove_line_if_needed "127.0.0.1 $hostname" /etc/hosts echo "done." marionnet-0.90.6+bzr508.orig/uml/startup.old/marionnet-xterm-title.sh0000755000175000017500000000101313175722671024460 0ustar lucaslucas#!/bin/bash # Author: Luca Saiu # Date: 2007 # Modified (minor changes) by Jean-Vincent Loddo (2013) # Licence GPL # Read the kernel command line variable 'hostname'; this crude hack is # needed because filesystems are mounted read-only at this stage. # The following command became something like: # export hostname=m1 export $(tr ' ' '\n' and send your diffs from the actual version to my e-mail # address: cfg2html*hotmail.com or dk3hg*users.sourceforge.net # # use "no" to disable a collection # CFG_NETWORK="yes" # <-- Network security, collecting tcpd and ip filter settings CFG_SYSTEM="yes" CFG_CRON="yes" CFG_HARDWARE="yes" CFG_SOFTWARE="yes" CFG_FILESYS="yes" CFG_LVM="yes" CFG_KERNEL="yes" CFG_ENHANCEMENTS="yes" CFG_APPLICATIONS="yes" GIF="yes" CFG_HPPROLIANTSERVER="no" # Added by jeroen kleen HP ISS CC Engineer CFG_ALTIRISAGENTFILES="yes" # Added by jeroen kleen HP ISS CC Engineer if [ "$OUTDIR" = "" ] ; then OUTDIR="." fi # # usage() { echo "WARNING, use this script AT YOUR OWN RISK" echo echo " Usage: `basename $0` [OPTIONS]" echo " creates HTML and plain ASCII host documentation" echo echo " -o set directory to write or use the environment" echo " variable OUTDIR=\"/path/to/dir\" (directory must exist)" echo " -v output version information and exit" echo " -h display this help and exit" echo echo " use the following options to disable / enable collections:" echo echo " -s disable: System" echo " -c disable: Cron" echo " -S disable: Software" echo " -f disable: Filesystem" echo " -l disable: LVM" echo " -k disable: Kernel/Libaries" echo " -e disable: Enhancements" echo " -n disable: Network" echo " -a disable: Applications" echo " -H disable: Hardware" echo " -x don't create background images" echo " -p enable: HP Proliant Server log and settingsfiles" # Added by jeroen kleen HP ISS CC Engineer echo " -A disable: Altiris ADL agent logfiles and settings" # Added by jeroen kleen HP ISS CC Engineer echo } # # getopt # # #NO_ARGS=0 #if [ $# -eq "$NO_ARGS" ] # Script invoked with no command-line args? #then # usage # exit 1 # Exit and explain usage, if no argument(s) given. #fi while getopts ":o:xshcSflkenaHvhpPA" Option do case $Option in o ) OUTDIR=$OPTARG;; v ) echo $VERSION;exit;; h ) usage;exit;; x ) GIF="no";; s ) CFG_SYSTEM="no";; c ) CFG_CRON="no";; S ) CFG_SOFTWARE="no";; f ) CFG_FILESYS="no";; l ) CFG_LVM="no";; k ) CFG_KERNEL="no";; e ) CFG_ENHANCEMENTS="no";; n ) CFG_NETWORK="no";; a ) CFG_APPLICATIONS="no";; H ) CFG_HARDWARE="no";; p ) CFG_HPPROLIANTSERVER="yes";; P ) CFG_HPPROLIANTSERVER="yes";; A ) CFG_ALTIRISAGENTFILES="no";; * ) echo "Unimplemented option chosen. Try -h for help!";exit 1;; # DEFAULT esac done shift $(($OPTIND - 1)) # Decrements the argument pointer so it points to next argument. # # linux port MAILTO="jeroen.kleen@hp.com" MAILTORALPH="cfg2html@hotmail.com" # changed/added 08.07.2003 (13:04) by Ralph Roth, HP, ASO SW ##################################################################### # @(#)Cfg2Html (c) by ROSE SWE, Dipl.-Ing. Ralph Roth, cfg2html@hotmail.com # HP Proliant Server Module Integrated by Jeroen.Kleen@hp.com ##################################################################### # cfg2html-linux ported (c) by Michael Meifert, SysAdm from HP-UX version # using debian potato, woody # This is the "swiss army knife" for the ASE, CE, sysadmin etc. # I wrote it to get the nessary informations to plan an update, # to performe basic trouble shooting or performance analysis. # As a bonus cfg2html creates a nice HTML and plain ASCII # documentation. If you are missing something, let me know it! # History ##################################################################### # 28-jan-1999 initial creation, based on get_config, check_config # nickel, snapshoot, vi, winword and a idea from a similar # script i have seen onsite. # Maybe a little bit ASE knowledge is also included :))) ##################################################################### # 11-Mar-2001 initial creation for debian GNU Linux i386 # based on Cfg2Html Version 1.15.06/HP-UX by # by ROSE SWE, Dipl.-Ing. Ralph Roth # ported to Linux by Michael Meifert ##################################################################### # 15-May-2006 Common stream for cfg2html-linux and the Proliant version line ( ) { echo --=[ http://come.to/cfg2html ]=----------------------------------------------- } echo -e "\n" ## test if user = root # #if [ `id|cut -c5-11` != "0(root)" ] ; then if [ `id|cut -c0-6` != "uid=0(" ] ; then # 140906, rar if [ -x /usr/bin/banner ] ; then banner "Sorry" else echo;echo " S o r r y ";echo fi line echo $0:$VERSION echo -e "You must run this script as Root\n" exit 1 fi # BASEFILE=`hostname||uname -n` # 26.01.2001 uname -n, fixed 0205-2006rr for OpenWRT HTML_OUTFILE=$OUTDIR/$BASEFILE.html HTML_OUTFILE_TEMP=/tmp/$BASEFILE.html.$$ TEXT_OUTFILE=$OUTDIR/$BASEFILE.txt TEXT_OUTFILE_TEMP=/tmp/$BASEFILE.txt.$$ ERROR_LOG=$OUTDIR/$BASEFILE.err if [ ! -d $OUTDIR ] ; then echo "can't create $HTML_OUTFILE, $OUTDIR does not exist - stop" exit 1 fi touch $HTML_OUTFILE #echo "Starting up $VERSION\r" [ -s "$ERROR_LOG" ] && rm -f $ERROR_LOG 2> /dev/null DATE=`date "+%Y-%m-%d"` # ISO8601 compliant date string DATEFULL=`date "+%Y-%m-%d %H:%M:%S"` # ISO8601 compliant date and time string exec 2> $ERROR_LOG if [ ! -f $HTML_OUTFILE ] ; then if [ -x /usr/bin/banner ] ; then banner "Error" else echo "E R R O R" fi line echo -e "You have not the rights to create $HTML_OUTFILE! (NFS?)\n" exit 1 fi logger "Start of $VERSION" RECHNER=`hostname -f` VERSION_=`echo $VERSION/$RECHNER|tr " " "_"` typeset -i HEADL=0 #Headinglevel # # check Linux distribution # distrib="unknown" ## rr, 15.12.2004 - "robertfantini" if [ -f /etc/gentoo-release ] ; then distrib="`head -1 /etc/gentoo-release`" GENTOO="yes" else GENTOO="no" fi if [ -f /etc/slackware-version ] ; then distrib="`cat /etc/slackware-version`" SLACKWARE="yes" else SLACKWARE="no" fi if [ -f /etc/debian_version ] ; then distrib="Debian GNU/Linux Version `cat /etc/debian_version`" DEBIAN="yes" else DEBIAN="no" fi if [ -f /etc/SuSE-release ] ; then distrib="`head -1 /etc/SuSE-release`" SUSE="yes" else SUSE="no" fi if [ -f /etc/mandrake-release ] ; then distrib="`head -1 /etc/mandrake-release`" MANDRAKE="yes" else MANDRAKE="no" fi if [ -f /etc/redhat-release ] ; then distrib="`head -1 /etc/redhat-release`" REDHAT="yes" else REDHAT="no" fi # MiMe: for UnitedLinux if [ -f /etc/UnitedLinux-release ] ; then distrib="`head -1 /etc/UnitedLinux-release`" UNITEDLINUX="yes" else UNITEDLINUX="no" fi # i am looking for other distribution tests #################################################################### # needs improvement! # trap "echo Signal: Aborting!; rm $HTML_OUTFILE_TEMP" 2 13 15 #################################################################### # Beginn des HTML Dokumentes mit Ueberschrift und Titel #################################################################### # Header of HTML file #################################################################### open_html() { echo -e " \ ${RECHNER} - Documentation - $VERSION

$RECHNER - System Documentation

Created "$DATEFULL" with " $VERSION "

Contents\n

\n\ " >$HTML_OUTFILE (line if [ -x /usr/bin/banner ] ; then banner $RECHNER else echo echo " "$RECHNER echo fi;line) > $TEXT_OUTFILE echo -e "\n" >> $TEXT_OUTFILE echo -e "\n" > $TEXT_OUTFILE_TEMP } ###################################################################### # Erhoehe Headinglevel ###################################################################### # Increases the headling level ###################################################################### inc_heading_level() { HEADL=HEADL+1 echo -e "
    \n" >> $HTML_OUTFILE } ###################################################################### # Erniedrige Headinglevel ###################################################################### # Decreases the heading level ###################################################################### dec_heading_level() { HEADL=HEADL-1 echo -e "
\n" >> $HTML_OUTFILE } ###################################################################### # Einzelne Items in der Dokumentation # $1 = Ueberschrift ###################################################################### # Creates an own paragraph, $1 = heading ###################################################################### paragraph() { if [ "$HEADL" -eq 1 ] ; then echo -e "\n
\n" >> $HTML_OUTFILE_TEMP fi #echo -e "\n
\n">>$HTML_OUTFILE_TEMP echo "" >> $HTML_OUTFILE_TEMP echo " $1

" >> $HTML_OUTFILE_TEMP #echo " $1

" >> $HTML_OUTFILE_TEMP echo "" >> $HTML_OUTFILE echo "$1" >> $HTML_OUTFILE echo -e "\nCollecting: " $1 " .\c" echo " $1" >> $TEXT_OUTFILE } ###################################################################### # Einzelne Kommandos und deren Ergebnisse # $1 = Kommando, $2 = Erklaerender Text ###################################################################### # Documents the single commands and their output # $1 = unix command, $2 = text for the heading ###################################################################### exec_command() { echo -e ".\c" echo -e "\n---=[ $2 ]=----------------------------------------------------------------" | cut -c1-74 >> $TEXT_OUTFILE_TEMP echo " - $2" >> $TEXT_OUTFILE ######the working horse########## TMP_EXEC_COMMAND_ERR=/tmp/exec_cmd.tmp.$$ ## Modified 1/13/05 by marc.korte@oracle.com, Marc Korte, TEKsystems (150 -> 250) EXECRES=`eval $1 2> $TMP_EXEC_COMMAND_ERR | expand | cut -c 1-250` ########### test it ############ # Gert.Leerdam@getronics.com # Convert illegal characters for HTML into escaped ones. #CONVSTR=' #s//\>/g #s/\\/\\/g #' #EXECRES=$(eval $1 2> $TMP_EXEC_COMMAND_ERR | expand | cut -c 1-150 | sed +"$CONVSTR") if [ -z "$EXECRES" ] then EXECRES="n/a" fi if [ -s $TMP_EXEC_COMMAND_ERR ] then echo "stderr output from \"$1\":" >> $ERROR_LOG cat $TMP_EXEC_COMMAND_ERR | sed 's/^/ /' >> $ERROR_LOG fi rm -f $TMP_EXEC_COMMAND_ERR echo -e "\n" >> $HTML_OUTFILE_TEMP echo -e " $2 \n" >>$HTML_OUTFILE_TEMP echo -e "

$EXECRES
\n" >>$HTML_OUTFILE_TEMP #echo "
$EXECRES
\n" >>$HTML_OUTFILE_TEMP echo -e "
  • $2\n" >> $HTML_OUTFILE echo -e "\n$EXECRES\n" >> $TEXT_OUTFILE_TEMP } ################# Schedule a job for killing commands which ############### ################# may hang under special conditions. ##### # Argument 1: regular expression to search processlist for. Be careful # when specifiying this so you don't kill any more processes than # those you are looking for! # Argument 2: number of minutes to wait for process to complete. KillOnHang() { TMP_KILL_OUTPUT=/tmp/kill_hang.tmp.$$ at now + $2 minutes 1>$TMP_KILL_OUTPUT 2>&1 <$*

    " >> $HTML_OUTFILE_TEMP echo -e "$*\n" >> $TEXT_OUTFILE_TEMP } ###################################################################### # Ende des Dokumentes ###################################################################### # end of the html document ###################################################################### close_html() { echo "
    " >> $HTML_OUTFILE echo -e "

    \n

    Created "$DATEFULL" with " $VERSION "" >> $HTML_OUTFILE_TEMP echo -e "

    \nCopyright and maintained by Ralph Roth, ROSE SWE,

    " >> $HTML_OUTFILE_TEMP echo -e " Maintained by Jeroen Kleen, EMEA ISS CC Engineer

    " >> $HTML_OUTFILE_TEMP echo -e "
    [ Download cfg2html from external home page ]

    \n" >> $HTML_OUTFILE_TEMP cat $HTML_OUTFILE_TEMP >>$HTML_OUTFILE cat $TEXT_OUTFILE_TEMP >> $TEXT_OUTFILE rm $HTML_OUTFILE_TEMP $TEXT_OUTFILE_TEMP echo -e "\n\nCreated "$DATEFULL" with " $VERSION " \n" >> $TEXT_OUTFILE echo -e "Based on the origional script (c) 1998-2007 by ROSE SWE, Ralph Roth" >> $TEXT_OUTFILE } my_bdf() { # bdf summary for HPUX, Ralph_Roth@hp.com, 5-feb-2001 # Linux, dk3hg df -k | awk '/\// \ { alloc += $2; used += $3; avail += $4; } END { print "Allocated\tUsed \t \tAvailable\tUsed (%)"; printf "%ld \t%ld \t%ld\t \t%3.1f\n", alloc, used, avail, (used*100.0/alloc); }' } PVDisplay ( ) { #function used in LVM-section # for disk in $(strings /etc/lvmtab.d/* |grep -e hd -e sc) ; for disk in $(vgdisplay -v | awk -F\ + '/PV Name/ {print $4}'); do /usr/sbin/pvdisplay -v $disk; # due to PATH problems; A. Kumpf, 21.07.06 done } # ###################################################################### # Hauptprogramm mit Aufruf der obigen Funktionen und deren Parametern ############################# M A I N ############################## # line echo "Starting "$VERSION" " echo "Path to Cfg2Html "$0 echo "HTML Output File "$HTML_OUTFILE echo "Text Output File "$TEXT_OUTFILE echo "Partitions "$OUTDIR/$BASEFILE.partitions.save echo "Errors logged to "$ERROR_LOG echo "Started at "$DATEFULL echo "WARNING USE AT YOUR OWN RISK!!! :-))" echo line logger "Start of $VERSION" open_html inc_heading_level # # CFG_SYSTEM # if [ "$CFG_SYSTEM" != "no" ] then # else skip to next paragraph paragraph "Linux System $distrib" inc_heading_level if [ -f /etc/cfg2html/systeminfo ] ; then exec_command "cat /etc/cfg2html/systeminfo" "System description" fi exec_command "cat /proc/cpuinfo; echo" "CPU and Model info" HostNames() { uname -a echo "DNS Domainname = "`dnsdomainname ` echo "NIS Domainname = "`domainname 2>/dev/null ` echo "Hostname (short)= "`hostname` echo "Hostname (FQDN) = "`hostname -f` } exec_command HostNames "uname & hostname" exec_command "uname -n" "Host alias" exec_command "uname -sr" "OS, Kernel version" [ -x /usr/bin/lsb_release ] && exec_command "/usr/bin/lsb_release -a" "Linux Standard Base Version" for i in /etc/*-release do [ -r $i ] && exec_command "cat $i" "OS Specific Release Information ($i)" done exec_command "uptime" "Uptime" posixversion() { # wie findet man das bei Linux raus? #echo "POSIX Version: \c"; getconf POSIX_VERSION #echo "POSIX Version: \c"; getconf POSIX2_VERSION #echo "X/OPEN Version: \c"; getconf XOPEN_VERSION echo "LANG setting: "$LANG } if [ -x /usr/bin/locale ] ; then exec_command posixversion "POSIX Standards/Settings" exec_command "locale" "locale-specific information" export LANG="C" export LANG_ALL="C" fi ##### 19-Sept-2006, Ralph ##### if [ -x /usr/bin/vmstat ] ; then exec_command "vmstat 1 10" "VM-Statistics" fi if [ -x /usr/bin/mpstat ] ; then exec_command "mpstat 1 5" "MP-Statistics" fi if [ -x /usr/bin/iostat ] ; then exec_command "iostat" "IO-Statistics" fi # sysutils [ -x /usr/bin/procinfo ] && exec_command "procinfo -a" "System status from /proc" # 15.11.2004, 14:09 modified by Ralph.Roth at hp.com (HPS-TSG-MCPS) if [ "$REDHAT" = "yes" ] || [ "$SUSE" = "yes" ] ; then ## 20070228 Oliver Schwabedissen, RH4/SLES9 don't support -A exec_command "pstree -p -a " "Active Process Overview" # 090102006 else exec_command "pstree -p -a -A" "Active Process Overview" # 15.11.2004, 14:09 modified by Ralph.Roth at hp.com (HPS-TSG-MCPS) fi exec_command "last| grep boot" "reboots" exec_command "alias" "Alias" [ -r /etc/inittab ] && exec_command "grep -vE '#|^ *$' /etc/inittab" "inittab" ## This may report NOTHING on RHEL 3+4 ## [ -x /sbin/chkconfig ] && exec_command "/sbin/chkconfig" "Services Startup" [ -x /sbin/chkconfig ] && exec_command "/sbin/chkconfig --list" "Services Runlevel" # rar, fixed 2805-2005 for FC4 if [ "$GENTOO" = "yes" ] ; then ## 2007-02-27 Oliver Schwabedissen [ -x /bin/rc-status ] && exec_command "/bin/rc-status --list" "Defined runlevels" [ -x /sbin/rc-update ] && exec_command "/sbin/rc-update show --verbose" "Init scripts and their runlevels" fi if [ -d /etc/rc.config.d ] ; then exec_command " grep -v ^# /etc/rc.config.d/* | grep '=[0-9]'" "Runlevel Settings" fi [ -r /etc/inittab ] && exec_command "awk '!/#|^ *$/ && /initdefault/' /etc/inittab" "default runlevel" exec_command "/sbin/runlevel" "current runlevel" ## ## we want to display the Boot Messages too ## 30Jan2003 it233 FRU if [ -e /var/log/boot.msg ] ; then exec_command "grep 'Boot logging' /var/log/boot.msg" "Last Boot Date" exec_command "grep -v '|====' /var/log/boot.msg " "Boot Messages, last Boot" fi # MiMe: SUSE && UNITEDLINUX # MiMe: until SuSE 7.3: params in /etc/rc.config and below /etc/rc.config.d/ # MiMe; since SuSE 8.0 including UL: params below /etc/sysconfig if [ "$SUSE" = "yes" ] || [ "$UNITEDLINUX" = "yes" ] ; then if [ -d /etc/sysconfig ] ; then # MiMe: exec_command "find /etc/sysconfig -type f -not -path '*/scripts/*' -exec grep -vE '^#|^ *$' {} /dev/null \; | sort" "Parameter /etc/sysconfig" fi if [ -e /etc/rc.config ] ; then # PJC: added filters for SuSE rc_ variables # PJC: which were in rc.config in SuSE 6 # PJC: and moved to /etc/rc.status in 7+ exec_command "grep -vE -e '(^#|^ *$)' -e '^ *rc_' -e 'rc.status' /etc/rc.config | sort" "Parameter /etc/rc.config" fi if [ -d /etc/rc.config.d ] ; then # PJC: added filters for SuSEFirewall and indented comments exec_command "find /etc/rc.config.d -name '*.config' -exec grep -vE -e '(^#|^ *$)' -e '^ *true$' -e '^[[:space:] ]*#' -e '[{]|[}]' {} \; | sort" "Parameter /etc/rc.config.d" fi fi if [ "$GENTOO" = "yes" ] ; then ## 2007-02-28 Oliver Schwabedissen exec_command "grep -vE '^#|^ *$' /etc/rc.conf | sort" "Parameter /etc/rc.conf" exec_command "find /etc/conf.d -type f -exec grep -vE '^#|^ *$' {} /dev/null \;" "Parameter /etc/conf.d" fi if [ -e /proc/sysvipc ] ; then exec_command "ipcs" "IPC Status" exec_command "ipcs -u" "IPC Summary" exec_command "ipcs -l" "IPC Limits" fi if [ -x /usr/sbin/pwck ] ; then exec_command "/usr/sbin/pwck -r && echo Okay" "integrity of password files" fi if [ -x /usr/sbin/grpck ] ; then exec_command "/usr/sbin/grpck -r && echo Okay" "integrity of group files" fi dec_heading_level fi # terminates CFG_SYSTEM wrapper # # CFG_CRON # if [ "$CFG_CRON" != "no" ] then # else skip to next paragraph paragraph "Cron and At" inc_heading_level for FILE in cron.allow cron.deny do if [ -r /etc/$FILE ] then exec_command "cat /etc/$FILE" "$FILE" else exec_command "echo /etc/$FILE" "$FILE not found!" fi done ## Linux SuSE user /var/spool/cron/tabs and NOT crontabs ## 30jan2003 it233 FRU ## SuSE has the user crontabs under /var/spool/cron/tabs ## RedHat has the user crontabs under /var/spool/cron ## UnitedLinux uses /var/spool/cron/tabs (MiMe) if [ "$SUSE" == "yes" ] ; then usercron="/var/spool/cron/tabs" fi if [ "$REDHAT" == "yes" ] ; then usercron="/var/spool/cron" fi if [ "$SLACKWARE" == "yes" ] ; then usercron="/var/spool/cron/crontabs" fi if [ "$DEBIAN" == "yes" ] ; then usercron="/var/spool/cron/crontabs" fi if [ "$GENTOO" == "yes" ] ; then ## 2007-02-27 Oliver Schwabedissen usercron="/var/spool/cron/crontabs" fi if [ "$UNITEDLINUX" == "yes" ] ; then usercron="/var/spool/cron/tabs" fi ## ls $usercron/* > /dev/null 2>&1 if [ $? -eq 0 ] then echo -e "\n\nCrontab files:" >> $HTML_OUTFILE_TEMP for FILE in $usercron/* do exec_command "cat $FILE | grep -v ^#" "For user `basename $FILE`" done else echo "No crontab files for user.
    " >> $HTML_OUTFILE_TEMP fi ## ## we do also a listing of utility cron files ## under /etc/cron.d 30Jan2003 it233 FRU ls /etc/cron.d/* > /dev/null 2>&1 if [ $? -eq 0 ] then echo -e "\n\n
    /etc/cron.d files:" >> $HTML_OUTFILE_TEMP for FILE in /etc/cron.d/* do exec_command "cat $FILE | grep -v ^#" "For utility `basename $FILE`" done else echo "No /etc/cron.d files for utlities." >> $HTML_OUTFILE_TEMP fi if [ -f /etc/crontab ] ; then exec_command "echo -e 'Crontab:\n';cat /etc/crontab | grep -vE '#|^ *$'" "/etc/crontab" fi atconfigpath="/etc" if [ "$GENTOO" == "yes" ] ; then ## 2007-02-27 Oliver Schwabedissen atconfigpath="/etc/at" fi for FILE in at.allow at.deny do if [ -r $atconfigpath/$FILE ] then exec_command "cat $atconfigpath/$FILE " "$atconfigpath/$FILE" else exec_command "echo $atconfigpath/$FILE" "No $atconfigpath/$FILE" fi done ## workaround by Ralph for missing at #(whereis at > /dev/null) || exec_command "at -l" "AT Scheduler" # sorry - don't work here (Michael) # now we try this if [ -x /usr/bin/at ] ; then exec_command "at -l" "AT Scheduler" fi #exec_command "echo -e 'Crontab:\n';cat /etc/crontab | grep -vE '#|^ *$';echo -e '\nAT Scheduler:\n';at -l" "/etc/crontab and AT Scheduler" dec_heading_level fi #terminate CFG_CRON wrapper # # CFG_HARDWARE # if [ "$CFG_HARDWARE" != "no" ] then # else skip to next paragraph paragraph "Hardware" inc_heading_level RAM=`awk -F': *' '/MemTotal/ {print $2}' /proc/meminfo` # RAM=`cat /proc/meminfo | grep MemTotal | awk -F\: '{print $2}' | awk -F\ '{print $1 " " $2}'` exec_command "echo $RAM" "Physical Memory" HWINFO=`which hwinfo`; if [ -n "$HWINFO" ] && [ -x $HWINFO ] ; then exec_command "$HWINFO 2> /dev/null" "Hardware List (hwinfo)"; fi LSHW=`which lshw`; if [ -n "$LSHW" ] && [ -x $LSHW ] ; then exec_command "$LSHW" "Hardware List (lshw)"; fi ## 13.12.2004, 15:53 modified by Ralph.Roth LSDEV=`which lsdev`; if [ -n "$LSDEV" ] && [ -x $LSDEV ] ; then exec_command "$LSDEV" "Hardware List (lsdev)"; fi LSHAL=`which lshal`; if [ -n "$LSHAL" ] && [ -x $LSHAL ] ; then exec_command "$LSHAL" "List of Devices (lshal)"; fi LSUSB=`which lsusb`; if [ -n "$LSUSB" ] && [ -x $LSUSB ] ; then exec_command "$LSUSB" "USB devices"; fi ## SuSE? # 12.11.2004, 15:04 modified by Ralph.Roth at hp.com (HPS-TSG-MCPS) LSPCI=`which lspci` if [ -n "$LSPCI" ] && [ -x $LSPCI ] ; then exec_command "$LSPCI -v" "PCI devices" else if [ -f /proc/pci ] ; then exec_command "cat /proc/pci" "PCI devices" fi fi PCMCIA=`grep pcmcia /proc/devices | cut -d" " -f2` if [ "$PCMCIA" = "pcmcia" ] ; then if [ -x /sbin/cardctl ] ; then exec_command "/sbin/cardctl status;/sbin/cardctl config;/sbin/cardctl ident" "PCMCIA" fi fi [ -r /proc/acpi/info ] && exec_command "cat /proc/acpi/info" "ACPI" # 06.04.2006, 17:44 modified by Ralph Roth if [ -f /etc/kbd/default.kmap.gz ] ; then exec_command "zcat /etc/kbd/default.kmap.gz | head -1 | sed s/#//" "Keymap" fi exec_command "cat /proc/ioports" "IoPorts" exec_command "cat /proc/interrupts" "Interrupts" if [ -f /proc/scsi/scsi ] ;then exec_command "find /proc/scsi" "SCSI Componments" # 22.11.2004, 16:08 modified by Ralph.Roth at hp.com (HPS-TSG-MCPS) exec_command "cat /proc/scsi/scsi" "SCSI Devices" fi ## rar, 13.02.2004 ## Changed 15.05.2006 (09:30) by Peter Lindblom, HP, STCC EMEA, changed title from SCSI Devices SCSI Disk Devices [ -x /usr/sbin/lssd ] && exec_command "/usr/sbin/lssd" "SCSI Disk Devices" ## Added 15.05.2006 (09:30) by Peter Lindblom, HP, STCC EMEA [ -x /usr/sbin/lssg ] && exec_command "/usr/sbin/lssg" "Generic SCSI Devices" ## rar, 13.02.2004 ## Added 15.05.2006 (09:30) by Peter Lindblom, HP, STCC EMEA, Added the echo between the command to get a new line and move it down below lssg and lssd. [ -x /usr/sbin/adapter_info ] && exec_command "/usr/sbin/adapter_info;echo;/usr/sbin/adapter_info -v" "Adapterinfo/WWN" ### ------------------------------------------------------------------------------ #### Start of Fibre HBA info. added 12.05.2006 (15:13) by Peter Lindblom, HP, STCC EMEA mcat() { echo "--- $1" cat $1 # done } if [ -f /tmp/fibrehba.txt ] then rm /tmp/fibrehba.txt fi # capture /proc/scsi/qla2200 if [ -d /proc/scsi/qla2200 ] then for file in /proc/scsi/qla2200/* do mcat $file >>/tmp/fibrehba.txt done fi # capture /proc/scsi/qla2300 if [ -d /proc/scsi/qla2300 ] then for file in /proc/scsi/qla300/* do mcat $file >>/tmp/fibrehba.txt done fi # capture /proc/scsi/qla2xxx if [ -d /proc/scsi/qla2xxx ] then for file in /proc/scsi/qla2xxx/* do mcat $file >>/tmp/fibrehba.txt done fi # capture /proc/scsi/lpfc if [ -d /proc/scsi/lpfc ] then for file in /proc/scsi/lpfc/* do mcat $file >>/tmp/fibrehba.txt done fi if [ -f /tmp/fibrehba.txt ] then exec_command "cat /tmp/fibrehba.txt" "Fibre Channel Host Bus Adapters" rm /tmp/fibrehba.txt fi #### End of Fibre HBA info. ## rar, 13.02.2004 [ -x /usr/sbin/spmgr ] && exec_command "/usr/sbin/spmgr display" "SecurePath - Manager" [ -r /etc/CPQswsp/sppf ] && exec_command "cat /etc/CPQswsp/sppf" "SecurePath - Bindings" [ -r /etc/CPQswsp/hsx.conf ] && exec_command "cat /etc/CPQswsp/hsx.conf" "SecurePath - Preferred Path Settings" [ -r /etc/CPQswsp/swsp.conf ] && exec_command "cat /etc/CPQswsp/swsp.conf" "SecurePath - Path, Load Balance & Auto restore settings" [ -r /etc/CPQswsp/notify.ini ] && exec_command "cat /etc/CPQswsp/notify.ini" "SecurePath - e-mail adress notification settings" [ -r /etc/CPQswsp/spmgr_alias ] && exec_command "cat /etc/CPQswsp/spmgr_alias" "SecurePath - Alias Name file" [ -r /etc/CPQswsp/spmgr_stop_list ] && exec_command "cat /etc/CPQswsp/spmgr_stop_list" "SecurePath - reserved key word settings file" [ -r /etc/CPQswsp/clients ] && exec_command "cat /etc/CPQswsp/clients" "SecurePath - spmgr password information" ## Changed 15.05.2006 (09:30) by Peter Lindblom, HP, STCC EMEA, Moved from the Proliant section. [ -f /var/log/sp_log ] && exec_command "cat /var/log/sp_log" "Secure path installation log" ## Changed 15.05.2006 (09:30) by Peter Lindblom, HP, STCC EMEA, Moved from the Proliant section. [ -f /root/sp_install_results.log ] && exec_command "cat /root/sp_install_results.log" "Secure path installation log (backup)" if [ -e /proc/sound ] ; then exec_command "cat /proc/sound" "Sound Devices" fi if [ -e /proc/asound ] ; then [ -f /proc/asound/version ] && exec_command "cat /proc/asound/version" "Asound Version" [ -f /proc/asound/modules ] && exec_command "cat /proc/asound/modules" "Sound modules" [ -f /proc/asound/cards ] && exec_command "cat /proc/asound/cards" "Sound Cards" [ -f /proc/asound/sndstat ] && exec_command "cat /proc/asound/sndstat" "Sound Stats" [ -f /proc/asound/timers ] && exec_command "cat /proc/asound/timers" "Sound Timers" [ -f /proc/asound/devices ] && exec_command "cat /proc/asound/devices" "Sound devices" [ -f /proc/asound/pcm ] && exec_command "cat /proc/asound/pcm" "Sound pcm" fi exec_command "cat /proc/dma" "DMA Devices" if [ -f /proc/tty/driver/serial ] ; then exec_command "grep -v unknown /proc/tty/driver/serial" "Serial Devices" fi # test this - please report it if [ -e /proc/rd ] ; then exec_command "cat /proc/rd/c*/current_status" "RAID controller" fi # get serial information SETSERIAL=`which setserial` if [ -n "$SETSERIAL" ] && [ -x $SETSERIAL ]; then exec_command "$SETSERIAL -a /dev/ttyS0" "Serial ttyS0" exec_command "$SETSERIAL -a /dev/ttyS1" "Serial ttyS1" fi # get IDE Disk information HDPARM=`which hdparm` # if hdparm is installed if [ $HDPARM ] && [ -x $HDPARM ]; then exec_command "\ if [ -e /proc/ide/hda ] ; then echo -e -n \"read from drive\"; $HDPARM -I /dev/hda;fi;\ if [ -e /proc/ide/hdb ] ; then echo; echo -e -n \"read from drive\"; $HDPARM -I /dev/hdb;fi;\ if [ -e /proc/ide/hdc ] ; then echo; echo -e -n \"read from drive\"; $HDPARM -I /dev/hdc;fi;\ if [ -e /proc/ide/hdd ] ; then echo; echo -e -n \"read from drive\"; $HDPARM -I /dev/hdd;fi;"\ "IDE Disks" if [ -e /proc/ide/hda ] ; then if grep disk /proc/ide/hda/media > /dev/null ;then exec_command "$HDPARM -t -T /dev/hda" "Transfer Speed" fi fi if [ -e /proc/ide/hdb ] ; then if grep disk /proc/ide/hdb/media > /dev/null ;then exec_command "$HDPARM -t -T /dev/hdb" "Transfer Speed" fi fi if [ -e /proc/ide/hdc ] ; then if grep disk /proc/ide/hdc/media > /dev/null ;then exec_command "$HDPARM -t -T /dev/hdc" "Transfer Speed" fi fi if [ -e /proc/ide/hdd ] ; then if grep disk /proc/ide/hdd/media > /dev/null ;then exec_command "$HDPARM -t -T /dev/hdd" "Transfer Speed" fi fi else # if hdparm not available exec_command "\ if [ -e /proc/ide/hda/model ] ; then echo -e -n \"hda: \";cat /proc/ide/hda/model ;fi;\ if [ -e /proc/ide/hdb/model ] ; then echo -e -n \"hdb: \";cat /proc/ide/hdb/model ;fi;\ if [ -e /proc/ide/hdc/model ] ; then echo -e -n \"hdc: \";cat /proc/ide/hdc/model ;fi;\ if [ -e /proc/ide/hdd/model ] ; then echo -e -n \"hdd: \";cat /proc/ide/hdd/model ;fi;"\ "IDE Disks" fi if [ -e /proc/sys/dev/cdrom/info ] ; then exec_command "cat /proc/sys/dev/cdrom/info" "CDROM Drive" fi if [ -e /proc/ide/piix ] ; then exec_command "cat /proc/ide/piix" "IDE Chipset info" fi # Test HW Health # MiMe if [ -x /usr/bin/sensors ] ; then if [ -e /proc/sys/dev/sensors/chips ] ; then exec_command "/usr/bin/sensors" "Sensors" fi fi if [ -x /usr/sbin/xpinfo ] then XPINFOFILE=$OUTDIR/`hostname`_xpinfo.csv /usr/sbin/xpinfo -d";" | grep -v "Scanning" > $XPINFOFILE AddText "The XP-Info configuration was additionally dumped into the file $XPINFOFILE for further usage" # remarked due to enhancement request by Martin Kalmbach, 25.10.2001 # exec_command "/usr/sbin/xpinfo|grep -v Scanning" "SureStore E Disk Array XP Mapping (xpinfo)" exec_command "/usr/sbin/xpinfo -r|grep -v Scanning" "SureStore E Disk Array XP Disk Mechanisms" exec_command "/usr/sbin/xpinfo -i|grep -v Scanning" "SureStore E Disk Array XP Identification Information" exec_command "/usr/sbin/xpinfo -c|grep -v Scanning" "SureStore E Disk Array XP (Continuous Access and Business Copy)" # else # [ -x /usr/contrib/bin/inquiry256.ksh ] && exec_command "/usr/contrib/bin/inquiry256.ksh" "SureStore E Disk Array XP256 Mapping (inquiry/obsolete)" fi dec_heading_level fi # terminates CFG_HARDWARE wrapper ###################################################################### ##### ToDo: check for Distribution ##### if [ "$CFG_SOFTWARE" != "no" ] then # else skip to next paragraph paragraph "Software" inc_heading_level # Debian if [ "$DEBIAN" = "yes" ] ; then dpkg --get-selections | awk '!/deinstall/ {print $1}' > /tmp/cfg2html-debian.$$ exec_command "column /tmp/cfg2html-debian.$$" "Packages installed" rm -f /tmp/cfg2html-debian.$$ AddText "Hint: to reinstall this list use:" AddText "awk '{print \$1\"\\n\"\$2}' this_list | dpkg --set-selections" exec_command "dpkg -C" "Misconfigured Packages" # # { changed/added 25.11.2003 (14:29) by Ralph Roth } if [ -x /usr/bin/deborphan ] ; then exec_command "deborphan" "Orphaned Packages" AddText "Hint: deborphan | xargs apt-get -y remove" # rar, 16.02.04 fi exec_command "dpkg -l" "Detailed list of installed Packages" AddText "$(dpkg --version|grep program)" exec_command "grep -vE '#|^ *$' /etc/apt/sources.list" "Installed from" fi # end Debian # SUSE # MiMe: --last tells date of installation if [ "$SUSE" = "yes" ] || [ "$UNITEDLINUX" = "yes" ] ; then exec_command "rpm -qa --last" "Packages installed" fi # end SUSE # REDHAT if [ "$REDHAT" = "yes" ] || [ "$MANDRAKE" = "yes" ] ; then exec_command "rpm -qia | grep -e Source -e Name" "Packages installed" exec_command "rpm -qa " "Packages installed (Short List)" fi # end REDHAT # SLACKWARE if [ "$SLACKWARE" = "yes" ] ; then exec_command "ls /var/log/packages " "Packages installed" fi # end SLACKWARE # GENTOO, rr, 15.12.2004, Rob if [ "$GENTOO" = "yes" ] ; then #exec_command "qpkg -I -v|sort" "Packages installed" #exec_command "qpkg -I -v --no-color |sort" "Packages installed" ## Rob Fantini, 15122004 exec_command "qlist -I -v --nocolor |sort" "Packages installed" ## 2007-02-21 Oliver Schwabedissen fi # end GENTOO #### programming stuff #### # plugin for cfg2html/linux/hpux # 22.11.2005, 16:03 modified by Ralph Roth # $Id: cfg2html-linux,v 1.39 2007/03/01 19:38:16 ralproth Exp $ ProgStuff() { for i in libtoolize libtool automake autoconf autoheader g++ gcc make flex sed do (which $i) && (echo -n "$i: ";$i --version | head -1) done } exec_command ProgStuff "Software Development: Programs and Versions" dec_heading_level fi # terminates CFG_SOFTWARE wrapper ###################################################################### if [ "$CFG_FILESYS" != "no" ] then # else skip to next paragraph paragraph "Filesystems, Dump- and Swapconfiguration" inc_heading_level exec_command "grep -v '^#' /etc/fstab" "FileSystemTab" exec_command "df -k" "Filesystems and Usage" exec_command "my_bdf" "All Filesystems and Usage" exec_command "mount" "Local Mountpoints" # exec_command "/sbin/fdisk -l" "Disk Partitions" # sfdisk -d > $OUTDIR/$BASEFILE.partitions.save exec_command "cat $OUTDIR/$BASEFILE.partitions.save" "Disk Partitions to restore from" AddText "To restore your partitions use the saved file: $BASEFILE.partitions.save, read the man page for sfdisk for usage. (Hint: sfdisk --force /dev/device < file.save)" # for LVM using sed exec_command "/sbin/fdisk -l|sed 's/8e \ Unknown/8e \ LVM/g'" "Disk Partitions" if [ -f /etc/exports ] ; then exec_command "grep -vE '^#|^ *$' /etc/exports" "NFS Filesystems" fi exec_command "free" "used memory/swap" dec_heading_level fi # terminates CFG_FILESYS wrapper ########################################################################### if [ "$CFG_LVM" != "no" ] then # else skip to next paragraph paragraph "LVM" inc_heading_level ## if [ -x /sbin/vgdisplay ] ; then #if [ -s /etc/lvmtab ] ; then # size > 0 # due to LVM2 (doesn't use /etc/lvmtab anymore), but should be compatible to LVM1; A. Kumpf if /sbin/fdisk -l | grep -q "LVM$" ; then /usr/sbin/vgdisplay -s > /dev/null 2>&1 # 15.11.2004, 14:11 modified by Ralph.Roth at hp.com (HPS-TSG-MCPS) if [ "$?" = "0" ] ; then AddText "The system filelayout is configured using the LVM (Logical Volume Manager)" # choose between LVM1 and LVM2 because of different syntaxes; A. Kumpf, 21.07.06 if [ -x "/sbin/lvm" ]; then LVM_VER=2 else LVM_VER=1 fi # case "$LVM_VER" in "1") exec_command "ls -la /dev/*/group" "Volumegroup Device Files" # { changed/added 29.01.2004 (11:15) by Ralph Roth } - sr by winfried knobloch for mc/sg exec_command "cat /proc/lvm/global" "LVM global info" exec_command "/usr/sbin/vgdisplay -v | awk -F' +' '/PV Name/ {print \$4}'" "Available Physical Groups" exec_command "/usr/sbin/vgdisplay -s | awk -F\\\" '{print \$2}'" "Available Volume Groups" exec_command "/usr/sbin/vgdisplay -v | awk -F' +' '/LV Name/ {print \$3}'" "Available Logical Volumes" ;; "2") exec_command "ls -al /dev/mapper/*" "Volumegroup Device Files" exec_command "/sbin/lvm version" "LVM global info" exec_command "/usr/sbin/vgdisplay -v | awk -F' +' '/PV Name/ {print \$4}'" "Available Physical Groups" exec_command "/usr/sbin/vgdisplay -s | awk -F\\\" '{print \$2}'" "Available Volume Groups" exec_command "/usr/sbin/vgdisplay -v | awk -F' +' '/LV Name/ {print \$4}'" "Available Logical Volumes" ;; esac # exec_command "/usr/sbin/vgdisplay -v" "Volumegroups" exec_command PVDisplay "Physical Devices used for LVM" AddText "Note: Run vgcfgbackup on a reqular basis to backup your volume group layout" else # if vgdisplay exist, but no LV configured (dk3hg 21.02.03) AddText "This system seems to be configured with whole disk layout (WDL)" fi else AddText "This system seems to be configured with whole disk layout (WDL)" fi # MD Tools, Ralph Roth if [ -r /etc/raidtab ] then exec_command "cat /proc/mdstat" "Software RAID: mdstat" exec_command "cat /etc/raidtab" "Software RAID: raidtab" [ -r /proc/devices/md ] && exec_command "cat /proc/devices/md" "Software RAID: MD Devices" fi dec_heading_level fi # terminates CFG_LVM wrapper ########################################################################### if [ "$CFG_NETWORK" != "no" ] then # else skip to next paragraph paragraph "Network Settings" inc_heading_level exec_command "/sbin/ifconfig" "LAN Interfaces" #exec_command "for interface in \$(lanscan|grep 'lan. '|awk '{print \$5}'|sort) ; do ifconfig \$interface; done" "LAN Interface Configuration" if [ $DEBIAN = "yes" ] ; then if [ -f /etc/network/interfaces ] ; then exec_command "grep -vE '(^#|^$)' /etc/network/interfaces" "Netconf Settings" fi fi [ -x /sbin/mii-tool ] && exec_command "/sbin/mii-tool -v" "MII Status" [ -x /sbin/mii-diag ] && exec_command "/sbin/mii-diag -a" "MII Diagnostics" NETSTAT=`which netstat` if [ $NETSTAT ] && [ -x $NETSTAT ]; then # test if netstat version 1.38, because some options differ in older versions # MiMe: '\' auf awk Zeile wichtig RESULT=`netstat -V | awk '/netstat/ { if ( $2 < 1.38 ) { print "NO" } else { print "OK" } }'` exec_command "netstat -r" "Routing Tables" exec_command "if [ "$RESULT" = "OK" ] ; then netstat -gi; fi" "Interfaces" ## Added 4/07/06 by krtmrrsn@yahoo.com, Marc Korte, probe and display ## kernel interface bonding info. if [ -e /proc/net/bonding ]; then for BondIF in `ls -1 /proc/net/bonding` do exec_command "cat /proc/net/bonding/$BondIF" "Bonded Interfaces: $BondIF" done fi ## End Marc Korte kernel interface bonding addition. exec_command "netstat -s" "Summary statistics for each protocol" exec_command "netstat -i" "Kernel Interface table" # MiMe: iptables since 2.4.x # MiMe: iptable_nat realisiert dabei das Masquerading # MiMe: Details stehen in /proc/net/ip_conntrack if [ -e /proc/net/ip_masquerade ]; then exec_command "netstat -M" "Masqueraded sessions" fi if [ -e /proc/net/ip_conntrack ]; then exec_command "cat /proc/net/ip_conntrack" "Masqueraded sessions" fi exec_command "netstat -an" "list of all sockets" fi DIG=`which dig` if [ -n "$DIG" ] && [ -x $DIG ] ; then exec_command "dig `hostname -f`" "dig hostname" else NSLOOKUP=`which nslookup` if [ -n "$NSLOOKUP" ] && [ -x $NSLOOKUP ] ; then exec_command "nslookup `hostname -f`" "Nslookup hostname" fi fi exec_command "grep -vE '#|^ *$' /etc/hosts" "/etc/hosts" # if [ -f /proc/sys/net/ipv4/ip_forward ] ; then FORWARD=`cat /proc/sys/net/ipv4/ip_forward` if [ $FORWARD = "0" ] ; then exec_command "echo \"IP forward disabled\"" "IP forward" else exec_command "echo \"IP forward enabled\"" "IP forward" fi fi if [ -r /proc/net/ip_fwnames ] ; then if [ -x /sbin/ipchains ] ;then exec_command "/sbin/ipchains -n -L forward" "ipfilter forward settings" exec_command "/sbin/ipchains -L -v" "ip filter settings" fi fi if [ -r /proc/net/ip_tables_names ] ; then if [ -x /sbin/iptables ] ; then exec_command "/sbin/iptables -L -v" "iptables list chains" ## rr, 030604 -v added exec_command "/sbin/iptables-save" "iptables rules" ## rr, 120704 added fi fi if [ -x /usr/sbin/tcpdchk ] ; then exec_command "/usr/sbin/tcpdchk -v" "tcpd wrapper" exec_command "/usr/sbin/tcpdchk -a" "tcpd warnings" fi [ -f /etc/hosts.allow ] && exec_command "grep -vE '#|^ *$' /etc/hosts.allow" "hosts.allow" [ -f /etc/hosts.deny ] && exec_command "grep -vE '#|^ *$' /etc/hosts.deny" "hosts.deny" #exec_command "nettl -status trace" "Nettl Status" if [ -f /etc/gated.conf ] ; then exec_command "cat /etc/gated.conf" "Gate Daemon" fi if [ -f /etc/bootptab ] ; then exec_command "grep -vE '(^#|^ *$)' /etc/bootptab" "BOOTP Daemon Configuration" fi if [ -r /etc/inetd.conf ]; then exec_command "grep -vE '#|^ *$' /etc/inetd.conf" "Internet Daemon Configuration" fi # 02.05.2005, 15:23 modified by Ralph.Roth at hp.com (HPS-TSG-MCPS) # RedHat default ## exec_command "grep -vE '#|^ *$' /etc/inetd.conf" "Internet Daemon Configuration" if [ -d /etc/xinetd.d ]; then # mdk/rh has a /etc/xinetd.d directory with a file per service exec_command "cat /etc/xinetd.d/*|grep -vE '#|^ *$'" "/etc/xinetd.d/ section" fi #exec_command "cat /etc/services" "Internet Daemon Services" if [ -f /etc/resolv.conf ] ; then exec_command "grep -vE '#|^ *$' /etc/resolv.conf;echo; ( [ -f /etc/nsswitch.conf ] && grep -vE '#|^ *$' /etc/nsswitch.conf)" "DNS & Names" fi [ -r /etc/bind/named.boot ] && exec_command "grep -v '^;' /etc/named.boot" "DNS/Named" if [ ! -f /etc/sendmail.cf ] ; then /usr/sbin/sendmail -bV 2> /dev/null > /dev/null && exec_command "/usr/sbin/sendmail -bV" "Sendmail/Exim Version" # 23.03.2006, 13:20 modified by Ralph Roth else exec_command "/usr/sbin/sendmail -bv -d0.1 testuser@test.host" "Sendmail Version" fi aliasespath="/etc" if [ "$GENTOO" == "yes" ] ;then ## 2007-02-27 Oliver Schwabedissen aliasespath="/etc/mail" fi if [ -f $aliasespath/aliases ] ; then exec_command "grep -vE '#|^ *$' $aliasespath/aliases" "Email Aliases" fi #exec_command "grep -vE '^#|^$' /etc/rc.config.d/nfsconf" "NFS settings" exec_command "ps -ef|grep -E '[Nn]fsd|[Bb]iod'" "NFSD and BIOD utilisation" ## fixed 2007-02-28 Oliver Schwabedissen # if portmap not available, do nothing RES=`ps xau | grep [Pp]ortmap` if [ -n "$RES" ] ; then exec_command "rpcinfo -p " "RPC (Portmapper)" # test if mountd running MOUNTD=`rpcinfo -p | awk '/mountd/ {print $5; exit}'` # if [ "$MOUNTD"="mountd" ] ; then if [ -n "$MOUNTD" ] ; then exec_command "rpcinfo -u 127.0.0.1 100003" "NSFD responds to RPC requests" SHOWMOUNT=`which showmount` ## 2007-02-27 Oliver Schwabedissen if [ $SHOWMOUNT ] && [ -x $SHOWMOUNT ] ; then exec_command "$SHOWMOUNT -a" "Mounted NFS File Systems" fi # SUSE if [ -x /usr/lib/autofs/showmount ] ; then exec_command "/usr/lib/autofs/showmount -a" "Mounted NFS File Systems" fi if [ -f /etc/auto.master ] ;then exec_command "grep -vE '^#|^$' /etc/auto.master" "NFS Automounter Master Settings" fi if [ -f /etc/auto.misc ] ;then exec_command "grep -vE '^#|^$' /etc/auto.misc" "NFS Automounter misc Settings" fi if [ -f /proc/net/rpc/nfs ] ; then exec_command "nfsstat" "NFS Statistics" fi fi # mountd fi #(ypwhich 2>/dev/null>/dev/null) && \ # (exec_command "what /usr/lib/netsvc/yp/yp*; ypwhich" "NIS/Yellow Pages") # ntpq live sometimes in /usr/bin or /usr/sbin NTPQ=`which ntpq` # if [ $NTPQ ] && [ -x $NTPQ ] ; then if [ -n "$NTPQ" ] && [ -x "$NTPQ" ] ; then # fixes by Ralph Roth, 180403 exec_command "$NTPQ -p" "XNTP Time Protocol Daemon" fi [ -f /etc/ntp.conf ] && exec_command "grep -vE '#|^ *$' /etc/ntp.conf" "ntp.conf" [ -f /etc/shells ] && exec_command "grep -vE '#|^ *$' /etc/shells" "FTP Login Shells" [ -f /etc/ftpusers ] && exec_command "grep -vE '#|^ *$' /etc/ftpusers" "FTP Rejections (/etc/ftpusers)" [ -f /etc/ftpaccess ] && exec_command "grep -vE '#|^ *$' /etc/ftpaccess" "FTP Permissions (/etc/ftpaccess)" [ -f /etc/syslog.conf ] && exec_command "grep -vE '#|^ *$' /etc/syslog.conf" "syslog.conf" [ -f /etc/syslog-ng/syslog-ng.conf ] && exec_command "grep -vE '#|^ *$' /etc/syslog-ng/syslog-ng.conf" "syslog-ng.conf" [ -f /etc/host.conf ] && exec_command "grep -vE '#|^ *$' /etc/host.conf" "host.conf" ######### SNMP ############ [ -f /etc/snmpd.conf ] && exec_command "grep -vE '#|^ *$' /etc/snmpd.conf" "Simple Network Managment Protocol (SNMP)" [ -f /etc/snmp/snmpd.conf ] && exec_command "grep -vE '#|^ *$' /etc/snmp/snmpd.conf" "Simple Network Managment Protocol (SNMP)" [ -f /etc/snmp/snmptrapd.conf ] && exec_command "grep -vE '#|^ *$' /etc/snmp/snmptrapd.conf" "SNMP Trapdaemon config" [ -f /opt/compac/cma.conf ] && "grep -vE '#|^ *$' /opt/compac/cma.conf" "HP Insight Management Agents configuration" ## ssh [ -f /etc/ssh/sshd_config ] && exec_command "grep -vE '#|^ *$' /etc/ssh/sshd_config" "sshd config" [ -f /etc/ssh/ssh_config ] && exec_command "grep -vE '#|^ *$' /etc/ssh/ssh_config" "ssh config" dec_heading_level fi # terminates CFG_NETWORK wrapper ########################################################################### if [ "$CFG_KERNEL" != "no" ] then # else skip to next paragraph paragraph "Kernel, Modules and Libaries" "Kernelparameters" inc_heading_level if [ -f /etc/lilo.conf ] ; then exec_command "grep -vE '#|^ *$' /etc/lilo.conf" "Lilo Boot Manager" exec_command "/sbin/lilo -q" "currently mapped files" fi if [ -f /boot/grub/menu.lst ] ; then exec_command "grep -vE '#|^ *$' /boot/grub/menu.lst" "GRUB Boot Manager" # rar fi if [ -f /etc/palo.conf ] ; then exec_command "grep -vE '#|^ *$' /etc/palo.conf" "Palo Boot Manager" fi exec_command "ls -l /boot" "Files in /boot" # 2404-2006, ralph exec_command "/sbin/lsmod" "Loaded Kernel Modules" exec_command "ls -l /lib/modules" "Available Modules Trees" # rar if [ -f /etc/modules.conf ] ; then exec_command "grep -vE '#|^ *$' /etc/modules.conf" "modules.conf" fi if [ -f /etc/modprobe.conf ] ; then exec_command "grep -vE '#|^ *$' /etc/modprobe.conf" "modprobe.conf" fi if [ -f /etc/sysconfig/kernel ] ; then exec_command "grep -vE '#|^ *$' /etc/sysconfig/kernel" "Modules for the ramdisk" # rar, SuSE only fi if [ "$DEBIAN" = "no" ] && [ "SLACKWARE" = "no" ] ; then which rpm > /dev/null && exec_command "rpm -qa | grep -e ^k_def -e ^kernel -e k_itanium -e k_smp -e ^linux" "Kernel RPMs" # rar, SuSE+RH+Itanium2 fi if [ "$DEBIAN" = "yes" ] ; then exec_command "dpkg -l | grep -i -e Kernel-image -e Linux-image" "Kernel related DEBs" fi [ -x /usr/sbin/get_sebool ] && exec_command "/usr/sbin/get_sebool -a" "SELinux Settings" who -b 2>/dev/null > /dev/null && exec_command "who -b" "System boot" # 23.03.2006, 13:18 modified by Ralph Roth exec_command "cat /proc/cmdline" "Kernel commandline" if [ -r /lib/libc.so.5 ] then if [ -x /lib/libc.so.5 ] then exec_command "/lib/libc.so.5" "libc5 Version" # Mandrake 9.2 else exec_command "strings /lib/libc.so.5 | grep \"release version\"" "libc5 Version (Strings)" ############# needs work out! ## rpm ## ldd fi fi if [ -r /lib/libc.so.6 ] then if [ -x /lib/libc.so.6 ] then exec_command "/lib/libc.so.6" "libc6 Version" # Mandrake 9.2 else exec_command "strings /lib/libc.so.6 | grep \"release version\"" "libc6 Version (Strings)" ############# needs work out! ## rpm ## ldd fi fi if [ "$DEBIAN" = "no" ] && [ "$SLACKWARE" = "no" ] && [ "$GENTOO" = "no" ] ; then ## fixed 2007-02-27 Oliver Schwabedissen which rpm > /dev/null && exec_command "rpm -qi glibc" "libc6 Version (RPM)" # rar, SuSE+RH fi exec_command "/sbin/ldconfig -vN" "Run-time link bindings" # MiMe: SuSE patched kernel params into /proc if [ -e /proc/config.gz ] ; then exec_command "zcat /proc/config.gz | grep -vE '#|^ *$'" "Kernelparameter /proc/config.gz" else if [ -e /usr/src/linux/.config ] ; then exec_command "grep -vE '#|^ *$' /usr/src/linux/.config" "Kernelsource .config" fi fi ## ## we want to display special kernel configuration as well ## done in /etc/init.d/boot.local ## 31Jan2003 it233 U.Frey FRU if [ -e /etc/init.d/boot.local ] ; then exec_command "grep -vE '#|^ *$' /etc/init.d/boot.local" "Additional Kernel Parameters init.d/boot.local" fi if [ -x /sbin/sysctl ] ; then exec_command "/sbin/sysctl -a" "configured kernel parameters at runtime" fi if [ -f "/etc/rc.config" ] ; then exec_command "grep ^INITRD_MODULES /etc/rc.config" "INITRD Modules" fi dec_heading_level fi # terminates CFG_KERNEL wrapper ###################################################################### if [ "$CFG_ENHANCEMENTS" != "no" ] then # else skip to next paragraph paragraph "Systemenhancements" inc_heading_level if [ -e /etc/X11/XF86Config ] ; then exec_command "grep -vE '#|^ *$' /etc/X11/XF86Config" "XF86Config" else if [ -e /etc/XF86Config ] ; then exec_command "grep -vE '#|^ *$' /etc/XF86Config" "XF86Config" fi fi if [ -e /etc/X11/XF86Config-4 ] ; then exec_command "grep -vE '#|^ *$' /etc/X11/XF86Config-4" "XF86Config-4" else if [ -e /etc/XF86Config ] ; then exec_command "grep -vE '#|^ *$' /etc/XF86Config-4" "XF86Config-4" fi fi if [ -e /etc/X11/xorg.conf ] ; then exec_command "grep -vE '#|^ *$' /etc/X11/xorg.conf" "xorg.conf" fi # MiMe: fuer X braucht man Rechte if [ -x /usr/X11R6/bin/xhost ] ; then /usr/X11R6/bin/xhost > /dev/null 2>&1 if [ "$?" -eq "0" ] ; then # Gratien D'haese # fix for sshdX11 # old command [ -x /usr/bin/X11/xdpyinfo ] && [ -n "$DISPLAY" ] && exec_command "/usr/bin/X11/xdpyinfo" "X11" # this will only check if the display is 0 or 1 which is more then enough [ -x /usr/bin/X11/xdpyinfo ] && [ -n "$DISPLAY" ] && [ `echo $DISPLAY | cut -d: -f2 | cut -d. -f1` -le 1 ] && exec_command "/usr/bin/X11/xdpyinfo" "X11" [ -x /usr/bin/X11/fsinfo ] && [ -n "$FONTSERVER" ] && exec_command "/usr/bin/X11/fsinfo" "Font-Server" fi fi dec_heading_level fi # terminates CFG_ENHANCEMENTS wrapper ########################################################################### if [ "$CFG_APPLICATIONS" != "no" ] then # else skip to next paragraph paragraph "Applications and Subsystems" ### COMMON ################################################################ inc_heading_level if [ -d /usr/local/bin ] ; then exec_command "ls -lisa /usr/local/bin" "Files in /usr/local/bin" fi if [ -d /usr/local/sbin ] ; then exec_command "ls -lisa /usr/local/sbin" "Files in /usr/local/sbin" fi if [ -d /opt ] ; then exec_command "ls -lisa /opt" "Files in /opt" fi ############ Samba and Swat ######################## if [ -f /etc/inetd.conf ] ; then SWAT=`grep swat /etc/services /etc/inetd.conf` fi if [ -f /etc/xinetd.conf ] ; then SWAT=`grep swat /etc/services /etc/xinetd.conf` fi [ -n "$SWAT" ] && exec_command "echo $SWAT" "Samba: SWAT-Port" [ -x /usr/sbin/smbstatus ] && exec_command "/usr/sbin/smbstatus 2>/dev/null" "Samba (smbstatus)" ### Debian.... [ -x /usr/bin/smbstatus ] && exec_command "/usr/bin/smbstatus 2>/dev/null" "Samba (smbstatus)" ## fixed 2007-02-27 Oliver Schwabedissen [ -x /usr/bin/testparm ] && exec_command "/usr/bin/testparm -s" "Samba Configuration" [ -f /etc/init.d/samba ] && exec_command "ps -ef | grep -E '(s|n)m[b]'" "Samba Daemons" if [ -x /usr/sbin/lpc ] ; then exec_command "/usr/sbin/lpc status" "Printer Spooler and Printers" fi [ -f /etc/printcap ] && exec_command "grep -vE '#|^ *$' /etc/printcap" "Printcap" [ -f /etc/hosts.lpd ] && exec_command "grep -vE '#|^ *$' /etc/hosts.lpd" "hosts.lpd" ## ## we want to display HP OpenVantage Operations configurations ## 31Jan2003 it233 FRU U.Frey if [ -e /opt/OV/bin/OpC/utils/opcdcode ] ; then if [ -e /opt/OV/bin/OpC/install/opcinfo ] ; then exec_command "cat /opt/OV/bin/OpC/install/opcinfo" "HP OpenView Info, Version" fi if [ -e /var/opt/OV/conf/OpC/monitor ] ; then exec_command "/opt/OV/bin/OpC/utils/opcdcode /var/opt/OV/conf/OpC/monitor | grep DESCRIPTION" "HP OpenView Configuration MONITOR" fi if [ -e /var/opt/OV/conf/OpC/le ] ; then exec_command "/opt/OV/bin/OpC/utils/opcdcode /var/opt/OV/conf/OpC/le | grep DESCRIPTION" "HP OpenView Configuration LOGGING" fi fi ## we want to display Veritas netbackup configurations ## 31Jan2003 it233 FRU U.Frey if [ -e /usr/openv/netbackup/bp.conf ] ; then if [ -e /usr/openv/netbackup/version ] ; then exec_command "cat /usr/openv/netbackup/version" "Veritas Netbackup Version" fi exec_command "cat /usr/openv/netbackup/bp.conf" "Veritas Netbackup Configuration" fi fi # terminates CFG_APPLICATIONS wrapper ########################################################################### # { changed/added 28.01.2004 (17:56) by Ralph Roth } if [ -r /etc/cmcluster.conf ] ; then dec_heading_level paragraph "MC/SG" inc_heading_level . ${SGCONFFILE:=/etc/cmcluster.conf} # get env. setting, rar 12.05.2005 PATH=$PATH:$SGSBIN:$SGLBIN exec_command "cat ${SGCONFFILE:=/etc/cmcluster.conf}" "Cluster Config Files" exec_command "what $SGSBIN/cmcld|head; what $SGSBIN/cmhaltpkg|head" "Real MC/SG Version" ## 12.05.2005, 10:07 modified by Ralph.Roth at hp.com (HPS-TSG-MCPS) exec_command "cmquerycl -v" "MC/SG Configuration" exec_command "cmviewcl -v" "MC/SG Nodes and Packages" exec_command "cmviewconf" "MC/SG Cluster Configuration Information" exec_command "cmscancl -s" "MC/SG Scancl Detailed Node Configuration" exec_command "netstat -in" "MC/SG Network Subnets" exec_command "netstat -a |fgrep hacl" "MC/SG Sockets" exec_command "ls -l $SGCONF" "Files in $SGCONF" fi dec_heading_level ########################################################################## ## ## Display Oracle configuration if applicable ## Begin Oracle Config Display ## 31jan2003 it233 FRU U.Frey if [ -e /etc/oratab ] ; then paragraph "Oracle Configuration" inc_heading_level exec_command "grep -vE '^#|^$|N' /etc/oratab " "Configured Oracle Databases" ## ## Display each Oracle initSID.ora File for DB in `grep ':' /etc/oratab|grep -v '#'|grep -v 'N'` do Ora_Home=`echo $DB | awk -F: '{print $2}'` Sid=`echo $DB | awk -F: '{print $1}'` Init=${Ora_Home}/dbs/init${Sid}.ora exec_command "cat $Init" "Oracle Instance $Sid" done dec_heading_level fi ### ############################################################################## ### HP Proliant Server LINUX Logfiles from HP tools and or the HP PSP. ### Made by Jeroen.Kleen@hp.com EMEA ISS Competence Center Engineer ### if [ "$CFG_HPPROLIANTSERVER" != "no" ] then # else skip to next paragraph paragraph "hp Proliant Server Log- and configuration Files" inc_heading_level /opt/hp/hpdiags/hpdiags -v 5 -o /tmp/hpdiags.xml -f cpqacuxe -c /var/log/cpqacuxe.cfg hpaducli -f ADUreport.txt -r if [ -e /usr/lib/hponcfg ] then /usr/lib/hponcfg -w ilo.cfg fi if [ -e /usr/sbin/dmidecode ] then exec_command "dmidecode|grep Product -2" "HP Proliant Server Information taken from dmidecode" fi exec_command "survey -v 5 -t" "Classic Survey output -v 5" exec_command "hplog -t -f -p" "Current Thermal Sensor, Fan & Power data" exec_command "hplog -v" "Proliant Integrated Management Log" exec_command "cat /var/log/hppldu.log" "Installation Log PSP 7.*" exec_command "cat /opt/compaq/cma.conf" "/opt/compaq/cma.conf file" exec_command "cat /opt/compaq/snmpd.conf.orig" "/opt/compaq/snmpd.conf.orig file " exec_command "cat /tmp/hppldu.cfg" "PSP 7.* Installation Settings file" exec_command "cat /var/hp/install_history.txt" "/var/hp/install_history.txt file" exec_command "cat /var/log/hplog.txt" "/var/log/hplog.txt file" exec_command "cat /var/opt/hp/nicfwupg.log" "/var/opt/hp/nicfwupg.log file" exec_command "cat /var/spool/compaq/cma.log" "/var/spool/compaq/cma.log Agents logfile" exec_command "cat /var/cpq/Component.log" "Individual Components Installation Log file (ROMBIOS/SA FW/iLO)" exec_command "cat /etc/snmp/snmpd.conf" "/etc/snmp/snmpd.conf file" exec_command "/etc/init.d/hpasm status" "hpasm status of how what modules are loaded and running correctly." exec_command "cat /opt/compaq/cpqhealth/cpqhealth_boot.log" "LOGfile from when hpasm failed installation" exec_command "cat /opt/compaq/hprsm/hprsm_boot.log" "LOGfile during boot from hprsm" exec_command "/opt/compaq/nic/bin/hpetfe -A" "/opt/compaq/utils/nic/bin/hpetfe -A HP NIC information" hpasmcli -s "show asr; show boot; show dimm; show f1; show fans; show ht; show ipl; show name; show powersupply; show pxe; show serial bios; show serial embedded; show serial virtual; show server; show temp; show uid; show wol" >hpasmcliOutput.txt exec_command "cat hpasmcliOutput.txt" "HP ASM CLI command line output" exec_command "cat /etc/opt/hp/hp-vt/hp-vt.conf" "Intelligent Networking Pack Virus Throttling conf file" exec_command "/etc/init.d/hp-vt status" "Intelligent Networking Pack Virus Throttling Status" exec_command "cat /var/opt/hp/hp-vt/hp-vt.log" "Intelligent Networking Pack Logfile" exec_command "/opt/hp/hp-pel/nalicense -d" "Proliant Essentials Licenses installed overview" exec_command "cat /var/opt/hp/hp-pel/hp-pel.log" "Proliant Essentials Licenses Logfile" exec_command "ls ilo.cfg" "iLO/RILOE Configuration XML file is in TARball" exec_command "cat /root/install.log.syslog" "Installation SYS logfile" exec_command "cat /root/install.rdp.log" "Rapid Deployment Pack RDPinstall logfile" exec_command "cat /root/anaconda-ks.cfg" "anaconda kickstart file used during OS deployment" exec_command "cat /var/log/messages" "messages logging file (older messages logfiles in TARBALL)" exec_command "cat /var/log/boot.log" "boot.log logfile (older boot.log logfiles in TARBALL)" exec_command "cat /var/log/dmesg" "dmesg logfile /var/log/dmesg" if [ -e /usr/sbin/dmidecode ] then exec_command "dmidecode" "/usr/sbin/dmidecode output" fi exec_command "cat /tmp/ADUreport.txt" "Array Diagnostic Utility report is included in the TAR ball as a single file" exec_command "cat /var/log/cpqacuxe.cfg" "cpqacuxe configuration file (SmartArray configuration)" ###below partitioning and HPACUCLI is contributed by kgalal@gmail.com if [ -x /usr/sbin/hpacucli ] ; then exec_command "/usr/sbin/hpacucli controller all show" "HP SmartArray controllers Detected" # added by jeroenkleen HP exec_command "/usr/sbin/hpacucli controller all show status" "HP SmartArray controllers Detected with Status" slotnum=`/usr/sbin/hpacucli controller all show | awk '{if($0!="")print $6}'` # jkleen: this doesn't work (yet) for MSA1x000 controllers exec_command "/usr/sbin/hpacucli controller slot=$slotnum physicaldrive all show" "Physical Drives on SmartArray Controller" exec_command "/usr/sbin/hpacucli controller slot=$slotnum logicaldrive all show" "Logical Drives on SmartArray controller" fi disks=`/sbin/fdisk -l` if [ ! -z "$disks" ] ; then exec_command "/sbin/fdisk -l" "Disk Partitions on Logical Drives" else disks=`cat /proc/partitions | awk '{if($4 ~ /\//)print $4}' |grep -v p` for adisk in $disks ; do exec_command "/sbin/fdisk -l /dev/$adisk" "Disk Partitions - /dev/$adisk" done fi exec_command "/sbin/fdisk -l" "Disk Partitions" ###above partitioning and HPACUCLI is contributed by kgalal@gmail.com exec_command "ls /tmp/hpdiags.xml" "HP Insight Diagnostics Detailed (5) Report is in TARball" hplog -s INFO -l "CFG2HTML Proliant Server report successfully created" dec_heading_level fi # end of CFG_HPPROLIANTSERVER paragraph ### END of HP Proliant Server Integration ############################################################################### ### ### ############################################################################## ### Altiris ADL agent settings and logfiles ### Made by Jeroen.Kleen@hp.com EMEA ISS Competence Center Engineer ### if [ "$CFG_ALTIRISAGENTFILES" != "no" ] then # else skip to next paragraph # checking if Altiris directory exist otherwise skip this section if [ -e /opt/altiris/deployment/adlagent ] ; then paragraph "Altiris ADL Agent logfiles and settings" inc_heading_level exec_command "cat /opt/altiris/deployment/adlagent/conf/adlagent.conf" "Altiris ADLagent settings file" exec_command "cat /opt/altiris/deployment/adlagent/log/adlagentdbg.txt" "Altris ADLagent Debugging file" exec_command "cat /opt/altiris/deployment/adlagent/log/adlagentIpTrace.txt" "Altiris ADLagent IP tracing file" dec_heading_level fi fi # end of CFG_ALTIRISAGENTFILES paragraph ### END of Altiris ADL agent settings and logfiles ############################################################################## ### ############################################################################## ### VMWARE settings and logfiles ### Made by Jeroen.Kleen@hp.com EMEA ISS Competence Center Engineer ### if [ "$CFG_VMWARE" != "no" ] then # else skip to next paragraph # checking if VMWare directory exist otherwise skip this section if [ -e /proc/vmware ] ; then paragraph "VMWare logfiles and settings" inc_heading_level exec_command "vmware -v" "VMWare Server version" echo "VMWare server detected. We will start now the vm-support script in case you" echo "need this vmware debugging file send to VMWare support or other support teams." vm-support exec_command "cat esx-$(date -I).$$.tgz" "vm-support ticket generated in local directory if vm-support is installed." dec_heading_level fi fi # end of CFG_VMWARE paragraph ############################################################################## # # collect local files # if [ -f /etc/cfg2html/files ] ; then paragraph "Local files" inc_heading_level . /etc/cfg2html/files for i in $FILES do if [ -f $i ] ; then exec_command "grep -vE '(^#|^ *$)' $i" "File: $i" fi done AddText "You can customize this entry by editing /etc/cfg2html/files" dec_heading_level fi dec_heading_level close_html ########################################################################### ########################################################################### ###### Creating TAR File for all needed files together. Added by Jeroen Kleen HP EMEA ISS CC if [ "$CFG_HPPROLIANTSERVER" != "no" ] then # else skip to next paragraph if [ -f $OUTDIR/$BASEFILE.tar ] ; then rm $OUTDIR/$BASEFILE.tar fi echo " " echo " The following files are included in your tarball: " # include in future TARball: /var/log/messages.* /var/log/boot.log.* tar cvf $OUTDIR/$BASEFILE.tar $OUTDIR/$BASEFILE.err $OUTDIR/$BASEFILE.html $OUTDIR/cfg2html_back.jpg $OUTDIR/profbull.gif $OUTDIR/$BASEFILE.partitions.save $OUTDIR/$BASEFILE.txt ADUreport.txt /var/spool/compaq/vcagent/log/vcagentd.log /var/spool/compaq/vcagent/log/vcasetup.log /tmp/hpdiags.xml ilo.cfg echo " " echo " If you created this CFG2HTML report on request of a HP support Agent " echo " then please send the $OUTDIR/$BASEFILE.tar file to: " echo " {YourCaseID}@cases.brussels.hp.com " echo " " echo " Feedback please to: Jeroen.Kleen@hp.com Thanks! " fi # end of CFG_HPPROLIANTSERVER (making tarball) ########################################################################### logger "End of $VERSION" echo -e "\n" line logger "End of $VERSION" rm -f core > /dev/null ########## remove the error.log if it has size zero ####################### [ ! -s "$ERROR_LOG" ] && rm -f $ERROR_LOG 2> /dev/null #if [ "$1" != "-x" ] if [ "$GIF" = "no" ] then exit 0 fi echo "Creating: JPG/GIFs" cd $OUTDIR # This is a shell archive. Remove anything before this line, # then unpack it by saving it in a file and typing "sh file". # # Wrapped by Guru Ralph on Wed Sep 13 16:03:07 2000 # # This archive contains: # cfg2html_back.jpg profbull.gif # # Error checking via sum(1) will be performed. LANG=""; export LANG PATH=/bin:/usr/bin:/usr/sbin:/usr/ccs/bin:$PATH; export PATH if sum -r /dev/null 2>&1 then sumopt='-r' else sumopt='' fi rm -f /tmp/uud$$ (echo -e "begin 666 /tmp/uud$$\n#;VL*n#6%@x\n \nend" | uudecode) >/dev/null 2>&1 if [ X"`cat /tmp/uud$$ 2>&1`" = Xok ] then unpacker () { uudecode; } elif [ -x "/usr/bin/perl" ] then unpacker () { perl -ne 'if (/^begin \d\d\d (.*$)/) { open( TT, "> $1") } elsif (/^end/) { close (TT) } else { print TT unpack u, $_ }' $1; } else echo Compiling unpacker for non-ascii files pwd=`pwd`; cd /tmp cat >unpack$$.c <<'EOF' #include #define C (*p++ - ' ' & 077) main() { int n; char buf[128], *p, a,b; scanf("begin %o ", &n); gets(buf); if (freopen(buf, "w", stdout) == NULL) { perror(buf); exit(1); } while (gets(p=buf) && (n=C)) { while (n>0) { a = C; if (n-- > 0) putchar(a << 2 | (b=C) >> 4); if (n-- > 0) putchar(b << 4 | (a=C) >> 2); if (n-- > 0) putchar(a << 6 | C); } } exit(0); } EOF cc -o unpack$$ unpack$$.c rm unpack$$.c cd $pwd unpacker () { /tmp/unpack$$ $1; } fi rm -f /tmp/uud$$ echo x - cfg2html_back.jpg '[non-ascii]' unpacker <<'@eof' begin 777 cfg2html_back.jpg M_]C_X 02D9)1@ ! 0$ 2P!+ #_XP,.35-/(%!A;&5T=&4@;[[4?\?:B;MN>?NN^CNO>COO>GOONOOP>OPP>SQP^WQQ.[RR._SRO'TT?/WZ?O]:;K1X M;;W3<;_4,37><+7>\78?<79?\C:@,;:@LC;@\G;A,O;ALGCC<[?CL[>CL_?C]'?D,[?D-#?D<_@X MD='@DL_@DM+@D]'AD]+@D]/AE-+AE=/AEM'AEM/AEM7BE]/AE];BF-3BF-7BX MF=/CF=3BF=7CFM?CFMGDF]3CF]7CF]?CG-3DG-?DG=7DG=;DG=GEG=KEGM;DX MGMCEG];EG]KEG]OEG]SFH-?EH-GEH-OFH=GEH=KFH=SFHMOFHMWGH]SFH]WFX MH][GI-KFI-OGI-WGI=SGI=WFI=_GIMSGIMWGIM[HIM_HJ-SHJ-[HJ=[HJ=_HX MJ=_IJMWHJN'IJ][IJ]_IJ^'IK-[IK.#IK.'IK.+JK=_JK>'IK>'JK>'KK>/JX MKM_JKN'JKN+JK^'JK^+KK^/JK^3KL./KL>'KL>/KL>3KL>3LLN+KLN/LLN3KX MLN7LL^/KL^3LL^7LM.7LM>3LM>7LM>?MMN3MMN7MMN?MM^;MM^?MN.3LN.;NX MN.?MN.?NN.CNN>GNNN;NNNCNNNGON^?ON^CON^GNN^GON^GQO.COO.GMO.GOX MO.KOO>GNO>GPO>OOONCOONCQONGNONGOONKPONOPONSPO^GPO^KPO^OOO^SOX MP.KPP.OPP.SPP.SQP>KPP>OQP>SRP>WQPNSPPNSRPNWPPN[QP^OQP^SRP^WPX MP^WRP^WSP^[QQ.SQQ.WRQ.[QQ.[SQ._RQ>WRQ>[RQ>_RQ?#RQ^WSQ^[RQ^_SX MR.WSR.[SR?#SR?'SRO#SRO#TR^_TR_#UR_+TS/'TS/+USO+US_#VT/'VT//VX MT?+WTO7WU//XU_;YVO;ZW/?[WOG\X?O]Y_W^\O__^_______7;7-_]L 0P +X M" @*" <+"@D*#0P+#1$<$A$/#Q$B&1H4'"DD*RHH)"YH;0 1 F!NQZ">@[G]*Z;OAYM5R>X M0NF8#-_UW/VJ=V\MI%U*6.K22(W&^*'#&[,7&+ [2=C3#AB45G;TJ(!/][T-X MF,4-PZ%**"K#_$08]SM4[I)O8^&Q;-SW;9?T)!IUC0H32P!SUBD.J;RP/S")X M/@;5(5@%JMO#D)PY#& &@'M-%;/BJ "TCE\*!)K4S;,11=37^',)I)P5.<4KX M<.S.;ER2S'<]32W.(=; N%DUW/AM#U$#NQZ>PIK5_G*84+<&X))!'^ZFKG9VX M)-XCERIPS'IVIU6VN#)?_CBI";5J#<+,-GWC[^*RO;:[@B$&0N\>2>I\TJRZX M:W8J&*JP)(!( VZD?S4TYO.+YY9/P$S ^?6KH#"HPF5$F=S4[O$E$4J-:L?2X M"8U ==MO)WI"R6[?923;TE@Q&DB<#HW/B@I=N@9%P*-#$:0,L(A1/[^U1MWS>4I<51<(PP&#XJMZUJ2 (TF1X M[4B\/XI%4DW:BVM-QKNK7<:28ZTUO66)< 3E?;S18DLH*R1F2>OM26Q=EB2(X M82!@P:BK"^ !^6"Q, 9DGP(DU%KB<0SV^:I+ @B(SXH7++LJ^HZ@2)&)!I1PX MF@"1';I5BB9E$6"I((@]:K:M%'##I5EO6GO%))8#.-Z=KB:Q;52"W4C^Q29EX M(_,.*JQAS F?A)FE]!) P%R9WK.[W;D:"Z'4=C$#H!]9JZ%@JL5!:?5TJ4MIX MGBU#BW=4H'0,&F0 1B>U,O#VT&9D=(^NU9+UDI=*DDA1"S_QZ"KV-36^46(TX MY!\=OWK4QF,Q.ZLRII5&ZF0!_=J=4"C2 #G32(J60ML Q/I$?[\5#\/P)S[Q4+R&X+3X MJ5N"WN 1/;4T1,;"E)=*BZG$*%MW&7N(]5+>8L&ME23I VQ)X MW)[XV\FE7AIZ5H5@K:6*E_\ MXH;/*7"H;:,I/I_Q!-5.HKD>IO/7IO4GO(;X MBHZF& 8,>D[2.G?]*=A<-V=0"@QIGXA[46/!5X3E0Q,$;3N:Z_?-HMI5?2H8X MZCN28 Z]<]*EQ%U@ +/I+9!7!CO\_\ 7O77%-ZU:ND#5!4TKRE]0K8XGF@ZX M!HN;Z3D'VIKEMF80Y4#(.9FLZV2"",$;&M.K3^8Q(D1$XI/HC8UUU->D]1@UX MR6RI! VH(UM;9N'T!LG5@CWJESB#;0@P?3J) R!WF8\5&LY2KS/6D=WO(X*SD#.S+.T=/YJ@YG, ]/+&"._:*[F(TJCJSQ@$SC[5!)+-P7CX M?;XB9)^E4/,-V0L(##&-^U"Y=94W]2K.3.3@ _T"EX>X]U&Y@!<;$")%7VFX M<'N<8+3!"20=R@ @=ZY@98.5%N('CS- 6$9B[.@DS$_M%&XB\L:V*HH(/L:FX M+H+82,R6[1O\ZH1+:69@C;D#('6/>ICE2MG5I9,A&!!'7]:D_$7&T&W&WCYT)%PGE'2ZN)P-P=_X M.:(X;0X+Y8G5G?WIG9U%K :/5"D ;XQM_NE/#LYX M*NX@,6$P,GKYJBVX155B #B#']%4 6^6KU'\.6?FNX9X MR9F7&TCW"QDSU434S=M"W<92V@'27X M48'B>_M-![86U=",==U2>VH^/E-9F+W+=M&:4MB$4 "D0DS3:&YH&EE:V1!X M(G?Z5*Z2 BV\:1Z3V\CZ=M^U3X=2CQ_B^#6P.A+$C4XRQ+;4X6-8[5@6V#G X M4ZB?:KI=0:PJ25,1$S[08'#Z!J88.K BNN7$LZ0VE008D1M_LTY2,)<9BX MY4+J 'IG:3N2.I[=*'#V#:!4_ PR/K3\/?YPD#EN-UP1'BF+-ZVPW8C)^U/2X MYR98UE L0(PL"LEZ\VC5;PK.50# ,;L>^3 Z;U?5<6W<-P0T>GO!J5U%*V$0X MR$MP?F?>K*?D3IM@L56.YFEN7!;MZLL3FLQXFY^(!#3;!@QLWD?2M3(K,5)P#X M,#,=/[\ZE5RU=\)LMQ!;@ZRLPS=^A^68FEX?AC:Q'I;$=Z-A#8ML&G2!J [>X MU42\'+EI&G&HF9'BB1[2N7REM6M!3F%!Z@;F!L.W>GM(+P#!=)."OFBEJTJ@X MY,[1$'YUP>+G+T2"?4>U/B_5&LBWAB-71>O\5FN<05 :TJG4< ]1W\>.M447X M->0%MF5*XW\45M6K8 (]1V&!/SJ?2=X!7#6ET@JS8 B0,]?%+^'704U29U"I)[U4E:WPQ4:XP!DG:*GI_BJ&ZEL+KDF0)B?G1U%"6N1JG "S./[FB_"6W_ "&YT+'4")JBHH^(A??[X MTJ<1;NVFN*2=(DB(([5![EUM'*=@0)8C GL!V'<[THNFTK;4>E@[= IFIL)#X M 3(]*X_4_I@>](R&^BZS (A@!.9Z4>>EH+J=Q,KJ WC>HME'#:5DB!L*<@MKX MT J9W(W'?&:#M=-R5]2KN6S(CH>E2O:KC7%T3G2)V ZF.Y[].E5,A1[JHG,NX MMH62")G5]_I0O77LVE>Y:TZOA1VAR.\ 8^==?M.YMNOQV^W3S4C;>Z^JXS.^X MQ+9-(I)LPNVN(A7#+B-).#\ZK=N%$: \K$GOG,>8[TB<*3B)JL%4$*&&TGM3X M%B^V:UQ#<\EQ^6QV.2H]Z8\/":%VY:12&;X M3'IDB8\'L8I?A*S2FSKMA&:5'I.)I;MPH"JD:E41(DL?L!O3L+C%2MP*!!!!X M^+&T=:'6!K?"B!.*HQ#JVO4H7J2-OIUI6LJ;2J#IM01 R(/]_>@C?NM:)12%*A="Z029W)\ ?OX M5.'XHW)# +;T,EX!3G6#U_L8\4+X MM_2&C3K4#!W)/;ZGY4;=KEHZAHD[@QFF 5KC'3)&\XGV-1=!>(=^'9FU2H^"X M<'M\JS.K/>#VRPTB QP3Y/V[5J#H;A0""1TR,?6CK#)@!1GIO'7V_P!TNBK=X MZQJT@ $2/>HCA7=%U_ @QT'D^Y[TEL7>?S3.<$3TK02%+E]*H,ANWFG!R7%AX M$S$G2-1@">IJ:W7O%T*P&!"L,?J*+7["*$=FD&<@DCW&]5UVPBL-.D[%9,T1X MF O+8_#DE;4R4@9^]%>'JY6X;LLXT@D:9W'M[5R\4BW1;#,I8 @E<&=MZ7X*X MCMUNT;6(PW3O7,Q2T6TA6G3,2!)W_BEOO<55<@,=7J!)SVGQ/3:I<*SC\NX2X MRG8GH:5V7T9;CF\1EK). X$^_P!:%\XN6IRDK'.#B[2]B[2]O?;V]JRTX M,:2LK)2ZR]@X.+@[W-2K3%Q:RT.8N<4I2DE+2]X M.7.+BVI[<^;F&)RDI(.4G+2]M(N4G&)[>][FYJ2L>Z2L2G.#8O;V*6I[:H.+X ME%)J:J2TM*2LM'.#>[W%8M[>6KW%M-[F$,W5

    (@$&"01,6(3(C@X,3+@\Z% 8"(HH])!. echo -n "Marionnet startup configuration... " set -x function append_line_if_needed { local LINE="$1" local FILE="$2" { test -f "$FILE" && grep -q "^${LINE}$" "$FILE"; } || echo "$LINE" >> "$FILE" } ########################################### # Source-ing kernel command line # ########################################### # Read kernel command line variables into this shell's environment: # Expected variables: hostname hostfs ubd0s export $(tr /etc/hostname # The script `/etc/init.d/hostname.sh' belonged to the package `initscripts' # on old debian systems: [[ -x /etc/init.d/hostname.sh ]] && /etc/init.d/hostname.sh start &>/dev/null # Make a correct entry in /etc/hosts: append_line_if_needed "127.0.0.1 $hostname" /etc/hosts else echo "Warning: variable 'hostname' undefined" 1>&2 fi ########################################### # hostfs # ########################################### # Mount the hostfs filesystem and add bindings from the hostfs file # `boot_parameters' to this shell environment: if [[ -n $hostfs ]]; then mount none /mnt/hostfs -t hostfs -o $hostfs && # And also record it on the hostfs filesystem, so that we can # easily tell which guest machine the directory belongs to # *from the host*: [[ -n $hostname ]] && echo $hostname > /mnt/hostfs/GUESTNAME && source /mnt/hostfs/boot_parameters else echo "Warning: variable 'hostfs' undefined" 1>&2 fi ########################################### # xterm title # ########################################### # Show the hostname (and its filesystem) in the terminal window title bar if [[ -n $ubd0s ]]; then # Get the name of the virtual filesystem choosen by the user: virtualfs_name="${ubd0s##*/}" virtualfs_name=${virtualfs_name#router-} virtualfs_name=${virtualfs_name#machine-} echo -e '\033]0;'"$hostname ($virtualfs_name)"'\007' else echo "Warning: variable 'ubd0s' undefined" 1>&2 fi ########################################### # Network configurations # ########################################### # Perform an indirect lookup of the variable $1'_eth'$2, i.e. return # the value of the variable which is the value of the variable named # $1'_eth'$2. function lookup { echo $(eval echo '$'$1'_eth'$2) } # Configure network interfaces: if [[ -n $ethernet_interfaces_no ]]; then for i in $(eval echo {0..$((ethernet_interfaces_no-1))}); do mac_address=`lookup mac_address $i` mtu=`lookup mtu $i` ipv4_address=`lookup ipv4_address $i` ipv4_broadcast=`lookup ipv4_broadcast $i` ipv4_netmask=`lookup ipv4_netmask $i` ipv6_address=`lookup ipv6_address $i` [[ -z $mac_address ]] || ifconfig eth$i hw ether $mac_address [[ -z $mtu ]] || ifconfig eth$i mtu $mtu # IPv4 configuration. # The variable `ipv4_address' may be defined via the Marionnet GUI with the # CIDR notation, i.e. in the form x.y.z.t/N. However, in order to be # compatible with the busybox (buildroot) implementation of `ifconfig', # Marionnet extracts the address into x.y.z.t and sets `ipv4_address', # then it computes the corresponding netmask and sets `ipv4_netmask'. # So, the command executed here may have a form like: # ifconfig eth0 192.168.0.1 # or # ifconfig eth0 192.168.0.1 netmask 255.255.255.0 if [[ -n $ipv4_address ]]; then if [[ -n $ipv4_netmask ]]; then ifconfig eth$i $ipv4_address netmask $ipv4_netmask else ifconfig eth$i $ipv4_address fi fi # IPv6 configuration. # The variable `ipv6_address' may be defined via the Marionnet GUI with the # CIDR notation. So, the command executed here may have a form like: # ifconfig eth0 inet6 add 2003:abd::1/32 if [[ -n $ipv6_address ]]; then ifconfig eth$i inet6 add $ipv6_address fi done fi ########################################### # Ghost interface (eth42) # ########################################### # Activate and immediately ghostify our special network # interface communicating with the host: ifconfig eth42 $ip42 up &>/dev/null if type ghostify; then ghostify eth42; fi &>/dev/null ########################################### # /etc/fstab swap tuning # ########################################### # Add swap (the swap 'partition' was already created as a # sparse file and initialized with mkswap from the host side): append_line_if_needed \ "/dev/ubdb none swap sw 0 0" \ /etc/fstab swapon -a ########################################### # /etc/fstab swap tuning # ########################################### # TODO: think about the ssh tunnelling! if [ -z "$xnest_display_number" ]; then DISPLAY_VALUE=172.23.0.254:0 else DISPLAY_VALUE=172.23.0.254$xnest_display_number fi # Find a suitable shell configuration file and append the line setting the # variable DISPLAY: for i in /etc/profile /etc/bash.bashrc /root/.bash_profile /root/.bashrc; do if [[ -f $i ]]; then append_line_if_needed "export DISPLAY=$DISPLAY_VALUE" $i break; fi done echo "done." marionnet-0.90.6+bzr508.orig/uml/startup.old/cfg2html0000755000175000017500000000135613175722671021317 0ustar lucaslucas# @(#) $Header: /home/ralproth/CVS/cfg2html_hpux/release/cfg2html,v 3.13 2006/05/03 08:10:23 ralproth Exp $ ############################################################## # This is a wrapper for cfg2html(-hpux).sh (shortcut) and can be # customized to fit your needs. # case $(uname) in HP-UX) cfg2html_hpux.sh $* -0 -o/tmp;; ## 31.03.2005 14:50 Linux) cfg2html-linux $* -x -A;; ## 08.06.2006 *) echo "$0: Unsupported operating system!"; exit 2 ;; esac RETCODE=$? if [ $RETCODE -eq 0 ] then # Customize this to fit your needs! ######## mueller ############# # 16.03.2005, 09:49 modified by Ralph.Roth [ -x /usr/bin/xitd03wg ] && /usr/bin/xitd03wg /tmp/$(hostname)*{.err,.html,_xpinfo.txt} else echo "Error ($0): Returncode=$RETCODE" fi marionnet-0.90.6+bzr508.orig/uml/README0000644000175000017500000000223313175722671016257 0ustar lucaslucas======================================================================= drwxr-xr-x 2 jean jean 4096 Jun 19 23:37 ethghost drwxr-xr-x 4 jean jean 4096 May 6 20:12 kernel These directories contain UML kernel patches (mostly for ghostification), kernel .config files, and userland utilities (again, mostly for ghostification). Our repositories do *not* contain copies of Linux, since the kernel is huge and we only need tiny modifications. All of this makes easy to create UML kernels usable with Marionnet. This part of the work has been performed by Jonathan Roudiere and Luca Saiu. ======================================================================= drwxrwxr-x 6 jean jean 4096 May 22 13:23 pupisto.buildroot drwxrwxr-x 2 jean jean 4096 Jun 19 19:27 pupisto.common drwxrwxr-x 12 jean jean 4096 Jun 21 17:04 pupisto.debian drwxrwxr-x 3 jean jean 4096 May 21 20:08 pupisto.kernel drwxrwxr-x 2 jean jean 4096 Apr 8 13:51 startup These directories contain a set of scripts to build kernels and/or filesystems (Buildroot and Debian) suitable for Marionnet. This part of the work has been performed by Jean-Vincent Loddo with the contribution of Antoine Seignard. marionnet-0.90.6+bzr508.orig/uml/pupisto.kernel/0000755000175000017500000000000013175722671020361 5ustar lucaslucasmarionnet-0.90.6+bzr508.orig/uml/pupisto.kernel/Makefile0000644000175000017500000000377613175722671022036 0ustar lucaslucas# This file is part of Marionnet # Copyright (C) 2013 Jean-Vincent Loddo # Copyright (C) 2013 Université Paris 13 # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . help: @echo "Usage: make " @echo " or: make OPTIONS=--custom " @echo " or: make show_versions" @echo " or: make dependencies" @echo " or: make clean" @echo " or: make help" @echo "Example: make 3.2.48" 2.% 3.%: dependencies ./pupisto.kernel.sh $(OPTIONS) $@ clean: rm -rf _build.linux-* # Show available (stable or longterm support) versions of the kernel # looking to https://www.kernel.org/: show_versions: @lynx 2>/dev/null --dump https://www.kernel.org/ | awk '/longterm:/ || /stable:/ {print $$1,$$2}' # ============================================================= # Dependencies # ============================================================= REQUIRED_PACKAGES=binutils wget patch ccache gcc gcc-multilib libc6-i386 libc6-dev-i386 dependencies: @echo "Required packages: $(REQUIRED_PACKAGES)" @which dpkg 1>/dev/null || { echo "Not a Debian system (oh my god!); please install packages corresponding to: $(REQUIRED_PACKAGES)"; exit 1; } @dpkg 1>/dev/null -l $(REQUIRED_PACKAGES) || \ if which aptitude; then \ sudo aptitude install -q -q -q -y $(REQUIRED_PACKAGES); \ elif which apt-get; then \ sudo apt-get install -q -q -q -y $(REQUIRED_PACKAGES); \ else \ exit 1; \ fi @echo Ok. marionnet-0.90.6+bzr508.orig/uml/pupisto.kernel/pupisto.kernel.sh0000755000175000017500000003510713175722671023710 0ustar lucaslucas#!/bin/bash # This file is part of Marionnet # Copyright (C) 2013 Jean-Vincent Loddo # Copyright (C) 2013 Université Paris 13 # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # Preamble for automatic log-file generation: MY_BASENAME=$(basename $0) if [[ $1 = "--help" || $1 = "-h" || $1 = "--list" || $1 = "-l" || $1 = "--source" || $1 = "-s" ]]; then # do nothing and continue : elif grep -q "log_${MY_BASENAME}[.]......$" <<<"$1"; then LOGFILE=$1 shift # and continue else LOGFILE=$(mktemp /tmp/log_${MY_BASENAME}.XXXXXX) EXIT_CODE_FILE=$(mktemp /tmp/exit_code_${MY_BASENAME}.XXXXXX) echo -e "Log file of command:\n$0" "$@" "\n---" >$LOGFILE COLUMNS=$(tput cols) { time $0 "$LOGFILE" "$@"; echo $? >$EXIT_CODE_FILE; } 2>&1 | tee -a "$LOGFILE" | cut -c1-$((COLUMNS)) read EXIT_CODE <$EXIT_CODE_FILE rm -f $EXIT_CODE_FILE echo "---" echo "$MY_BASENAME: previous running logged into $LOGFILE" exit $EXIT_CODE fi [[ $1 = "--source" || $1 = "-s" ]] || { set -e shopt -s nullglob shopt -s expand_aliases } # Getopt's format used to parse the command line: OPTSTRING="hlsc" function parse_cmdline { local i j flag # Transform long format options into the short one: for i in "$@"; do if [[ double_dash_found = 1 ]]; then ARGS+=("$i") else case "$i" in --custom) ARGS+=("-c"); ;; --help) ARGS+=("-h"); ;; --source) ARGS+=("-s"); ;; --list) ARGS+=("-l") ;; --) ARGS+=("--"); double_dash_found=1; ;; --[a-zA-Z0-9]*) echo "*** Illegal long option $i."; exit 1; ;; -[a-zA-Z0-9]*) j="${i:1}"; while [[ $j != "" ]]; do ARGS+=("-${j:0:1}"); j="${j:1}"; done; ;; *) ARGS+=("$i") ;; esac fi done set - "${ARGS[@]}" unset ARGS # Interpret short format options: while [[ $# -gt 0 ]]; do OPTIND=1 while getopts ":$OPTSTRING" flag; do if [[ $flag = '?' ]]; then echo "ERROR: illegal option -$OPTARG."; exit 1; fi eval "option_${flag}=$OPTIND" eval "option_${flag}_arg='$OPTARG'" done for ((j=1; j [WORKING-DIRECTORY] or: ${0##*/} (--help|-h) or: ${0##*/} (--list|-l) or: source ${0##*/} (--source|-s) The first synopsis builds a kernel. The second synopsis prints this message and exits. The third synopsis shown the list of defined functions. The fourth synopsis allows this script to be sourced (to have relevant functions available in the current environment). Options: -c/--custom customize the kernel using 'make menuconfig' Example: $ ${0##*/} 3.4.22 $ ${0##*/} 3.4.22 /tmp/_build.678HG234 $ ${0##*/} -l $ source ${0##*/} -s" exit $1 } # Manage now your options in a convenient order # # Option -h if [[ -n ${option_h} ]]; then print_usage_and_exit 0 fi AWK_PROGRAM_LISTING_FUNCTIONS='/^[ ]*function[ ]*[a-zA-Z0-9_]*[ ]*{/ && ($2 != "parse_cmdline") && ($2 != "print_usage_and_exit") {print $2}' # Option -l/--list if [[ -n ${option_l} ]]; then awk <"$0" "$AWK_PROGRAM_LISTING_FUNCTIONS" | sort exit 0 fi # Option -c/--custom if [[ -n ${option_c} ]]; then CUSTOM_OPTION="--custom" fi #################################### # M A I N # #################################### # ------------------- # Configuring kernels # ------------------- # Sort and merge `.config' files removing comments and empty lines. # Note that the operation of sorting lines provides the expected behaviour: the # letter "y" (yes) comes after "n" (no), that comes after "m" (module). # In other terms, if a variable X is set twice, for instance X=m in a file, and # X=y in the other file, the resulting file will be made with the line "X=m" before # the line "X=y". In this way, "make oldconfig" will take "X=y" discarding the previous # setting, as we expect. In the case of "X=n" vs "X=m", "no" wins. function sort_and_merge_config_files { cat "$@" | awk 'NF>0 && $1 !~ /^#/' | sort | uniq } # Usage: create_kernel_config_from [-i] # # Example: # create_kernel_config_from CONFIG-2.6.18 # # Successfully tested with 3.2.{13,44}, 3.4.42, 3.8.10 function create_kernel_config_from { local INTERACTIVE if [[ $1 = -i ]]; then INTERACTIVE=y; shift; fi local DEFAULT_OLD_CONFIG_FILE=$PWD/CONFIG-2.6.18 local OLD_CONFIG_FILE=${1:-$DEFAULT_OLD_CONFIG_FILE} [[ -f $OLD_CONFIG_FILE ]] || return 1 # Make a default .config for ARCH=um make mrproper make mrproper ARCH=um make defconfig ARCH=um # Merge with the provided (good) .config sort_and_merge_config_files .config $OLD_CONFIG_FILE >.config.1 mv .config.1 .config if [[ $INTERACTIVE = y ]]; then make oldconfig ARCH=um SUBARCH=i386 else while true; do echo; done | make oldconfig ARCH=um SUBARCH=i386 fi # Finally fix some specific problems: # UML_NET_PCAP must be unset (error compiling the kernel): # (unhappily because in this way we cannot start wireshark as normal user, # see http://wiki.wireshark.org/CaptureSetup/CapturePrivileges) sed -i -e 's/CONFIG_UML_NET_PCAP=y/CONFIG_UML_NET_PCAP=n/' .config # Looking linux-3.0.75/arch/x86/lib/Makefile this variable must be unset: sed -i -e 's/CONFIG_X86_CMPXCHG64=y/CONFIG_X86_CMPXCHG64=n/' .config # Looking http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=084189a sed -i -e 's/CONFIG_CMPXCHG_LOCAL=y/CONFIG_CMPXCHG_LOCAL=n/' .config # The modern `systemd' mechanism requires DEVTMPFS: echo 'CONFIG_DEVTMPFS=y' >> .config echo 'CONFIG_DEVTMPFS_MOUNT=n' >> .config # Now switch to "yes" (=y) all remaining things set as module (=m). # In the case of kernel 3.2.44 (LTS) we have only this settings: # CONFIG_UML_SOUND=m # CONFIG_SOUND=m # CONFIG_HOSTAUDIO=m # CONFIG_HW_RANDOM=m # CONFIG_CRYPTO_RNG=m # CONFIG_CRYPTO_ANSI_CPRNG=m sed -i -e 's/=m/=y/' .config # A second time, in order to have a very clean .config: while true; do echo; done | make oldconfig ARCH=um SUBARCH=i386 echo "Ok, result of merging and cleaning in \`.config'" } # ---------------- # Compilig kernels # ---------------- # For instance, if we call this function when we are (PWD) in # "/home/myrepos/marionnet/uml/pupisto/pupisto.sh.files/" # the result will be "/home/myrepos/marionnet/uml/" # This is useful to get files which location is known with # respect to this path (for instance kernel patches). function get_our_marionnet_slash_uml_directory_path { # Global PWD local TRAILER=${PWD##*/marionnet/uml/} echo ${PWD%$TRAILER} } # Usage: # $ download_patch_and_compile_kernel [c/--custom] [WORKING-DIRECTORY] # # Example: # $ download_patch_and_compile_kernel 3.2.48 /tmp/_building_directory function download_patch_and_compile_kernel { local CUSTOM if [[ $1 = "-c" || $1 = "--custom" ]]; then CUSTOM=y shift fi # global CUSTOM [[ $# -ge 1 ]] || return 1 # For instance "3.2.48" local VERSION=$1 local TWDIR=${2:-.} local DOWNLOADS_DIRECTORY=${3:-$PWD/_build.downloads} # Before pushing, get our marionnet/uml/kernel directory: local OUR_KERNEL_DIR=$(get_our_marionnet_slash_uml_directory_path)/kernel # Move to the working temporary directory (or current directory): pushd "$TWDIR" # Download, uncompress and untar the kernel: local KERNEL_SUBDIR=${VERSION%.*} local KERNEL_SUBDIR=${KERNEL_SUBDIR//3.*/3.x} # To save the tarball: mkdir -p $DOWNLOADS_DIRECTORY if [[ -f linux-${VERSION}.tar.xz ]]; then tar -xJf linux-${VERSION}.tar.xz mv linux-${VERSION}.tar.xz $DOWNLOADS_DIRECTORY/ elif [[ -f $DOWNLOADS_DIRECTORY/linux-${VERSION}.tar.xz ]]; then tar -xJf $DOWNLOADS_DIRECTORY/linux-${VERSION}.tar.xz else wget -O - https://www.kernel.org/pub/linux/kernel/v${KERNEL_SUBDIR}/linux-${VERSION}.tar.xz | tee $DOWNLOADS_DIRECTORY/linux-${VERSION}.tar.xz | tar -xJf - fi # Move to the kernel directory: cd linux-${VERSION} local FOUND GHOST_SUFFIX i j # Apply all patches for this version: for i in $OUR_KERNEL_DIR/linux-{$VERSION,${VERSION%.*}.%,${VERSION%.*.*}.%.%}[.-]*.{diff,patch}; do FOUND=y j=$(basename $i) echo "Applying patch: \'$j'"; echo "---" patch -p1 < $i cp $i ./ if grep -q "ghost" <<<"$j"; then GHOST_SUFFIX="-ghost" fi echo "---" done if [[ -z $FOUND ]]; then echo "No patch found for this kernel version in $OUR_KERNEL_DIR/kernel" echo "At least the \"ghostification\" patch was expected at location $OUR_KERNEL_DIR/linux-${VERSION}-ghost.diff" echo "Continuing however without patches." fi # Copy or generate .config from our repository FOUND=$OUR_KERNEL_DIR/CONFIG-$VERSION if [[ -f $FOUND ]]; then echo "Using pre-built config file found at $FOUND" cp $FOUND .config elif [[ -f $OUR_KERNEL_DIR/older-versions/CONFIG-2.6.18 ]]; then echo "Config file for version $VERSION not found. We generate it from our older CONFIG-2.6.18" create_kernel_config_from $OUR_KERNEL_DIR/older-versions/CONFIG-2.6.18 else echo "Error: $OUR_KERNEL_DIR/older-versions/CONFIG-2.6.18 not found" return 2 fi # Modify CONFIG_LOCALVERSION="-ghost" according to the # presence of the "ghostification" patch: if [[ -n $GHOST_SUFFIX ]]; then sed -i -e 's/CONFIG_LOCALVERSION="-ghost"/CONFIG_LOCALVERSION=""/' .config #unset GHOST_SUFFIX fi # Custom: if [[ $CUSTOM = y ]]; then local PSEUDO_TERMINAL=$(tty) make menuconfig ARCH=um SUBARCH=i386 0<$PSEUDO_TERMINAL 1>$PSEUDO_TERMINAL fi # Add `ccache' in the PATH if needed: if [[ -f /usr/lib/ccache/gcc ]] && ! grep -q "ccache" <<<$PATH; then export PATH=$(dirname $(which gcc)):$PATH fi # Exploit processors: local PROCESSOR_NO=$(\grep "^processor.*:" /proc/cpuinfo | sort | uniq | wc -l) # Launch the compilation process with the virtual `um' architecture (ARCH), # and with `i386' target host architecture (SUBARCH) make -j $PROCESSOR_NO ARCH=um SUBARCH=i386 cp -a linux linux-${VERSION}${GHOST_SUFFIX}-unstripped strip linux ln linux linux-${VERSION}${GHOST_SUFFIX} cp .config linux-${VERSION}${GHOST_SUFFIX}.config echo -ls -l $PWD ls -l linux-* popd } # download_patch_and_compile_kernel # --------------- # Testing kernels # --------------- # Example: # start_kernel ./kernel32-3.2.48 machine-brighella-59975 function start_kernel { local GDB if [[ $1 = "--debug" ]]; then # GDB="gdb --eval-command run --args " GDB='gdb -ex "handle SIGSEGV nostop noprint" -ex "handle SIGUSR1 nopass stop print" -ex run --args ' shift fi [[ $# -gt 1 ]] || return 1 local KERNEL="${GDB}${1}" local FS=$2 shift; shift; local OTHER_OPTIONS="$@" set -x TAP=$(LC_ALL=en_US ifconfig -a | \grep -o "^tap[0-9]" | head -n 1) if [[ -z $TAP ]]; then xterm -l -sb -T "m1" -e "$KERNEL keyboard_layout=us ubda=$FS umid=m1 mem=128M root=98:0 hostname=m1 guestkind=machine $OTHER_OPTIONS" else xterm -l -sb -T "m1" -e "$KERNEL keyboard_layout=us ubda=$FS umid=m1 mem=128M root=98:0 hostname=m1 guestkind=machine eth0=tuntap,$TAP $OTHER_OPTIONS" fi # -l generate a log XTerm.log. set +x echo "fuser -k first time:" fuser -k ${FS#*,} echo "fuser -k second time:" fuser -k ${FS#*,} } # Example: # start_kernel_with_cow ./kernel32-3.2.48 machine-brighella-59975 function start_kernel_with_fresh_cow { local GDB if [[ $1 = "--debug" ]]; then GDB="--debug" shift fi local KERNEL=$1 local FS=$2 local COWFILE=$(mktemp /tmp/start_kernel.XXXXXXX.cow) rm -f $COWFILE FS="$COWFILE,$FS" shift; shift; start_kernel $GDB $KERNEL $FS "$@" } # Stop here if the option -s (--source) has been provided: if [[ -n ${option_s} ]]; then # Export all functions of this file: echo export -f $(awk <$BASH_SOURCE "$AWK_PROGRAM_LISTING_FUNCTIONS") export -f $(awk <$BASH_SOURCE "$AWK_PROGRAM_LISTING_FUNCTIONS") return 0 2>/dev/null || { echo "Warning: the option -s must be used source-ing this script, not when the script is called as a standalone executable"; echo "Example: source $BASH_SOURCE -s"; exit 1; } fi if [[ $# -eq 0 ]]; then print_usage_and_exit 2 fi KERNEL_VERSION="$1" if ! echo $KERNEL_VERSION | grep -q "^[1-9][.][0-9][0-9]*[.][0-9][0-9]*$"; then echo 1>&2 "Error: \`$KERNEL_VERSION' is not a valid kernel version." print_usage_and_exit 2 fi WORKING_DIRECTORY=${2:-.} DOWNLOADS_DIRECTORY=$WORKING_DIRECTORY/_build.downloads [[ -d $WORKING_DIRECTORY ]] || { echo 1>&2 "Unexisting working directory \`$WORKING_DIRECTORY'" echo 1>&2 "Exiting." exit 3 } [[ -d $WORKING_DIRECTORY/linux-$KERNEL_VERSION ]] && { echo 1>&2 "A directory \`$WORKING_DIRECTORY/linux-$KERNEL_VERSION' already exists." KERNEL_DIR_BACKUP=$WORKING_DIRECTORY/linux-$KERNEL_VERSION.$(date +%Y-%m-%d.%H\h%M | tr -d " ").backup mv $WORKING_DIRECTORY/linux-$KERNEL_VERSION $KERNEL_DIR_BACKUP echo 1>&2 "Moved to \`$KERNEL_DIR_BACKUP'" } set -x download_patch_and_compile_kernel $CUSTOM_OPTION $KERNEL_VERSION "$WORKING_DIRECTORY" "$DOWNLOADS_DIRECTORY" set +x function abspath { local B=$(basename $1) local D=$(dirname $1) (builtin cd $D; echo $PWD/$B) } # If we are in the same directory of the script, we switch to a directory name # beginning with "_build." (according to the Makefile): if [[ $(dirname $(abspath $WORKING_DIRECTORY)) = $(dirname $(abspath "$0")) ]]; then BUILT_DIR=_build.linux-${KERNEL_VERSION}.$(date +%Y-%m-%d.%H\h%M).$RANDOM echo "Moving \`$WORKING_DIRECTORY/linux-$KERNEL_VERSION' -> \`$WORKING_DIRECTORY/$BUILT_DIR'" mv $WORKING_DIRECTORY/linux-$KERNEL_VERSION $WORKING_DIRECTORY/$BUILT_DIR # Copy log: cp $LOGFILE $WORKING_DIRECTORY/$BUILT_DIR/$(basename $LOGFILE) if [[ -f linux-${VERSION}.tar.xz ]]; then mkdir -p $DOWNLOADS_DIRECTORY mv linux-${VERSION}.tar.xz $DOWNLOADS_DIRECTORY/ fi fi echo 'Success.' marionnet-0.90.6+bzr508.orig/uml/pupisto.debian/0000755000175000017500000000000013175722671020323 5ustar lucaslucasmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/Makefile0000644000175000017500000000623413175722671021770 0ustar lucaslucas# This file is part of marionnet # Copyright (C) 2013, 2014 Jean-Vincent Loddo # Copyright (C) 2013, 2014 Université Paris 13 # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # ============================================================= # Building `wheezy' # ============================================================= KERNEL_VERSION=3.2.60 wheezy: dependencies ./pupisto.debian.sh --kernel $(KERNEL_VERSION) -t ext2 -r wheezy wheezy-no-kernel: dependencies ./pupisto.debian.sh --kernel $(KERNEL_VERSION) -t ext2 --no-kernel -r wheezy wheezy-custom: dependencies @echo "./pupisto.debian.sh --kernel $(KERNEL_VERSION) -t ext2 -r wheezy --custom" @echo "NOT IMPLEMENTED YET" wheezy-edit: $(EDITOR) pupisto.debian.sh.files/package_catalog/package_catalog.wheezy.selection squeeze: dependencies @echo "./pupisto.debian.sh --kernel $(KERNEL_VERSION) -t btrfs -r squeeze" @echo "NOT IMPLEMENTED YET" squeeze-no-kernel: dependencies @echo "./pupisto.debian.sh --kernel $(KERNEL_VERSION) -t btrfs --no-kernel -r squeeze" @echo "NOT IMPLEMENTED YET" squeeze-edit: @echo $(EDITOR) pupisto.debian.sh.files/package_catalog/package_catalog.wheezy.selection @echo "NOT IMPLEMENTED YET" # ============================================================= # Dependencies # ============================================================= # REQUIRED_PACKAGES=debootstrap fakeroot fakechroot REQUIRED_PACKAGES=debootstrap realpath dependencies: @echo "Required packages: $(REQUIRED_PACKAGES)" @which dpkg 1>/dev/null || { echo "Not a Debian system (oh my god!); please install packages corresponding to: $(REQUIRED_PACKAGES)"; exit 1; } @dpkg 1>/dev/null -l $(REQUIRED_PACKAGES) || \ if which aptitude; then \ sudo aptitude install -q -q -q -y $(REQUIRED_PACKAGES); \ elif which apt-get; then \ sudo apt-get install -q -q -q -y $(REQUIRED_PACKAGES); \ else \ exit 1; \ fi @echo Ok. # ============================================================= # clean & help # ============================================================= clean: sudo rm -rf _build.* help: @echo "Usage: make wheezy" @echo " or: make wheezy-custom # NOT IMPLEMENTED YET" @echo " or: make squeeze # NOT IMPLEMENTED YET" @echo " or: make squeeze-custom # NOT IMPLEMENTED YET" @echo " or: make dependencies" @echo " or: make clean" @echo " or: make help-pupisto" @echo " or: make help" help-pupisto: ./pupisto.debian.sh --help edit: $(EDITOR) *.sh pupisto.debian.sh.files/package_catalog/package_catalog.*.selection ../pupisto.common/*.sh marionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/0000755000175000017500000000000013175722671024761 5ustar lucaslucasmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/ssh0000777000175000017500000000000013175722671027773 2../../guest/sshustar lucaslucasmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/marionnet-relay0000777000175000017500000000000013175722671034615 2../../guest/marionnet-relayustar lucaslucasmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/dev.tar.gz0000644000175000017500000000534113175722671026671 0ustar lucaslucasGQnI(zWei JQ$DҐ鷋FnEķb_h` HpfOdDiqSR:|~g1Dw!Uow竫z>_?X>2 ծjD??&dXo'ɓP`P;?NK?JVJWg '5cu}5 ~u H^? Vߡus6 +oŏsVĂ&J(raЫ8]}I_P!Oo9翼&L7꿦^O?V?M  O/o:ϋ~Rov?YF3o1t???V?bCD_/s!qߗϡ1cW#7kk3NF+p_ߣoGGhߨ hQCK-u{ 1PWk?߈_?_igH6?b??Z?ɻ_҅D/"'=ߙ}=A78OoB[5rH7?VOFhoCwmSAn]?.?@w-gW;9/8GjhOA+d/ S/C}ݤ_%8jWOcEXߺT'`^#(r j׫3|lYh?f?|Gz^>??@X AELg OBۉoZXt=˵ _=-Pb3h? _0*䄾zlWN@-?;4b(4O5߹_,%_>Y)_?475y^eNn[u{iϡ/j/~jI=>C>?>?[1甑 ? =a?OъZwb{ms{?Io-\?_I+cd?TicT{ʆn3'*(? !Ǿ]/'o;1#<>jnmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/bashrc0000777000175000017500000000000013175722671031105 2../../guest/bashrcustar lucaslucasmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/0000755000175000017500000000000013175722671030046 5ustar lucaslucasmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/README0000644000175000017500000000275613175722671030740 0ustar lucaslucasAbout files `binary_list*' ------------------------ The files `binary_list.machine-*.*' have been generated launching in Marionnet the corresponding virtual machine, then executing (as root) the following bash function: function binary_list { local i DIRS DIRS=$(for i in ${PATH//:/ }; do [[ -d $i ]] && echo $i; done) find $DIRS -perm -u=x ! -type d ! -name "*[.]so*" -exec basename {} \; | sort | tr '\n' ' ' } About file `package_catalog.{wheezy,squeeze}.GENERATED' ------------------------------------------------------- Note that the generation of files `package_catalog.{wheezy,squeeze}.GENERATED' takes about 1 hour in a system with a good internet connection. About files `package_catalog.{wheezy,squeeze}.selection' -------------------------------------- The file `package_catalog.$RELEASE.selection' is the unique relevant source of informations for the script `pupisto.debian.sh'. Uncommented lines specify the packages that we want to include in the generated debian filesystem. If you rebuild the file `package_catalog.$RELEASE.GENERATED' (make $RELEASE), you have to manually merge it with `package_catalog.$RELEASE.selection'. For instance, if you have the tool `kdiff3' installed, you can proceed as follows: (I suppose here RELEASE="wheezy") $ make package_catalog.wheezy.COMPLETE.COMMENTED.selection $ kdiff3 -m -o /tmp/merging package_catalog.wheezy.{selection,COMPLETE.COMMENTED.selection} (resolve conflicts selecting B) # UPDATE! $ cat /tmp/merging > package_catalog.wheezy.selection ././@LongLink0000644000000000000000000000017600000000000011607 Lustar rootrootmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/binary_list.machine-debian-39284.1368marionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/binary_list.0000644000175000017500000003163513175722671032376 0ustar lucaslucas[ 822-date a2dismod a2dissite a2enmod a2ensite a2p ab accessdb acleandir.rc aclocal-1.8 acpid acpi_listen addpart addr2line add-shell adduser adnsheloex adnshost adnslogres adnsresfilter adv1tov2 aecho afmdiff.awk afpd afpd-mtab.pl akodeplay amuFormat.sh apache2 apache2ctl apple_chfile apple_cp apple_file apple_mv apple_rm appres apt-cache apt-cdrom apt-config apt-extracttemplates apt-ftparchive apt-get aptitude aptitude-create-state-bundle aptitude-run-state-bundle apt-key apt-mark apt-sortpkgs ar arp artscat artsd artsdsp artsmessage artsplay artsrec artsshell artswrapper as asip-status.pl asn1Coding asn1Decoding asn1Parser asn2deb aspell aspell-autobuildhash aspell-import atalkd atobm audit2allow audit2why autoconf autoheader autom4te automake-1.8 autopoint autoreconf autoscan autoupdate b2m badblocks balou-export-theme balou-install-theme basename bash bashbug bc bdftopcf bdftops bdftruncate beforelight berdecode biosdecode bitmap blkid blockdev bmtoa bootlogd bsd-write buildhash bunzip2 busybox bzcat bzdiff bzexe bzgrep bzip2 bzip2recover bzmore c2ph c89-gcc c99-gcc calendar capinfos capitalize cat catchsegv catman ccmakedep cdbs-edit-patch cfdisk cfg2html cfg2html-linux c++filt chage chattr chcat chcon check_forensic checkgid chfn chgpasswd chgrp chkdupexe chmod chown chpasswd chroot chrt chsh cjpeg cksum cleanappledouble.pl cleanlinks cleanup-info clear clear_console clock cmdtool cmp cnid2_create cnid_dbd cnid_index cnid_maint cnid_metad col colcrt colrm column comm compress-dummy cp cpan cpio cpp-4.1 cpp-4.2 cppw Crack Crack-Reporter cramfsck c_rehash cron crontab csplit csslint-0.6 ctags ctags-exuberant ctrlaltdel cupsdconf cupsdoprint cut cytune dash date dbmmanage dbus-cleanup-sockets dbus-daemon dbus-monitor dbus-send dbus-uuidgen dc dcop dcopclient dcopfind dcopobject dcopquit dcopref dcopserver dcopserver_shutdown dcopstart dd ddate debconf debconf-apt-progress debconf-communicate debconf-copydb debconf-escape debconf-gettextize debconf-set-selections debconf-show debconf-updatepo debugfs defoma defoma-hints defoma-psfont-installer defoma-reconfigure delpart deluser depmod desktop-file-install desktop-file-validate dexconf df dga dh_builddeb dh_clean dhclient3 dhclient-script dh_compress dh_desktop dh_fixperms dh_gconf dh_gencontrol dh_gtkmodules dh_icons dh_install dh_installcatalogs dh_installchangelogs dh_installcron dh_installdeb dh_installdebconf dh_installdefoma dh_installdirs dh_installdocs dh_installemacsen dh_installexamples dh_installifupdown dh_installinfo dh_installinit dh_installlogcheck dh_installlogrotate dh_installman dh_installmanpages dh_installmenu dh_installmime dh_installmodules dh_installpam dh_installppp dh_installudev dh_installwm dh_installxfonts dh_installxmlcatalogs dh_link dh_listpackages dh_makeshlibs dh_md5sums dh_movefiles dh_ocaml dh_pangomodules dh_perl dh_pycentral dh_pysupport dh_python dh_scrollkeeper dh_shlibdeps dh_strip dh_suidregister dh_testdir dh_testroot dh_testversion dh_undocumented dh_usrlocal diff diff3 dig dir dircolors dirname djpeg dmesg dmidecode dnsdomainname dnssec-keygen dnssec-signzone domainname dotlockfile dpkg dpkg-architecture dpkg-buildpackage dpkg-checkbuilddeps dpkg-deb dpkg-distaddfile dpkg-divert dpkg-genchanges dpkg-gencontrol dpkg-gensymbols dpkg-name dpkg-parsechangelog dpkg-preconfigure dpkg-query dpkg-reconfigure dpkg-scanpackages dpkg-scansources dpkg-shlibdeps dpkg-source dpkg-split dpkg-statoverride dprofpp dselect dtd2vim du dumpcap dumpe2fs dumphint dvipdf e2fsck e2image e2label ebrowse echo editcap editres egrep eject emacs emacs-23.0.0 emacsclient enc2xs env envsubst eps2eps eqn erb1.8 esdcat esdctl esddsp esdfilt esdloop esdmon esdplay esdrec esdsample etags exifautotran exo-csource exo-desktop-item-edit exo-mount exo-open exo-preferred-applications expand expiry exportfs expr factor faillog false famd fc-cache fc-cat fc-list fc-match fdformat fdisk fgrep file filefrag fileshareset find find2perl findaffix findfs finger fixfiles flock fmt fold font2c fontname fontprop free freetype-config fribidi from fsck fsck.cramfs fsck.ext2 fsck.ext3 fsck.minix fsck.nfs fslsfonts fstobdf fuser fvwm2 fvwm-bug FvwmCommand fvwm-config fvwm-convert-2.4 fvwm-convert-2.6 fvwm-menu-desktop fvwm-menu-directory fvwm-menu-headlines fvwm-menu-xlock fvwm-perllib fvwm-root gawk gcc-4.1 gcc-4.2 gccbug-4.1 gccmakedep gconf-merge-tree gconf-schemas gconftool-2 gcore gcov-4.1 gcov-4.2 gdb gdbserver gdbtui gdk-pixbuf-csource gencat genhomedircon getconf getent getopt gettext gettextize gettext.sh getty getzones ghostify ginstall-info gksu gksu-properties glib-genmarshal glib-gettextize glib-mkenums gnome-keyring-daemon gobject-query gpasswd gpg gpg-convert-from-106 gpgsplit gpgv gpg-zip gprof grep grep-changelog groff grog grops grotty groupadd groupdel groupmod groups grpck grpconv grpunconv grub grub-floppy grub-install grub-install grub-md5-crypt grub-reboot grub-set-default grub-terminfo gsbj gsdj gsdj500 gs-gpl gslj gslp gsnd gss_clnt_send_err gss_destroy_creds gtk-builder-convert gunzip gv gzexe gzip h2ph h2xs halt head helpztags hexdump host hostid hostname htcacheclean htdbm htdigest html2text htpasswd httxt2dbm hwclock iceauth ico icombine iconv iconvconfig id identd idl2deb idl2wrs ifconfig ifdown ifnames ifup igawk ijoin ikeygen imagetops imake inetd inetutils-ifconfig inetutils-telnet info infocmp infokey init insert_brackets insmod install install-info installkernel install-menu install-sgmlcatalog instmodsh invoke-rc.d ionice ip6tables ip6tables-restore ip6tables-save ipcrm ipcs ipmaddr iptables iptables-restore iptables-save iptables-xml iptunnel isosize ispell ispell-autobuildhash ispell-wrapper jack_alias jack_bufsize jack_connect jackd jack_disconnect jack_evmon jack_freewheel jack_impulse_grabber jack_load jack_lsp jack_metro jack_midiseq jack_midisine jack_monitor_client jackrec jack_showtime jack_simple_client jack_transport jack_unload joe john join jpegexiforient jpegtran kab2kabc kaddprinterwizard kate kbuildsycoca kcmshell kconf_update kcookiejar kde-config kded kdeinit kdeinit_shutdown kdeinit_wrapper kde-menu kdesu_stub kdontchangethehostname kdostartupconfig kedit kfile kgrantpty khotnewstuff kill killall killall5 kinstalltheme kioexec kio_http_cache_cleaner kioslave kio_uiserver klauncher klogd kmailservice koi8rxterm kpac_dhcp_helper kregexpeditor ksendbugmail kshell kstartupconfig ktelnetservice ktradertest kwrapper kwrite labltk laptop-detect last lastlog lcf ld ldconfig ldd less lessecho lesskey lesspipe lexgrog lft.db libnetcfg libpng12-config libtool libtoolize line link links links2 listres ln lndir lnusertemp load_policy locale localedef locale-gen logger login logname logresolve logsave look lorder losetup lp2pap.sh ls lsattr lsmod lsof lspci lspgpot lsusb luit lxterm lynx.stable lzma lzma_alone m4 macusers mailer mail-files mailshar make makedepend MAKEDEV make_driver_db_cups make_driver_db_lpr makeg makeinfo make-ssl-cert makestrs manpath marionnet_grab_config mawk mbchk mcheck mcomp mcookie md5sum megatron meinproc mergecap mergelib mesg mii-tool mkbimage mkboot mkchdr mkcramfs mkdir mkdirhier mke2fs mkfifo mkfontdir mkfontscale mkfs mkfs.bfs mkfs.cramfs mkfs.ext2 mkfs.ext3 mkfs.minix mkhtmlindex mkinitramfs mkinitramfs-kpkg mklost+found mkmanifest mknod mkpasswd mkswap mktemp modinfo modprobe more mount mount.cifs mount.nfs mountpoint mount.smbfs mpack msgattrib msgcat msgcmp msgcomm msgconv msgen msgexec msgfilter msgfmt msggrep msginit msgmerge msgunfmt msguniq mt-gnu mtools mtr mtrace munchlist munpack mv mxtar named named-checkconf named-checkzone namei nameif nano nbplkup nbprgstr nbpunrgstr ncal nc.traditional ncurses5-config ncursesw5-config neqn net netatalk-uniconv netkit-ftp netstat newgrp newrole newusers nfsstat ngettext nice nl nm nmblookup nohup nologin nroff nslookup nsupdate nu objcopy objdump ocaml ocamlbrowser ocamlbuild.byte ocamlbuild.native ocamlc ocamlcp ocamldebug ocamldep ocamldoc ocamldumpobj ocamllex ocaml-md5sums ocamlmklib ocamlmktop ocamlobjinfo ocamlopt ocamlprof ocamlrun ocamlyacc oclock od oldfuser omnicpp omniidl omniidlrun.py omshell open_init_pty openssl ownership owplaces pam_getenv pam_tally pango-querymodules pango-view pap papd paperconf paperconfig papstatus partx passwd paste patch pathchk pcimodules pcretest pdf2dsc pdf2ps pdfopt peekfd perl perl5.8.8 perlbug perlcc perldoc perlivp pf2afm pfbtopfa pg pgawk pgrep pic piconv ping ping6 pinky pivot_root pkg-config pl2pm plipconfig pmap pmap_dump pmap_set po2debconf pod2html pod2latex pod2man pod2text pod2usage podchecker podebconf-display-po podebconf-report-po podselect portmap postalias postcat postconf postdrop postfix postkick postlock postlog postmap postqueue postsuper pphs pr precat prename preunzip prezip prezip-bin printafm printenv printf props prove ps ps2ascii ps2epsi ps2pdf12 ps2pdf13 ps2pdf14 ps2pdfwr ps2ps ps2ps2 psed psorder pstree pstruct ptbl ptx pval pwck pwconv pwd pwdx pwunconv pycentral py_compilefiles pydoc2.4 pygettext2.4 pysupport-movemodules pysupport-parseversions python2.4 qmqp-sink qmqp-source qshape querybts ranlib rarp raw rclock rcs-checkin rdev rdjpgcom readelf readlink readprofile recode-sr-latin remove_brackets remove-default-ispell remove-default-wordlist remove-shell remsync rename.ul renice rep reportbug report-hw rep-remote resize resize2fs restorecon rev revpath rgrep rm rmail rmdir rmmod rmt-tar rndc rndc-confgen rotatelogs route roxterm roxterm-config rpcdebug rpcgen rpc.gssd rpc.idmapd rpcinfo rpc.mountd rpc.nfsd rpc.statd rpc.svcgssd rpc.yppasswdd rpc.ypxfrd rstart rstartd rtcwake ruby1.8 runcon run_init runlevel run-mailcap run-parts run-with-aspell rxvt-xpm rxvt-xterm s2p safe_finger savelog sawfish sawfish-client sawfish-ui scp script scriptreplay sdiff secon sed se_dpkg select-default-ispell select-default-iwrap select-default-wordlist semanage semodule semodule_deps semodule_expand semodule_link semodule_package sendmail sensible-browser sensible-editor sensible-pager sepolgen-ifgen seq sessreg sestatus setarch setfiles setpci setsebool setsid setterm setxkbmap sfdisk sftp sha1sum sha224sum sha256sum sha384sum sha512sum shadowconfig shar shift_lines showfont showmount showppd showrgb shred shutdown size skill slabtop slattach sleep smbpasswd sm-notify smproxy smtp-sink smtp-source snacc snacc-config soelim sort sperl5.8.8 splain split split-logfile sprof sq ssh ssh-add ssh-agent ssh-argv0 ssh-copy-id sshd ssh-keygen ssh-keyscan start_kdeinit start_kdeinit_wrapper startpar start-stop-daemon startx startxfce4 stat strace strfile strings strip stty su sudo sudoedit sulogin sum su-to-root swapon sync sysctl syslogd syslogd-listfiles syslog-facility tac tail tailf tar tasksel taskset tbl tclsh8.4 tcpd tcpdchk tcpdmatch tcpdump tcptraceroute.db tcsh tee telnetd telnet.netkit tempfile test testparm testrb1.8 texi2dvi texi2pdf texindex text2pcap textedit tftp tgz Thunar tic time timelord tload toe top touch tput tr traceproto.db traceroute.db traceroute-nanog.db troff true tryaffix try-from tset tshark tsort tty tune2fs tunelp tzselect ucf ucfq ucfr ucs2any udevcontrol udevd udevinfo udevmonitor udevsettle udevtest udevtrigger ul umount umount.cifs uname uncompress unexpand unghostify uniq unix_chkpwd unlink unshar unsq unstr update-alternatives update-catalog update-default-ispell update-default-wordlist update-desktop-database update-dictcommon-aspell update-fonts-alias update-fonts-dir update-fonts-scale update-gconf-defaults update-grub update-grub update-icon-caches update-inetd update-initramfs update-ispell-dictionary update-locale update-menus update-mime update-mime-database update-modules update-openoffice-dicts update-pangox-aliases update-passwd update-pciids update-python-modules update-rc.d update-usbids update-xmlcatalog uptime useradd userdel usermod users uudecode uuencode uxterm uz validlocale vdir viewres vim-addons vim.basic vimplate vim.tiny vimtutor vipw visudo vmstat volname vpddecode w3m w3mman wall watch wc wftopfa wget whatis whereis which whiptail who whoami whois wireshark wish8.4 word-list-compress w.procps wrjpgcom X x11perf x11perfcomp xargs xauth xauth_switch_to_sun-des-1 xbiff xcalc xclipboard xclock xcmsdb xconsole xcursorgen xcutsel xdbedizzy xditview xdpyinfo xdriinfo xedit xev xeyes xfbrowser4 xfce4-about xfce4-autostart-editor xfce4-kiosk-query xfce4-menueditor xfce4-panel xfce4-popup-menu xfce4-popup-windowlist xfce4-session xfce4-session-logout xfce4-terminal xfce4-terminal.wrapper xfce4-tips xfce-mcs-manager xfce-setting-show xfd xfdesktop xfhelp4 xflock4 xfmountdev4 xfontsel xfrun4 xfsinfo xfsm-shutdown-helper xft-config xfterm4 xfwm4 xgamma xgc xgettext xhost xinit xkbbell xkbcomp xkbevd xkbprint xkbvleds xkbwatch xkill xlinks2 xload xlogo xlsatoms xlsclients xlsfonts xmag xman xmessage xmkmf xmodmap xmore xon xprop xrandr xrdb xrefresh xset xsetmode xsetpointer xsetroot xsm xstdcmap xsubpp xterm xtermcontrol xtermset xtrapchar xtrapin xtrapinfo xtrapout xtrapproto xtrapreset xtrapstats xvidtune xvinfo xwd xwininfo xwud xxd yes ypbind ypcat ypmatch yppasswd yppoll yppush ypserv ypserv_test ypset yptest ypwhich zcat zcmp zdiff zdump zegrep zfgrep zforce zgrep zic zless zmore znew zsoelim marionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/Makefile0000644000175000017500000000725313175722671031515 0ustar lucaslucas# This file is part of Marionnet, a virtual network laboratory # Copyright (C) 2013 Jean vincent Loddo # Copyright (C) 2013 Université Paris 13 # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # This Makefile helps people to build a debian filesystem # with debootstrap according to the Marionnet requirements. # ---------------------- # binary_list # ---------------------- binary_list.UNION: cat binary_list.*.* | sort -d | uniq > $@ # ---------------------- # wheezy or squeeze # ---------------------- wheezy squeeze: binary_list.UNION chmod +x ./make_package_catalog_from_binary_list.sh ./make_package_catalog_from_binary_list.sh $@ # ---------------------- # wheezy # ---------------------- package_catalog.wheezy.GENERATED: wheezy package_catalog.wheezy.COMPLETE.COMMENTED: package_catalog.wheezy.GENERATED touch package_catalog.wheezy.additional cat $< package_catalog.wheezy.additional | sort -k 1,1 -d | awk '{print "#"$$0}' > $@ WHEEZY_SELECTION=package_catalog.wheezy.selection package_catalog.wheezy.COMPLETE.COMMENTED.selection: package_catalog.wheezy.COMPLETE.COMMENTED cp -f $< $@; if [[ -f $(WHEEZY_SELECTION) ]]; then for i in $$(\grep -v '^#' $(WHEEZY_SELECTION) | awk '{print $$1}'); do sed -i -e "s/^#$${i} /$${i} /" $@; done; else cp -f $< $(WHEEZY_SELECTION); fi # ---------------------- # squeeze # ---------------------- package_catalog.squeeze.GENERATED: squeeze package_catalog.squeeze.COMPLETE.COMMENTED: package_catalog.squeeze.GENERATED touch package_catalog.squeeze.additional cat $< package_catalog.squeeze.additional | sort -k 1,1 -d | awk '{print "#"$$0}' > $@ SQUEEZE_SELECTION=package_catalog.squeeze.selection package_catalog.squeeze.COMPLETE.COMMENTED.selection: package_catalog.squeeze.COMPLETE.COMMENTED cp -f $< $@; if [[ -f $(SQUEEZE_SELECTION) ]]; then for i in $$(\grep -v '^#' $(SQUEEZE_SELECTION) | awk '{print $$1}'); do sed -i -e "s/^#$${i} /$${i} /" $@; done; else cp -f $< $(SQUEEZE_SELECTION); fi # ---------------------- # Dependencies # ---------------------- REQUIRED_PACKAGES=debootstrap coreutils dependencies: @echo "Required packages: $(REQUIRED_PACKAGES)" @which dpkg 1>/dev/null || { echo "Not a Debian system (oh my god!); please install packages corresponding to: $(REQUIRED_PACKAGES)"; exit 1; } @dpkg 1>/dev/null -l $(REQUIRED_PACKAGES) || \ if which aptitude; then \ sudo aptitude install -q -q -q -y $(REQUIRED_PACKAGES); \ elif which apt-get; then \ sudo apt-get install -q -q -q -y $(REQUIRED_PACKAGES); \ else \ exit 1; \ fi @echo Ok. # ---------------------- # clean # ---------------------- clean: sudo rm -rf _build.*; rm -f *~ rm -f package_catalog.*.COMPLETE.COMMENTED package_catalog.*.COMPLETE.COMMENTED.selection @if test -f package_catalog.wheezy.GENERATED; then echo "Warning: file \`package_catalog.wheezy.GENERATED' not removed; please remove it manually if you really know what are you doing."; fi @if test -f package_catalog.squeeze.GENERATED; then echo "Warning: file \`package_catalog.squeeze.GENERATED' not removed; please remove it manually if you really know what are you doing."; fi ././@LongLink0000644000000000000000000000020000000000000011573 Lustar rootrootmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/binary_list.machine-mandriva-09476.1155marionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/binary_list.0000644000175000017500000002434413175722671032375 0ustar lucaslucas[ 2to3 a2p ab about-mandriva activation-client addbuiltin addpart addr2line adduser advxsplitlogfile advxsplitlogfile.pl agetty alsa.agent alsa.agent alsa_in alsa_out alternatives apachectl appletviewer apropos apt ar arch aria2c arp arping arping as atob aumix-text avahi-autoipd avahi-browse avahi-browse-domains avahi-daemon avahi-publish avahi-publish-address avahi-publish-service avahi-resolve avahi-resolve-address avahi-resolve-host-name avahi-set-host-name awk awk badblocks baddbdir base64 basename bash bash3 bashbug berkeley_db_svc bgpd blkid blockdev bltest bonobo-activation-sysconf bonobo-slay bootlogd brctl btoa build-classpath build-classpath-directory build-jar-repository bunzip2 bzcat bzdiff bzgrep bzip2 bzip2recover bzless bzme bzmore c89 c99 cal captoinfo cat catchsegv cc ccp certcgi certutil cfdisk c++filt chacl chage chattr chcon check-binary-files checkcert check_forensic checkgid chfn chgrp chkconfig chksession chmod chown chpasswd chroot chrt chsh chvt ck-history ck-launch-session ck-list-sessions ck-log-system-restart ck-log-system-start ck-log-system-stop cksum clean-binary-files clear clockdiff cmp cmsutil code2color col colcrt colrm column comm conflict consolehelper console-kit-daemon consoletype ControlPanel convertsession cp cpio cpp cpp-4.4.1 cracklib-check cracklib-format cracklib-packer cracklib-unpacker create-cracklib-dict create-jar-links create_static_dev_nodes c_rehash crlutil crmftest crond crontab cryptsetup csplit ctrlaltdel ctstat cut cut cytune date db_archive db_checkpoint db_codegen db_deadlock db_dump db_dump185 db_hotbackup db_load dbmmanage db_printlog db_recover db_stat dbtest db_upgrade dbus-cleanup-sockets dbus-daemon dbus-launch dbus-monitor dbus-send dbus-uuidgen db_verify dd ddate deallocvt debugfs delpart depmod derdump desktop-file-install desktop-file-validate df dhclient dhclient-script dhcpd dhcpd-chroot.sh dhcpd-conf-to-ldap.pl dhcpreport.pl diff diff3 diff-jars dig digest dir dircolors dirname dlist_test dmesg dmeventd dmsetup dmsetup-static dmsetup.static dnsdomainname dns-keygen dnssec-dsfromkey dnssec-keyfromlabel dnssec-keygen dnssec-makekeyset dnssec-signkey dnssec-signzone doexec domainname du dumpcap dumpcap dumpe2fs dumpkeys e2freefrag e2fsck e2fsck.static e2image e2label e2undo e3jsize ebtables-restore ebtables-save echo echo-client-2 ed egrep eject env env eqn esd esdcompat ether-wake ethtool ettercap etterfilter etterlog ex expand expiry exportfs expr expr extcheck factor faillog false fc-cache fc-cat fc-list fc-match fc-query fc-scan fdformat fdisk fgconsole fgrep file filefrag find find find2perl findfs find-jar fipstest firefox flock flock fmt fndSession fold free free fsck fsck.cramfs fsck.ext2 fsck.ext3 fsck.ext4 fsck.ext4dev fsck.minix fstab-decode ftp ftpd fuser gawk gawk gawk-3.1.7 gcc gcc-4.4.1 gcc4.4-version gccbug gconf-merge-tree gconftool gconftool-2 gcov gdk-pixbuf-query-loaders gencat gendiff generate-modprobe.conf genhdlist2 genhostid genl geqn getconf get_device get_driver getent getfacl getkey getkeycodes get_module getopt gettext gettext ghost2 ghostify glibc-post-wrapper gmake gnome-open gnomevfs-cat gnomevfs-copy gnomevfs-df gnomevfs-info gnomevfs-ls gnomevfs-mkdir gnomevfs-monitor gnomevfs-mv gnomevfs-rm gnroff gpasswd gpg gpgsplit gpgv gpg-zip gprof grep groff grotty groupadd groupdel groupmod groups grpck grpconv grpunconv grub grub-install grub-md5-crypt grub-terminfo gss_clnt_send_err gss_destroy_creds gtar gtbl gtk-query-immodules-2.0 gtk-update-icon-cache gtroff gunzip gunzip gzexe gzip gzip hald hal-device hal-disable-polling hal-find-by-capability hal-find-by-property hal-get-property hal-is-caller-locked-out hal-is-caller-privileged hal-lock hal-set-property hal-setup-keymap halt halt head hexdump hibernate-cleanup.sh host hostid hostname hping hping2 htdbm htdigest HtmlConverter htpasswd httpd httxt2dbm i386 i586-manbo-linux-gnu-gcc i586-manbo-linux-gnu-gcc-4.4.1 i586-mandriva-linux-gnu-gcc i586-mandriva-linux-gnu-gcc-4.4.1 iconv iconvconfig id idlj ifcfg ifconfig ifdown ifenslave ifmetric ifplugd ifplugstatus ifstat ifup igawk inetdconvert infocmp infotocap init initlog insmod install install-info in.tftpd ionice ionice ior-decode-2 ip ip6tables ip6tables-multi ip6tables-restore ip6tables-save ipcalc ipcmk ipcrm ipcs ipmaddr iproute-arpd ipsec iptables iptables-multi iptables-restore iptables-save iptables-xml iptunnel isisd isosize jackd jack_netsource jar jarsigner java javac javadoc javah javap javaws jconsole jdb jhat jinfo jmap join jps jrunscript jsadebugd jstack jstat jstatd jvmjar kbd_mode kbd_mode kbdrate kdeDesktopCleanup keytool kill kill killall killall5 klogd klogd last lastb lastlog lchage lchfn lchsh ld ldap2zone ldapadd ldapcompare ldapdelete ldapexop ldapmodify ldapmodrdn ldappasswd ldapsearch ldapurl ldapwhoami ldattach ldconfig ldd lddlibc4 less lessecho lesskey lesspipe.sh lgroupadd lgroupdel lgroupmod lid linc-cleanup-sockets link linux32 linux64 listhome list_hooks.pl ln lnewusers lnstat loadkeys loadkeys loadunimap locale localedef locale_install.sh locale_uninstall.sh logger logger login login login.krb5 logname logoutd logresolve logresolve.pl logrotate logsave log_server_status look losetup lpasswd ls lsattr lscpu lshal lsmod lspci lspgpot lsusb luseradd luserdel lusermod lwresd lynx lzcat lzcmp lzdiff lzegrep lzfgrep lzgrep lzless lzma lzmadec lzmainfo lzmore mailq make makedev makepqg makewhatis man man2dvi man2html mangle manpath mapscrn marionnet_grab_config mawk mbchk mcookie md5sum mdv-network-event mesg mii-diag mii-tool mingetty mkdict mkdir mke2fs mke3fs mkfifo mkfontdir mkfontscale mkfs mkfs.cramfs mkfs.ext2 mkfs.ext3 mkfs.ext4 mkfs.ext4dev mkfs.minix mkhomedir_helper mklost+found mknod mkswap mktemp mktemp modinfo modprobe mod_ssl-gentestcrt modutil more mount mount.nfs mount.nfs4 mountpoint mozilla-firefox mv named named-bootconf named-checkconf named-checkzone named-compilezone namei nameif nano native2ascii nc ncat ncurses5-config ncursesw5-config ndiff netcat netreport netstat newaliases newgrp newusers nfsddebug nfsdebug nfsstat ngettext nice nisdomainname nl nm nmap nohup nologin nonspr10 nroff nslookup nstat nsupdate objcopy objdump ocspclnt od oidcalc oldfind omshell openssl openvt orbd ospf6d ospfclient ospfd p7content p7env p7sign p7verify pack200 packer pam_console_apply pam_tally2 pam_timestamp_check pango-querymodules-32 partmon partx passwd paste pathchk pcimodules peekfd perl perl5 perl5.10.1 perlbug perlthanks pgawk pgrep pidof pidof ping ping6 pinky pivot_root pk11mode pk12util pkaction pkcheck pkexec pkg-config pkill plainrsa-gen plipconfig pmap pod2html pod2latex pod2man pod2text policytool polkit-action polkit-auth polkit-config-file-validate polkit-policy-file-validate postalias postcat postconf postdrop postfinger postfix postfix-chroot.sh postkick postlock postlog postmap postmulti postqueue postsuper poweroff poweroff pp ppl-config ppp-watch pr prcsys print-cups.sh printenv printf procps3-kill protoize ps psfaddtable psfgettable psfstriptable psfxtable pstree pstree.x11 ptx pulseaudio pwck pwconv pwd pwdx pwunconv pydoc python python2.6 qmqp-sink qmqp-source qshape query-loc queryperf racoon racoonctl ranlib raw rbash rdisc readelf readlink readprofile reboot reboot rebuild-jar-repository rebuild-security-providers red remtest rename renice reset resetall reset_sound reset_sound resize2fs resizecons resolvconf rev ripd ripngd rm rmail rmdir rmic rmid rmiregistry rmmod rmold rmt rmt-tar rnano rndc rndc-confgen rotatelogs route routef routel rpcbind rpcdebug rpcgen rpc.gssd rpc.idmapd rpcinfo rpcinfo rpc.mountd rpc.nfsd rpc.statd rpc.svcgssd rpc.yppasswdd rpc.ypxfrd rpm rpm2cpio rpmdb rpm-find-leaves rpmgraph rpmquery rpmsign rpmverify rsaperf rsync rtacct rtcwake rtkitctl rtmon rtpr rtstat runcon runlevel run-parts rurpme rurpmi s2p safe_finger sash schemagen scp script sdiff sdrtest securetty sed selfserv sendmail sendmail.postfix seq serialver servertool service setarch setfacl setfont setfont setkey setkeycodes setleds setmetamode setpci setsid setsysfont set_tcb setterm sfdisk sftp sg sh sha1sum sha224sum sha256sum sha384sum sha512sum shell-quote shlibsign showconsolefont showkey showmount shred shuf shutdown signtool signver size skill slabtop slapacl slapadd slapauth slapcat slapd slapdn slapindex slappasswd slapschema slaptest slattach sleep sln slogin smicache smidiff smidump smilint smime smiquery smistrip smixlate sm-notify smtp-sink smtp-source snice sort splain split split-logfile sprof ss ssh ssh-add ssh-agent ssh-copy-id sshd ssh-keygen ssh-keyscan ssleay ssltap start-statd start_udev.orig stat stdbuf strings strip strsclnt stty su sudo sudoedit sudoers2ldif sulogin sum supermount swapoff swapon switch_root sxw2txt symkeyutil sync sysctl syslogd syslogd systool sys-unconfig tabs tac tac tail tailf tar tar-backup tar-restore taskset tbl tc tcb_convert tcb_unconvert tcpd tcpdchk tcpdmatch tcpdump tee telinit telnet test tftp tic time timeout tload tnameserv toe top touch tput tr tracepath tracepath6 traceroute6 troff true truncate try-from tset tsort tstclnt ttmkfdir ttmkfdir tty tune2fs tunelp typelib-dump tzselect udevadm udevd udev_import_usermap ul umount umount.hal umount.nfs umount.nfs4 uname unexpand unghostify unicode_start unicode_start unicode_stop unicode_stop uniq unix_chkpwd unix_update unlink unlzma unpack200 unprotoize unxz update-alternatives update-desktop-database update_dhcp.pl update-localtime update-menus update-mime-database update-usbids.sh uptime urpme urpmf urpmi urpmi.addmedia urpmi.removemedia urpmi_rpm-find-leaves urpmi.update urpmq usb-devices usb_id useradd userdel userhelper usermod usernetctl users usleep utempter utmpdump uuidgen vconfig vdir vfychain vfyserv vi vi vigr vim vimdiff vim-enhanced vimtutor vipw visudo vlan-test vmstat volname vpn-start vpn-stop vtysh w wall watch watchquagga wc wget whatis whereis which who whoami wireshark wireshark-root wireshark-root write wsgen wsimport www-browser xargs xdg-desktop-icon xdg-desktop-menu xdg-email xdg-icon-resource xdg_menu xdg-mime xdg-open xdg-screensaver xdg-settings xdg-user-dir xdg-user-dirs-gtk-update xdg-user-dirs-update xinetd xjc xprop xvt xxd xz xzcat xzcmp xzdec xzdiff xzegrep xzfgrep xzgrep xzless xzme xzmore yes ypbind ypcat ypchfn ypchsh ypdomainname ypmatch yppasswd yppoll yppush ypserv ypset yptest ypwhich zcat zcat zcmp zdiff zdump zebra zegrep zfgrep zforce zgrep zic zless zmore znew zonetoldap ././@LongLink0000644000000000000000000000017200000000000011603 Lustar rootrootmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/package_catalog.squeeze.selectionmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/package_cata0000644000175000017500000012025513175722671032361 0ustar lucaslucas#9base PROVIDES: bc dc ed strings DESCRIPTION: Plan 9 userland tools #acl PROVIDES: chacl getfacl setfacl DESCRIPTION: Access control list utilities #acpid PROVIDES: acpid acpi_listen DESCRIPTION: Advanced Configuration and Power Interface event daemon #adjtimex PROVIDES: adjtimex DESCRIPTION: kernel time variables configuration utility #adns-tools PROVIDES: adnsheloex adnshost adnslogres adnsresfilter DESCRIPTION: Asynchronous-capable DNS client library and utilities #apache2.2-common PROVIDES: a2dismod a2dissite a2enmod a2ensite apache2ctl apachectl DESCRIPTION: Apache HTTP Server common files #apache2-dbg PROVIDES: ab checkgid htcacheclean htdbm htdigest htpasswd httxt2dbm logresolve rotatelogs DESCRIPTION: Apache debugging symbols #apache2-mpm-event PROVIDES: apache2 DESCRIPTION: Apache HTTP Server - event driven model #apache2-utils PROVIDES: check_forensic dbmmanage split-logfile DESCRIPTION: utility programs for webservers #aria2 PROVIDES: aria2c DESCRIPTION: High speed download utility #arping PROVIDES: arping DESCRIPTION: sends IP and/or ARP pings (to the MAC address) #arts-dbg PROVIDES: artscat artsd artsplay artsrec artsshell artswrapper DESCRIPTION: debugging symbols for arts #ash PROVIDES: ash DESCRIPTION: compatibility package for dash #aspell PROVIDES: aspell aspell-import precat preunzip prezip prezip-bin run-with-aspell word-list-compress DESCRIPTION: GNU Aspell spell-checker #atftpd PROVIDES: in.tftpd DESCRIPTION: advanced TFTP server #attr PROVIDES: attr getfattr setfattr DESCRIPTION: Utilities for manipulating filesystem extended attributes #autoconf PROVIDES: autoconf autoheader autom4te autoreconf autoscan autoupdate ifnames DESCRIPTION: automatic configure script builder #autopoint PROVIDES: autopoint DESCRIPTION: The autopoint program from GNU gettext #avahi-autoipd PROVIDES: avahi-autoipd DESCRIPTION: Avahi IPv4LL network address configuration daemon #avahi-daemon PROVIDES: avahi-daemon DESCRIPTION: Avahi mDNS/DNS-SD daemon #avahi-dbg PROVIDES: avahi-browse avahi-publish avahi-resolve avahi-set-host-name DESCRIPTION: Avahi - debugging symbols #avahi-utils PROVIDES: avahi-browse-domains avahi-publish-address avahi-publish-service avahi-resolve-address avahi-resolve-host-name DESCRIPTION: Avahi browsing, publishing and discovery utilities #babeld PROVIDES: babeld DESCRIPTION: a loop-free distance-vector routing protocol #beep PROVIDES: beep DESCRIPTION: advanced pc-speaker beeper #bind9 PROVIDES: dnssec-dsfromkey dnssec-keyfromlabel named DESCRIPTION: Internet Domain Name Server #bind9-host PROVIDES: host DESCRIPTION: Version of 'host' bundled with BIND 9.X #bind9utils PROVIDES: dnssec-keygen dnssec-signzone named-checkconf named-checkzone named-compilezone rndc rndc-confgen DESCRIPTION: Utilities for BIND #binutils PROVIDES: addr2line ar as c++filt gprof ld nm objcopy objdump ranlib readelf size strip DESCRIPTION: The GNU assembler, linker and binary utilities #bridge-utils PROVIDES: brctl DESCRIPTION: Utilities for configuring the Linux Ethernet bridge #busybox PROVIDES: busybox DESCRIPTION: Tiny utilities for small and embedded systems #busybox-syslogd PROVIDES: klogd logread syslogd DESCRIPTION: Provides syslogd and klogd using busybox #bzip2 PROVIDES: bunzip2 bzcat bzcmp bzdiff bzegrep bzexe bzfgrep bzgrep bzip2 bzip2recover bzless bzmore DESCRIPTION: high-quality block-sorting file compressor - utilities #camstream PROVIDES: ftpput DESCRIPTION: collection of tools for webcams and other video-devices #cdbs PROVIDES: cdbs-edit-patch DESCRIPTION: common build system for Debian packages #chkconfig PROVIDES: chkconfig DESCRIPTION: system tool to enable or disable system services #cifs-utils PROVIDES: mount.cifs DESCRIPTION: Common Internet File System utilities #citadel-mta PROVIDES: sendmail DESCRIPTION: complete and feature-rich groupware server (mail transport agent) #consolekit PROVIDES: ck-history ck-launch-session ck-list-sessions ck-log-system-restart ck-log-system-start ck-log-system-stop console-kit-daemon DESCRIPTION: framework for defining and tracking users, sessions and seats #console-tools PROVIDES: chvt deallocvt dumpkeys fgconsole getkeycodes kbd_mode kbdrate loadkeys openvt psfaddtable psfgettable psfstriptable setkeycodes setleds setlogcons setmetamode showkey unicode_start unicode_stop DESCRIPTION: Linux console and font utilities #conspy PROVIDES: conspy DESCRIPTION: Remote control of Linux virtual consoles #courier-authdaemon PROVIDES: authdaemond DESCRIPTION: Courier authentication daemon #courier-authlib PROVIDES: authenumerate authpasswd authtest courierlogger DESCRIPTION: Courier authentication library #courier-authlib-dev PROVIDES: courierauthconfig DESCRIPTION: Development libraries for the Courier authentication library #courier-authlib-userdb PROVIDES: makeuserdb pw2userdb userdb userdbpw userdb-test-cram-md5 DESCRIPTION: userdb support for the Courier authentication library #courier-base PROVIDES: courier-config couriertcpd maildiracl maildirkw sharedindexinstall sharedindexsplit testmxlookup DESCRIPTION: Courier mail server - base system #courier-imap PROVIDES: imapd DESCRIPTION: Courier mail server - IMAP server #courier-ldap PROVIDES: courierldapaliasd DESCRIPTION: Courier mail server - LDAP support #courier-maildrop PROVIDES: mailbot maildrop makemime reformail reformime DESCRIPTION: Courier mail server - mail delivery agent #courier-mta PROVIDES: mailq newaliases rmail DESCRIPTION: Courier mail server - ESMTP daemon #courier-ssl PROVIDES: couriertls DESCRIPTION: Courier mail server - SSL/TLS Support #cpp PROVIDES: cpp DESCRIPTION: The GNU C preprocessor (cpp) #cpp-4.1 PROVIDES: cpp-4.1 DESCRIPTION: The GNU C preprocessor #crack PROVIDES: Crack Crack-Reporter DESCRIPTION: Password guessing program #cracklib-runtime PROVIDES: cracklib-check cracklib-format cracklib-packer cracklib-unpacker create-cracklib-dict DESCRIPTION: runtime support for password checker library cracklib2 #cramfsprogs PROVIDES: cramfsck mkcramfs DESCRIPTION: Tools for CramFs (Compressed ROM File System) #cryptsetup PROVIDES: cryptsetup DESCRIPTION: configures encrypted block devices #cups-bsd PROVIDES: lpq lpr DESCRIPTION: Common UNIX Printing System(tm) - BSD commands #curlftpfs PROVIDES: curlftpfs DESCRIPTION: filesystem to access FTP hosts based on FUSE and cURL #cyrus-sasl2-dbg PROVIDES: saslauthd sasldblistusers2 saslpasswd2 testsaslauthd DESCRIPTION: Cyrus SASL - debugging symbols #daemontools PROVIDES: envdir envuidgid setuidgid softlimit DESCRIPTION: a collection of tools for managing UNIX services #dbus PROVIDES: dbus-cleanup-sockets dbus-daemon dbus-monitor dbus-send dbus-uuidgen DESCRIPTION: simple interprocess messaging system #dbus-1-dbg PROVIDES: dbus-launch DESCRIPTION: simple interprocess messaging system (debug symbols) #debhelper PROVIDES: dh_builddeb dh_clean dh_compress dh_desktop dh_fixperms dh_gconf dh_gencontrol dh_icons dh_install dh_installcatalogs dh_installchangelogs dh_installcron dh_installdeb dh_installdebconf dh_installdirs dh_installdocs dh_installemacsen dh_installexamples dh_installifupdown dh_installinfo dh_installinit dh_installlogcheck dh_installlogrotate dh_installman dh_installmanpages dh_installmenu dh_installmime dh_installmodules dh_installpam dh_installppp dh_installudev dh_installwm dh_installxfonts dh_link dh_listpackages dh_makeshlibs dh_md5sums dh_movefiles dh_perl dh_python dh_scrollkeeper dh_shlibdeps dh_strip dh_suidregister dh_testdir dh_testroot dh_undocumented dh_usrlocal DESCRIPTION: helper programs for debian/rules #defoma PROVIDES: defoma defoma-hints defoma-reconfigure dh_installdefoma DESCRIPTION: Debian Font Manager -- automatic font configuration framework #desktop-file-utils PROVIDES: desktop-file-install desktop-file-validate update-desktop-database DESCRIPTION: Utilities for .desktop files #dh-ocaml PROVIDES: dh_ocaml ocaml-md5sums DESCRIPTION: helper tools for maintaining OCaml-related Debian packages #dictionaries-common PROVIDES: aspell-autobuildhash ispell-autobuildhash ispell-wrapper remove-default-ispell remove-default-wordlist select-default-ispell select-default-iwrap select-default-wordlist update-default-ispell update-default-wordlist update-dictcommon-aspell update-openoffice-dicts DESCRIPTION: Common utilities for spelling dictionary tools #dietlibc-dev PROVIDES: dnsd DESCRIPTION: diet libc - a libc optimized for small size #dmsetup PROVIDES: dmsetup DESCRIPTION: The Linux Kernel Device Mapper userspace library #dnsutils PROVIDES: dig nslookup nsupdate DESCRIPTION: Clients provided with BIND #dos2unix PROVIDES: dos2unix unix2dos DESCRIPTION: convert text file line endings between CRLF and LF #dosfstools PROVIDES: mkdosfs mkfs.vfat DESCRIPTION: utilities for making and checking MS-DOS FAT filesystems #dropbear PROVIDES: dbclient dropbear dropbearkey DESCRIPTION: lightweight SSH2 server and client #dselect PROVIDES: dselect DESCRIPTION: Debian package management front-end #e2fsck-static PROVIDES: e2fsck.static DESCRIPTION: statically-linked version of the ext2/ext3/ext4 filesystem checker #ed PROVIDES: red DESCRIPTION: The classic UNIX line editor #eject PROVIDES: eject volname DESCRIPTION: ejects CDs and operates CD-Changers under Linux #emboss PROVIDES: digest DESCRIPTION: the european molecular biology open software suite #esound PROVIDES: esd DESCRIPTION: Enlightened Sound Daemon - Support binaries #esound-clients PROVIDES: esdcat esdctl esddsp esdfilt esdloop esdmon esdplay esdrec esdsample DESCRIPTION: Enlightened Sound Daemon - clients #ethtool PROVIDES: ethtool DESCRIPTION: display or change Ethernet device settings #ettercap PROVIDES: ettercap DESCRIPTION: Multipurpose sniffer/interceptor/logger for switched LAN #ettercap-common PROVIDES: etterfilter etterlog DESCRIPTION: Common support files and plugins for ettercap #exo-utils PROVIDES: exo-csource exo-desktop-item-edit exo-mount exo-open exo-preferred-applications DESCRIPTION: Utility files for libexo #exuberant-ctags PROVIDES: ctags-exuberant DESCRIPTION: build tag file indexes of source code definitions #fam PROVIDES: famd DESCRIPTION: File Alteration Monitor #fbset PROVIDES: fbset DESCRIPTION: framebuffer device maintenance program #fdflush PROVIDES: fdflush DESCRIPTION: Flush out-of-date disk buffers #file PROVIDES: file DESCRIPTION: Determines file type using "magic" numbers #finger PROVIDES: finger DESCRIPTION: user information lookup program #flex PROVIDES: flex++ DESCRIPTION: A fast lexical analyzer generator. #fontconfig PROVIDES: fc-cache fc-cat fc-list fc-match fc-query fc-scan DESCRIPTION: generic font configuration library - support binaries #fortune-mod PROVIDES: strfile unstr DESCRIPTION: provides fortune cookies on demand #ftp PROVIDES: netkit-ftp DESCRIPTION: The FTP client #fuse-utils PROVIDES: fusermount DESCRIPTION: Filesystem in USErspace (utilities) #fvwm PROVIDES: fvwm2 fvwm-bug FvwmCommand fvwm-config fvwm-convert-2.4 fvwm-convert-2.6 fvwm-menu-desktop fvwm-menu-directory fvwm-menu-headlines fvwm-menu-xlock fvwm-perllib fvwm-root DESCRIPTION: F(?) Virtual Window Manager #gawk PROVIDES: gawk igawk pgawk DESCRIPTION: GNU awk, a pattern scanning and processing language #gcc PROVIDES: c89-gcc c99-gcc gcc gcov DESCRIPTION: The GNU C compiler #gcc-4.1 PROVIDES: gcc-4.1 gccbug-4.1 gcov-4.1 DESCRIPTION: The GNU C compiler #gcj-4.4-jdk PROVIDES: appletviewer jar jarsigner javac javadoc javah jdb native2ascii rmic serialver DESCRIPTION: gcj and classpath development tools for Java(TM) #gcj-4.4-jre-headless PROVIDES: java keytool orbd rmid rmiregistry tnameserv DESCRIPTION: Java runtime environment using GIJ/classpath (headless version) #gconf2 PROVIDES: gconf-merge-tree gconf-schemas gconftool-2 update-gconf-defaults DESCRIPTION: GNOME configuration database system (support tools) #gdb PROVIDES: gcore gdb gdbtui DESCRIPTION: The GNU Debugger #gdbserver PROVIDES: gdbserver DESCRIPTION: The GNU Debugger (remote server) #gettext PROVIDES: gettextize msgattrib msgcat msgcmp msgcomm msgconv msgen msgexec msgfilter msgfmt msggrep msginit msgmerge msgunfmt msguniq recode-sr-latin xgettext DESCRIPTION: GNU Internationalization utilities #gettext-base PROVIDES: envsubst gettext gettext.sh ngettext DESCRIPTION: GNU Internationalization utilities for the base system #ghdl PROVIDES: gccbug DESCRIPTION: VHDL compiler/simulator using GCC technology #ghostscript PROVIDES: bdftops dumphint dvipdf eps2eps font2c gsbj gsdj gsdj500 gslj gslp gsnd pdf2dsc pdf2ps pdfopt pf2afm pfbtopfa pphs printafm ps2ascii ps2epsi ps2pdf12 ps2pdf13 ps2pdf14 ps2pdfwr ps2ps ps2ps2 wftopfa DESCRIPTION: The GPL Ghostscript PostScript/PDF interpreter #gksu PROVIDES: gksu DESCRIPTION: graphical frontend to su #gnome-keyring PROVIDES: gnome-keyring-daemon DESCRIPTION: GNOME keyring services (daemon and tools) #gnutls-bin PROVIDES: certtool gnutls-cli gnutls-cli-debug gnutls-serv psktool srptool DESCRIPTION: the GNU TLS library - commandline utilities #gosa-dev PROVIDES: update-locale DESCRIPTION: GOsa? development utilities #grub-coreboot PROVIDES: grub-install grub-reboot grub-set-default update-grub DESCRIPTION: GRand Unified Bootloader, version 2 (Coreboot version) #grub-legacy PROVIDES: grub grub-floppy grub-md5-crypt grub-terminfo mbchk mkbimage DESCRIPTION: GRand Unified Bootloader (Legacy version) #gv PROVIDES: gv DESCRIPTION: PostScript and PDF viewer for X #hal PROVIDES: hald hal-device hal-disable-polling hal-find-by-capability hal-find-by-property hal-get-property hal-is-caller-locked-out hal-lock hal-set-property lshal umount.hal DESCRIPTION: Hardware Abstraction Layer #hardening-wrapper PROVIDES: gcc-4.2 DESCRIPTION: Compiler wrapper to enable security hardening flags #hdparm PROVIDES: hdparm DESCRIPTION: tune hard disk parameters for high performance #heimdal-clients PROVIDES: kadmin kdestroy kinit klist kpasswd ksu ktutil DESCRIPTION: Heimdal Kerberos - clients #heimdal-dev PROVIDES: krb5-config DESCRIPTION: Heimdal Kerberos - development files #html2text PROVIDES: html2text DESCRIPTION: advanced HTML to text converter #htop PROVIDES: htop DESCRIPTION: interactive processes viewer #icecc PROVIDES: cc DESCRIPTION: distributed compiler (client and server) #iceweasel PROVIDES: firefox DESCRIPTION: Web browser based on Firefox #id-utils PROVIDES: lid DESCRIPTION: Fast, high-capacity, identifier database tool #ifmetric PROVIDES: ifmetric DESCRIPTION: Set routing metrics for a network interface #ifplugd PROVIDES: ifplugd ifplugstatus DESCRIPTION: configuration daemon for ethernet devices #ifstat PROVIDES: ifstat DESCRIPTION: InterFace STATistics Monitoring #inetutils-ftpd PROVIDES: ftpd DESCRIPTION: File Transfer Protocol server #inetutils-telnet PROVIDES: inetutils-telnet DESCRIPTION: telnet client #inetutils-telnetd PROVIDES: telnetd DESCRIPTION: telnet server #inetutils-tools PROVIDES: inetutils-ifconfig DESCRIPTION: base networking utilities (experimental package) #initramfs-tools PROVIDES: mkinitramfs mkinitramfs-kpkg update-initramfs DESCRIPTION: tools for generating an initramfs #installation-report PROVIDES: report-hw DESCRIPTION: system installation report #ipcalc PROVIDES: ipcalc DESCRIPTION: parameter calculator for IPv4 addresses #ipsec-tools PROVIDES: setkey DESCRIPTION: IPsec tools for Linux #ipsvd PROVIDES: tcpsvd udpsvd DESCRIPTION: Internet protocol service daemons #iputils-clockdiff PROVIDES: clockdiff DESCRIPTION: Measure the time difference between networked computers #iputils-tracepath PROVIDES: tracepath tracepath6 DESCRIPTION: Tools to trace the network path to a remote host #isc-dhcp-relay PROVIDES: dhcrelay DESCRIPTION: ISC DHCP relay daemon #isc-dhcp-server PROVIDES: dhcpd DESCRIPTION: ISC DHCP server for automatic IP address assignment #ispell PROVIDES: buildhash findaffix icombine ijoin ispell munchlist sq tryaffix unsq update-ispell-dictionary DESCRIPTION: International Ispell (an interactive spelling corrector) #jackd1 PROVIDES: alsa_in alsa_out jack_alias jack_bufsize jack_connect jackd jack_disconnect jack_evmon jack_freewheel jack_impulse_grabber jack_load jack_lsp jack_metro jack_midiseq jack_midisine jack_monitor_client jack_netsource jackrec jack_showtime jack_simple_client jack_transport jack_unload DESCRIPTION: JACK Audio Connection Kit (server and example clients) #joe PROVIDES: joe DESCRIPTION: user friendly full screen text editor #john PROVIDES: john mailer DESCRIPTION: active password cracking tool #kate PROVIDES: kate DESCRIPTION: K Advanced Text Editor #kbd PROVIDES: loadunimap mapscrn psfxtable resizecons setfont showconsolefont DESCRIPTION: Linux console font and keytable utilities #kdebase-dbg PROVIDES: kwrite DESCRIPTION: debugging symbols for the KDE base applications module #kdelibs4c2a PROVIDES: fileshareset imagetops DESCRIPTION: core libraries and binaries for all KDE applications #kdelibs-dbg PROVIDES: artsmessage cupsdconf cupsdoprint dcop dcopclient dcopfind dcopobject dcopquit dcopref dcopserver dcopserver_shutdown dcopstart kab2kabc kaddprinterwizard kbuildsycoca kcmshell kconf_update kcookiejar kde-config kded kdeinit kdeinit_shutdown kdeinit_wrapper kde-menu kdesu_stub kdontchangethehostname kdostartupconfig kfile kgrantpty khotnewstuff kinstalltheme kioexec kio_http_cache_cleaner kioslave kio_uiserver klauncher kmailservice kpac_dhcp_helper ksendbugmail kshell kstartupconfig ktelnetservice ktradertest kwrapper lnusertemp make_driver_db_cups make_driver_db_lpr meinproc start_kdeinit start_kdeinit_wrapper DESCRIPTION: debugging symbols for kdelibs #krb5-admin-server PROVIDES: kadmind kadmin.local kprop DESCRIPTION: MIT Kerberos master server (kadmind) #krb5-clients PROVIDES: telnet.krb5 DESCRIPTION: Secure replacements for ftp, telnet and rsh using MIT Kerberos #krb5-kdc PROVIDES: kdb5_util kpropd krb5kdc DESCRIPTION: MIT Kerberos key server (KDC) #krb5-kdc-ldap PROVIDES: kdb5_ldap_util DESCRIPTION: MIT Kerberos key server (KDC) LDAP plugin #krb5-rsh-server PROVIDES: klogind kshd login.krb5 DESCRIPTION: Secure replacements for rshd and rlogind using MIT Kerberos #krb5-user PROVIDES: k5srvutil kvno DESCRIPTION: Basic programs to authenticate using MIT Kerberos #laptop-detect PROVIDES: laptop-detect DESCRIPTION: attempt to detect a laptop #ldap2zone PROVIDES: ldap2zone DESCRIPTION: Extract DNS zones from LDAP trees #ldap-utils PROVIDES: ldapadd ldapcompare ldapdelete ldapexop ldapmodify ldapmodrdn ldappasswd ldapsearch ldapurl ldapwhoami DESCRIPTION: OpenLDAP utilities #less PROVIDES: less lessecho lesskey lesspipe DESCRIPTION: pager program similar to more #libarts1c2a PROVIDES: artsdsp DESCRIPTION: aRts sound system core components #libbonobo2-bin PROVIDES: activation-client bonobo-activation-sysconf bonobo-slay echo-client-2 DESCRIPTION: Bonobo CORBA interfaces library -- support binaries #libc-dev-bin PROVIDES: gencat mtrace rpcgen sprof DESCRIPTION: Embedded GNU C Library: Development binaries #libcroco3 PROVIDES: csslint-0.6 DESCRIPTION: a generic Cascading Style Sheet (CSS) parsing and manipulation toolkit #libdb1-compat PROVIDES: db_dump185 DESCRIPTION: The Berkeley database routines [glibc 2.0/2.1 compatibility] #libfreetype6-dev PROVIDES: freetype-config DESCRIPTION: FreeType 2 font engine, development files #libfribidi0 PROVIDES: fribidi DESCRIPTION: Free Implementation of the Unicode BiDi algorithm #libgcj-common PROVIDES: rebuild-security-providers DESCRIPTION: Java runtime library (common files) #libgksu2-0 PROVIDES: gksu-properties DESCRIPTION: library providing su and sudo functionality #libglib2.0-0-dbg PROVIDES: glib-genmarshal gobject-query DESCRIPTION: The GLib libraries and debugging symbols #libglib2.0-dev PROVIDES: glib-gettextize glib-mkenums DESCRIPTION: Development files for the GLib library #libgnome2-0 PROVIDES: gnome-open DESCRIPTION: The GNOME library - runtime files #libgnomevfs2-0-dbg PROVIDES: gnomevfs-cat gnomevfs-copy gnomevfs-df gnomevfs-info gnomevfs-ls gnomevfs-mkdir gnomevfs-monitor gnomevfs-mv gnomevfs-rm DESCRIPTION: GNOME Virtual File System (debugging libraries) #libgpg-error-dev PROVIDES: gpg-error DESCRIPTION: library for common error values and messages in GnuPG components #libgtk2.0-0-dbg PROVIDES: gdk-pixbuf-csource DESCRIPTION: The GTK+ libraries and debugging symbols #libgtk2.0-bin PROVIDES: gdk-pixbuf-query-loaders gtk-query-immodules-2.0 gtk-update-icon-cache update-icon-caches DESCRIPTION: The programs for the GTK+ graphical user interface library #libgtk2.0-dev PROVIDES: dh_gtkmodules gtk-builder-convert DESCRIPTION: Development files for the GTK+ library #libjpeg-progs PROVIDES: cjpeg djpeg exifautotran jpegexiforient jpegtran rdjpgcom wrjpgcom DESCRIPTION: Programs for manipulating JPEG files #liblockfile1 PROVIDES: dotlockfile DESCRIPTION: NFS-safe locking library, includes dotlockfile program #libmysqlclient-dev PROVIDES: mysql_config DESCRIPTION: MySQL database development files #libnss3-1d-dbg PROVIDES: certutil cmsutil crlutil modutil pk12util shlibsign signtool signver ssltap DESCRIPTION: Debugging symbols for the Network Security Service libraries #libpango1.0-0-dbg PROVIDES: pango-querymodules pango-view DESCRIPTION: The Pango library and debugging symbols #libpango1.0-common PROVIDES: update-pangox-aliases DESCRIPTION: Modules and configuration files for the Pango #libpango1.0-dev PROVIDES: dh_pangomodules DESCRIPTION: Development files for the Pango #libpaper-utils PROVIDES: paperconf paperconfig DESCRIPTION: library for handling paper characteristics (utilities) #libpcre3 PROVIDES: pcretest DESCRIPTION: Perl 5 Compatible Regular Expression Library - runtime files #libpcre3-dbg PROVIDES: pcregrep DESCRIPTION: Perl 5 Compatible Regular Expression Library - debug symbols #libpcre3-dev PROVIDES: pcre-config DESCRIPTION: Perl 5 Compatible Regular Expression Library - development files #libpng12-dev PROVIDES: libpng12-config DESCRIPTION: PNG library - development #libppl0.10-dev PROVIDES: ppl-config DESCRIPTION: Parma Polyhedra Library (development) #librep-dbg PROVIDES: rep rep-remote DESCRIPTION: debug symbols for librep #librpm-dbg PROVIDES: rpm rpm2cpio rpmgraph DESCRIPTION: debugging symbols for RPM #libruby1.8-dbg PROVIDES: ruby1.8 DESCRIPTION: Debugging symbols for Ruby 1.8 #libsmi2-dbg PROVIDES: smidiff smidump smilint smiquery smixlate DESCRIPTION: library to access SMI MIB information - debugging symbols #libsmi2ldbl PROVIDES: smicache DESCRIPTION: library to access SMI MIB information #libsnmp15 PROVIDES: net-snmp-config DESCRIPTION: SNMP (Simple Network Management Protocol) library #libtool PROVIDES: libtool libtoolize DESCRIPTION: Generic library support script #libxfce4util-bin PROVIDES: xfce4-kiosk-query DESCRIPTION: tools for libxfce4util #libxft-dev PROVIDES: xft-config DESCRIPTION: FreeType-based font drawing library for X (development files) #libxt-dev PROVIDES: makestrs DESCRIPTION: X11 toolkit intrinsics library (development headers) #lighttpd PROVIDES: lighttpd lighttpd-angel DESCRIPTION: A fast webserver with minimal memory footprint #links PROVIDES: links DESCRIPTION: Web browser running in text mode #links2 PROVIDES: links2 xlinks2 DESCRIPTION: Web browser running in both graphics and text mode #loadlin PROVIDES: freeramdisk DESCRIPTION: a loader (running under DOS) for LINUX kernel images #locales PROVIDES: locale-gen validlocale DESCRIPTION: Embedded GNU C Library: National Language (locale) data [support] #lpr PROVIDES: lpd DESCRIPTION: BSD lpr/lpd line printer spooling system #lrzsz PROVIDES: rx DESCRIPTION: Tools for zmodem/xmodem/ymodem file transfer #lsof PROVIDES: lsof DESCRIPTION: List open files #lwresd PROVIDES: lwresd DESCRIPTION: Lightweight Resolver Daemon #lzma PROVIDES: lzcat lzma unlzma DESCRIPTION: Compression method of 7z format in 7-Zip program #lzma-alone PROVIDES: lzma_alone DESCRIPTION: Compression method of 7z format in 7-Zip program #lzop PROVIDES: lzop DESCRIPTION: fast compression program #m4 PROVIDES: m4 DESCRIPTION: a macro processing language #make PROVIDES: make DESCRIPTION: An utility for Directing compilation. #makedev PROVIDES: MAKEDEV DESCRIPTION: creates device files in /dev #man2html PROVIDES: man2html DESCRIPTION: browse man pages in your web browser #menu PROVIDES: install-menu su-to-root update-menus DESCRIPTION: generates programs menu for all menu-aware applications #microcom PROVIDES: microcom DESCRIPTION: minimalistic terminal program #mii-diag PROVIDES: mii-diag DESCRIPTION: A little tool to manipulate network cards #mime-support PROVIDES: run-mailcap update-mime DESCRIPTION: MIME files 'mime.types' & 'mailcap', and support programs #mingetty PROVIDES: mingetty DESCRIPTION: Console-only getty #mingw32-ocaml PROVIDES: ocamlc ocamlcp ocamldep ocamlmklib ocamlmktop ocamlopt ocamlprof ocamlrun DESCRIPTION: OCaml cross-compiler based on mingw32 #mpack PROVIDES: mpack munpack DESCRIPTION: tools for encoding/decoding MIME messages #mtd-utils PROVIDES: nanddump nandwrite ubiattach ubidetach ubimkvol ubirmvol ubiupdatevol DESCRIPTION: Memory Technology Device Utilities #mtools PROVIDES: amuFormat.sh mcheck mcomp mkmanifest mtools mxtar tgz uz DESCRIPTION: Tools for manipulating MSDOS files #mtr PROVIDES: mtr DESCRIPTION: Full screen ncurses and X11 traceroute tool #muddleftpd PROVIDES: ftpwho DESCRIPTION: A flexible and efficient FTP daemon #mysql-client-5.1 PROVIDES: innochecksum myisam_ftdump my_print_defaults mysql mysqlaccess mysqladmin mysqlbug mysqlcheck mysql_client_test mysqldump mysqldumpslow mysql_find_rows mysql_fix_extensions mysqlimport mysqlmanager mysqlshow mysql_waitpid perror DESCRIPTION: MySQL database client binaries #mysql-server-5.1 PROVIDES: msql2mysql myisamchk myisamlog myisampack mysqlbinlog mysql_convert_table_format mysqld_multi mysqld_safe mysql_fix_privilege_tables mysqlhotcopy mysql_install_db mysql_secure_installation mysql_setpermission mysqltest mysql_tzinfo_to_sql mysql_upgrade mysql_zap replace resolveip resolve_stack_dump DESCRIPTION: MySQL database server binaries and system database setup #mysql-server-core-5.1 PROVIDES: mysqld DESCRIPTION: MySQL database server binaries #nast PROVIDES: nast DESCRIPTION: packet sniffer and lan analyzer #nbd-client PROVIDES: nbd-client DESCRIPTION: Network Block Device protocol - client #ncftp PROVIDES: ncftpbatch ncftpget ncftpls ncftpput ncftpspooler DESCRIPTION: A user-friendly and well-featured FTP client #netatalk PROVIDES: adv1tov2 aecho afpd afpd-mtab.pl apple_chfile apple_cp apple_file apple_mv apple_rm asip-status.pl atalkd cnid2_create cnid_dbd cnid_metad getzones lp2pap.sh macusers megatron nbplkup nbprgstr nbpunrgstr netatalk-uniconv pap papd papstatus psorder showppd timelord DESCRIPTION: AppleTalk user binaries #nfs-common PROVIDES: gss_clnt_send_err gss_destroy_creds mount.nfs mount.nfs4 nfsstat rpcdebug rpc.gssd rpc.idmapd rpc.statd showmount sm-notify umount.nfs umount.nfs4 DESCRIPTION: NFS support files common to client and server #nfs-kernel-server PROVIDES: exportfs rpc.mountd rpc.nfsd rpc.svcgssd DESCRIPTION: support for NFS kernel server #nis PROVIDES: rpc.yppasswdd rpc.ypxfrd ypbind ypcat ypchfn ypchsh ypmatch yppasswd yppoll yppush ypserv ypserv_test ypset yptest ypwhich DESCRIPTION: clients and daemons for the Network Information Service (NIS) #nmap PROVIDES: ncat ndiff nmap DESCRIPTION: The Network Mapper #ntp PROVIDES: ntpd ntpdc ntp-keygen ntpq ntptime ntptrace ntp-wait tickadj DESCRIPTION: Network Time Protocol daemon and utility programs #ntpdate PROVIDES: ntpdate DESCRIPTION: client for setting system time from NTP servers #ocaml PROVIDES: labltk ocamlbrowser DESCRIPTION: ML language implementation with a class-based object system #ocaml-interp PROVIDES: ocaml DESCRIPTION: OCaml interactive interpreter and standard libraries #ocaml-nox PROVIDES: ocamlbuild.byte ocamlbuild.native ocamldebug ocamldoc ocamldumpobj ocamllex ocamlobjinfo ocamlyacc DESCRIPTION: ML implementation with a class-based object system (no X) #odt2txt PROVIDES: sxw2txt DESCRIPTION: simple converter from OpenDocument Text to plain text #omniidl PROVIDES: omnicpp omniidl DESCRIPTION: omniORB IDL to C++ and Python compiler #openbsd-inetd PROVIDES: inetd DESCRIPTION: The OpenBSD Internet Superserver #openjdk-6-dbg PROVIDES: apt extcheck idlj javap jconsole jhat jinfo jmap jps jrunscript jsadebugd jstack jstat jstatd pack200 policytool schemagen servertool unpack200 wsgen wsimport xjc DESCRIPTION: Java runtime based on OpenJDK (debugging symbols) #openjdk-6-jre PROVIDES: javaws DESCRIPTION: OpenJDK Java runtime, using Hotspot JIT #openssh-client PROVIDES: scp sftp slogin ssh ssh-add ssh-agent ssh-argv0 ssh-copy-id ssh-keygen ssh-keyscan DESCRIPTION: secure shell (SSH) client, for secure access to remote machines #openssh-server PROVIDES: sshd DESCRIPTION: secure shell (SSH) server, for secure access from remote machines #openswan PROVIDES: ipsec DESCRIPTION: Internet Key Exchange daemon #orbit2 PROVIDES: ior-decode-2 linc-cleanup-sockets typelib-dump DESCRIPTION: a CORBA ORB #patch PROVIDES: patch DESCRIPTION: Apply a diff file to an original #pciutils PROVIDES: lspci pcimodules setpci update-pciids DESCRIPTION: Linux PCI Utilities #pidentd PROVIDES: identd ikeygen DESCRIPTION: TCP/IP IDENT protocol server with DES support #pkg-config PROVIDES: pkg-config DESCRIPTION: manage compile and link flags for libraries #policycoreutils PROVIDES: audit2allow audit2why chcat fixfiles genhomedircon load_policy newrole open_init_pty restorecon run_init secon se_dpkg semanage semodule semodule_deps semodule_expand semodule_link semodule_package sepolgen-ifgen sestatus setfiles setsebool DESCRIPTION: SELinux core policy utilities #policykit-1 PROVIDES: pkaction pkcheck pkexec DESCRIPTION: framework for managing administrative policies and privileges #portmap PROVIDES: pmap_dump pmap_set portmap DESCRIPTION: RPC port mapper #postfix PROVIDES: postalias postcat postconf postdrop postfix postkick postlock postlog postmap postmulti postqueue postsuper qmqp-sink qmqp-source qshape smtp-sink smtp-source DESCRIPTION: High-performance mail transport agent #powertop PROVIDES: powertop DESCRIPTION: Linux tool to find out what is using power on a laptop #ppp PROVIDES: chat DESCRIPTION: Point-to-Point Protocol (PPP) - daemon #proftpd-basic PROVIDES: ftpcount ftpdctl ftpshut ftptop proftpd DESCRIPTION: Versatile, virtual-hosting FTP daemon - binaries #protoize PROVIDES: protoize unprotoize DESCRIPTION: Create/remove ANSI prototypes from C code #pscan PROVIDES: pscan DESCRIPTION: Format string security checker for C files #psfontmgr PROVIDES: defoma-psfont-installer DESCRIPTION: PostScript font manager -- part of Defoma, Debian Font Manager #psmisc PROVIDES: fuser killall peekfd pstree pstree.x11 DESCRIPTION: utilities that use the proc file system #pulseaudio PROVIDES: pulseaudio DESCRIPTION: PulseAudio sound server #pulseaudio-esound-compat PROVIDES: esdcompat DESCRIPTION: PulseAudio ESD compatibility layer #python PROVIDES: 2to3 pydoc DESCRIPTION: interactive high-level object-oriented language (default version) #python2.6-dbg PROVIDES: python2.6 DESCRIPTION: Debug Build of the Python Interpreter (version 2.6) #python-central PROVIDES: dh_pycentral pycentral py_compilefiles DESCRIPTION: register and build utility for Python packages #python-minimal PROVIDES: python DESCRIPTION: minimal subset of the Python language (default version) #python-support PROVIDES: dh_pysupport update-python-modules DESCRIPTION: automated rebuilding support for Python modules #quagga PROVIDES: vtysh DESCRIPTION: BGP/OSPF/RIP routing daemon #racoon PROVIDES: plainrsa-gen racoon racoonctl DESCRIPTION: IPsec IKE keying daemon #radvd PROVIDES: radvd radvdump DESCRIPTION: Router Advertisement Daemon #rdate PROVIDES: rdate DESCRIPTION: sets the system's date from a remote host #readahead-fedora PROVIDES: readahead DESCRIPTION: Fedora's implementation of readahead to preload boot process files #reportbug PROVIDES: querybts reportbug DESCRIPTION: reports bugs in the Debian distribution #resolvconf PROVIDES: resolvconf DESCRIPTION: name server information handler #rlinetd PROVIDES: update-inetd DESCRIPTION: gruesomely over-featured inetd replacement #roxterm PROVIDES: roxterm roxterm-config DESCRIPTION: Multi-tabbed GTK/VTE terminal emulator #rpcbind PROVIDES: rpcbind DESCRIPTION: converts RPC program numbers into universal addresses #rpm PROVIDES: gendiff rpmdb rpmquery rpmsign rpmverify DESCRIPTION: package manager for RPM #rsync PROVIDES: rsync DESCRIPTION: fast remote file copy program (like rcp) #ruby1.8 PROVIDES: erb1.8 testrb1.8 DESCRIPTION: Interpreter of object-oriented scripting language Ruby 1.8 #runit PROVIDES: chpst runsv runsvdir sv svlogd DESCRIPTION: system-wide service supervision #rxvt PROVIDES: rclock rxvt-xpm rxvt-xterm DESCRIPTION: VT102 terminal emulator for the X Window System #samba-common-bin PROVIDES: smbpasswd DESCRIPTION: common files used by both the Samba server and client #sash PROVIDES: sash DESCRIPTION: Stand-alone shell #sawfish PROVIDES: sawfish sawfish-client sawfish-ui DESCRIPTION: a window manager for X11 #setserial PROVIDES: setserial DESCRIPTION: controls configuration of serial ports #sgml-base PROVIDES: install-sgmlcatalog update-catalog DESCRIPTION: SGML infrastructure and SGML catalog file support #sharutils PROVIDES: compress-dummy mail-files mailshar remsync shar unshar uudecode uuencode DESCRIPTION: shar, unshar, uuencode, uudecode #slapd PROVIDES: slapacl slapadd slapauth slapcat slapd slapdn slapindex slappasswd slaptest DESCRIPTION: OpenLDAP server (slapd) #smbfs PROVIDES: mount.smbfs DESCRIPTION: Common Internet File System utilities - compatibility package #smistrip PROVIDES: smistrip DESCRIPTION: extract MIB from text files like RFC #snacc PROVIDES: berdecode mkchdr ptbl pval snacc snacc-config DESCRIPTION: ASN.1 to C or C++ or IDL compiler #snmp PROVIDES: encode_keychange snmpbulkget snmpbulkwalk snmpdelta snmpdf snmpget snmpgetnext snmpinform snmpnetstat snmpset snmpstatus snmptable snmptest snmptranslate snmptrap snmpusm snmpvacm snmpwalk DESCRIPTION: SNMP (Simple Network Management Protocol) applications #snmpd PROVIDES: snmpd snmptrapd DESCRIPTION: SNMP (Simple Network Management Protocol) agents #socat PROVIDES: filan procan socat DESCRIPTION: multipurpose relay for bidirectional data transfer #sshfs PROVIDES: sshfs DESCRIPTION: filesystem client based on SSH File Transfer Protocol #ssl-cert PROVIDES: make-ssl-cert DESCRIPTION: simple debconf wrapper for OpenSSL #strace PROVIDES: strace DESCRIPTION: A system call tracer #sudo PROVIDES: sudo sudoedit sudoreplay visudo DESCRIPTION: Provide limited super user privileges to specific users #sysfsutils PROVIDES: systool DESCRIPTION: sysfs query tool and boot-time setup #sysklogd PROVIDES: syslogd-listfiles syslog-facility DESCRIPTION: System Logging Daemon #sysstat PROVIDES: iostat mpstat DESCRIPTION: system performance tools for Linux #tack PROVIDES: tack DESCRIPTION: terminfo action checker #tcl8.4 PROVIDES: tclsh8.4 DESCRIPTION: Tcl (the Tool Command Language) v8.4 - run-time files #tcm PROVIDES: tcpd DESCRIPTION: Toolkit for Conceptual Modeling (TCM) #tcpd PROVIDES: safe_finger tcpdchk tcpdmatch try-from DESCRIPTION: Wietse Venema's TCP wrapper utilities #tcpdump PROVIDES: tcpdump DESCRIPTION: A powerful tool for network monitoring and data acquisition #tcsh PROVIDES: tcsh DESCRIPTION: TENEX C Shell, an enhanced version of Berkeley csh #telnet PROVIDES: telnet.netkit DESCRIPTION: The telnet client #texinfo PROVIDES: makeinfo texi2dvi texi2pdf texindex DESCRIPTION: Documentation system for on-line information and printed output #tftp PROVIDES: tftp DESCRIPTION: Trivial file transfer protocol client #thunar PROVIDES: Thunar DESCRIPTION: File Manager for Xfce #time PROVIDES: time DESCRIPTION: The GNU time program for measuring cpu resource usage #tk8.4 PROVIDES: wish8.4 DESCRIPTION: Tk toolkit for Tcl and X11, v8.4 - run-time files #tshark PROVIDES: tshark DESCRIPTION: network traffic analyzer - console version #ucf PROVIDES: lcf ucf ucfq ucfr DESCRIPTION: Update Configuration File: preserve user changes to config files. #udev PROVIDES: udevadm udevd DESCRIPTION: /dev/ and hotplug management daemon #udhcpc PROVIDES: udhcpc DESCRIPTION: Provides the busybox DHCP client implementation #udhcpd PROVIDES: dumpleases udhcpd DESCRIPTION: Provides the busybox DHCP server implementation #uml-utilities PROVIDES: tunctl DESCRIPTION: User-mode Linux (utility programs) #unzip PROVIDES: unzip DESCRIPTION: De-archiver for .zip files #usbutils PROVIDES: lsusb update-usbids usb-devices DESCRIPTION: Linux USB utilities #uuid-runtime PROVIDES: uuidgen DESCRIPTION: runtime components for the Universally Unique ID library #vim PROVIDES: vim.basic DESCRIPTION: Vi IMproved - enhanced vi editor #vim-addon-manager PROVIDES: vim-addons DESCRIPTION: manager of addons for the Vim editor #vim-runtime PROVIDES: vimtutor DESCRIPTION: Vi IMproved - Runtime files #vim-scripts PROVIDES: dtd2vim vimplate DESCRIPTION: plugins for vim, adding bells and whistles #vlan PROVIDES: vconfig DESCRIPTION: user mode programs to enable VLANs on your ethernet devices #vlock PROVIDES: vlock DESCRIPTION: Virtual Console locking program #w3m PROVIDES: w3m w3mman DESCRIPTION: WWW browsable pager with excellent tables/frames support #watchdog PROVIDES: watchdog DESCRIPTION: A software watchdog #whois PROVIDES: mkpasswd whois DESCRIPTION: an intelligent whois client #wireshark PROVIDES: wireshark DESCRIPTION: network traffic analyzer - GTK+ version #wireshark-common PROVIDES: capinfos dumpcap editcap mergecap text2pcap DESCRIPTION: network traffic analyzer - common files #wireshark-dev PROVIDES: asn2deb idl2deb idl2wrs DESCRIPTION: network traffic analyzer - development tools #x11-apps PROVIDES: atobm bitmap bmtoa ico oclock x11perf x11perfcomp xbiff xcalc xclipboard xclock xconsole xcursorgen xcutsel xditview xedit xeyes xgc xload xlogo xmag xman xmore xwd xwud DESCRIPTION: X applications #x11-session-utils PROVIDES: rstart rstartd smproxy xsm DESCRIPTION: X session utilities #x11-utils PROVIDES: appres editres listres luit viewres xdpyinfo xdriinfo xev xfd xfontsel xkill xlsatoms xlsclients xlsfonts xmessage xprop xvinfo xwininfo DESCRIPTION: X11 utilities #x11-xfs-utils PROVIDES: fslsfonts fstobdf showfont xfsinfo DESCRIPTION: X font server utilities #x11-xkb-utils PROVIDES: setxkbmap xkbbell xkbcomp xkbevd xkbprint xkbvleds xkbwatch DESCRIPTION: X11 XKB utilities #x11-xserver-utils PROVIDES: iceauth sessreg showrgb xcmsdb xgamma xhost xmodmap xrandr xrdb xrefresh xset xsetmode xsetpointer xsetroot xstdcmap xvidtune DESCRIPTION: X server utilities #xauth PROVIDES: xauth DESCRIPTION: X authentication utility #xdg-user-dirs PROVIDES: xdg-user-dir xdg-user-dirs-update DESCRIPTION: tool to manage well known user directories #xdg-user-dirs-gtk PROVIDES: xdg-user-dirs-gtk-update DESCRIPTION: tool to manage well known user directories (Gtk extension) #xdg-utils PROVIDES: xdg-desktop-icon xdg-desktop-menu xdg-email xdg-icon-resource xdg-mime xdg-open xdg-screensaver xdg-settings DESCRIPTION: desktop integration utilities from freedesktop.org #xfce4-panel PROVIDES: xfce4-panel xfce4-popup-windowlist DESCRIPTION: The Xfce4 desktop environment panel #xfce4-session PROVIDES: balou-export-theme balou-install-theme xfce4-session xfce4-session-logout xfce4-tips xfsm-shutdown-helper DESCRIPTION: Xfce4 Session Manager #xfce4-terminal PROVIDES: xfce4-terminal xfce4-terminal.wrapper DESCRIPTION: Xfce terminal emulator #xfce4-utils PROVIDES: startxfce4 xfbrowser4 xfce4-about xfhelp4 xflock4 xfmountdev4 xfrun4 xfterm4 DESCRIPTION: Various tools for Xfce #xfdesktop4 PROVIDES: xfce4-popup-menu xfdesktop DESCRIPTION: xfce desktop background, icons and root menu manager #xfonts-utils PROVIDES: bdftopcf bdftruncate mkfontdir mkfontscale ucs2any update-fonts-alias update-fonts-dir update-fonts-scale DESCRIPTION: X Window System font utility programs #xfwm4 PROVIDES: xfwm4 DESCRIPTION: window manager of the Xfce project #xinetd PROVIDES: itox xinetd DESCRIPTION: replacement for inetd with many enhancements #xinit PROVIDES: startx xinit DESCRIPTION: X server initialisation tool #xml-core PROVIDES: dh_installxmlcatalogs update-xmlcatalog DESCRIPTION: XML infrastructure and XML catalog file support #xserver-xorg PROVIDES: dexconf X DESCRIPTION: the X.Org X server #xterm PROVIDES: koi8rxterm lxterm resize uxterm xterm DESCRIPTION: X terminal emulator #xtermcontrol PROVIDES: xtermcontrol DESCRIPTION: dynamic configuration of xterm properties #xtermset PROVIDES: xtermset DESCRIPTION: change the characteristics of an xterm #xutils-dev PROVIDES: ccmakedep cleanlinks gccmakedep imake lndir makedepend makeg mergelib mkdirhier mkhtmlindex revpath xmkmf DESCRIPTION: X Window System utility programs for development #xview-clients PROVIDES: clock cmdtool owplaces props textedit DESCRIPTION: XView client programs #xviewg PROVIDES: capitalize insert_brackets remove_brackets shift_lines DESCRIPTION: XView shared libraries #xvt PROVIDES: xvt DESCRIPTION: X terminal-emulator similar to xterm, but smaller #xzdec PROVIDES: lzmadec xzdec DESCRIPTION: XZ-format compression utilities - tiny decompressors ././@LongLink0000644000000000000000000000017100000000000011602 Lustar rootrootmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/package_catalog.wheezy.GENERATEDmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/package_cata0000644000175000017500000011425013175722671032357 0ustar lucaslucas9base PROVIDES: bc dc ed strings DESCRIPTION: Plan 9 userland tools acl PROVIDES: chacl getfacl setfacl DESCRIPTION: Access control list utilities acpid PROVIDES: acpid acpi_listen DESCRIPTION: Advanced Configuration and Power Interface event daemon adjtimex PROVIDES: adjtimex DESCRIPTION: kernel time variables configuration utility adns-tools PROVIDES: adnsheloex adnshost adnslogres adnsresfilter DESCRIPTION: Asynchronous-capable DNS client library and utilities apache2.2-common PROVIDES: a2dismod a2dissite a2enmod a2ensite apache2ctl apachectl DESCRIPTION: Apache HTTP Server common files apache2-dbg PROVIDES: ab checkgid htcacheclean htdbm htdigest htpasswd httxt2dbm logresolve rotatelogs DESCRIPTION: Apache debugging symbols apache2-mpm-event PROVIDES: apache2 DESCRIPTION: Apache HTTP Server - event driven model apache2-utils PROVIDES: check_forensic dbmmanage split-logfile DESCRIPTION: utility programs for webservers aria2 PROVIDES: aria2c DESCRIPTION: High speed download utility arping PROVIDES: arping DESCRIPTION: sends IP and/or ARP pings (to the MAC address) ash PROVIDES: ash DESCRIPTION: compatibility package for dash aspell PROVIDES: aspell aspell-import precat preunzip prezip prezip-bin run-with-aspell word-list-compress DESCRIPTION: GNU Aspell spell-checker atftpd PROVIDES: in.tftpd DESCRIPTION: advanced TFTP server attr PROVIDES: attr getfattr setfattr DESCRIPTION: Utilities for manipulating filesystem extended attributes autoconf PROVIDES: autoconf autoheader autom4te autoreconf autoscan autoupdate ifnames DESCRIPTION: automatic configure script builder autopoint PROVIDES: autopoint DESCRIPTION: The autopoint program from GNU gettext avahi-autoipd PROVIDES: avahi-autoipd DESCRIPTION: Avahi IPv4LL network address configuration daemon avahi-daemon PROVIDES: avahi-daemon DESCRIPTION: Avahi mDNS/DNS-SD daemon avahi-utils PROVIDES: avahi-browse avahi-browse-domains avahi-publish avahi-publish-address avahi-publish-service avahi-resolve avahi-resolve-address avahi-resolve-host-name avahi-set-host-name DESCRIPTION: Avahi browsing, publishing and discovery utilities babeld PROVIDES: babeld DESCRIPTION: loop-free distance-vector routing protocol beep PROVIDES: beep DESCRIPTION: advanced pc-speaker beeper bind9 PROVIDES: dnssec-dsfromkey dnssec-keyfromlabel named DESCRIPTION: Internet Domain Name Server bind9-host PROVIDES: host DESCRIPTION: Version of 'host' bundled with BIND 9.X bind9utils PROVIDES: dnssec-keygen dnssec-signzone named-checkconf named-checkzone named-compilezone rndc rndc-confgen DESCRIPTION: Utilities for BIND binutils PROVIDES: addr2line ar as c++filt gprof ld nm objcopy objdump ranlib readelf size strip DESCRIPTION: GNU assembler, linker and binary utilities boinc-dbg PROVIDES: db_dump DESCRIPTION: debugging symbols for BOINC binaries bootchart PROVIDES: bootchartd DESCRIPTION: Boot process performance analyser bootlogd PROVIDES: bootlogd DESCRIPTION: daemon to log boot messages bridge-utils PROVIDES: brctl DESCRIPTION: Utilities for configuring the Linux Ethernet bridge busybox PROVIDES: busybox DESCRIPTION: Tiny utilities for small and embedded systems busybox-syslogd PROVIDES: klogd logread syslogd DESCRIPTION: Provides syslogd and klogd using busybox bzip2 PROVIDES: bunzip2 bzcat bzcmp bzdiff bzegrep bzexe bzfgrep bzgrep bzip2 bzip2recover bzless bzmore DESCRIPTION: high-quality block-sorting file compressor - utilities cdbs PROVIDES: cdbs-edit-patch DESCRIPTION: common build system for Debian packages chkconfig PROVIDES: chkconfig DESCRIPTION: system tool to enable or disable system services cifs-utils PROVIDES: mount.cifs DESCRIPTION: Common Internet File System utilities citadel-mta PROVIDES: sendmail DESCRIPTION: complete and feature-rich groupware server (mail transport agent) consolekit PROVIDES: ck-history ck-launch-session ck-list-sessions ck-log-system-restart ck-log-system-start ck-log-system-stop console-kit-daemon DESCRIPTION: framework for defining and tracking users, sessions and seats console-tools PROVIDES: chvt deallocvt dumpkeys fgconsole getkeycodes kbd_mode kbdrate loadkeys openvt psfaddtable psfgettable psfstriptable setkeycodes setleds setlogcons setmetamode showkey unicode_start unicode_stop DESCRIPTION: Linux console and font utilities conspy PROVIDES: conspy DESCRIPTION: Remote control of Linux virtual consoles courier-authdaemon PROVIDES: authdaemond DESCRIPTION: Courier authentication daemon courier-authlib PROVIDES: authenumerate authpasswd authtest courierlogger DESCRIPTION: Courier authentication library courier-authlib-dev PROVIDES: courierauthconfig DESCRIPTION: Development libraries for the Courier authentication library courier-authlib-userdb PROVIDES: makeuserdb pw2userdb userdb userdbpw userdb-test-cram-md5 DESCRIPTION: userdb support for the Courier authentication library courier-base PROVIDES: courier-config couriertcpd maildiracl maildirkw sharedindexinstall sharedindexsplit testmxlookup DESCRIPTION: Courier mail server - base system courier-imap PROVIDES: imapd DESCRIPTION: Courier mail server - IMAP server courier-ldap PROVIDES: courierldapaliasd DESCRIPTION: Courier mail server - LDAP support courier-maildrop PROVIDES: mailbot maildrop makemime reformail reformime DESCRIPTION: Courier mail server - mail delivery agent courier-mta PROVIDES: mailq newaliases rmail DESCRIPTION: Courier mail server - ESMTP daemon courier-ssl PROVIDES: couriertls DESCRIPTION: Courier mail server - SSL/TLS Support cpp PROVIDES: cpp DESCRIPTION: GNU C preprocessor (cpp) crack PROVIDES: Crack Crack-Reporter DESCRIPTION: Password guessing program cracklib-runtime PROVIDES: cracklib-check cracklib-format cracklib-packer cracklib-unpacker create-cracklib-dict DESCRIPTION: runtime support for password checker library cracklib2 cramfsprogs PROVIDES: cramfsck mkcramfs DESCRIPTION: Tools for CramFs (Compressed ROM File System) cryptsetup-bin PROVIDES: cryptsetup DESCRIPTION: disk encryption support - command line tools cups-bsd PROVIDES: lpq lpr DESCRIPTION: Common UNIX Printing System(tm) - BSD commands curlftpfs PROVIDES: curlftpfs DESCRIPTION: filesystem to access FTP hosts based on FUSE and cURL daemontools PROVIDES: envdir envuidgid setuidgid softlimit DESCRIPTION: a collection of tools for managing UNIX services dbus PROVIDES: dbus-cleanup-sockets dbus-daemon dbus-monitor dbus-send dbus-uuidgen DESCRIPTION: simple interprocess messaging system (daemon and utilities) dbus-1-dbg PROVIDES: dbus-launch DESCRIPTION: simple interprocess messaging system (debug symbols) db-util PROVIDES: db_archive db_checkpoint db_deadlock db_hotbackup db_load db_printlog db_recover db_stat db_upgrade db_verify DESCRIPTION: Berkeley Database Utilities debhelper PROVIDES: dh_builddeb dh_clean dh_compress dh_desktop dh_fixperms dh_gconf dh_gencontrol dh_icons dh_install dh_installcatalogs dh_installchangelogs dh_installcron dh_installdeb dh_installdebconf dh_installdirs dh_installdocs dh_installemacsen dh_installexamples dh_installifupdown dh_installinfo dh_installinit dh_installlogcheck dh_installlogrotate dh_installman dh_installmanpages dh_installmenu dh_installmime dh_installmodules dh_installpam dh_installppp dh_installudev dh_installwm dh_installxfonts dh_link dh_listpackages dh_makeshlibs dh_md5sums dh_movefiles dh_perl dh_python dh_scrollkeeper dh_shlibdeps dh_strip dh_suidregister dh_testdir dh_testroot dh_undocumented dh_usrlocal DESCRIPTION: helper programs for debian/rules desktop-file-utils PROVIDES: desktop-file-install desktop-file-validate update-desktop-database DESCRIPTION: Utilities for .desktop files dh-ocaml PROVIDES: dh_ocaml ocaml-md5sums DESCRIPTION: helper tools for maintaining OCaml-related Debian packages dictionaries-common PROVIDES: aspell-autobuildhash ispell-autobuildhash ispell-wrapper remove-default-ispell remove-default-wordlist select-default-ispell select-default-iwrap select-default-wordlist update-default-ispell update-default-wordlist update-dictcommon-aspell DESCRIPTION: Common utilities for spelling dictionary tools dietlibc-dev PROVIDES: dnsd DESCRIPTION: diet libc - a libc optimized for small size dmeventd PROVIDES: dmeventd DESCRIPTION: Linux Kernel Device Mapper event daemon dmsetup PROVIDES: dmsetup DESCRIPTION: Linux Kernel Device Mapper userspace library dnsutils PROVIDES: dig nslookup nsupdate DESCRIPTION: Clients provided with BIND dos2unix PROVIDES: dos2unix unix2dos DESCRIPTION: convert text file line endings between CRLF and LF dosfstools PROVIDES: mkdosfs mkfs.vfat DESCRIPTION: utilities for making and checking MS-DOS FAT filesystems dropbear PROVIDES: dbclient dropbear dropbearkey DESCRIPTION: lightweight SSH2 server and client dselect PROVIDES: dselect DESCRIPTION: Debian package management front-end e2fsck-static PROVIDES: e2fsck.static DESCRIPTION: statically-linked version of the ext2/ext3/ext4 filesystem checker ed PROVIDES: red DESCRIPTION: classic UNIX line editor eglibc-source PROVIDES: locale-gen update-locale validlocale DESCRIPTION: Embedded GNU C Library: sources eject PROVIDES: eject volname DESCRIPTION: ejects CDs and operates CD-Changers under Linux ethtool PROVIDES: ethtool DESCRIPTION: display or change Ethernet device settings exo-utils PROVIDES: exo-csource exo-desktop-item-edit exo-open exo-preferred-applications DESCRIPTION: Utility files for libexo exuberant-ctags PROVIDES: ctags-exuberant DESCRIPTION: build tag file indexes of source code definitions fam PROVIDES: famd DESCRIPTION: File Alteration Monitor fbset PROVIDES: fbset DESCRIPTION: framebuffer device maintenance program fdflush PROVIDES: fdflush DESCRIPTION: Flush out-of-date disk buffers file PROVIDES: file DESCRIPTION: Determines file type using "magic" numbers finger PROVIDES: finger DESCRIPTION: user information lookup program flex PROVIDES: flex++ DESCRIPTION: A fast lexical analyzer generator. fontconfig PROVIDES: fc-cache fc-cat fc-list fc-match fc-query fc-scan DESCRIPTION: generic font configuration library - support binaries fortune-mod PROVIDES: strfile unstr DESCRIPTION: provides fortune cookies on demand ftp PROVIDES: netkit-ftp DESCRIPTION: classical file transfer client fuse PROVIDES: fusermount DESCRIPTION: Filesystem in Userspace fvwm PROVIDES: fvwm2 fvwm-bug FvwmCommand fvwm-config fvwm-convert-2.4 fvwm-convert-2.6 fvwm-menu-desktop fvwm-menu-directory fvwm-menu-headlines fvwm-menu-xlock fvwm-perllib fvwm-root DESCRIPTION: F(?) Virtual Window Manager gawk PROVIDES: gawk igawk pgawk DESCRIPTION: GNU awk, a pattern scanning and processing language gcc PROVIDES: c89-gcc c99-gcc gcc gcov DESCRIPTION: GNU C compiler gcj-4.6-jdk PROVIDES: appletviewer jar jarsigner javac javadoc javah jdb native2ascii rmic serialver DESCRIPTION: gcj and classpath development tools for Java(TM) gcj-4.6-jre-headless PROVIDES: java keytool orbd rmid rmiregistry tnameserv DESCRIPTION: Java runtime environment using GIJ/classpath (headless version) gconf2 PROVIDES: gconf-merge-tree gconf-schemas gconftool-2 update-gconf-defaults DESCRIPTION: GNOME configuration database system (support tools) gdb PROVIDES: gcore gdb gdbtui DESCRIPTION: The GNU Debugger gdbserver PROVIDES: gdbserver DESCRIPTION: The GNU Debugger (remote server) gettext PROVIDES: gettextize msgattrib msgcat msgcmp msgcomm msgconv msgen msgexec msgfilter msgfmt msggrep msginit msgmerge msgunfmt msguniq recode-sr-latin xgettext DESCRIPTION: GNU Internationalization utilities gettext-base PROVIDES: envsubst gettext gettext.sh ngettext DESCRIPTION: GNU Internationalization utilities for the base system ghostscript PROVIDES: dumphint dvipdf eps2eps font2c gsbj gsdj gsdj500 gslj gslp gsnd pdf2dsc pdf2ps pdfopt pf2afm pfbtopfa pphs printafm ps2ascii ps2epsi ps2pdf12 ps2pdf13 ps2pdf14 ps2pdfwr ps2ps ps2ps2 wftopfa DESCRIPTION: interpreter for the PostScript language and for PDF gksu PROVIDES: gksu DESCRIPTION: graphical frontend to su gnome-keyring PROVIDES: gnome-keyring-daemon DESCRIPTION: GNOME keyring services (daemon and tools) gnutls-bin PROVIDES: certtool gnutls-cli gnutls-cli-debug gnutls-serv psktool srptool DESCRIPTION: GNU TLS library - commandline utilities grub-coreboot PROVIDES: grub-install DESCRIPTION: GRand Unified Bootloader, version 2 (Coreboot version) grub-legacy PROVIDES: grub grub-floppy grub-md5-crypt grub-reboot grub-set-default grub-terminfo mbchk mkbimage update-grub DESCRIPTION: GRand Unified Bootloader (Legacy version) gv PROVIDES: gv DESCRIPTION: PostScript and PDF viewer for X hal PROVIDES: hald hal-device hal-disable-polling hal-find-by-capability hal-find-by-property hal-get-property hal-is-caller-locked-out hal-lock hal-set-property lshal umount.hal DESCRIPTION: Hardware Abstraction Layer hardening-wrapper PROVIDES: gcc-4.2 DESCRIPTION: Compiler wrapper to enable security hardening flags hdparm PROVIDES: hdparm DESCRIPTION: tune hard disk parameters for high performance heimdal-clients PROVIDES: kadmin kdestroy kinit klist kpasswd ksu ktutil DESCRIPTION: Heimdal Kerberos - clients heimdal-dev PROVIDES: krb5-config DESCRIPTION: Heimdal Kerberos - development files html2text PROVIDES: html2text DESCRIPTION: advanced HTML to text converter htop PROVIDES: htop DESCRIPTION: interactive processes viewer icedtea-netx PROVIDES: javaws DESCRIPTION: NetX - implementation of the Java Network Launching Protocol (JNLP) iceweasel PROVIDES: firefox DESCRIPTION: Web browser based on Firefox id-utils PROVIDES: lid DESCRIPTION: Fast, high-capacity, identifier database tool ifmetric PROVIDES: ifmetric DESCRIPTION: Set routing metrics for a network interface ifplugd PROVIDES: ifplugd ifplugstatus DESCRIPTION: configuration daemon for ethernet devices ifstat PROVIDES: ifstat DESCRIPTION: InterFace STATistics Monitoring inetutils-ftpd PROVIDES: ftpd DESCRIPTION: File Transfer Protocol server inetutils-telnet PROVIDES: inetutils-telnet DESCRIPTION: telnet client inetutils-telnetd PROVIDES: telnetd DESCRIPTION: telnet server inetutils-tools PROVIDES: inetutils-ifconfig DESCRIPTION: base networking utilities (experimental package) initramfs-tools PROVIDES: mkinitramfs update-initramfs DESCRIPTION: generic modular initramfs generator installation-report PROVIDES: report-hw DESCRIPTION: system installation report ipcalc PROVIDES: ipcalc DESCRIPTION: parameter calculator for IPv4 addresses ipsec-tools PROVIDES: setkey DESCRIPTION: IPsec utilities ipsvd PROVIDES: tcpsvd udpsvd DESCRIPTION: Internet protocol service daemons iputils-clockdiff PROVIDES: clockdiff DESCRIPTION: Measure the time difference between networked computers iputils-tracepath PROVIDES: tracepath tracepath6 DESCRIPTION: Tools to trace the network path to a remote host isc-dhcp-relay PROVIDES: dhcrelay DESCRIPTION: ISC DHCP relay daemon isc-dhcp-server PROVIDES: dhcpd DESCRIPTION: ISC DHCP server for automatic IP address assignment ispell PROVIDES: buildhash findaffix icombine ijoin ispell munchlist sq tryaffix unsq DESCRIPTION: International Ispell (an interactive spelling corrector) jackd1 PROVIDES: alsa_in alsa_out jack_alias jack_bufsize jack_connect jackd jack_disconnect jack_evmon jack_freewheel jack_impulse_grabber jack_load jack_lsp jack_metro jack_midiseq jack_midisine jack_monitor_client jack_netsource jack_showtime jack_simple_client jack_transport jack_unload DESCRIPTION: JACK Audio Connection Kit (server and example clients) joe PROVIDES: joe DESCRIPTION: user friendly full screen text editor john PROVIDES: john mailer DESCRIPTION: active password cracking tool kate PROVIDES: kate DESCRIPTION: K Advanced Text Editor kate-dbg PROVIDES: kwrite DESCRIPTION: debugging symbols for Kate kbd PROVIDES: loadunimap mapscrn psfxtable resizecons setfont showconsolefont DESCRIPTION: Linux console font and keytable utilities krb5-admin-server PROVIDES: kadmind kadmin.local kprop DESCRIPTION: MIT Kerberos master server (kadmind) krb5-clients PROVIDES: telnet.krb5 DESCRIPTION: Secure replacements for ftp, telnet and rsh using MIT Kerberos krb5-gss-samples PROVIDES: gss-client gss-server DESCRIPTION: MIT Kerberos GSS Sample applications krb5-kdc PROVIDES: kdb5_util kpropd krb5kdc DESCRIPTION: MIT Kerberos key server (KDC) krb5-kdc-ldap PROVIDES: kdb5_ldap_util DESCRIPTION: MIT Kerberos key server (KDC) LDAP plugin krb5-rsh-server PROVIDES: klogind kshd login.krb5 DESCRIPTION: Secure replacements for rshd and rlogind using MIT Kerberos krb5-user PROVIDES: k5srvutil kvno DESCRIPTION: Basic programs to authenticate using MIT Kerberos laptop-detect PROVIDES: laptop-detect DESCRIPTION: attempt to detect a laptop ldap2zone PROVIDES: ldap2zone DESCRIPTION: Extract DNS zones from LDAP trees ldap-utils PROVIDES: ldapadd ldapcompare ldapdelete ldapexop ldapmodify ldapmodrdn ldappasswd ldapsearch ldapurl ldapwhoami DESCRIPTION: OpenLDAP utilities less PROVIDES: less lessecho lesskey lesspipe DESCRIPTION: pager program similar to more libbonobo2-bin PROVIDES: activation-client bonobo-activation-sysconf bonobo-slay echo-client-2 DESCRIPTION: Bonobo CORBA interfaces library -- support binaries libc-dev-bin PROVIDES: gencat mtrace rpcgen sprof DESCRIPTION: Embedded GNU C Library: Development binaries libcroco-tools PROVIDES: csslint-0.6 DESCRIPTION: Cascading Style Sheet (CSS) parsing and manipulation toolkit - utils libdb1-compat PROVIDES: db_dump185 DESCRIPTION: Berkeley database routines [glibc 2.0/2.1 compatibility] libfreetype6-dev PROVIDES: freetype-config DESCRIPTION: FreeType 2 font engine, development files libfribidi-bin PROVIDES: fribidi DESCRIPTION: Free Implementation of the Unicode BiDi algorithm (utility) libgcj-common PROVIDES: rebuild-security-providers DESCRIPTION: Java runtime library (common files) libgdk-pixbuf2.0-dev PROVIDES: gdk-pixbuf-csource gdk-pixbuf-query-loaders DESCRIPTION: GDK Pixbuf library (development files) libgksu2-0 PROVIDES: gksu-properties DESCRIPTION: library providing su and sudo functionality libglib2.0-0-dbg PROVIDES: gdbus glib-genmarshal gobject-query gsettings DESCRIPTION: Debugging symbols for the GLib libraries libglib2.0-bin PROVIDES: gio-querymodules glib-compile-schemas DESCRIPTION: Programs for the GLib library libglib2.0-dev PROVIDES: gdbus-codegen glib-gettextize glib-mkenums DESCRIPTION: Development files for the GLib library libgnome2-0 PROVIDES: gnome-open DESCRIPTION: The GNOME library - runtime files libgnomevfs2-0-dbg PROVIDES: gnomevfs-cat gnomevfs-copy gnomevfs-df gnomevfs-info gnomevfs-ls gnomevfs-mkdir gnomevfs-monitor gnomevfs-mv gnomevfs-rm DESCRIPTION: GNOME Virtual File System (debugging libraries) libgpg-error-dev PROVIDES: gpg-error DESCRIPTION: library for common error values and messages in GnuPG components (development) libgtk2.0-bin PROVIDES: gtk-update-icon-cache DESCRIPTION: programs for the GTK+ graphical user interface library libgtk2.0-dev PROVIDES: dh_gtkmodules gtk-builder-convert DESCRIPTION: development files for the GTK+ library libgtk-3-bin PROVIDES: update-icon-caches DESCRIPTION: programs for the GTK+ graphical user interface library libjpeg-progs PROVIDES: cjpeg djpeg exifautotran jpegexiforient jpegtran rdjpgcom wrjpgcom DESCRIPTION: Programs for manipulating JPEG files liblockfile-bin PROVIDES: dotlockfile DESCRIPTION: support binaries for and cli utilities based on liblockfile libmysqlclient-dev PROVIDES: mysql_config DESCRIPTION: MySQL database development files libnss3-tools PROVIDES: certutil cmsutil crlutil modutil pk12util shlibsign signtool signver ssltap DESCRIPTION: Network Security Service tools libpango1.0-0-dbg PROVIDES: pango-querymodules pango-view DESCRIPTION: Pango library and debugging symbols libpango1.0-dev PROVIDES: dh_pangomodules DESCRIPTION: Development files for the Pango libpaper-utils PROVIDES: paperconf paperconfig DESCRIPTION: library for handling paper characteristics (utilities) libpcre3-dev PROVIDES: pcre-config DESCRIPTION: Perl 5 Compatible Regular Expression Library - development files libpng12-dev PROVIDES: libpng12-config DESCRIPTION: PNG library - development librep-dbg PROVIDES: rep rep-remote DESCRIPTION: debug symbols for librep librpm-dbg PROVIDES: rpm rpm2cpio rpmdb rpmgraph rpmsign DESCRIPTION: debugging symbols for RPM libruby1.8-dbg PROVIDES: ruby1.8 DESCRIPTION: Debugging symbols for Ruby 1.8 libsnmp15 PROVIDES: net-snmp-config DESCRIPTION: SNMP (Simple Network Management Protocol) library libsqlite3-0-dbg PROVIDES: sqlite3 DESCRIPTION: SQLite 3 debugging symbols libtasn1-3-bin PROVIDES: asn1Coding asn1Decoding asn1Parser DESCRIPTION: Manage ASN.1 structures (binaries) libtool PROVIDES: libtool libtoolize DESCRIPTION: Generic library support script libuser PROVIDES: lchage lchfn lchsh lgroupadd lgroupdel lgroupmod lnewusers lpasswd luseradd luserdel lusermod DESCRIPTION: user and group account administration library libxfce4util-bin PROVIDES: xfce4-kiosk-query DESCRIPTION: tools for libxfce4util lighttpd PROVIDES: lighttpd lighttpd-angel DESCRIPTION: fast webserver with minimal memory footprint links PROVIDES: links DESCRIPTION: Web browser running in text mode links2 PROVIDES: links2 xlinks2 DESCRIPTION: Web browser running in both graphics and text mode loadlin PROVIDES: freeramdisk DESCRIPTION: loader (running under DOS) for LINUX kernel images lpr PROVIDES: lpd DESCRIPTION: BSD lpr/lpd line printer spooling system lrzsz PROVIDES: rx DESCRIPTION: Tools for zmodem/xmodem/ymodem file transfer lsof PROVIDES: lsof DESCRIPTION: Utility to list open files lwresd PROVIDES: lwresd DESCRIPTION: Lightweight Resolver Daemon lynx-cur PROVIDES: lynx DESCRIPTION: Text-mode WWW Browser with NLS support (development version) lzma-alone PROVIDES: lzma_alone DESCRIPTION: Compression and decompression in the LZMA format - legacy utility lzop PROVIDES: lzop DESCRIPTION: fast compression program m4 PROVIDES: m4 DESCRIPTION: a macro processing language make PROVIDES: make DESCRIPTION: An utility for Directing compilation. makedev PROVIDES: MAKEDEV DESCRIPTION: creates device files in /dev man2html-base PROVIDES: man2html DESCRIPTION: convert man pages into HTML format menu PROVIDES: install-menu su-to-root update-menus DESCRIPTION: generates programs menu for all menu-aware applications microcom PROVIDES: microcom DESCRIPTION: minimalistic terminal program mii-diag PROVIDES: mii-diag DESCRIPTION: A little tool to manipulate network cards mime-support PROVIDES: run-mailcap update-mime DESCRIPTION: MIME files 'mime.types' & 'mailcap', and support programs mingetty PROVIDES: mingetty DESCRIPTION: Console-only getty mpack PROVIDES: mpack munpack DESCRIPTION: tools for encoding/decoding MIME messages mtd-utils PROVIDES: nanddump nandwrite ubiattach ubidetach ubimkvol ubirmvol ubirsvol ubiupdatevol DESCRIPTION: Memory Technology Device Utilities mtools PROVIDES: amuFormat.sh mcheck mcomp mkmanifest mtools mxtar tgz uz DESCRIPTION: Tools for manipulating MSDOS files mtr PROVIDES: mtr DESCRIPTION: Full screen ncurses and X11 traceroute tool muddleftpd PROVIDES: ftpwho DESCRIPTION: A flexible and efficient FTP daemon mysql-client-5.5 PROVIDES: innochecksum myisam_ftdump mysql mysqlaccess mysqladmin mysqlbug mysqlcheck mysql_client_test mysqldump mysqldumpslow mysql_find_rows mysql_fix_extensions mysqlimport mysqlshow mysql_waitpid DESCRIPTION: MySQL database client binaries mysql-server-5.5 PROVIDES: msql2mysql myisamchk myisamlog myisampack mysqlbinlog mysql_convert_table_format mysqld_multi mysqld_safe mysqlhotcopy mysql_secure_installation mysql_setpermission mysqltest mysql_tzinfo_to_sql mysql_zap perror replace resolveip resolve_stack_dump DESCRIPTION: MySQL database server binaries and system database setup mysql-server-core-5.5 PROVIDES: my_print_defaults mysqld mysql_install_db mysql_upgrade DESCRIPTION: MySQL database server binaries nast PROVIDES: nast DESCRIPTION: packet sniffer and lan analyzer nbd-client PROVIDES: nbd-client DESCRIPTION: Network Block Device protocol - client ncftp PROVIDES: ncftpbatch ncftpget ncftpls ncftpput ncftpspooler DESCRIPTION: User-friendly and well-featured FTP client netatalk PROVIDES: adv1tov2 aecho afpd asip-status.pl atalkd cnid2_create cnid_dbd cnid_metad getzones lp2pap.sh macusers megatron nbplkup nbprgstr nbpunrgstr netatalk-uniconv pap papd papstatus psorder showppd timelord DESCRIPTION: AppleTalk user binaries nfs-common PROVIDES: gss_clnt_send_err gss_destroy_creds mount.nfs mount.nfs4 nfsstat rpcdebug rpc.gssd rpc.idmapd rpc.statd rpc.svcgssd showmount sm-notify start-statd umount.nfs umount.nfs4 DESCRIPTION: NFS support files common to client and server nfs-kernel-server PROVIDES: exportfs rpc.mountd rpc.nfsd DESCRIPTION: support for NFS kernel server nis PROVIDES: rpc.yppasswdd rpc.ypxfrd ypbind ypcat ypchfn ypchsh ypmatch yppasswd yppoll yppush ypserv ypserv_test ypset yptest ypwhich DESCRIPTION: clients and daemons for the Network Information Service (NIS) nmap PROVIDES: ncat ndiff nmap nping DESCRIPTION: The Network Mapper nscd PROVIDES: nscd DESCRIPTION: Embedded GNU C Library: Name Service Cache Daemon ntp PROVIDES: ntpd ntpdc ntp-keygen ntpq ntptime ntptrace ntp-wait sntp DESCRIPTION: Network Time Protocol daemon and utility programs ntpdate PROVIDES: ntpdate DESCRIPTION: client for setting system time from NTP servers ocaml PROVIDES: labltk ocamlbrowser DESCRIPTION: ML language implementation with a class-based object system ocaml-base-nox PROVIDES: ocamlrun DESCRIPTION: Runtime system for OCaml bytecode executables (no X) ocaml-interp PROVIDES: ocaml DESCRIPTION: OCaml interactive interpreter and standard libraries ocaml-nox PROVIDES: ocamlbuild.byte ocamlbuild.native ocamlc ocamlcp ocamldebug ocamldep ocamldoc ocamldumpobj ocamllex ocamlmklib ocamlmktop ocamlobjinfo ocamlopt ocamlprof ocamlyacc DESCRIPTION: ML implementation with a class-based object system (no X) odt2txt PROVIDES: sxw2txt DESCRIPTION: simple converter from OpenDocument Text to plain text omniidl PROVIDES: omnicpp omniidl DESCRIPTION: omniORB IDL to C++ and Python compiler openbsd-inetd PROVIDES: inetd DESCRIPTION: OpenBSD Internet Superserver openjdk-6-dbg PROVIDES: apt extcheck idlj javap jconsole jhat jinfo jmap jps jrunscript jsadebugd jstack jstat jstatd pack200 policytool schemagen servertool unpack200 wsgen wsimport xjc DESCRIPTION: Java runtime based on OpenJDK (debugging symbols) openresolv PROVIDES: resolvconf DESCRIPTION: management framework for resolv.conf openssh-client PROVIDES: scp sftp slogin ssh ssh-add ssh-agent ssh-argv0 ssh-copy-id ssh-keygen ssh-keyscan DESCRIPTION: secure shell (SSH) client, for secure access to remote machines openssh-server PROVIDES: sshd DESCRIPTION: secure shell (SSH) server, for secure access from remote machines openssl PROVIDES: c_rehash openssl DESCRIPTION: Secure Socket Layer (SSL) binary and related cryptographic tools openswan PROVIDES: ipsec DESCRIPTION: Internet Key Exchange daemon orbit2 PROVIDES: ior-decode-2 linc-cleanup-sockets typelib-dump DESCRIPTION: a CORBA ORB patch PROVIDES: patch DESCRIPTION: Apply a diff file to an original pciutils PROVIDES: lspci pcimodules setpci update-pciids DESCRIPTION: Linux PCI Utilities pcregrep PROVIDES: pcregrep DESCRIPTION: grep utility that uses perl 5 compatible regexes. picolisp PROVIDES: watchdog DESCRIPTION: Lisp interpreter and application server framework pidentd PROVIDES: identd ikeygen DESCRIPTION: TCP/IP IDENT protocol server with DES support pkg-config PROVIDES: pkg-config DESCRIPTION: manage compile and link flags for libraries policycoreutils PROVIDES: audit2allow audit2why chcat fixfiles genhomedircon load_policy newrole open_init_pty restorecon run_init secon se_dpkg semanage semodule semodule_deps semodule_expand semodule_link semodule_package sepolgen-ifgen sestatus setfiles setsebool DESCRIPTION: SELinux core policy utilities policykit-1 PROVIDES: pkaction pkcheck pkexec DESCRIPTION: framework for managing administrative policies and privileges postfix PROVIDES: postalias postcat postconf postdrop postfix postkick postlock postlog postmap postmulti postqueue postsuper qmqp-sink qmqp-source qshape smtp-sink smtp-source DESCRIPTION: High-performance mail transport agent powertop PROVIDES: powertop DESCRIPTION: Linux tool to find out what is using power on a laptop ppl-dev PROVIDES: ppl-config DESCRIPTION: Parma Polyhedra Library (development binaries) ppp PROVIDES: chat DESCRIPTION: Point-to-Point Protocol (PPP) - daemon proftpd-basic PROVIDES: ftpcount ftpdctl ftpshut ftptop proftpd DESCRIPTION: Versatile, virtual-hosting FTP daemon - binaries protoize PROVIDES: protoize unprotoize DESCRIPTION: Create/remove ANSI prototypes from C code pscan PROVIDES: pscan DESCRIPTION: Format string security checker for C files psmisc PROVIDES: fuser killall peekfd pstree pstree.x11 DESCRIPTION: utilities that use the proc file system pulseaudio PROVIDES: pulseaudio DESCRIPTION: PulseAudio sound server pulseaudio-esound-compat PROVIDES: esd esdcompat DESCRIPTION: PulseAudio ESD compatibility layer python PROVIDES: 2to3 pydoc DESCRIPTION: interactive high-level object-oriented language (default version) python2.6-dbg PROVIDES: python2.6 DESCRIPTION: Debug Build of the Python Interpreter (version 2.6) python-central PROVIDES: dh_pycentral pycentral py_compilefiles DESCRIPTION: register and build utility for Python packages python-minimal PROVIDES: python DESCRIPTION: minimal subset of the Python language (default version) python-support PROVIDES: dh_pysupport update-python-modules DESCRIPTION: automated rebuilding support for Python modules qmail PROVIDES: maildirmake DESCRIPTION: a secure, reliable, efficient, simple message transfer agent quagga PROVIDES: vtysh DESCRIPTION: BGP/OSPF/RIP routing daemon racoon PROVIDES: plainrsa-gen racoon racoonctl DESCRIPTION: IPsec Internet Key Exchange daemon radvd PROVIDES: radvd radvdump DESCRIPTION: Router Advertisement Daemon rdate PROVIDES: rdate DESCRIPTION: sets the system's date from a remote host readahead-fedora PROVIDES: readahead DESCRIPTION: Fedora's implementation of readahead to preload boot process files reportbug PROVIDES: querybts reportbug DESCRIPTION: reports bugs in the Debian distribution rlinetd PROVIDES: update-inetd DESCRIPTION: gruesomely over-featured inetd replacement roxterm-gtk2 PROVIDES: roxterm roxterm-config DESCRIPTION: Multi-tabbed GTK+/VTE terminal emulator - GTK2 version rpcbind PROVIDES: rpcbind DESCRIPTION: converts RPC program numbers into universal addresses rpm PROVIDES: gendiff rpmquery rpmverify DESCRIPTION: package manager for RPM rsync PROVIDES: rsync DESCRIPTION: fast, versatile, remote (and local) file-copying tool rtkit PROVIDES: rtkitctl DESCRIPTION: Realtime Policy and Watchdog Daemon ruby1.8 PROVIDES: erb1.8 testrb1.8 DESCRIPTION: Interpreter of object-oriented scripting language Ruby 1.8 runit PROVIDES: chpst runsv runsvdir sv svlogd DESCRIPTION: system-wide service supervision rxvt PROVIDES: rclock rxvt-xpm rxvt-xterm DESCRIPTION: VT102 terminal emulator for the X Window System samba-common-bin PROVIDES: smbpasswd DESCRIPTION: common files used by both the Samba server and client sash PROVIDES: sash DESCRIPTION: Stand-alone shell sasl2-bin PROVIDES: saslauthd sasldblistusers2 saslpasswd2 testsaslauthd DESCRIPTION: Cyrus SASL - administration programs for SASL users database sawfish PROVIDES: sawfish sawfish-client sawfish-ui DESCRIPTION: a window manager for X11 setserial PROVIDES: setserial DESCRIPTION: controls configuration of serial ports sgml-base PROVIDES: install-sgmlcatalog update-catalog DESCRIPTION: SGML infrastructure and SGML catalog file support sharutils PROVIDES: shar unshar uudecode uuencode DESCRIPTION: shar, unshar, uuencode, uudecode slapd PROVIDES: slapacl slapadd slapauth slapcat slapd slapdn slapindex slappasswd slapschema slaptest DESCRIPTION: OpenLDAP server (slapd) smartlist PROVIDES: digest DESCRIPTION: Versatile and Intelligent List Processor smistrip PROVIDES: smistrip DESCRIPTION: extract MIB from text files like RFC smitools PROVIDES: smicache smidiff smidump smilint smiquery smixlate DESCRIPTION: various tools operating on MIB module files snacc PROVIDES: berdecode mkchdr ptbl pval snacc snacc-config DESCRIPTION: ASN.1 to C or C++ or IDL compiler snmp PROVIDES: encode_keychange snmpbulkget snmpbulkwalk snmpdelta snmpdf snmpget snmpgetnext snmpinform snmpnetstat snmpset snmpstatus snmptable snmptest snmptranslate snmptrap snmpusm snmpvacm snmpwalk DESCRIPTION: SNMP (Simple Network Management Protocol) applications snmpd PROVIDES: snmpd snmptrapd DESCRIPTION: SNMP (Simple Network Management Protocol) agents socat PROVIDES: filan procan socat DESCRIPTION: multipurpose relay for bidirectional data transfer sshfs PROVIDES: sshfs DESCRIPTION: filesystem client based on SSH File Transfer Protocol ssl-cert PROVIDES: make-ssl-cert DESCRIPTION: simple debconf wrapper for OpenSSL strace PROVIDES: strace DESCRIPTION: A system call tracer sudo PROVIDES: sudo sudoedit sudoreplay visudo DESCRIPTION: Provide limited super user privileges to specific users sysfsutils PROVIDES: systool DESCRIPTION: sysfs query tool and boot-time setup sysstat PROVIDES: iostat mpstat DESCRIPTION: system performance tools for Linux tack PROVIDES: tack DESCRIPTION: terminfo action checker tcl8.4 PROVIDES: tclsh8.4 DESCRIPTION: Tcl (the Tool Command Language) v8.4 - run-time files tcm PROVIDES: tcpd DESCRIPTION: Toolkit for Conceptual Modeling (TCM) tcpd PROVIDES: safe_finger tcpdchk tcpdmatch try-from DESCRIPTION: Wietse Venema's TCP wrapper utilities tcpdump PROVIDES: tcpdump DESCRIPTION: command-line network traffic analyzer tcsh PROVIDES: tcsh DESCRIPTION: TENEX C Shell, an enhanced version of Berkeley csh telnet PROVIDES: telnet.netkit DESCRIPTION: The telnet client texinfo PROVIDES: makeinfo texi2dvi texi2pdf texindex DESCRIPTION: Documentation system for on-line information and printed output tftp PROVIDES: tftp DESCRIPTION: Trivial file transfer protocol client thunar PROVIDES: Thunar DESCRIPTION: File Manager for Xfce time PROVIDES: time DESCRIPTION: GNU time program for measuring CPU resource usage tk8.4 PROVIDES: wish8.4 DESCRIPTION: Tk toolkit for Tcl and X11, v8.4 - run-time files tshark PROVIDES: tshark DESCRIPTION: network traffic analyzer - console version ucf PROVIDES: lcf ucf ucfq ucfr DESCRIPTION: Update Configuration File: preserve user changes to config files. udev PROVIDES: udevadm udevd DESCRIPTION: /dev/ and hotplug management daemon udhcpc PROVIDES: udhcpc DESCRIPTION: Provides the busybox DHCP client implementation udhcpd PROVIDES: dumpleases udhcpd DESCRIPTION: Provides the busybox DHCP server implementation uml-utilities PROVIDES: tunctl DESCRIPTION: User-mode Linux (utility programs) unzip PROVIDES: unzip DESCRIPTION: De-archiver for .zip files usbutils PROVIDES: lsusb update-usbids usb-devices DESCRIPTION: Linux USB utilities usermode PROVIDES: consolehelper userhelper DESCRIPTION: Graphical tools for certain user account management tasks uuid-runtime PROVIDES: uuidgen DESCRIPTION: runtime components for the Universally Unique ID library vim PROVIDES: vim.basic DESCRIPTION: Vi IMproved - enhanced vi editor vim-addon-manager PROVIDES: vim-addons DESCRIPTION: manager of addons for the Vim editor vim-runtime PROVIDES: vimtutor DESCRIPTION: Vi IMproved - Runtime files vim-scripts PROVIDES: dtd2vim vimplate DESCRIPTION: plugins for vim, adding bells and whistles vlan PROVIDES: vconfig DESCRIPTION: user mode programs to enable VLANs on your ethernet devices vlock PROVIDES: vlock DESCRIPTION: Virtual Console locking program w3m PROVIDES: w3m w3mman DESCRIPTION: WWW browsable pager with excellent tables/frames support whois PROVIDES: mkpasswd whois DESCRIPTION: intelligent WHOIS client wireshark PROVIDES: wireshark DESCRIPTION: network traffic analyzer - GTK+ version wireshark-common PROVIDES: capinfos dumpcap editcap mergecap text2pcap DESCRIPTION: network traffic analyzer - common files wireshark-dev PROVIDES: asn2deb idl2deb idl2wrs DESCRIPTION: network traffic analyzer - development tools x11-apps PROVIDES: atobm bitmap bmtoa ico oclock x11perf x11perfcomp xbiff xcalc xclipboard xclock xconsole xcursorgen xcutsel xditview xedit xeyes xgc xload xlogo xmag xman xmore xwd xwud DESCRIPTION: X applications x11-session-utils PROVIDES: rstart rstartd smproxy xsm DESCRIPTION: X session utilities x11-utils PROVIDES: appres editres listres luit viewres xdpyinfo xdriinfo xev xfd xfontsel xkill xlsatoms xlsclients xlsfonts xmessage xprop xvinfo xwininfo DESCRIPTION: X11 utilities x11-xfs-utils PROVIDES: fslsfonts fstobdf showfont xfsinfo DESCRIPTION: X font server utilities x11-xkb-utils PROVIDES: setxkbmap xkbbell xkbcomp xkbevd xkbprint xkbvleds xkbwatch DESCRIPTION: X11 XKB utilities x11-xserver-utils PROVIDES: iceauth sessreg showrgb xcmsdb xgamma xhost xmodmap xrandr xrdb xrefresh xset xsetmode xsetpointer xsetroot xstdcmap xvidtune DESCRIPTION: X server utilities xauth PROVIDES: xauth DESCRIPTION: X authentication utility xdg-user-dirs PROVIDES: xdg-user-dir xdg-user-dirs-update DESCRIPTION: tool to manage well known user directories xdg-user-dirs-gtk PROVIDES: xdg-user-dirs-gtk-update DESCRIPTION: tool to manage well known user directories (Gtk extension) xdg-utils PROVIDES: xdg-desktop-icon xdg-desktop-menu xdg-email xdg-icon-resource xdg-mime xdg-open xdg-screensaver xdg-settings DESCRIPTION: desktop integration utilities from freedesktop.org xfce4-panel PROVIDES: xfce4-panel DESCRIPTION: panel for Xfce4 desktop environment xfce4-session PROVIDES: xfce4-session xfce4-session-logout xfce4-tips DESCRIPTION: Xfce4 Session Manager xfce4-terminal PROVIDES: xfce4-terminal xfce4-terminal.wrapper DESCRIPTION: Xfce terminal emulator xfce4-utils PROVIDES: startxfce4 xfbrowser4 xfce4-about xfhelp4 xflock4 xfmountdev4 xfrun4 xfterm4 DESCRIPTION: Various tools for Xfce xfdesktop4 PROVIDES: xfdesktop DESCRIPTION: xfce desktop background, icons and root menu manager xfonts-utils PROVIDES: bdftopcf bdftruncate mkfontdir mkfontscale ucs2any update-fonts-alias update-fonts-dir update-fonts-scale DESCRIPTION: X Window System font utility programs xfwm4 PROVIDES: xfwm4 DESCRIPTION: window manager of the Xfce project xinetd PROVIDES: itox xinetd DESCRIPTION: replacement for inetd with many enhancements xinit PROVIDES: startx xinit DESCRIPTION: X server initialisation tool xml-core PROVIDES: dh_installxmlcatalogs update-xmlcatalog DESCRIPTION: XML infrastructure and XML catalog file support xserver-xorg PROVIDES: X DESCRIPTION: X.Org X server xterm PROVIDES: koi8rxterm lxterm resize uxterm xterm DESCRIPTION: X terminal emulator xtermcontrol PROVIDES: xtermcontrol DESCRIPTION: dynamic configuration of xterm properties xtermset PROVIDES: xtermset DESCRIPTION: change the characteristics of an xterm xutils-dev PROVIDES: ccmakedep cleanlinks gccmakedep imake lndir makedepend makeg mergelib mkdirhier mkhtmlindex revpath xmkmf DESCRIPTION: X Window System utility programs for development xview-clients PROVIDES: clock cmdtool props textedit DESCRIPTION: XView client programs xviewg PROVIDES: capitalize insert_brackets remove_brackets shift_lines DESCRIPTION: XView shared libraries xvt PROVIDES: xvt DESCRIPTION: X terminal-emulator similar to xterm, but smaller ././@LongLink0000644000000000000000000000015400000000000011603 Lustar rootrootmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/RELEVANT_FILE_HERE2marionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/RELEVANT_FIL0000777000175000017500000000000013175722671040354 2package_catalog.squeeze.selectionustar lucaslucas././@LongLink0000644000000000000000000000017200000000000011603 Lustar rootrootmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/package_catalog.squeeze.GENERATEDmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/package_cata0000644000175000017500000011747213175722671032370 0ustar lucaslucas9base PROVIDES: bc dc ed strings DESCRIPTION: Plan 9 userland tools acl PROVIDES: chacl getfacl setfacl DESCRIPTION: Access control list utilities acpid PROVIDES: acpid acpi_listen DESCRIPTION: Advanced Configuration and Power Interface event daemon adjtimex PROVIDES: adjtimex DESCRIPTION: kernel time variables configuration utility adns-tools PROVIDES: adnsheloex adnshost adnslogres adnsresfilter DESCRIPTION: Asynchronous-capable DNS client library and utilities apache2.2-common PROVIDES: a2dismod a2dissite a2enmod a2ensite apache2ctl apachectl DESCRIPTION: Apache HTTP Server common files apache2-dbg PROVIDES: ab checkgid htcacheclean htdbm htdigest htpasswd httxt2dbm logresolve rotatelogs DESCRIPTION: Apache debugging symbols apache2-mpm-event PROVIDES: apache2 DESCRIPTION: Apache HTTP Server - event driven model apache2-utils PROVIDES: check_forensic dbmmanage split-logfile DESCRIPTION: utility programs for webservers aria2 PROVIDES: aria2c DESCRIPTION: High speed download utility arping PROVIDES: arping DESCRIPTION: sends IP and/or ARP pings (to the MAC address) arts-dbg PROVIDES: artscat artsd artsplay artsrec artsshell artswrapper DESCRIPTION: debugging symbols for arts ash PROVIDES: ash DESCRIPTION: compatibility package for dash aspell PROVIDES: aspell aspell-import precat preunzip prezip prezip-bin run-with-aspell word-list-compress DESCRIPTION: GNU Aspell spell-checker atftpd PROVIDES: in.tftpd DESCRIPTION: advanced TFTP server attr PROVIDES: attr getfattr setfattr DESCRIPTION: Utilities for manipulating filesystem extended attributes autoconf PROVIDES: autoconf autoheader autom4te autoreconf autoscan autoupdate ifnames DESCRIPTION: automatic configure script builder autopoint PROVIDES: autopoint DESCRIPTION: The autopoint program from GNU gettext avahi-autoipd PROVIDES: avahi-autoipd DESCRIPTION: Avahi IPv4LL network address configuration daemon avahi-daemon PROVIDES: avahi-daemon DESCRIPTION: Avahi mDNS/DNS-SD daemon avahi-dbg PROVIDES: avahi-browse avahi-publish avahi-resolve avahi-set-host-name DESCRIPTION: Avahi - debugging symbols avahi-utils PROVIDES: avahi-browse-domains avahi-publish-address avahi-publish-service avahi-resolve-address avahi-resolve-host-name DESCRIPTION: Avahi browsing, publishing and discovery utilities babeld PROVIDES: babeld DESCRIPTION: a loop-free distance-vector routing protocol beep PROVIDES: beep DESCRIPTION: advanced pc-speaker beeper bind9 PROVIDES: dnssec-dsfromkey dnssec-keyfromlabel named DESCRIPTION: Internet Domain Name Server bind9-host PROVIDES: host DESCRIPTION: Version of 'host' bundled with BIND 9.X bind9utils PROVIDES: dnssec-keygen dnssec-signzone named-checkconf named-checkzone named-compilezone rndc rndc-confgen DESCRIPTION: Utilities for BIND binutils PROVIDES: addr2line ar as c++filt gprof ld nm objcopy objdump ranlib readelf size strip DESCRIPTION: The GNU assembler, linker and binary utilities bridge-utils PROVIDES: brctl DESCRIPTION: Utilities for configuring the Linux Ethernet bridge busybox PROVIDES: busybox DESCRIPTION: Tiny utilities for small and embedded systems busybox-syslogd PROVIDES: klogd logread syslogd DESCRIPTION: Provides syslogd and klogd using busybox bzip2 PROVIDES: bunzip2 bzcat bzcmp bzdiff bzegrep bzexe bzfgrep bzgrep bzip2 bzip2recover bzless bzmore DESCRIPTION: high-quality block-sorting file compressor - utilities camstream PROVIDES: ftpput DESCRIPTION: collection of tools for webcams and other video-devices cdbs PROVIDES: cdbs-edit-patch DESCRIPTION: common build system for Debian packages chkconfig PROVIDES: chkconfig DESCRIPTION: system tool to enable or disable system services cifs-utils PROVIDES: mount.cifs DESCRIPTION: Common Internet File System utilities citadel-mta PROVIDES: sendmail DESCRIPTION: complete and feature-rich groupware server (mail transport agent) consolekit PROVIDES: ck-history ck-launch-session ck-list-sessions ck-log-system-restart ck-log-system-start ck-log-system-stop console-kit-daemon DESCRIPTION: framework for defining and tracking users, sessions and seats console-tools PROVIDES: chvt deallocvt dumpkeys fgconsole getkeycodes kbd_mode kbdrate loadkeys openvt psfaddtable psfgettable psfstriptable setkeycodes setleds setlogcons setmetamode showkey unicode_start unicode_stop DESCRIPTION: Linux console and font utilities conspy PROVIDES: conspy DESCRIPTION: Remote control of Linux virtual consoles courier-authdaemon PROVIDES: authdaemond DESCRIPTION: Courier authentication daemon courier-authlib PROVIDES: authenumerate authpasswd authtest courierlogger DESCRIPTION: Courier authentication library courier-authlib-dev PROVIDES: courierauthconfig DESCRIPTION: Development libraries for the Courier authentication library courier-authlib-userdb PROVIDES: makeuserdb pw2userdb userdb userdbpw userdb-test-cram-md5 DESCRIPTION: userdb support for the Courier authentication library courier-base PROVIDES: courier-config couriertcpd maildiracl maildirkw sharedindexinstall sharedindexsplit testmxlookup DESCRIPTION: Courier mail server - base system courier-imap PROVIDES: imapd DESCRIPTION: Courier mail server - IMAP server courier-ldap PROVIDES: courierldapaliasd DESCRIPTION: Courier mail server - LDAP support courier-maildrop PROVIDES: mailbot maildrop makemime reformail reformime DESCRIPTION: Courier mail server - mail delivery agent courier-mta PROVIDES: mailq newaliases rmail DESCRIPTION: Courier mail server - ESMTP daemon courier-ssl PROVIDES: couriertls DESCRIPTION: Courier mail server - SSL/TLS Support cpp PROVIDES: cpp DESCRIPTION: The GNU C preprocessor (cpp) cpp-4.1 PROVIDES: cpp-4.1 DESCRIPTION: The GNU C preprocessor crack PROVIDES: Crack Crack-Reporter DESCRIPTION: Password guessing program cracklib-runtime PROVIDES: cracklib-check cracklib-format cracklib-packer cracklib-unpacker create-cracklib-dict DESCRIPTION: runtime support for password checker library cracklib2 cramfsprogs PROVIDES: cramfsck mkcramfs DESCRIPTION: Tools for CramFs (Compressed ROM File System) cryptsetup PROVIDES: cryptsetup DESCRIPTION: configures encrypted block devices cups-bsd PROVIDES: lpq lpr DESCRIPTION: Common UNIX Printing System(tm) - BSD commands curlftpfs PROVIDES: curlftpfs DESCRIPTION: filesystem to access FTP hosts based on FUSE and cURL cyrus-sasl2-dbg PROVIDES: saslauthd sasldblistusers2 saslpasswd2 testsaslauthd DESCRIPTION: Cyrus SASL - debugging symbols daemontools PROVIDES: envdir envuidgid setuidgid softlimit DESCRIPTION: a collection of tools for managing UNIX services dbus PROVIDES: dbus-cleanup-sockets dbus-daemon dbus-monitor dbus-send dbus-uuidgen DESCRIPTION: simple interprocess messaging system dbus-1-dbg PROVIDES: dbus-launch DESCRIPTION: simple interprocess messaging system (debug symbols) debhelper PROVIDES: dh_builddeb dh_clean dh_compress dh_desktop dh_fixperms dh_gconf dh_gencontrol dh_icons dh_install dh_installcatalogs dh_installchangelogs dh_installcron dh_installdeb dh_installdebconf dh_installdirs dh_installdocs dh_installemacsen dh_installexamples dh_installifupdown dh_installinfo dh_installinit dh_installlogcheck dh_installlogrotate dh_installman dh_installmanpages dh_installmenu dh_installmime dh_installmodules dh_installpam dh_installppp dh_installudev dh_installwm dh_installxfonts dh_link dh_listpackages dh_makeshlibs dh_md5sums dh_movefiles dh_perl dh_python dh_scrollkeeper dh_shlibdeps dh_strip dh_suidregister dh_testdir dh_testroot dh_undocumented dh_usrlocal DESCRIPTION: helper programs for debian/rules defoma PROVIDES: defoma defoma-hints defoma-reconfigure dh_installdefoma DESCRIPTION: Debian Font Manager -- automatic font configuration framework desktop-file-utils PROVIDES: desktop-file-install desktop-file-validate update-desktop-database DESCRIPTION: Utilities for .desktop files dh-ocaml PROVIDES: dh_ocaml ocaml-md5sums DESCRIPTION: helper tools for maintaining OCaml-related Debian packages dictionaries-common PROVIDES: aspell-autobuildhash ispell-autobuildhash ispell-wrapper remove-default-ispell remove-default-wordlist select-default-ispell select-default-iwrap select-default-wordlist update-default-ispell update-default-wordlist update-dictcommon-aspell update-openoffice-dicts DESCRIPTION: Common utilities for spelling dictionary tools dietlibc-dev PROVIDES: dnsd DESCRIPTION: diet libc - a libc optimized for small size dmsetup PROVIDES: dmsetup DESCRIPTION: The Linux Kernel Device Mapper userspace library dnsutils PROVIDES: dig nslookup nsupdate DESCRIPTION: Clients provided with BIND dos2unix PROVIDES: dos2unix unix2dos DESCRIPTION: convert text file line endings between CRLF and LF dosfstools PROVIDES: mkdosfs mkfs.vfat DESCRIPTION: utilities for making and checking MS-DOS FAT filesystems dropbear PROVIDES: dbclient dropbear dropbearkey DESCRIPTION: lightweight SSH2 server and client dselect PROVIDES: dselect DESCRIPTION: Debian package management front-end e2fsck-static PROVIDES: e2fsck.static DESCRIPTION: statically-linked version of the ext2/ext3/ext4 filesystem checker ed PROVIDES: red DESCRIPTION: The classic UNIX line editor eject PROVIDES: eject volname DESCRIPTION: ejects CDs and operates CD-Changers under Linux emboss PROVIDES: digest DESCRIPTION: the european molecular biology open software suite esound PROVIDES: esd DESCRIPTION: Enlightened Sound Daemon - Support binaries esound-clients PROVIDES: esdcat esdctl esddsp esdfilt esdloop esdmon esdplay esdrec esdsample DESCRIPTION: Enlightened Sound Daemon - clients ethtool PROVIDES: ethtool DESCRIPTION: display or change Ethernet device settings ettercap PROVIDES: ettercap DESCRIPTION: Multipurpose sniffer/interceptor/logger for switched LAN ettercap-common PROVIDES: etterfilter etterlog DESCRIPTION: Common support files and plugins for ettercap exo-utils PROVIDES: exo-csource exo-desktop-item-edit exo-mount exo-open exo-preferred-applications DESCRIPTION: Utility files for libexo exuberant-ctags PROVIDES: ctags-exuberant DESCRIPTION: build tag file indexes of source code definitions fam PROVIDES: famd DESCRIPTION: File Alteration Monitor fbset PROVIDES: fbset DESCRIPTION: framebuffer device maintenance program fdflush PROVIDES: fdflush DESCRIPTION: Flush out-of-date disk buffers file PROVIDES: file DESCRIPTION: Determines file type using "magic" numbers finger PROVIDES: finger DESCRIPTION: user information lookup program flex PROVIDES: flex++ DESCRIPTION: A fast lexical analyzer generator. fontconfig PROVIDES: fc-cache fc-cat fc-list fc-match fc-query fc-scan DESCRIPTION: generic font configuration library - support binaries fortune-mod PROVIDES: strfile unstr DESCRIPTION: provides fortune cookies on demand ftp PROVIDES: netkit-ftp DESCRIPTION: The FTP client fuse-utils PROVIDES: fusermount DESCRIPTION: Filesystem in USErspace (utilities) fvwm PROVIDES: fvwm2 fvwm-bug FvwmCommand fvwm-config fvwm-convert-2.4 fvwm-convert-2.6 fvwm-menu-desktop fvwm-menu-directory fvwm-menu-headlines fvwm-menu-xlock fvwm-perllib fvwm-root DESCRIPTION: F(?) Virtual Window Manager gawk PROVIDES: gawk igawk pgawk DESCRIPTION: GNU awk, a pattern scanning and processing language gcc PROVIDES: c89-gcc c99-gcc gcc gcov DESCRIPTION: The GNU C compiler gcc-4.1 PROVIDES: gcc-4.1 gccbug-4.1 gcov-4.1 DESCRIPTION: The GNU C compiler gcj-4.4-jdk PROVIDES: appletviewer jar jarsigner javac javadoc javah jdb native2ascii rmic serialver DESCRIPTION: gcj and classpath development tools for Java(TM) gcj-4.4-jre-headless PROVIDES: java keytool orbd rmid rmiregistry tnameserv DESCRIPTION: Java runtime environment using GIJ/classpath (headless version) gconf2 PROVIDES: gconf-merge-tree gconf-schemas gconftool-2 update-gconf-defaults DESCRIPTION: GNOME configuration database system (support tools) gdb PROVIDES: gcore gdb gdbtui DESCRIPTION: The GNU Debugger gdbserver PROVIDES: gdbserver DESCRIPTION: The GNU Debugger (remote server) gettext PROVIDES: gettextize msgattrib msgcat msgcmp msgcomm msgconv msgen msgexec msgfilter msgfmt msggrep msginit msgmerge msgunfmt msguniq recode-sr-latin xgettext DESCRIPTION: GNU Internationalization utilities gettext-base PROVIDES: envsubst gettext gettext.sh ngettext DESCRIPTION: GNU Internationalization utilities for the base system ghdl PROVIDES: gccbug DESCRIPTION: VHDL compiler/simulator using GCC technology ghostscript PROVIDES: bdftops dumphint dvipdf eps2eps font2c gsbj gsdj gsdj500 gslj gslp gsnd pdf2dsc pdf2ps pdfopt pf2afm pfbtopfa pphs printafm ps2ascii ps2epsi ps2pdf12 ps2pdf13 ps2pdf14 ps2pdfwr ps2ps ps2ps2 wftopfa DESCRIPTION: The GPL Ghostscript PostScript/PDF interpreter gksu PROVIDES: gksu DESCRIPTION: graphical frontend to su gnome-keyring PROVIDES: gnome-keyring-daemon DESCRIPTION: GNOME keyring services (daemon and tools) gnutls-bin PROVIDES: certtool gnutls-cli gnutls-cli-debug gnutls-serv psktool srptool DESCRIPTION: the GNU TLS library - commandline utilities gosa-dev PROVIDES: update-locale DESCRIPTION: GOsa? development utilities grub-coreboot PROVIDES: grub-install grub-reboot grub-set-default update-grub DESCRIPTION: GRand Unified Bootloader, version 2 (Coreboot version) grub-legacy PROVIDES: grub grub-floppy grub-md5-crypt grub-terminfo mbchk mkbimage DESCRIPTION: GRand Unified Bootloader (Legacy version) gv PROVIDES: gv DESCRIPTION: PostScript and PDF viewer for X hal PROVIDES: hald hal-device hal-disable-polling hal-find-by-capability hal-find-by-property hal-get-property hal-is-caller-locked-out hal-lock hal-set-property lshal umount.hal DESCRIPTION: Hardware Abstraction Layer hardening-wrapper PROVIDES: gcc-4.2 DESCRIPTION: Compiler wrapper to enable security hardening flags hdparm PROVIDES: hdparm DESCRIPTION: tune hard disk parameters for high performance heimdal-clients PROVIDES: kadmin kdestroy kinit klist kpasswd ksu ktutil DESCRIPTION: Heimdal Kerberos - clients heimdal-dev PROVIDES: krb5-config DESCRIPTION: Heimdal Kerberos - development files html2text PROVIDES: html2text DESCRIPTION: advanced HTML to text converter htop PROVIDES: htop DESCRIPTION: interactive processes viewer icecc PROVIDES: cc DESCRIPTION: distributed compiler (client and server) iceweasel PROVIDES: firefox DESCRIPTION: Web browser based on Firefox id-utils PROVIDES: lid DESCRIPTION: Fast, high-capacity, identifier database tool ifmetric PROVIDES: ifmetric DESCRIPTION: Set routing metrics for a network interface ifplugd PROVIDES: ifplugd ifplugstatus DESCRIPTION: configuration daemon for ethernet devices ifstat PROVIDES: ifstat DESCRIPTION: InterFace STATistics Monitoring inetutils-ftpd PROVIDES: ftpd DESCRIPTION: File Transfer Protocol server inetutils-telnet PROVIDES: inetutils-telnet DESCRIPTION: telnet client inetutils-telnetd PROVIDES: telnetd DESCRIPTION: telnet server inetutils-tools PROVIDES: inetutils-ifconfig DESCRIPTION: base networking utilities (experimental package) initramfs-tools PROVIDES: mkinitramfs mkinitramfs-kpkg update-initramfs DESCRIPTION: tools for generating an initramfs installation-report PROVIDES: report-hw DESCRIPTION: system installation report ipcalc PROVIDES: ipcalc DESCRIPTION: parameter calculator for IPv4 addresses ipsec-tools PROVIDES: setkey DESCRIPTION: IPsec tools for Linux ipsvd PROVIDES: tcpsvd udpsvd DESCRIPTION: Internet protocol service daemons iputils-clockdiff PROVIDES: clockdiff DESCRIPTION: Measure the time difference between networked computers iputils-tracepath PROVIDES: tracepath tracepath6 DESCRIPTION: Tools to trace the network path to a remote host isc-dhcp-relay PROVIDES: dhcrelay DESCRIPTION: ISC DHCP relay daemon isc-dhcp-server PROVIDES: dhcpd DESCRIPTION: ISC DHCP server for automatic IP address assignment ispell PROVIDES: buildhash findaffix icombine ijoin ispell munchlist sq tryaffix unsq update-ispell-dictionary DESCRIPTION: International Ispell (an interactive spelling corrector) jackd1 PROVIDES: alsa_in alsa_out jack_alias jack_bufsize jack_connect jackd jack_disconnect jack_evmon jack_freewheel jack_impulse_grabber jack_load jack_lsp jack_metro jack_midiseq jack_midisine jack_monitor_client jack_netsource jackrec jack_showtime jack_simple_client jack_transport jack_unload DESCRIPTION: JACK Audio Connection Kit (server and example clients) joe PROVIDES: joe DESCRIPTION: user friendly full screen text editor john PROVIDES: john mailer DESCRIPTION: active password cracking tool kate PROVIDES: kate DESCRIPTION: K Advanced Text Editor kbd PROVIDES: loadunimap mapscrn psfxtable resizecons setfont showconsolefont DESCRIPTION: Linux console font and keytable utilities kdebase-dbg PROVIDES: kwrite DESCRIPTION: debugging symbols for the KDE base applications module kdelibs4c2a PROVIDES: fileshareset imagetops DESCRIPTION: core libraries and binaries for all KDE applications kdelibs-dbg PROVIDES: artsmessage cupsdconf cupsdoprint dcop dcopclient dcopfind dcopobject dcopquit dcopref dcopserver dcopserver_shutdown dcopstart kab2kabc kaddprinterwizard kbuildsycoca kcmshell kconf_update kcookiejar kde-config kded kdeinit kdeinit_shutdown kdeinit_wrapper kde-menu kdesu_stub kdontchangethehostname kdostartupconfig kfile kgrantpty khotnewstuff kinstalltheme kioexec kio_http_cache_cleaner kioslave kio_uiserver klauncher kmailservice kpac_dhcp_helper ksendbugmail kshell kstartupconfig ktelnetservice ktradertest kwrapper lnusertemp make_driver_db_cups make_driver_db_lpr meinproc start_kdeinit start_kdeinit_wrapper DESCRIPTION: debugging symbols for kdelibs krb5-admin-server PROVIDES: kadmind kadmin.local kprop DESCRIPTION: MIT Kerberos master server (kadmind) krb5-clients PROVIDES: telnet.krb5 DESCRIPTION: Secure replacements for ftp, telnet and rsh using MIT Kerberos krb5-kdc PROVIDES: kdb5_util kpropd krb5kdc DESCRIPTION: MIT Kerberos key server (KDC) krb5-kdc-ldap PROVIDES: kdb5_ldap_util DESCRIPTION: MIT Kerberos key server (KDC) LDAP plugin krb5-rsh-server PROVIDES: klogind kshd login.krb5 DESCRIPTION: Secure replacements for rshd and rlogind using MIT Kerberos krb5-user PROVIDES: k5srvutil kvno DESCRIPTION: Basic programs to authenticate using MIT Kerberos laptop-detect PROVIDES: laptop-detect DESCRIPTION: attempt to detect a laptop ldap2zone PROVIDES: ldap2zone DESCRIPTION: Extract DNS zones from LDAP trees ldap-utils PROVIDES: ldapadd ldapcompare ldapdelete ldapexop ldapmodify ldapmodrdn ldappasswd ldapsearch ldapurl ldapwhoami DESCRIPTION: OpenLDAP utilities less PROVIDES: less lessecho lesskey lesspipe DESCRIPTION: pager program similar to more libarts1c2a PROVIDES: artsdsp DESCRIPTION: aRts sound system core components libbonobo2-bin PROVIDES: activation-client bonobo-activation-sysconf bonobo-slay echo-client-2 DESCRIPTION: Bonobo CORBA interfaces library -- support binaries libc-dev-bin PROVIDES: gencat mtrace rpcgen sprof DESCRIPTION: Embedded GNU C Library: Development binaries libcroco3 PROVIDES: csslint-0.6 DESCRIPTION: a generic Cascading Style Sheet (CSS) parsing and manipulation toolkit libdb1-compat PROVIDES: db_dump185 DESCRIPTION: The Berkeley database routines [glibc 2.0/2.1 compatibility] libfreetype6-dev PROVIDES: freetype-config DESCRIPTION: FreeType 2 font engine, development files libfribidi0 PROVIDES: fribidi DESCRIPTION: Free Implementation of the Unicode BiDi algorithm libgcj-common PROVIDES: rebuild-security-providers DESCRIPTION: Java runtime library (common files) libgksu2-0 PROVIDES: gksu-properties DESCRIPTION: library providing su and sudo functionality libglib2.0-0-dbg PROVIDES: glib-genmarshal gobject-query DESCRIPTION: The GLib libraries and debugging symbols libglib2.0-dev PROVIDES: glib-gettextize glib-mkenums DESCRIPTION: Development files for the GLib library libgnome2-0 PROVIDES: gnome-open DESCRIPTION: The GNOME library - runtime files libgnomevfs2-0-dbg PROVIDES: gnomevfs-cat gnomevfs-copy gnomevfs-df gnomevfs-info gnomevfs-ls gnomevfs-mkdir gnomevfs-monitor gnomevfs-mv gnomevfs-rm DESCRIPTION: GNOME Virtual File System (debugging libraries) libgpg-error-dev PROVIDES: gpg-error DESCRIPTION: library for common error values and messages in GnuPG components libgtk2.0-0-dbg PROVIDES: gdk-pixbuf-csource DESCRIPTION: The GTK+ libraries and debugging symbols libgtk2.0-bin PROVIDES: gdk-pixbuf-query-loaders gtk-query-immodules-2.0 gtk-update-icon-cache update-icon-caches DESCRIPTION: The programs for the GTK+ graphical user interface library libgtk2.0-dev PROVIDES: dh_gtkmodules gtk-builder-convert DESCRIPTION: Development files for the GTK+ library libjpeg-progs PROVIDES: cjpeg djpeg exifautotran jpegexiforient jpegtran rdjpgcom wrjpgcom DESCRIPTION: Programs for manipulating JPEG files liblockfile1 PROVIDES: dotlockfile DESCRIPTION: NFS-safe locking library, includes dotlockfile program libmysqlclient-dev PROVIDES: mysql_config DESCRIPTION: MySQL database development files libnss3-1d-dbg PROVIDES: certutil cmsutil crlutil modutil pk12util shlibsign signtool signver ssltap DESCRIPTION: Debugging symbols for the Network Security Service libraries libpango1.0-0-dbg PROVIDES: pango-querymodules pango-view DESCRIPTION: The Pango library and debugging symbols libpango1.0-common PROVIDES: update-pangox-aliases DESCRIPTION: Modules and configuration files for the Pango libpango1.0-dev PROVIDES: dh_pangomodules DESCRIPTION: Development files for the Pango libpaper-utils PROVIDES: paperconf paperconfig DESCRIPTION: library for handling paper characteristics (utilities) libpcre3 PROVIDES: pcretest DESCRIPTION: Perl 5 Compatible Regular Expression Library - runtime files libpcre3-dbg PROVIDES: pcregrep DESCRIPTION: Perl 5 Compatible Regular Expression Library - debug symbols libpcre3-dev PROVIDES: pcre-config DESCRIPTION: Perl 5 Compatible Regular Expression Library - development files libpng12-dev PROVIDES: libpng12-config DESCRIPTION: PNG library - development libppl0.10-dev PROVIDES: ppl-config DESCRIPTION: Parma Polyhedra Library (development) librep-dbg PROVIDES: rep rep-remote DESCRIPTION: debug symbols for librep librpm-dbg PROVIDES: rpm rpm2cpio rpmgraph DESCRIPTION: debugging symbols for RPM libruby1.8-dbg PROVIDES: ruby1.8 DESCRIPTION: Debugging symbols for Ruby 1.8 libsmi2-dbg PROVIDES: smidiff smidump smilint smiquery smixlate DESCRIPTION: library to access SMI MIB information - debugging symbols libsmi2ldbl PROVIDES: smicache DESCRIPTION: library to access SMI MIB information libsnmp15 PROVIDES: net-snmp-config DESCRIPTION: SNMP (Simple Network Management Protocol) library libtool PROVIDES: libtool libtoolize DESCRIPTION: Generic library support script libxfce4util-bin PROVIDES: xfce4-kiosk-query DESCRIPTION: tools for libxfce4util libxft-dev PROVIDES: xft-config DESCRIPTION: FreeType-based font drawing library for X (development files) libxt-dev PROVIDES: makestrs DESCRIPTION: X11 toolkit intrinsics library (development headers) lighttpd PROVIDES: lighttpd lighttpd-angel DESCRIPTION: A fast webserver with minimal memory footprint links PROVIDES: links DESCRIPTION: Web browser running in text mode links2 PROVIDES: links2 xlinks2 DESCRIPTION: Web browser running in both graphics and text mode loadlin PROVIDES: freeramdisk DESCRIPTION: a loader (running under DOS) for LINUX kernel images locales PROVIDES: locale-gen validlocale DESCRIPTION: Embedded GNU C Library: National Language (locale) data [support] lpr PROVIDES: lpd DESCRIPTION: BSD lpr/lpd line printer spooling system lrzsz PROVIDES: rx DESCRIPTION: Tools for zmodem/xmodem/ymodem file transfer lsof PROVIDES: lsof DESCRIPTION: List open files lwresd PROVIDES: lwresd DESCRIPTION: Lightweight Resolver Daemon lzma PROVIDES: lzcat lzma unlzma DESCRIPTION: Compression method of 7z format in 7-Zip program lzma-alone PROVIDES: lzma_alone DESCRIPTION: Compression method of 7z format in 7-Zip program lzop PROVIDES: lzop DESCRIPTION: fast compression program m4 PROVIDES: m4 DESCRIPTION: a macro processing language make PROVIDES: make DESCRIPTION: An utility for Directing compilation. makedev PROVIDES: MAKEDEV DESCRIPTION: creates device files in /dev man2html PROVIDES: man2html DESCRIPTION: browse man pages in your web browser menu PROVIDES: install-menu su-to-root update-menus DESCRIPTION: generates programs menu for all menu-aware applications microcom PROVIDES: microcom DESCRIPTION: minimalistic terminal program mii-diag PROVIDES: mii-diag DESCRIPTION: A little tool to manipulate network cards mime-support PROVIDES: run-mailcap update-mime DESCRIPTION: MIME files 'mime.types' & 'mailcap', and support programs mingetty PROVIDES: mingetty DESCRIPTION: Console-only getty mingw32-ocaml PROVIDES: ocamlc ocamlcp ocamldep ocamlmklib ocamlmktop ocamlopt ocamlprof ocamlrun DESCRIPTION: OCaml cross-compiler based on mingw32 mpack PROVIDES: mpack munpack DESCRIPTION: tools for encoding/decoding MIME messages mtd-utils PROVIDES: nanddump nandwrite ubiattach ubidetach ubimkvol ubirmvol ubiupdatevol DESCRIPTION: Memory Technology Device Utilities mtools PROVIDES: amuFormat.sh mcheck mcomp mkmanifest mtools mxtar tgz uz DESCRIPTION: Tools for manipulating MSDOS files mtr PROVIDES: mtr DESCRIPTION: Full screen ncurses and X11 traceroute tool muddleftpd PROVIDES: ftpwho DESCRIPTION: A flexible and efficient FTP daemon mysql-client-5.1 PROVIDES: innochecksum myisam_ftdump my_print_defaults mysql mysqlaccess mysqladmin mysqlbug mysqlcheck mysql_client_test mysqldump mysqldumpslow mysql_find_rows mysql_fix_extensions mysqlimport mysqlmanager mysqlshow mysql_waitpid perror DESCRIPTION: MySQL database client binaries mysql-server-5.1 PROVIDES: msql2mysql myisamchk myisamlog myisampack mysqlbinlog mysql_convert_table_format mysqld_multi mysqld_safe mysql_fix_privilege_tables mysqlhotcopy mysql_install_db mysql_secure_installation mysql_setpermission mysqltest mysql_tzinfo_to_sql mysql_upgrade mysql_zap replace resolveip resolve_stack_dump DESCRIPTION: MySQL database server binaries and system database setup mysql-server-core-5.1 PROVIDES: mysqld DESCRIPTION: MySQL database server binaries nast PROVIDES: nast DESCRIPTION: packet sniffer and lan analyzer nbd-client PROVIDES: nbd-client DESCRIPTION: Network Block Device protocol - client ncftp PROVIDES: ncftpbatch ncftpget ncftpls ncftpput ncftpspooler DESCRIPTION: A user-friendly and well-featured FTP client netatalk PROVIDES: adv1tov2 aecho afpd afpd-mtab.pl apple_chfile apple_cp apple_file apple_mv apple_rm asip-status.pl atalkd cnid2_create cnid_dbd cnid_metad getzones lp2pap.sh macusers megatron nbplkup nbprgstr nbpunrgstr netatalk-uniconv pap papd papstatus psorder showppd timelord DESCRIPTION: AppleTalk user binaries nfs-common PROVIDES: gss_clnt_send_err gss_destroy_creds mount.nfs mount.nfs4 nfsstat rpcdebug rpc.gssd rpc.idmapd rpc.statd showmount sm-notify umount.nfs umount.nfs4 DESCRIPTION: NFS support files common to client and server nfs-kernel-server PROVIDES: exportfs rpc.mountd rpc.nfsd rpc.svcgssd DESCRIPTION: support for NFS kernel server nis PROVIDES: rpc.yppasswdd rpc.ypxfrd ypbind ypcat ypchfn ypchsh ypmatch yppasswd yppoll yppush ypserv ypserv_test ypset yptest ypwhich DESCRIPTION: clients and daemons for the Network Information Service (NIS) nmap PROVIDES: ncat ndiff nmap DESCRIPTION: The Network Mapper ntp PROVIDES: ntpd ntpdc ntp-keygen ntpq ntptime ntptrace ntp-wait tickadj DESCRIPTION: Network Time Protocol daemon and utility programs ntpdate PROVIDES: ntpdate DESCRIPTION: client for setting system time from NTP servers ocaml PROVIDES: labltk ocamlbrowser DESCRIPTION: ML language implementation with a class-based object system ocaml-interp PROVIDES: ocaml DESCRIPTION: OCaml interactive interpreter and standard libraries ocaml-nox PROVIDES: ocamlbuild.byte ocamlbuild.native ocamldebug ocamldoc ocamldumpobj ocamllex ocamlobjinfo ocamlyacc DESCRIPTION: ML implementation with a class-based object system (no X) odt2txt PROVIDES: sxw2txt DESCRIPTION: simple converter from OpenDocument Text to plain text omniidl PROVIDES: omnicpp omniidl DESCRIPTION: omniORB IDL to C++ and Python compiler openbsd-inetd PROVIDES: inetd DESCRIPTION: The OpenBSD Internet Superserver openjdk-6-dbg PROVIDES: apt extcheck idlj javap jconsole jhat jinfo jmap jps jrunscript jsadebugd jstack jstat jstatd pack200 policytool schemagen servertool unpack200 wsgen wsimport xjc DESCRIPTION: Java runtime based on OpenJDK (debugging symbols) openjdk-6-jre PROVIDES: javaws DESCRIPTION: OpenJDK Java runtime, using Hotspot JIT openssh-client PROVIDES: scp sftp slogin ssh ssh-add ssh-agent ssh-argv0 ssh-copy-id ssh-keygen ssh-keyscan DESCRIPTION: secure shell (SSH) client, for secure access to remote machines openssh-server PROVIDES: sshd DESCRIPTION: secure shell (SSH) server, for secure access from remote machines openswan PROVIDES: ipsec DESCRIPTION: Internet Key Exchange daemon orbit2 PROVIDES: ior-decode-2 linc-cleanup-sockets typelib-dump DESCRIPTION: a CORBA ORB patch PROVIDES: patch DESCRIPTION: Apply a diff file to an original pciutils PROVIDES: lspci pcimodules setpci update-pciids DESCRIPTION: Linux PCI Utilities pidentd PROVIDES: identd ikeygen DESCRIPTION: TCP/IP IDENT protocol server with DES support pkg-config PROVIDES: pkg-config DESCRIPTION: manage compile and link flags for libraries policycoreutils PROVIDES: audit2allow audit2why chcat fixfiles genhomedircon load_policy newrole open_init_pty restorecon run_init secon se_dpkg semanage semodule semodule_deps semodule_expand semodule_link semodule_package sepolgen-ifgen sestatus setfiles setsebool DESCRIPTION: SELinux core policy utilities policykit-1 PROVIDES: pkaction pkcheck pkexec DESCRIPTION: framework for managing administrative policies and privileges portmap PROVIDES: pmap_dump pmap_set portmap DESCRIPTION: RPC port mapper postfix PROVIDES: postalias postcat postconf postdrop postfix postkick postlock postlog postmap postmulti postqueue postsuper qmqp-sink qmqp-source qshape smtp-sink smtp-source DESCRIPTION: High-performance mail transport agent powertop PROVIDES: powertop DESCRIPTION: Linux tool to find out what is using power on a laptop ppp PROVIDES: chat DESCRIPTION: Point-to-Point Protocol (PPP) - daemon proftpd-basic PROVIDES: ftpcount ftpdctl ftpshut ftptop proftpd DESCRIPTION: Versatile, virtual-hosting FTP daemon - binaries protoize PROVIDES: protoize unprotoize DESCRIPTION: Create/remove ANSI prototypes from C code pscan PROVIDES: pscan DESCRIPTION: Format string security checker for C files psfontmgr PROVIDES: defoma-psfont-installer DESCRIPTION: PostScript font manager -- part of Defoma, Debian Font Manager psmisc PROVIDES: fuser killall peekfd pstree pstree.x11 DESCRIPTION: utilities that use the proc file system pulseaudio PROVIDES: pulseaudio DESCRIPTION: PulseAudio sound server pulseaudio-esound-compat PROVIDES: esdcompat DESCRIPTION: PulseAudio ESD compatibility layer python PROVIDES: 2to3 pydoc DESCRIPTION: interactive high-level object-oriented language (default version) python2.6-dbg PROVIDES: python2.6 DESCRIPTION: Debug Build of the Python Interpreter (version 2.6) python-central PROVIDES: dh_pycentral pycentral py_compilefiles DESCRIPTION: register and build utility for Python packages python-minimal PROVIDES: python DESCRIPTION: minimal subset of the Python language (default version) python-support PROVIDES: dh_pysupport update-python-modules DESCRIPTION: automated rebuilding support for Python modules quagga PROVIDES: vtysh DESCRIPTION: BGP/OSPF/RIP routing daemon racoon PROVIDES: plainrsa-gen racoon racoonctl DESCRIPTION: IPsec IKE keying daemon radvd PROVIDES: radvd radvdump DESCRIPTION: Router Advertisement Daemon rdate PROVIDES: rdate DESCRIPTION: sets the system's date from a remote host readahead-fedora PROVIDES: readahead DESCRIPTION: Fedora's implementation of readahead to preload boot process files reportbug PROVIDES: querybts reportbug DESCRIPTION: reports bugs in the Debian distribution resolvconf PROVIDES: resolvconf DESCRIPTION: name server information handler rlinetd PROVIDES: update-inetd DESCRIPTION: gruesomely over-featured inetd replacement roxterm PROVIDES: roxterm roxterm-config DESCRIPTION: Multi-tabbed GTK/VTE terminal emulator rpcbind PROVIDES: rpcbind DESCRIPTION: converts RPC program numbers into universal addresses rpm PROVIDES: gendiff rpmdb rpmquery rpmsign rpmverify DESCRIPTION: package manager for RPM rsync PROVIDES: rsync DESCRIPTION: fast remote file copy program (like rcp) ruby1.8 PROVIDES: erb1.8 testrb1.8 DESCRIPTION: Interpreter of object-oriented scripting language Ruby 1.8 runit PROVIDES: chpst runsv runsvdir sv svlogd DESCRIPTION: system-wide service supervision rxvt PROVIDES: rclock rxvt-xpm rxvt-xterm DESCRIPTION: VT102 terminal emulator for the X Window System samba-common-bin PROVIDES: smbpasswd DESCRIPTION: common files used by both the Samba server and client sash PROVIDES: sash DESCRIPTION: Stand-alone shell sawfish PROVIDES: sawfish sawfish-client sawfish-ui DESCRIPTION: a window manager for X11 setserial PROVIDES: setserial DESCRIPTION: controls configuration of serial ports sgml-base PROVIDES: install-sgmlcatalog update-catalog DESCRIPTION: SGML infrastructure and SGML catalog file support sharutils PROVIDES: compress-dummy mail-files mailshar remsync shar unshar uudecode uuencode DESCRIPTION: shar, unshar, uuencode, uudecode slapd PROVIDES: slapacl slapadd slapauth slapcat slapd slapdn slapindex slappasswd slaptest DESCRIPTION: OpenLDAP server (slapd) smbfs PROVIDES: mount.smbfs DESCRIPTION: Common Internet File System utilities - compatibility package smistrip PROVIDES: smistrip DESCRIPTION: extract MIB from text files like RFC snacc PROVIDES: berdecode mkchdr ptbl pval snacc snacc-config DESCRIPTION: ASN.1 to C or C++ or IDL compiler snmp PROVIDES: encode_keychange snmpbulkget snmpbulkwalk snmpdelta snmpdf snmpget snmpgetnext snmpinform snmpnetstat snmpset snmpstatus snmptable snmptest snmptranslate snmptrap snmpusm snmpvacm snmpwalk DESCRIPTION: SNMP (Simple Network Management Protocol) applications snmpd PROVIDES: snmpd snmptrapd DESCRIPTION: SNMP (Simple Network Management Protocol) agents socat PROVIDES: filan procan socat DESCRIPTION: multipurpose relay for bidirectional data transfer sshfs PROVIDES: sshfs DESCRIPTION: filesystem client based on SSH File Transfer Protocol ssl-cert PROVIDES: make-ssl-cert DESCRIPTION: simple debconf wrapper for OpenSSL strace PROVIDES: strace DESCRIPTION: A system call tracer sudo PROVIDES: sudo sudoedit sudoreplay visudo DESCRIPTION: Provide limited super user privileges to specific users sysfsutils PROVIDES: systool DESCRIPTION: sysfs query tool and boot-time setup sysklogd PROVIDES: syslogd-listfiles syslog-facility DESCRIPTION: System Logging Daemon sysstat PROVIDES: iostat mpstat DESCRIPTION: system performance tools for Linux tack PROVIDES: tack DESCRIPTION: terminfo action checker tcl8.4 PROVIDES: tclsh8.4 DESCRIPTION: Tcl (the Tool Command Language) v8.4 - run-time files tcm PROVIDES: tcpd DESCRIPTION: Toolkit for Conceptual Modeling (TCM) tcpd PROVIDES: safe_finger tcpdchk tcpdmatch try-from DESCRIPTION: Wietse Venema's TCP wrapper utilities tcpdump PROVIDES: tcpdump DESCRIPTION: A powerful tool for network monitoring and data acquisition tcsh PROVIDES: tcsh DESCRIPTION: TENEX C Shell, an enhanced version of Berkeley csh telnet PROVIDES: telnet.netkit DESCRIPTION: The telnet client texinfo PROVIDES: makeinfo texi2dvi texi2pdf texindex DESCRIPTION: Documentation system for on-line information and printed output tftp PROVIDES: tftp DESCRIPTION: Trivial file transfer protocol client thunar PROVIDES: Thunar DESCRIPTION: File Manager for Xfce time PROVIDES: time DESCRIPTION: The GNU time program for measuring cpu resource usage tk8.4 PROVIDES: wish8.4 DESCRIPTION: Tk toolkit for Tcl and X11, v8.4 - run-time files tshark PROVIDES: tshark DESCRIPTION: network traffic analyzer - console version ucf PROVIDES: lcf ucf ucfq ucfr DESCRIPTION: Update Configuration File: preserve user changes to config files. udev PROVIDES: udevadm udevd DESCRIPTION: /dev/ and hotplug management daemon udhcpc PROVIDES: udhcpc DESCRIPTION: Provides the busybox DHCP client implementation udhcpd PROVIDES: dumpleases udhcpd DESCRIPTION: Provides the busybox DHCP server implementation uml-utilities PROVIDES: tunctl DESCRIPTION: User-mode Linux (utility programs) unzip PROVIDES: unzip DESCRIPTION: De-archiver for .zip files usbutils PROVIDES: lsusb update-usbids usb-devices DESCRIPTION: Linux USB utilities uuid-runtime PROVIDES: uuidgen DESCRIPTION: runtime components for the Universally Unique ID library vim PROVIDES: vim.basic DESCRIPTION: Vi IMproved - enhanced vi editor vim-addon-manager PROVIDES: vim-addons DESCRIPTION: manager of addons for the Vim editor vim-runtime PROVIDES: vimtutor DESCRIPTION: Vi IMproved - Runtime files vim-scripts PROVIDES: dtd2vim vimplate DESCRIPTION: plugins for vim, adding bells and whistles vlan PROVIDES: vconfig DESCRIPTION: user mode programs to enable VLANs on your ethernet devices vlock PROVIDES: vlock DESCRIPTION: Virtual Console locking program w3m PROVIDES: w3m w3mman DESCRIPTION: WWW browsable pager with excellent tables/frames support watchdog PROVIDES: watchdog DESCRIPTION: A software watchdog whois PROVIDES: mkpasswd whois DESCRIPTION: an intelligent whois client wireshark PROVIDES: wireshark DESCRIPTION: network traffic analyzer - GTK+ version wireshark-common PROVIDES: capinfos dumpcap editcap mergecap text2pcap DESCRIPTION: network traffic analyzer - common files wireshark-dev PROVIDES: asn2deb idl2deb idl2wrs DESCRIPTION: network traffic analyzer - development tools x11-apps PROVIDES: atobm bitmap bmtoa ico oclock x11perf x11perfcomp xbiff xcalc xclipboard xclock xconsole xcursorgen xcutsel xditview xedit xeyes xgc xload xlogo xmag xman xmore xwd xwud DESCRIPTION: X applications x11-session-utils PROVIDES: rstart rstartd smproxy xsm DESCRIPTION: X session utilities x11-utils PROVIDES: appres editres listres luit viewres xdpyinfo xdriinfo xev xfd xfontsel xkill xlsatoms xlsclients xlsfonts xmessage xprop xvinfo xwininfo DESCRIPTION: X11 utilities x11-xfs-utils PROVIDES: fslsfonts fstobdf showfont xfsinfo DESCRIPTION: X font server utilities x11-xkb-utils PROVIDES: setxkbmap xkbbell xkbcomp xkbevd xkbprint xkbvleds xkbwatch DESCRIPTION: X11 XKB utilities x11-xserver-utils PROVIDES: iceauth sessreg showrgb xcmsdb xgamma xhost xmodmap xrandr xrdb xrefresh xset xsetmode xsetpointer xsetroot xstdcmap xvidtune DESCRIPTION: X server utilities xauth PROVIDES: xauth DESCRIPTION: X authentication utility xdg-user-dirs PROVIDES: xdg-user-dir xdg-user-dirs-update DESCRIPTION: tool to manage well known user directories xdg-user-dirs-gtk PROVIDES: xdg-user-dirs-gtk-update DESCRIPTION: tool to manage well known user directories (Gtk extension) xdg-utils PROVIDES: xdg-desktop-icon xdg-desktop-menu xdg-email xdg-icon-resource xdg-mime xdg-open xdg-screensaver xdg-settings DESCRIPTION: desktop integration utilities from freedesktop.org xfce4-panel PROVIDES: xfce4-panel xfce4-popup-windowlist DESCRIPTION: The Xfce4 desktop environment panel xfce4-session PROVIDES: balou-export-theme balou-install-theme xfce4-session xfce4-session-logout xfce4-tips xfsm-shutdown-helper DESCRIPTION: Xfce4 Session Manager xfce4-terminal PROVIDES: xfce4-terminal xfce4-terminal.wrapper DESCRIPTION: Xfce terminal emulator xfce4-utils PROVIDES: startxfce4 xfbrowser4 xfce4-about xfhelp4 xflock4 xfmountdev4 xfrun4 xfterm4 DESCRIPTION: Various tools for Xfce xfdesktop4 PROVIDES: xfce4-popup-menu xfdesktop DESCRIPTION: xfce desktop background, icons and root menu manager xfonts-utils PROVIDES: bdftopcf bdftruncate mkfontdir mkfontscale ucs2any update-fonts-alias update-fonts-dir update-fonts-scale DESCRIPTION: X Window System font utility programs xfwm4 PROVIDES: xfwm4 DESCRIPTION: window manager of the Xfce project xinetd PROVIDES: itox xinetd DESCRIPTION: replacement for inetd with many enhancements xinit PROVIDES: startx xinit DESCRIPTION: X server initialisation tool xml-core PROVIDES: dh_installxmlcatalogs update-xmlcatalog DESCRIPTION: XML infrastructure and XML catalog file support xserver-xorg PROVIDES: dexconf X DESCRIPTION: the X.Org X server xterm PROVIDES: koi8rxterm lxterm resize uxterm xterm DESCRIPTION: X terminal emulator xtermcontrol PROVIDES: xtermcontrol DESCRIPTION: dynamic configuration of xterm properties xtermset PROVIDES: xtermset DESCRIPTION: change the characteristics of an xterm xutils-dev PROVIDES: ccmakedep cleanlinks gccmakedep imake lndir makedepend makeg mergelib mkdirhier mkhtmlindex revpath xmkmf DESCRIPTION: X Window System utility programs for development xview-clients PROVIDES: clock cmdtool owplaces props textedit DESCRIPTION: XView client programs xviewg PROVIDES: capitalize insert_brackets remove_brackets shift_lines DESCRIPTION: XView shared libraries xvt PROVIDES: xvt DESCRIPTION: X terminal-emulator similar to xterm, but smaller xzdec PROVIDES: lzmadec xzdec DESCRIPTION: XZ-format compression utilities - tiny decompressors ././@LongLink0000644000000000000000000000017200000000000011603 Lustar rootrootmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/package_catalog.wheezy.additionalmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/package_cata0000644000175000017500000000126213175722671032355 0ustar lucaslucasbash-completion PROVIDES: dh_bash-completion DESCRIPTION: programmable completion for the bash shell epiphany-browser PROVIDES: epiphany DESCRIPTION: Intuitive GNOME web browser ipv6calc PROVIDES: ipv6calc DESCRIPTION: small utility for manipulating IPv6 addresses inetutils-inetd PROVIDES: inetutils-inetd DESCRIPTION: internet super server lynx PROVIDES: lynx DESCRIPTION: Text-mode WWW Browser rox-filer PROVIDES: rox-filer DESCRIPTION: A simple graphical file manager for X11 rsyslog PROVIDES: rsyslogd DESCRIPTION: reliable system and kernel logging daemon ucspi-tcp-ipv6 PROVIDES: tcpclient tcpserver DESCRIPTION: command-line tools for building TCP client-server applications (IPv6) ././@LongLink0000644000000000000000000000020000000000000011573 Lustar rootrootmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/binary_list.machine-pinocchio-09157.476marionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/binary_list.0000644000175000017500000001036113175722671032367 0ustar lucaslucasarp arpd attr authdaemond authenumerate authpasswd authtest badblocks bash bashbug bc berkeley_db_svc blkid bootlogd busybox bzdiff bzgrep bzip2 bzip2recover bzmore certtool chacl chage chattr chfn chgpasswd chgrp chmod chown chpasswd chsh clear comp_err courierauthconfig courier-config courierldapaliasd courierlogger couriertcpd couriertls cp cpio c_rehash db_archive db_checkpoint dbclient db_deadlock db_dump db_hotbackup dbilogstrip dbiprof dbiproxy db_load db_printlog db_recover db_stat db_upgrade db_verify dc deliverquota depmod dhclient dhclient-script dhcpd dhcrelay dig dnssec-keygen dnssec-signzone dropbear dropbearconvert dropbearkey dumpe2fs e2fsck e2image e2label egrep enable_ssl.sh ettercap etterfilter etterlog expiry exportfs faillog fgrep file filefrag find findfs free fsck fsck.ext2 fsck.ext3 ftp ftpcount ftpdctl ftpd.krb5 ftp.krb5 ftpshut ftptop ftpwho fuser gawk genl getent getfacl getfattr ghostify gnutls-cli gnutls-cli-debug gnutls-serv gpasswd gpg-error grep groupadd groupdel groupmems groupmod groups grpck grpconv grpunconv gss-client gss_clnt_send_err gss_destroy_creds gss-server gunzip gzexe gzip halt host hostname htop id ifcfg ifconfig ifstat igawk imapd infocmp init innochecksum insmod ip ip6tables ipmaddr iptables iptables-restore iptables-save iptables-xml iptunnel itox k5srvutil kadmin kadmind kadmin.local kdb5_ldap_util kdb5_util kdestroy kill killall killall5 kinit klist klogd klogind kpasswd kprop kpropd krb524d krb524init krb5-config krb5kdc krb5-send-pr kshd ksu ktutil kvno last lastlog ldapcompare ldapdelete ldapexop ldapmodify ldapmodrdn ldappasswd ldapsearch ldapwhoami lighttpd lighttpd-angel links lnstat locale localedef locale-gen locate login login.debian login.krb5 login.shadow logoutd logsave ls lsattr lsmod lwresd mailbot maildiracl maildirkw maildirmake maildrop makemime makeuserdb marionnet_grab_config mesg mii-tool mkdevs.sh mke2fs mkfs.ext2 mkfs.ext3 mklost+found mkpasswd modinfo modprobe mount mount.nfs mountpoint msql2mysql myisamchk myisam_ftdump myisamlog myisampack my_print_defaults mysql mysqlaccess mysqladmin mysqlbinlog mysqlbug mysqlcheck mysql_client_test mysql_config mysql_convert_table_format mysql_create_system_tables mysqld mysqld_multi mysqld_safe mysqldump mysqldumpslow mysql_explain_log mysql_find_rows mysql_fix_extensions mysql_fix_privilege_tables mysqlhotcopy mysqlimport mysql_install_db mysqlmanager mysql_secure_installation mysql_setpermission mysqlshow mysql_tableinfo mysqltest mysqltestmanager mysqltestmanagerc mysqltestmanager-pwgen mysql_tzinfo_to_sql mysql_upgrade mysql_upgrade_shell mysql_waitpid mysql_zap named named-checkconf named-checkzone nameif nano nast ncurses5-config netstat newgrp newusers nfsstat nmap nologin nscd nscd_nischeck nslookup nstat nsupdate ntpd ntpdate ntpdc ntp-keygen ntpq ntptime ntptrace ntp-wait oldfuser omshell openssl pam_tally passwd pcre-config pcregrep pcretest peekfd perl perl5.8.8 perror pgawk pgrep ping ping6 ping.orig pkill plipconfig pluginviewer pmap pmap_dump pmap_set portmap postalias postcat postconf postdrop postfix postkick postlock postlog postmap postqueue postsuper prename proftpd ps psed psktool pstree pw2userdb pwcheck pwck pwconv pwdx pwunconv rarp rcp rcp.krb5 recup_para.sh reformail reformime replace resize2fs resolveip resolve_stack_dump retawq rlogin rlogin.krb5 rmmod rmt rndc rndc-confgen route routef routel rpcdebug rpc.gssd rpc.idmapd rpcinfo rpc.mountd rpc.nfsd rpc.statd rpc.svcgssd rsh rsh.krb5 rtacct rtmon rtpr runlevel safe_finger saslauthd sasldblistusers2 saslpasswd2 sclient scp sed sendmail setfacl setfattr sharedindexinstall sharedindexsplit showmount shutdown sim_client sim_server skill slabtop slapd slattach slurpd sm-notify snice sntp spawn-fcgi sperl5.8.8 sqlite3 srptool ss sserver start-statd start-stop-daemon stat strace su sulogin sysctl syslogd tack talk tar tc tclsh8.4 tcpd tcpdchk tcpdmatch tcpdump telnet telnetd.krb5 telnet.krb5 testmxlookup testsaslauthd tftp tic tickadj tload toe top tput try-from tset tune2fs umount uncompress unghostify unix_chkpwd unix_update updatedb uptime useradd userdb userdbpw userdb-test-cram-md5 userdel usermod utmpdump uuclient uuidgen uuserver v4rcp vim.basic vmstat vtysh vtysh w wall watch wget whoami whois xargs xinetd zcat zcmp zdiff zegrep zfgrep zforce zgrep zless zmore znew ././@LongLink0000644000000000000000000000020100000000000011574 Lustar rootrootmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/make_package_catalog_from_binary_list.shmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/make_package0000755000175000017500000001514113175722671032366 0ustar lucaslucas#!/bin/bash # This file is part of Marionnet, a virtual network laboratory # Copyright (C) 2013 Jean vincent Loddo # Copyright (C) 2013 Université Paris 13 # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # This script helps people to build a debian filesystem # with debootstrap according to the Marionnet requirements. set -e if [[ $1 = wheezy || $1 = squeeze ]]; then RELEASE="$1" echo "Release set to \`$RELEASE'" else echo "Usage: $(basename $0) RELEASE" echo "where RELEASE is \`wheezy' or \`squeeze'" echo "---" echo "Generates the file \`package_catalog.\${RELEASE}.GENERATED' from \`binary_list.UNION'" echo "searching in the specified RELEASE for packages related to at least one of the listed" echo "binaries." exit 2 fi HTTP_SERVER=http://ftp.debian.org/debian/ ARCH=i386 function mkTMPFILE { mktemp /tmp/${1}.$(date +%H\h%M | tr -d " ").XXXXXX } # 1-column file difference: function list_diff { [[ -f "$1" && -f "$2" ]] || { return 1; } local PATTERNS=$(sort "$2" | uniq) sort "$1" | uniq | \grep -v -w -F "$PATTERNS" } # rewrite [-f/--follow] FILE with COMMAND # Examples: # $ rewrite FOO with grep "DATE=" FOO # $ rewrite FOO with grep "DATE=" $TMPFILE else "$@" | tee $TMPFILE fi cat $TMPFILE > $TARGET rm -f $TMPFILE } function cool_sudo_chroot { # global COOL_SUDO if [[ -z $COOL_SUDO ]]; then export COOL_SUDO=$(mktemp /tmp/COOL_SUDO.XXXXXX) chmod +x $COOL_SUDO fi local DIR="$1" shift if [[ $# -eq 0 ]]; then set -- "bash" "2>/dev/null" fi echo '#!/bin/bash' > $COOL_SUDO echo "chroot '$DIR'" "$@" >> $COOL_SUDO sudo $COOL_SUDO } function cool_sudo { # global COOL_SUDO if [[ -z $COOL_SUDO ]]; then export COOL_SUDO=$(mktemp /tmp/COOL_SUDO.XXXXXX) chmod +x $COOL_SUDO fi if [[ $# -eq 0 ]]; then set -- "bash" "2>/dev/null" fi echo '#!/bin/bash' > $COOL_SUDO echo "$@" >> $COOL_SUDO sudo $COOL_SUDO } function make_package_catalog_from_binary_list { # global RELEASE HTTP_SERVER ARCH # Required file: binary_list.UNION local REQUIRED_FILE=binary_list.UNION local TARGET=package_catalog.$RELEASE.GENERATED # --- [[ -f $REQUIRED_FILE ]] || { make -C $(dirname $REQUIRED_FILE) $(basename $REQUIRED_FILE) } local TWDIR=_build.temporary_basic_${RELEASE}.$(date +%Y-%m-%d.%H\h%M) local INCLUDE="--include=realpath,apt-file" local EXCLUDE="--exclude=udev" mkdir -v -p $TWDIR # --- echo "Step 1: making a temporary debian system" echo "---" cool_sudo debootstrap --arch=${ARCH} $INCLUDE $EXCLUDE $RELEASE ${TWDIR} ${HTTP_SERVER} # --- local BINARY_LIST=$(<$REQUIRED_FILE) local TARGET1=$(mkTMPFILE TARGET1) local TARGET2=$(mkTMPFILE TARGET2) local TARGET3=$(mkTMPFILE TARGET3) local TARGET4=$(mkTMPFILE TARGET4) local TMPFILE1=$(mktemp) local TMPFILE2=$(mktemp) local TMPFILE3=$(mktemp) # --- echo "Step 2: searching for listed binaries which are not included in a basic debian ($RELEASE) system..." echo "---" local CMD=$(echo 'for i in '$BINARY_LIST'; do echo -en "$i\t" ; dpkg -S $(realpath $(type -P $i)) || echo NOT_FOUND; done') cool_sudo_chroot $TWDIR <<<"$CMD" 1>$TARGET1 # --- echo "Step 3: searching for packages containing not basic binaries..." echo "---" local R CMD="apt-file update" sudo <<<"$CMD" chroot $TWDIR bash \grep NOT_FOUND $TARGET1 \ | while read i _; do CMD=$(echo "apt-file search bin/$i | grep 'bin/$i$' | head -n 1") R=$(cool_sudo_chroot $TWDIR <<<"$CMD") if [[ -n "$R" ]]; then echo -e "$i $R"; else echo -e "$i NOT_FOUND"; fi done \ | tee $TMPFILE1 awk <$TMPFILE1 '(NF == 3) {print $2,$1}' | uniq | sort -k 1,1 -d | uniq >$TMPFILE2 PACKAGES=$(awk <$TMPFILE2 -F : '{print $1}' | uniq | sort | uniq) rewrite $TMPFILE2 with tr -d ':' <$TMPFILE2 awk <$TMPFILE2 '{p1=$1; if (p1 != p0) printf("\n%s PROVIDES: %s",p1,$2); else printf(" %s",$2); p0=p1; next}' >$TARGET2 # --- echo "Step 4: adding packages' descriptions..." echo "---" local L="en_US@UTF-8"; local PACKAGE REST while read PACKAGE REST; do CMD="LANGUAGE=$L LANG=$L LC_ALL=$L aptitude show $PACKAGE" cool_sudo_chroot $TWDIR <<<"$CMD" | awk -v PACKAGE="$PACKAGE" -v REST="$REST" '/^Description:/ {$1=""; print PACKAGE,REST,"DESCRIPTION:",$0}'; done <$TARGET2 | tee $TARGET3 # --- echo "Step 5: removing basic packages from catalog..." echo "---" awk <$TARGET3 '{print $1}' > $TMPFILE1 # list of packages currently listed sudo <<<"dpkg -l" chroot $TWDIR bash | awk '($1 == "ii") {print $2}' > $TMPFILE2 # list of basic packages to ignore list_diff $TMPFILE1 $TMPFILE2 > $TMPFILE3 # list of interesting packages join -j 1 $TMPFILE3 $TARGET3 > $TARGET4 # Finish [[ -f $TARGET ]] && cp -v "$TARGET" "$TARGET.backup" --backup="numbered" cat $TARGET4 > $TARGET echo "Catalog generated in $TARGET" # Mrproper: rm -f $TARGET{1,2,3,4} $TMPFILE{1,2,3} local ANSWER echo -n "Do you want to remove \`$TWDIR'? (y/..) "; read ANSWER if [[ $ANSWER = y ]]; then cool_sudo rm -rf $TWDIR fi } ### Unsuccessfully tested with fakeroot (version 1.18.2-1) and fakechroot (version 2.16-1) : ### -------------------------------------------------------- # # # fakechroot -s fakeroot debootstrap --foreign --variant=fakechroot --include=fakechroot,fakeroot --arch=${ARCH} $RELEASE ${TWDIR} ${HTTP_SERVER} # # # DEBOOTSTRAP_DIR=${TWDIR}/debootstrap fakechroot fakeroot debootstrap --second-stage --second-stage-target=${TWDIR} # # # I: Installing core packages... # # # W: Failure trying to run: chroot _build.debian-wheezy-with-linux-.2013-06-14.17h46 dpkg --force-depends --install /var/cache/apt/archives/base-files_7.1_i386.deb /var/cache/apt/archives/base-passwd_3.5.26_i386.deb ### -------------------------------------------------------- make_package_catalog_from_binary_list echo "Success." exit 0 ././@LongLink0000644000000000000000000000017300000000000011604 Lustar rootrootmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/package_catalog.squeeze.additionalmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/package_cata0000644000175000017500000000000013175722671032342 0ustar lucaslucas././@LongLink0000644000000000000000000000015200000000000011601 Lustar rootrootmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/binary_list.UNIONmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/binary_list.0000644000175000017500000005453713175722671032404 0ustar lucaslucas [ 2to3 822-date a2dismod a2dissite a2enmod a2ensite a2p ab about-mandriva accessdb acleandir.rc aclocal-1.8 acpid acpi_listen activation-client addbuiltin addgroup addpart addr2line add-shell adduser adjtimex adnsheloex adnshost adnslogres adnsresfilter adv1tov2 advxsplitlogfile advxsplitlogfile.pl aecho afmdiff.awk afpd afpd-mtab.pl agentxtrap agetty akodeplay alsa.agent alsa_in alsa_out alternatives amuFormat.sh apache2 apache2ctl apachectl apple_chfile apple_cp apple_file apple_mv apple_rm appletviewer appres apropos apt apt-cache apt-cdrom apt-config apt-extracttemplates apt-ftparchive apt-get aptitude aptitude-create-state-bundle aptitude-run-state-bundle apt-key apt-mark apt-sortpkgs ar arch aria2c arp arpd arping artscat artsd artsdsp artsmessage artsplay artsrec artsshell artswrapper as ash asip-status.pl asn1Coding asn1Decoding asn1Parser asn2deb aspell aspell-autobuildhash aspell-import atalkd atob atobm attr audit2allow audit2why aumix-text authdaemond authenumerate authpasswd authtest autoconf autoheader autom4te automake-1.8 autopoint autoreconf autoscan autoupdate avahi-autoipd avahi-browse avahi-browse-domains avahi-daemon avahi-publish avahi-publish-address avahi-publish-service avahi-resolve avahi-resolve-address avahi-resolve-host-name avahi-set-host-name awk b2m babeld badblocks baddbdir balou-export-theme balou-install-theme base64 basename bash bash3 bashbug bc bdftopcf bdftops bdftruncate beep beforelight berdecode berkeley_db_svc bgpd biosdecode bitmap blkid blockdev bltest bmtoa bonobo-activation-sysconf bonobo-slay bootchartd bootlogd brctl bridg bridge bsd-write btoa build-classpath build-classpath-directory buildhash build-jar-repository bunzip2 busybox bzcat bzcmp bzdiff bzegrep bzexe bzfgrep bzgrep bzip2 bzip2recover bzless bzme bzmore c2ph c89 c89-gcc c99 c99-gcc cal calendar capinfos capitalize captoinfo cat catchsegv catman catv cc ccmakedep ccp cdbs-edit-patch certcgi certtool certutil cfdisk cfg2html cfg2html-linux c++filt chacl chage chat chattr chcat chcon check-binary-files checkcert check_forensic checkgid chfn chgpasswd chgrp chkconfig chkdupexe chksession chmod chown chpasswd chpst chroot chrt chsh chvt cjpeg ck-history ck-launch-session ck-list-sessions ck-log-system-restart ck-log-system-start ck-log-system-stop cksum cleanappledouble.pl clean-binary-files cleanlinks cleanup-info clear clear_console clock clockdiff cmdtool cmp cmsutil cnid2_create cnid_dbd cnid_index cnid_maint cnid_metad code2color col colcrt colrm column comm comp_err compress-dummy conflict consolehelper console-kit-daemon consoletype conspy ControlPanel convertsession courierauthconfig courier-config courierldapaliasd courierlogger couriertcpd couriertls cp cpan cpio cpp cpp-4.1 cpp-4.2 cpp-4.4.1 cppw Crack cracklib-check cracklib-format cracklib-packer cracklib-unpacker Crack-Reporter cramfsck create-cracklib-dict create-jar-links create_static_dev_nodes c_rehash crlutil crmftest cron crond crontab cryptpw cryptsetup csplit csslint-0.6 ctags ctags-exuberant ctrlaltdel ctstat cttyhack cupsdconf cupsdoprint curl curlftpfs cut cytune dash date db_archive db_checkpoint dbclient db_codegen db_deadlock db_dump db_dump185 db_hotbackup dbilogstrip dbiprof dbiproxy db_load dbmmanage db_printlog db_recover db_stat dbtest db_upgrade dbus-cleanup-sockets dbus-daemon dbus-launch dbus-monitor dbus-send dbus-uuidgen db_verify dc dcop dcopclient dcopfind dcopobject dcopquit dcopref dcopserver dcopserver_shutdown dcopstart dd ddate deallocvt debconf debconf-apt-progress debconf-communicate debconf-copydb debconf-escape debconf-gettextize debconf-set-selections debconf-show debconf-updatepo debugfs defoma defoma-hints defoma-psfont-installer defoma-reconfigure delgroup deliverquota delpart deluser depmod derdump desktop-file-install desktop-file-validate devmem dexconf df dga dh_builddeb dh_clean dhclient dhclient3 dhclient-script dh_compress dhcpd dhcpd-chroot.sh dhcpd-conf-to-ldap.pl dhcprelay dhcpreport.pl dhcrelay dh_desktop dh_fixperms dh_gconf dh_gencontrol dh_gtkmodules dh_icons dh_install dh_installcatalogs dh_installchangelogs dh_installcron dh_installdeb dh_installdebconf dh_installdefoma dh_installdirs dh_installdocs dh_installemacsen dh_installexamples dh_installifupdown dh_installinfo dh_installinit dh_installlogcheck dh_installlogrotate dh_installman dh_installmanpages dh_installmenu dh_installmime dh_installmodules dh_installpam dh_installppp dh_installudev dh_installwm dh_installxfonts dh_installxmlcatalogs dh_link dh_listpackages dh_makeshlibs dh_md5sums dh_movefiles dh_ocaml dh_pangomodules dh_perl dh_pycentral dh_pysupport dh_python dh_scrollkeeper dh_shlibdeps dh_strip dh_suidregister dh_testdir dh_testroot dh_testversion dh_undocumented dh_usrlocal diff diff3 diff-jars dig digest dir dircolors dirname djpeg dlist_test dmesg dmeventd dmidecode dmsetup dmsetup-static dmsetup.static dnsd dnsdomainname dns-keygen dnssec-dsfromkey dnssec-keyfromlabel dnssec-keygen dnssec-makekeyset dnssec-signkey dnssec-signzone doexec domainname dos2unix dotlockfile dpkg dpkg-architecture dpkg-buildpackage dpkg-checkbuilddeps dpkg-deb dpkg-distaddfile dpkg-divert dpkg-genchanges dpkg-gencontrol dpkg-gensymbols dpkg-name dpkg-parsechangelog dpkg-preconfigure dpkg-query dpkg-reconfigure dpkg-scanpackages dpkg-scansources dpkg-shlibdeps dpkg-source dpkg-split dpkg-statoverride dprofpp dropbear dropbearconvert dropbearkey dselect dtd2vim du dumpcap dumpe2fs dumphint dumpkeys dumpkmap dumpleases dvipdf e e2freefrag e2fsck e2fsck.static e2image e2label e2undo e3jsize ebrowse ebtables-restore ebtables-save echo echo-client-2 ed editcap editres egrep eject em emacs emacs-23.0.0 emacsclient enable_ssl.sh enc2xs encode_keychange env envdir envsubst envuidgid eps2eps eqn erb1.8 esd esdcat esdcompat esdctl esddsp esdfilt esdloop esdmon esdplay esdrec esdsample etags ether-wake ethghost ethtool ettercap etterfilter etterlog ex exifautotran exo-csource exo-desktop-item-edit exo-mount exo-open exo-preferred-applications expand expiry exportfs expr extcheck factor faillog fakeidentd false famd fbset fbsplash fc-cache fc-cat fc-list fc-match fc-query fc-scan fdflush fdformat fdisk fgconsole fgrep filan file filefrag fileshareset find find2perl findaffix findfs find-jar finger fipstest firefox fixfiles flex++ flock fmt fndSession fold font2c fontname fontprop free freeramdisk freetype-config fribidi from fsck fsck.cramfs fsck.ext2 fsck.ext3 fsck.ext4 fsck.ext4dev fsck.minix fsck.nfs fslsfonts fstab-decode fstobdf fsync ftp ftpcount ftpd ftpdctl ftpd.krb5 ftpget ftp.krb5 ftpput ftpshut ftptop ftpwho fuser fusermount fvwm2 fvwm-bug FvwmCommand fvwm-config fvwm-convert-2.4 fvwm-convert-2.6 fvwm-menu-desktop fvwm-menu-directory fvwm-menu-headlines fvwm-menu-xlock fvwm-perllib fvwm-root gawk gawk-3.1.7 gcc gcc-4.1 gcc-4.2 gcc-4.4.1 gcc4.4-version gccbug gccbug-4.1 gccmakedep gconf-merge-tree gconf-schemas gconftool gconftool-2 gcore gcov gcov-4.1 gcov-4.2 gdb gdbserver gdbtui gdbus gdbus-codegen gdk-pixbuf-csource gdk-pixbuf-query-loaders gencat gendiff generate-modprobe.conf genhdlist2 genhomedircon genhostid genl geqn getconf get_device get_driver getent getfacl getfattr getkey getkeycodes get_module getopt gettext gettextize gettext.sh getty getzones ghost2 ghostify ginstall-info gio-querymodules gksu gksu-properties glib-compile-schemas glibc-post-wrapper glib-genmarshal glib-gettextize glib-mkenums gmake gnome-keyring-daemon gnome-open gnomevfs-cat gnomevfs-copy gnomevfs-df gnomevfs-info gnomevfs-ls gnomevfs-mkdir gnomevfs-monitor gnomevfs-mv gnomevfs-rm gnroff gnutls-cli gnutls-cli-debug gnutls-serv gobject-query gpasswd gpg gpg-convert-from-106 gpg-error gpgsplit gpgv gpg-zip gprof grep grep-changelog groff grog grops grotty groupadd groupdel groupmems groupmod groups grpck grpconv grpunconv grub grub-floppy grub-install grub-md5-crypt grub-reboot grub-set-default grub-terminfo gsbj gsdj gsdj500 gsettings gs-gpl gslj gslp gsnd gss-client gss_clnt_send_err gss_destroy_creds gss-server gtar gtbl gtk-builder-convert gtk-query-immodules-2.0 gtk-update-icon-cache gtroff gunzip gv gzexe gzip h2ph h2xs hald hal-device hal-disable-polling hal-find-by-capability hal-find-by-property hal-get-property hal-is-caller-locked-out hal-is-caller-privileged hal-lock hal-set-property hal-setup-keymap halt hd hdparm head helpztags hexdump hibernate-cleanup.sh host hostid hostname hping hping2 htcacheclean htdbm htdigest html2text HtmlConverter htop htpasswd httpd httxt2dbm hush hwclock i386 i586-manbo-linux-gnu-gcc i586-manbo-linux-gnu-gcc-4.4.1 i586-mandriva-linux-gnu-gcc i586-mandriva-linux-gnu-gcc-4.4.1 iceauth ico icombine iconv iconvconfig id identd idl2deb idl2wrs idlj ifcfg ifconfig ifconfig.busybox ifdown ifenslave ifmetric ifnames ifplugd ifplugstatus ifstat ifup igawk ijoin ikeygen imagetops imake imapd inetd inetdconvert inetutils-ifconfig inetutils-telnet info infocmp infokey infotocap init initlog innochecksum insert_brackets insmod install install-info installkernel install-menu install-sgmlcatalog instmodsh in.tftpd invoke-rc.d ionice ior-decode-2 iostat ip ip6tables ip6tables-multi ip6tables-restore ip6tables-save ipaddr ipcalc ipcmk ipcrm ipcs iplink ipmaddr iproute iproute-arpd iprule ipsec iptables iptables-multi iptables-restore iptables-save iptables-xml iptunnel isisd isosize ispell ispell-autobuildhash ispell-wrapper itox jack_alias jack_bufsize jack_connect jackd jack_disconnect jack_evmon jack_freewheel jack_impulse_grabber jack_load jack_lsp jack_metro jack_midiseq jack_midisine jack_monitor_client jack_netsource jackrec jack_showtime jack_simple_client jack_transport jack_unload jar jarsigner java javac javadoc javah javap javaws jconsole jdb jhat jinfo jmap joe john join jpegexiforient jpegtran jps jrunscript jsadebugd jstack jstat jstatd jvmjar k5srvutil kab2kabc kaddprinterwizard kadmin kadmind kadmin.local kate kbd_mode kbdrate kbuildsycoca kcmshell kconf_update kcookiejar kdb5_ldap_util kdb5_util kde-config kded kdeDesktopCleanup kdeinit kdeinit_shutdown kdeinit_wrapper kde-menu kdestroy kdesu_stub kdontchangethehostname kdostartupconfig kedit keytool kfile kgrantpty khotnewstuff kill killall killall5 kinit kinstalltheme kioexec kio_http_cache_cleaner kioslave kio_uiserver klauncher klist klogd klogind kmailservice koi8rxterm kpac_dhcp_helper kpasswd kprop kpropd krb524d krb524init krb5-config krb5kdc krb5-send-pr kregexpeditor ksendbugmail kshd kshell kstartupconfig ksu ktelnetservice ktradertest ktutil kvno kwrapper kwrite labltk laptop-detect last lastb lastlog lcf lchage lchfn lchsh ld ldap2zone ldapadd ldapcompare ldapdelete ldapexop ldapmodify ldapmodrdn ldappasswd ldapsearch ldapurl ldapwhoami ldattach ldconfig ldd lddlibc4 less lessecho lesskey lesspipe lesspipe.sh lexgrog lft.db lgroupadd lgroupdel lgroupmod libnetcfg libpng12-config libtool libtoolize lid lighttpd lighttpd-angel linc-cleanup-sockets line link links links2 linux32 linux64 listhome list_hooks.pl listres ln lndir lnewusers lnstat lnusertemp loadfont loadkeys loadkmap load_policy loadunimap locale localedef locale-gen locale_install.sh locale_uninstall.sh locate logger login login.debian login.krb5 login.shadow logname logoutd logread logresolve logresolve.pl logrotate logsave log_server_status look lorder losetup lp2pap.sh lpasswd lpd lpq lpr ls lsattr lscpu lshal lsmod lsof lspci lspgpot lsusb luit luseradd luserdel lusermod lwresd lxterm lynx lynx.stable lzcat lzcmp lzdiff lzegrep lzfgrep lzgrep lzless lzma lzma_alone lzmadec lzmainfo lzmore lzop lzopcat m4 macusers mailbot maildiracl maildirkw maildirmake maildrop mailer mail-files mailq mailshar make makedepend makedev MAKEDEV makedevs make_driver_db_cups make_driver_db_lpr makeg makeinfo makemime makepqg make-ssl-cert makestrs makeuserdb makewhatis man man2dvi man2html mangle manpath mapscrn marionnet_grab_config mawk mbchk mcheck mcomp mcookie md5sum mdev mdv-network-event megatron meinproc mergecap mergelib mesg microcom mii-diag mii-tool mingetty mkbimage mkboot mkchdr mkcramfs mkdevs.sh mkdict mkdir mkdirhier mkdosfs mke2fs mke3fs mkfifo mkfontdir mkfontscale mkfs mkfs.bfs mkfs.cramfs mkfs.ext2 mkfs.ext3 mkfs.ext4 mkfs.ext4dev mkfs.minix mkfs.vfat mkhomedir_helper mkhtmlindex mkinitramfs mkinitramfs-kpkg mklost+found mkmanifest mknod mkpasswd mkswap mktemp modinfo modprobe mod_ssl-gentestcrt modutil more mount mount.cifs mount.nfs mount.nfs4 mountpoint mount.smbfs mozilla-firefox mpack mpstat msgattrib msgcat msgcmp msgcomm msgconv msgen msgexec msgfilter msgfmt msggrep msginit msgmerge msgunfmt msguniq msql2mysql mt mt-gnu mtools mtr mtrace munchlist munpack mv mxtar myisamchk myisam_ftdump myisamlog myisampack my_print_defaults mysql mysqlaccess mysqladmin mysqlbinlog mysqlbug mysqlcheck mysql_client_test mysql_config mysql_convert_table_format mysql_create_system_tables mysqld mysqld_multi mysqld_safe mysqldump mysqldumpslow mysql_explain_log mysql_find_rows mysql_fix_extensions mysql_fix_privilege_tables mysqlhotcopy mysqlimport mysql_install_db mysqlmanager mysql_secure_installation mysql_setpermission mysqlshow mysql_tableinfo mysqltest mysqltestmanager mysqltestmanagerc mysqltestmanager-pwgen mysql_tzinfo_to_sql mysql_upgrade mysql_upgrade_shell mysql_waitpid mysql_zap named named-bootconf named-checkconf named-checkzone named-compilezone namei nameif nanddump nandwrite nano nast native2ascii nbd-client nbplkup nbprgstr nbpunrgstr nc ncal ncat ncftp ncftpbatch ncftpget ncftpls ncftpput ncftpspooler nc.traditional ncurses5-config ncursesw5-config ndiff neqn net netatalk-uniconv netcat netkit-ftp netreport net-snmp-config net-snmp-create-v3-user netstat newaliases newgrp newrole newusers nfsddebug nfsdebug nfsstat ngettext nice nisdomainname nl nm nmap nmblookup nmeter nohup nologin nonspr10 nping nroff nscd nscd_nischeck nslookup nstat nsupdate ntpd ntpdate ntpdc ntp-keygen ntpq ntptime ntptrace ntp-wait nu objcopy objdump ocaml ocamlbrowser ocamlbuild.byte ocamlbuild.native ocamlc ocamlcp ocamldebug ocamldep ocamldoc ocamldumpobj ocamllex ocaml-md5sums ocamlmklib ocamlmktop ocamlobjinfo ocamlopt ocamlprof ocamlrun ocamlyacc oclock ocspclnt od oidcalc oldfind oldfuser omnicpp omniidl omniidlrun.py omshell open_init_pty openssl openvt orbd ospf6d ospfclient ospfd ownership owplaces p7content p7env p7sign p7verify pack200 packer pam_console_apply pam_getenv pam_tally pam_tally2 pam_timestamp_check pango-querymodules pango-querymodules-32 pango-view pap papd paperconf paperconfig papstatus partmon partx passwd paste patch pathchk pcimodules pcre-config pcregrep pcretest pdf2dsc pdf2ps pdfopt peekfd perl perl5 perl5.10.1 perl5.8.8 perlbug perlcc perldoc perlivp perlthanks perror pf2afm pfbtopfa pg pgawk pgrep pic piconv pidof ping ping6 ping.orig pinky pipe_progress pivot_root pk11mode pk12util pkaction pkcheck pkexec pkg-config pkill pl2pm plainrsa-gen plipconfig pluginviewer pmap pmap_dump pmap_set po2debconf pod2html pod2latex pod2man pod2text pod2usage podchecker podebconf-display-po podebconf-report-po podselect policytool polkit-action polkit-auth polkit-config-file-validate polkit-policy-file-validate popmaildir portmap postalias postcat postconf postdrop postfinger postfix postfix-chroot.sh postkick postlock postlog postmap postmulti postqueue postsuper poweroff powertop pp pphs ppl-config ppp-watch pr prcsys precat prename preunzip prezip prezip-bin printafm print-cups.sh printenv printf procan procps3-kill proftpd props protoize prove ps ps2ascii ps2epsi ps2pdf12 ps2pdf13 ps2pdf14 ps2pdfwr ps2ps ps2ps2 pscan psed psfaddtable psfgettable psfstriptable psfxtable psktool psorder pstree pstree.x11 pstruct ptbl ptx pulseaudio pval pw2userdb pwcheck pwck pwconv pwd pwdx pwunconv pycentral py_compilefiles pydoc pydoc2.4 pygettext2.4 pysupport-movemodules pysupport-parseversions python python2.4 python2.6 qmqp-sink qmqp-source qshape querybts query-loc queryperf racoon racoonctl radvd radvdump raidautorun ranlib rarp raw rbash rclock rcp rcp.krb5 rcs-checkin rdate rdev rdisc rdjpgcom readahead readelf readlink readprofile realpath reboot rebuild-jar-repository rebuild-security-providers recode-sr-latin recup_para.sh red reformail reformime remove_brackets remove-default-ispell remove-default-wordlist remove-shell remsync remtest rename rename.ul renice rep replace reportbug report-hw rep-remote reset resetall reset_sound resize resize2fs resizecons resolvconf resolveip resolve_stack_dump restorecon retawq rev revpath rgrep ripd ripngd rlogin rlogin.krb5 rm rmail rmdir rmic rmid rmiregistry rmmod rmold rmt rmt-tar rnano rndc rndc-confgen rotatelogs route routef routel roxterm roxterm-config rpcbind rpcdebug rpcgen rpc.gssd rpc.idmapd rpcinfo rpc.mountd rpc.nfsd rpc.statd rpc.svcgssd rpc.yppasswdd rpc.ypxfrd rpm rpm2cpio rpmdb rpm-find-leaves rpmgraph rpmquery rpmsign rpmverify rsaperf rsh rsh.krb5 rstart rstartd rsync rtacct rtcwake rtkitctl rtmon rtpr rtstat ruby1.8 runcon run_init runlevel run-mailcap run-parts runsv runsvdir run-with-aspell rurpme rurpmi rx rxvt-xpm rxvt-xterm s2p safe_finger sash saslauthd sasldblistusers2 saslpasswd2 savelog sawfish sawfish-client sawfish-ui schemagen sclient scp script scriptreplay sdiff sdrtest secon securetty sed se_dpkg select-default-ispell select-default-iwrap select-default-wordlist selfserv semanage semodule semodule_deps semodule_expand semodule_link semodule_package sendmail sendmail.postfix sensible-browser sensible-editor sensible-pager sepolgen-ifgen seq serialver servertool service sessreg sestatus setarch setconsole setfacl setfattr setfiles setfont setkey setkeycodes setleds setlogcons setmetamode setpci setsebool setserial setsid setsysfont set_tcb setterm setuidgid setxkbmap sfdisk sftp sg sh sha1sum sha224sum sha256sum sha384sum sha3sum sha512sum shadowconfig shar sharedindexinstall sharedindexsplit shell-quote shift_lines shlibsign showconsolefont showfont showkey showmount showppd showrgb sh.prebash shred shuf shutdown signtool signver sim_client sim_server size skill slabtop slapacl slapadd slapauth slapcat slapd slapdn slapindex slappasswd slapschema slaptest slattach sleep sln slogin slurpd smbpasswd smemcap smicache smidiff smidump smilint smime smiquery smistrip smixlate sm-notify smproxy smtp-sink smtp-source snacc snacc-config snice snmpbulkget snmpbulkwalk snmpd snmpdelta snmpdf snmpget snmpgetnext snmpinform snmpnetstat snmpset snmpstatus snmptable snmptest snmptranslate snmptrap snmptrapd snmpusm snmpvacm snmpwalk sntp socat soelim softlimit sort spawn-fcgi sperl5.8.8 splain split split-logfile sprof sq sqlite3 srptool ss sserver ssh ssh-add ssh-agent ssh-argv0 ssh-copy-id sshd sshfs ssh-keygen ssh-keyscan ssleay ssltap start_kdeinit start_kdeinit_wrapper startpar start-statd start-stop-daemon start_udev.orig startx startxfce4 stat stdbuf strace strace-log-merge strfile strings strip strsclnt stty su sudo sudoedit sudoers2ldif sudoreplay sulogin sum supermount su-to-root sv svlogd swapoff swapon switch_root sxw2txt symkeyutil sync sysctl syslogd syslogd-listfiles syslog-facility systool sys-unconfig tabs tac tack tail tailf talk tar tar-backup tar-restore tasksel taskset tbl tc tcb_convert tcb_unconvert tclsh8.4 tcpd tcpdchk tcpdmatch tcpdump tcpsvd tcptraceroute.db tcsh tee telinit telnet telnetd telnetd.krb5 telnet.krb5 telnet.netkit tempfile test testmxlookup testparm testrb1.8 testsaslauthd texi2dvi texi2pdf texindex text2pcap textedit tftp tftpd tgz Thunar tic tickadj time timelord timeout tload tnameserv toe top touch tput tr tracepath tracepath6 traceproto.db traceroute traceroute6 traceroute.db traceroute-nanog.db troff true truncate tryaffix try-from tset tshark tsort tstclnt ttmkfdir tty ttysize tunctl tune2fs tunelp typelib-dump tzselect ubiattach ubidetach ubimkvol ubirmvol ubirsvol ubiupdatevol ucf ucfq ucfr ucs2any udevadm udevcontrol udevd udev_import_usermap udevinfo udevmonitor udevsettle udevtest udevtrigger udhcpc udhcpd udpsvd ul umount umount.cifs umount.hal umount.nfs umount.nfs4 uname uncompress unexpand unghostify unicode_start unicode_stop uniq unix2dos unix_chkpwd unix_update unlink unlzma unlzop unpack200 unprotoize unshar unsq unstr unxz unzip update-alternatives update-catalog updatedb update-default-ispell update-default-wordlist update-desktop-database update_dhcp.pl update-dictcommon-aspell update-fonts-alias update-fonts-dir update-fonts-scale update-gconf-defaults update-grub update-icon-caches update-inetd update-initramfs update-ispell-dictionary update-locale update-localtime update-menus update-mime update-mime-database update-modules update-openoffice-dicts update-pangox-aliases update-passwd update-pciids update-python-modules update-rc.d update-usbids update-usbids.sh update-xmlcatalog uptime urpme urpmf urpmi urpmi.addmedia urpmi.removemedia urpmi_rpm-find-leaves urpmi.update urpmq usb-devices usb_id useradd userdb userdbpw userdb-test-cram-md5 userdel userhelper usermod usernetctl users usleep utempter utmpdump uuclient uudecode uuencode uuidgen uuserver uxterm uz v4rcp validlocale vconfig vdir vfychain vfyserv vi viewres vigr vim vim-addons vim.basic vimdiff vim-enhanced vimplate vim.tiny vimtutor vipw visudo vlan-test vlock vmstat volname vpddecode vpn-start vpn-stop vtysh w w3m w3mman wall watch watchdog watchquagga wc wftopfa wget whatis whereis which whiptail who whoami whois wireshark wireshark-root wish8.4 word-list-compress w.procps write wrjpgcom wsgen wsimport www-browser X x11perf x11perfcomp xargs xauth xauth_switch_to_sun-des-1 xbiff xcalc xclipboard xclock xcmsdb xconsole xcursorgen xcutsel xdbedizzy xdg-desktop-icon xdg-desktop-menu xdg-email xdg-icon-resource xdg_menu xdg-mime xdg-open xdg-screensaver xdg-settings xdg-user-dir xdg-user-dirs-gtk-update xdg-user-dirs-update xditview xdpyinfo xdriinfo xedit xev xeyes xfbrowser4 xfce4-about xfce4-autostart-editor xfce4-kiosk-query xfce4-menueditor xfce4-panel xfce4-popup-menu xfce4-popup-windowlist xfce4-session xfce4-session-logout xfce4-terminal xfce4-terminal.wrapper xfce4-tips xfce-mcs-manager xfce-setting-show xfd xfdesktop xfhelp4 xflock4 xfmountdev4 xfontsel xfrun4 xfsinfo xfsm-shutdown-helper xft-config xfterm4 xfwm4 xgamma xgc xgettext xhost xinetd xinit xjc xkbbell xkbcomp xkbevd xkbprint xkbvleds xkbwatch xkill xlinks2 xload xlogo xlsatoms xlsclients xlsfonts xmag xman xmessage xmkmf xmodmap xmore xon xprop xrandr xrdb xrefresh xset xsetmode xsetpointer xsetroot xsm xstdcmap xsubpp xtables-multi xterm xtermcontrol xtermset xtrapchar xtrapin xtrapinfo xtrapout xtrapproto xtrapreset xtrapstats xvidtune xvinfo xvt xwd xwininfo xwud xxd xz xzcat xzcmp xzdec xzdiff xzegrep xzfgrep xzgrep xzless xzme xzmore yes ypbind ypcat ypchfn ypchsh ypdomainname ypmatch yppasswd yppoll yppush ypserv ypserv_test ypset yptest ypwhich zcat zcip zcmp zdiff zdump zebra zegrep zfgrep zforce zgrep zhead zic zless zmore znew zonetoldap zsoelim ztail ././@LongLink0000644000000000000000000000015400000000000011603 Lustar rootrootmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/RELEVANT_FILE_HERE1marionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/RELEVANT_FIL0000777000175000017500000000000013175722671040206 2package_catalog.wheezy.selectionustar lucaslucas././@LongLink0000644000000000000000000000017100000000000011602 Lustar rootrootmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/package_catalog.wheezy.selectionmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/package_cata0000644000175000017500000011617113175722671032363 0ustar lucaslucas9base PROVIDES: bc dc ed strings DESCRIPTION: Plan 9 userland tools acl PROVIDES: chacl getfacl setfacl DESCRIPTION: Access control list utilities #acpid PROVIDES: acpid acpi_listen DESCRIPTION: Advanced Configuration and Power Interface event daemon adjtimex PROVIDES: adjtimex DESCRIPTION: kernel time variables configuration utility #adns-tools PROVIDES: adnsheloex adnshost adnslogres adnsresfilter DESCRIPTION: Asynchronous-capable DNS client library and utilities apache2.2-common PROVIDES: a2dismod a2dissite a2enmod a2ensite apache2ctl apachectl DESCRIPTION: Apache HTTP Server common files #apache2-dbg PROVIDES: ab checkgid htcacheclean htdbm htdigest htpasswd httxt2dbm logresolve rotatelogs DESCRIPTION: Apache debugging symbols apache2-mpm-event PROVIDES: apache2 DESCRIPTION: Apache HTTP Server - event driven model apache2-utils PROVIDES: check_forensic dbmmanage split-logfile DESCRIPTION: utility programs for webservers aria2 PROVIDES: aria2c DESCRIPTION: High speed download utility arping PROVIDES: arping DESCRIPTION: sends IP and/or ARP pings (to the MAC address) ash PROVIDES: ash DESCRIPTION: compatibility package for dash #aspell PROVIDES: aspell aspell-import precat preunzip prezip prezip-bin run-with-aspell word-list-compress DESCRIPTION: GNU Aspell spell-checker atftpd PROVIDES: in.tftpd DESCRIPTION: advanced TFTP server attr PROVIDES: attr getfattr setfattr DESCRIPTION: Utilities for manipulating filesystem extended attributes autoconf PROVIDES: autoconf autoheader autom4te autoreconf autoscan autoupdate ifnames DESCRIPTION: automatic configure script builder #autopoint PROVIDES: autopoint DESCRIPTION: The autopoint program from GNU gettext #avahi-autoipd PROVIDES: avahi-autoipd DESCRIPTION: Avahi IPv4LL network address configuration daemon #avahi-daemon PROVIDES: avahi-daemon DESCRIPTION: Avahi mDNS/DNS-SD daemon #avahi-utils PROVIDES: avahi-browse avahi-browse-domains avahi-publish avahi-publish-address avahi-publish-service avahi-resolve avahi-resolve-address avahi-resolve-host-name avahi-set-host-name DESCRIPTION: Avahi browsing, publishing and discovery utilities babeld PROVIDES: babeld DESCRIPTION: loop-free distance-vector routing protocol bash-completion PROVIDES: dh_bash-completion DESCRIPTION: programmable completion for the bash shell #beep PROVIDES: beep DESCRIPTION: advanced pc-speaker beeper bind9 PROVIDES: dnssec-dsfromkey dnssec-keyfromlabel named DESCRIPTION: Internet Domain Name Server bind9-host PROVIDES: host DESCRIPTION: Version of 'host' bundled with BIND 9.X bind9utils PROVIDES: dnssec-keygen dnssec-signzone named-checkconf named-checkzone named-compilezone rndc rndc-confgen DESCRIPTION: Utilities for BIND binutils PROVIDES: addr2line ar as c++filt gprof ld nm objcopy objdump ranlib readelf size strip DESCRIPTION: GNU assembler, linker and binary utilities #boinc-dbg PROVIDES: db_dump DESCRIPTION: debugging symbols for BOINC binaries #bootchart PROVIDES: bootchartd DESCRIPTION: Boot process performance analyser #bootlogd PROVIDES: bootlogd DESCRIPTION: daemon to log boot messages bridge-utils PROVIDES: brctl DESCRIPTION: Utilities for configuring the Linux Ethernet bridge #busybox PROVIDES: busybox DESCRIPTION: Tiny utilities for small and embedded systems #busybox-syslogd PROVIDES: klogd logread syslogd DESCRIPTION: Provides syslogd and klogd using busybox bzip2 PROVIDES: bunzip2 bzcat bzcmp bzdiff bzegrep bzexe bzfgrep bzgrep bzip2 bzip2recover bzless bzmore DESCRIPTION: high-quality block-sorting file compressor - utilities #cdbs PROVIDES: cdbs-edit-patch DESCRIPTION: common build system for Debian packages chkconfig PROVIDES: chkconfig DESCRIPTION: system tool to enable or disable system services cifs-utils PROVIDES: mount.cifs DESCRIPTION: Common Internet File System utilities #citadel-mta PROVIDES: sendmail DESCRIPTION: complete and feature-rich groupware server (mail transport agent) #consolekit PROVIDES: ck-history ck-launch-session ck-list-sessions ck-log-system-restart ck-log-system-start ck-log-system-stop console-kit-daemon DESCRIPTION: framework for defining and tracking users, sessions and seats #console-tools PROVIDES: chvt deallocvt dumpkeys fgconsole getkeycodes kbd_mode kbdrate loadkeys openvt psfaddtable psfgettable psfstriptable setkeycodes setleds setlogcons setmetamode showkey unicode_start unicode_stop DESCRIPTION: Linux console and font utilities #conspy PROVIDES: conspy DESCRIPTION: Remote control of Linux virtual consoles courier-authdaemon PROVIDES: authdaemond DESCRIPTION: Courier authentication daemon courier-authlib PROVIDES: authenumerate authpasswd authtest courierlogger DESCRIPTION: Courier authentication library courier-authlib-dev PROVIDES: courierauthconfig DESCRIPTION: Development libraries for the Courier authentication library courier-authlib-userdb PROVIDES: makeuserdb pw2userdb userdb userdbpw userdb-test-cram-md5 DESCRIPTION: userdb support for the Courier authentication library courier-base PROVIDES: courier-config couriertcpd maildiracl maildirkw sharedindexinstall sharedindexsplit testmxlookup DESCRIPTION: Courier mail server - base system courier-imap PROVIDES: imapd DESCRIPTION: Courier mail server - IMAP server courier-ldap PROVIDES: courierldapaliasd DESCRIPTION: Courier mail server - LDAP support courier-maildrop PROVIDES: mailbot maildrop makemime reformail reformime DESCRIPTION: Courier mail server - mail delivery agent #courier-mta PROVIDES: mailq newaliases rmail DESCRIPTION: Courier mail server - ESMTP daemon courier-ssl PROVIDES: couriertls DESCRIPTION: Courier mail server - SSL/TLS Support cpp PROVIDES: cpp DESCRIPTION: GNU C preprocessor (cpp) crack PROVIDES: Crack Crack-Reporter DESCRIPTION: Password guessing program cracklib-runtime PROVIDES: cracklib-check cracklib-format cracklib-packer cracklib-unpacker create-cracklib-dict DESCRIPTION: runtime support for password checker library cracklib2 #cramfsprogs PROVIDES: cramfsck mkcramfs DESCRIPTION: Tools for CramFs (Compressed ROM File System) #cryptsetup-bin PROVIDES: cryptsetup DESCRIPTION: disk encryption support - command line tools #cups-bsd PROVIDES: lpq lpr DESCRIPTION: Common UNIX Printing System(tm) - BSD commands curl PROVIDES: curl DESCRIPTION: Get a file from an HTTP, HTTPS or FTP server curlftpfs PROVIDES: curlftpfs DESCRIPTION: filesystem to access FTP hosts based on FUSE and cURL #daemontools PROVIDES: envdir envuidgid setuidgid softlimit DESCRIPTION: a collection of tools for managing UNIX services #dbus PROVIDES: dbus-cleanup-sockets dbus-daemon dbus-monitor dbus-send dbus-uuidgen DESCRIPTION: simple interprocess messaging system (daemon and utilities) #dbus-1-dbg PROVIDES: dbus-launch DESCRIPTION: simple interprocess messaging system (debug symbols) #db-util PROVIDES: db_archive db_checkpoint db_deadlock db_hotbackup db_load db_printlog db_recover db_stat db_upgrade db_verify DESCRIPTION: Berkeley Database Utilities #debhelper PROVIDES: dh_builddeb dh_clean dh_compress dh_desktop dh_fixperms dh_gconf dh_gencontrol dh_icons dh_install dh_installcatalogs dh_installchangelogs dh_installcron dh_installdeb dh_installdebconf dh_installdirs dh_installdocs dh_installemacsen dh_installexamples dh_installifupdown dh_installinfo dh_installinit dh_installlogcheck dh_installlogrotate dh_installman dh_installmanpages dh_installmenu dh_installmime dh_installmodules dh_installpam dh_installppp dh_installudev dh_installwm dh_installxfonts dh_link dh_listpackages dh_makeshlibs dh_md5sums dh_movefiles dh_perl dh_python dh_scrollkeeper dh_shlibdeps dh_strip dh_suidregister dh_testdir dh_testroot dh_undocumented dh_usrlocal DESCRIPTION: helper programs for debian/rules #desktop-file-utils PROVIDES: desktop-file-install desktop-file-validate update-desktop-database DESCRIPTION: Utilities for .desktop files #dh-ocaml PROVIDES: dh_ocaml ocaml-md5sums DESCRIPTION: helper tools for maintaining OCaml-related Debian packages #dictionaries-common PROVIDES: aspell-autobuildhash ispell-autobuildhash ispell-wrapper remove-default-ispell remove-default-wordlist select-default-ispell select-default-iwrap select-default-wordlist update-default-ispell update-default-wordlist update-dictcommon-aspell DESCRIPTION: Common utilities for spelling dictionary tools #dietlibc-dev PROVIDES: dnsd DESCRIPTION: diet libc - a libc optimized for small size #dmeventd PROVIDES: dmeventd DESCRIPTION: Linux Kernel Device Mapper event daemon #dmsetup PROVIDES: dmsetup DESCRIPTION: Linux Kernel Device Mapper userspace library dnsutils PROVIDES: dig nslookup nsupdate DESCRIPTION: Clients provided with BIND dos2unix PROVIDES: dos2unix unix2dos DESCRIPTION: convert text file line endings between CRLF and LF dosfstools PROVIDES: mkdosfs mkfs.vfat DESCRIPTION: utilities for making and checking MS-DOS FAT filesystems #dropbear PROVIDES: dbclient dropbear dropbearkey DESCRIPTION: lightweight SSH2 server and client #dselect PROVIDES: dselect DESCRIPTION: Debian package management front-end #e2fsck-static PROVIDES: e2fsck.static DESCRIPTION: statically-linked version of the ext2/ext3/ext4 filesystem checker ed PROVIDES: red DESCRIPTION: classic UNIX line editor #eglibc-source PROVIDES: locale-gen update-locale validlocale DESCRIPTION: Embedded GNU C Library: sources #eject PROVIDES: eject volname DESCRIPTION: ejects CDs and operates CD-Changers under Linux epiphany-browser PROVIDES: epiphany DESCRIPTION: Intuitive GNOME web browser ethtool PROVIDES: ethtool DESCRIPTION: display or change Ethernet device settings #exo-utils PROVIDES: exo-csource exo-desktop-item-edit exo-open exo-preferred-applications DESCRIPTION: Utility files for libexo #exuberant-ctags PROVIDES: ctags-exuberant DESCRIPTION: build tag file indexes of source code definitions #fam PROVIDES: famd DESCRIPTION: File Alteration Monitor #fbset PROVIDES: fbset DESCRIPTION: framebuffer device maintenance program #fdflush PROVIDES: fdflush DESCRIPTION: Flush out-of-date disk buffers file PROVIDES: file DESCRIPTION: Determines file type using "magic" numbers finger PROVIDES: finger DESCRIPTION: user information lookup program flex PROVIDES: flex++ DESCRIPTION: A fast lexical analyzer generator. #fontconfig PROVIDES: fc-cache fc-cat fc-list fc-match fc-query fc-scan DESCRIPTION: generic font configuration library - support binaries #fortune-mod PROVIDES: strfile unstr DESCRIPTION: provides fortune cookies on demand ftp PROVIDES: netkit-ftp DESCRIPTION: classical file transfer client fuse PROVIDES: fusermount DESCRIPTION: Filesystem in Userspace #fvwm PROVIDES: fvwm2 fvwm-bug FvwmCommand fvwm-config fvwm-convert-2.4 fvwm-convert-2.6 fvwm-menu-desktop fvwm-menu-directory fvwm-menu-headlines fvwm-menu-xlock fvwm-perllib fvwm-root DESCRIPTION: F(?) Virtual Window Manager gawk PROVIDES: gawk igawk pgawk DESCRIPTION: GNU awk, a pattern scanning and processing language gcc PROVIDES: c89-gcc c99-gcc gcc gcov DESCRIPTION: GNU C compiler #gcj-4.6-jdk PROVIDES: appletviewer jar jarsigner javac javadoc javah jdb native2ascii rmic serialver DESCRIPTION: gcj and classpath development tools for Java(TM) #gcj-4.6-jre-headless PROVIDES: java keytool orbd rmid rmiregistry tnameserv DESCRIPTION: Java runtime environment using GIJ/classpath (headless version) #gconf2 PROVIDES: gconf-merge-tree gconf-schemas gconftool-2 update-gconf-defaults DESCRIPTION: GNOME configuration database system (support tools) gdb PROVIDES: gcore gdb gdbtui DESCRIPTION: The GNU Debugger #gdbserver PROVIDES: gdbserver DESCRIPTION: The GNU Debugger (remote server) gettext PROVIDES: gettextize msgattrib msgcat msgcmp msgcomm msgconv msgen msgexec msgfilter msgfmt msggrep msginit msgmerge msgunfmt msguniq recode-sr-latin xgettext DESCRIPTION: GNU Internationalization utilities gettext-base PROVIDES: envsubst gettext gettext.sh ngettext DESCRIPTION: GNU Internationalization utilities for the base system ghostscript PROVIDES: dumphint dvipdf eps2eps font2c gsbj gsdj gsdj500 gslj gslp gsnd pdf2dsc pdf2ps pdfopt pf2afm pfbtopfa pphs printafm ps2ascii ps2epsi ps2pdf12 ps2pdf13 ps2pdf14 ps2pdfwr ps2ps ps2ps2 wftopfa DESCRIPTION: interpreter for the PostScript language and for PDF gksu PROVIDES: gksu DESCRIPTION: graphical frontend to su #gnome-keyring PROVIDES: gnome-keyring-daemon DESCRIPTION: GNOME keyring services (daemon and tools) #gnutls-bin PROVIDES: certtool gnutls-cli gnutls-cli-debug gnutls-serv psktool srptool DESCRIPTION: GNU TLS library - commandline utilities #grub-coreboot PROVIDES: grub-install DESCRIPTION: GRand Unified Bootloader, version 2 (Coreboot version) #grub-legacy PROVIDES: grub grub-floppy grub-md5-crypt grub-reboot grub-set-default grub-terminfo mbchk mkbimage update-grub DESCRIPTION: GRand Unified Bootloader (Legacy version) gv PROVIDES: gv DESCRIPTION: PostScript and PDF viewer for X #hal PROVIDES: hald hal-device hal-disable-polling hal-find-by-capability hal-find-by-property hal-get-property hal-is-caller-locked-out hal-lock hal-set-property lshal umount.hal DESCRIPTION: Hardware Abstraction Layer #hardening-wrapper PROVIDES: gcc-4.2 DESCRIPTION: Compiler wrapper to enable security hardening flags #hdparm PROVIDES: hdparm DESCRIPTION: tune hard disk parameters for high performance #heimdal-clients PROVIDES: kadmin kdestroy kinit klist kpasswd ksu ktutil DESCRIPTION: Heimdal Kerberos - clients #heimdal-dev PROVIDES: krb5-config DESCRIPTION: Heimdal Kerberos - development files html2text PROVIDES: html2text DESCRIPTION: advanced HTML to text converter htop PROVIDES: htop DESCRIPTION: interactive processes viewer #icedtea-netx PROVIDES: javaws DESCRIPTION: NetX - implementation of the Java Network Launching Protocol (JNLP) #iceweasel PROVIDES: firefox DESCRIPTION: Web browser based on Firefox #id-utils PROVIDES: lid DESCRIPTION: Fast, high-capacity, identifier database tool ifmetric PROVIDES: ifmetric DESCRIPTION: Set routing metrics for a network interface #ifplugd PROVIDES: ifplugd ifplugstatus DESCRIPTION: configuration daemon for ethernet devices #ifstat PROVIDES: ifstat DESCRIPTION: InterFace STATistics Monitoring inetutils-ftpd PROVIDES: ftpd DESCRIPTION: File Transfer Protocol server inetutils-inetd PROVIDES: inetutils-inetd DESCRIPTION: internet super server inetutils-telnet PROVIDES: inetutils-telnet DESCRIPTION: telnet client inetutils-telnetd PROVIDES: telnetd DESCRIPTION: telnet server inetutils-tools PROVIDES: inetutils-ifconfig DESCRIPTION: base networking utilities (experimental package) #initramfs-tools PROVIDES: mkinitramfs update-initramfs DESCRIPTION: generic modular initramfs generator #installation-report PROVIDES: report-hw DESCRIPTION: system installation report ipcalc PROVIDES: ipcalc DESCRIPTION: parameter calculator for IPv4 addresses ipsec-tools PROVIDES: setkey DESCRIPTION: IPsec utilities ipsvd PROVIDES: tcpsvd udpsvd DESCRIPTION: Internet protocol service daemons iputils-clockdiff PROVIDES: clockdiff DESCRIPTION: Measure the time difference between networked computers iputils-tracepath PROVIDES: tracepath tracepath6 DESCRIPTION: Tools to trace the network path to a remote host ipv6calc PROVIDES: ipv6calc DESCRIPTION: small utility for manipulating IPv6 addresses #isc-dhcp-relay PROVIDES: dhcrelay DESCRIPTION: ISC DHCP relay daemon isc-dhcp-server PROVIDES: dhcpd DESCRIPTION: ISC DHCP server for automatic IP address assignment #ispell PROVIDES: buildhash findaffix icombine ijoin ispell munchlist sq tryaffix unsq DESCRIPTION: International Ispell (an interactive spelling corrector) #jackd1 PROVIDES: alsa_in alsa_out jack_alias jack_bufsize jack_connect jackd jack_disconnect jack_evmon jack_freewheel jack_impulse_grabber jack_load jack_lsp jack_metro jack_midiseq jack_midisine jack_monitor_client jack_netsource jack_showtime jack_simple_client jack_transport jack_unload DESCRIPTION: JACK Audio Connection Kit (server and example clients) joe PROVIDES: joe DESCRIPTION: user friendly full screen text editor john PROVIDES: john mailer DESCRIPTION: active password cracking tool #kate PROVIDES: kate DESCRIPTION: K Advanced Text Editor #kate-dbg PROVIDES: kwrite DESCRIPTION: debugging symbols for Kate kbd PROVIDES: loadunimap mapscrn psfxtable resizecons setfont showconsolefont DESCRIPTION: Linux console font and keytable utilities #krb5-admin-server PROVIDES: kadmind kadmin.local kprop DESCRIPTION: MIT Kerberos master server (kadmind) #krb5-clients PROVIDES: telnet.krb5 DESCRIPTION: Secure replacements for ftp, telnet and rsh using MIT Kerberos #krb5-gss-samples PROVIDES: gss-client gss-server DESCRIPTION: MIT Kerberos GSS Sample applications #krb5-kdc PROVIDES: kdb5_util kpropd krb5kdc DESCRIPTION: MIT Kerberos key server (KDC) #krb5-kdc-ldap PROVIDES: kdb5_ldap_util DESCRIPTION: MIT Kerberos key server (KDC) LDAP plugin #krb5-rsh-server PROVIDES: klogind kshd login.krb5 DESCRIPTION: Secure replacements for rshd and rlogind using MIT Kerberos #krb5-user PROVIDES: k5srvutil kvno DESCRIPTION: Basic programs to authenticate using MIT Kerberos #laptop-detect PROVIDES: laptop-detect DESCRIPTION: attempt to detect a laptop #ldap2zone PROVIDES: ldap2zone DESCRIPTION: Extract DNS zones from LDAP trees ldap-utils PROVIDES: ldapadd ldapcompare ldapdelete ldapexop ldapmodify ldapmodrdn ldappasswd ldapsearch ldapurl ldapwhoami DESCRIPTION: OpenLDAP utilities less PROVIDES: less lessecho lesskey lesspipe DESCRIPTION: pager program similar to more #libbonobo2-bin PROVIDES: activation-client bonobo-activation-sysconf bonobo-slay echo-client-2 DESCRIPTION: Bonobo CORBA interfaces library -- support binaries libc-dev-bin PROVIDES: gencat mtrace rpcgen sprof DESCRIPTION: Embedded GNU C Library: Development binaries #libcroco-tools PROVIDES: csslint-0.6 DESCRIPTION: Cascading Style Sheet (CSS) parsing and manipulation toolkit - utils #libdb1-compat PROVIDES: db_dump185 DESCRIPTION: Berkeley database routines [glibc 2.0/2.1 compatibility] #libfreetype6-dev PROVIDES: freetype-config DESCRIPTION: FreeType 2 font engine, development files #libfribidi-bin PROVIDES: fribidi DESCRIPTION: Free Implementation of the Unicode BiDi algorithm (utility) #libgcj-common PROVIDES: rebuild-security-providers DESCRIPTION: Java runtime library (common files) #libgdk-pixbuf2.0-dev PROVIDES: gdk-pixbuf-csource gdk-pixbuf-query-loaders DESCRIPTION: GDK Pixbuf library (development files) #libgksu2-0 PROVIDES: gksu-properties DESCRIPTION: library providing su and sudo functionality #libglib2.0-0-dbg PROVIDES: gdbus glib-genmarshal gobject-query gsettings DESCRIPTION: Debugging symbols for the GLib libraries #libglib2.0-bin PROVIDES: gio-querymodules glib-compile-schemas DESCRIPTION: Programs for the GLib library #libglib2.0-dev PROVIDES: gdbus-codegen glib-gettextize glib-mkenums DESCRIPTION: Development files for the GLib library #libgnome2-0 PROVIDES: gnome-open DESCRIPTION: The GNOME library - runtime files #libgnomevfs2-0-dbg PROVIDES: gnomevfs-cat gnomevfs-copy gnomevfs-df gnomevfs-info gnomevfs-ls gnomevfs-mkdir gnomevfs-monitor gnomevfs-mv gnomevfs-rm DESCRIPTION: GNOME Virtual File System (debugging libraries) #libgpg-error-dev PROVIDES: gpg-error DESCRIPTION: library for common error values and messages in GnuPG components (development) #libgtk2.0-bin PROVIDES: gtk-update-icon-cache DESCRIPTION: programs for the GTK+ graphical user interface library #libgtk2.0-dev PROVIDES: dh_gtkmodules gtk-builder-convert DESCRIPTION: development files for the GTK+ library #libgtk-3-bin PROVIDES: update-icon-caches DESCRIPTION: programs for the GTK+ graphical user interface library #libjpeg-progs PROVIDES: cjpeg djpeg exifautotran jpegexiforient jpegtran rdjpgcom wrjpgcom DESCRIPTION: Programs for manipulating JPEG files #liblockfile-bin PROVIDES: dotlockfile DESCRIPTION: support binaries for and cli utilities based on liblockfile #libmysqlclient-dev PROVIDES: mysql_config DESCRIPTION: MySQL database development files #libnss3-tools PROVIDES: certutil cmsutil crlutil modutil pk12util shlibsign signtool signver ssltap DESCRIPTION: Network Security Service tools #libpango1.0-0-dbg PROVIDES: pango-querymodules pango-view DESCRIPTION: Pango library and debugging symbols #libpango1.0-dev PROVIDES: dh_pangomodules DESCRIPTION: Development files for the Pango #libpaper-utils PROVIDES: paperconf paperconfig DESCRIPTION: library for handling paper characteristics (utilities) #libpcre3-dev PROVIDES: pcre-config DESCRIPTION: Perl 5 Compatible Regular Expression Library - development files #libpng12-dev PROVIDES: libpng12-config DESCRIPTION: PNG library - development #librep-dbg PROVIDES: rep rep-remote DESCRIPTION: debug symbols for librep #librpm-dbg PROVIDES: rpm rpm2cpio rpmdb rpmgraph rpmsign DESCRIPTION: debugging symbols for RPM #libruby1.8-dbg PROVIDES: ruby1.8 DESCRIPTION: Debugging symbols for Ruby 1.8 #libsnmp15 PROVIDES: net-snmp-config DESCRIPTION: SNMP (Simple Network Management Protocol) library #libsqlite3-0-dbg PROVIDES: sqlite3 DESCRIPTION: SQLite 3 debugging symbols #libtasn1-3-bin PROVIDES: asn1Coding asn1Decoding asn1Parser DESCRIPTION: Manage ASN.1 structures (binaries) #libtool PROVIDES: libtool libtoolize DESCRIPTION: Generic library support script #libuser PROVIDES: lchage lchfn lchsh lgroupadd lgroupdel lgroupmod lnewusers lpasswd luseradd luserdel lusermod DESCRIPTION: user and group account administration library #libxfce4util-bin PROVIDES: xfce4-kiosk-query DESCRIPTION: tools for libxfce4util lighttpd PROVIDES: lighttpd lighttpd-angel DESCRIPTION: fast webserver with minimal memory footprint links PROVIDES: links DESCRIPTION: Web browser running in text mode links2 PROVIDES: links2 xlinks2 DESCRIPTION: Web browser running in both graphics and text mode #loadlin PROVIDES: freeramdisk DESCRIPTION: loader (running under DOS) for LINUX kernel images #lpr PROVIDES: lpd DESCRIPTION: BSD lpr/lpd line printer spooling system #lrzsz PROVIDES: rx DESCRIPTION: Tools for zmodem/xmodem/ymodem file transfer lsof PROVIDES: lsof DESCRIPTION: Utility to list open files #lwresd PROVIDES: lwresd DESCRIPTION: Lightweight Resolver Daemon lynx PROVIDES: lynx DESCRIPTION: Text-mode WWW Browser #lynx-cur PROVIDES: lynx DESCRIPTION: Text-mode WWW Browser with NLS support (development version) lzma-alone PROVIDES: lzma_alone DESCRIPTION: Compression and decompression in the LZMA format - legacy utility lzop PROVIDES: lzop DESCRIPTION: fast compression program m4 PROVIDES: m4 DESCRIPTION: a macro processing language make PROVIDES: make DESCRIPTION: An utility for Directing compilation. makedev PROVIDES: MAKEDEV DESCRIPTION: creates device files in /dev man2html-base PROVIDES: man2html DESCRIPTION: convert man pages into HTML format #menu PROVIDES: install-menu su-to-root update-menus DESCRIPTION: generates programs menu for all menu-aware applications #microcom PROVIDES: microcom DESCRIPTION: minimalistic terminal program mii-diag PROVIDES: mii-diag DESCRIPTION: A little tool to manipulate network cards #mime-support PROVIDES: run-mailcap update-mime DESCRIPTION: MIME files 'mime.types' & 'mailcap', and support programs mingetty PROVIDES: mingetty DESCRIPTION: Console-only getty mpack PROVIDES: mpack munpack DESCRIPTION: tools for encoding/decoding MIME messages #mtd-utils PROVIDES: nanddump nandwrite ubiattach ubidetach ubimkvol ubirmvol ubirsvol ubiupdatevol DESCRIPTION: Memory Technology Device Utilities mtools PROVIDES: amuFormat.sh mcheck mcomp mkmanifest mtools mxtar tgz uz DESCRIPTION: Tools for manipulating MSDOS files mtr PROVIDES: mtr DESCRIPTION: Full screen ncurses and X11 traceroute tool #muddleftpd PROVIDES: ftpwho DESCRIPTION: A flexible and efficient FTP daemon #mysql-client-5.5 PROVIDES: innochecksum myisam_ftdump mysql mysqlaccess mysqladmin mysqlbug mysqlcheck mysql_client_test mysqldump mysqldumpslow mysql_find_rows mysql_fix_extensions mysqlimport mysqlshow mysql_waitpid DESCRIPTION: MySQL database client binaries #mysql-server-5.5 PROVIDES: msql2mysql myisamchk myisamlog myisampack mysqlbinlog mysql_convert_table_format mysqld_multi mysqld_safe mysqlhotcopy mysql_secure_installation mysql_setpermission mysqltest mysql_tzinfo_to_sql mysql_zap perror replace resolveip resolve_stack_dump DESCRIPTION: MySQL database server binaries and system database setup #mysql-server-core-5.5 PROVIDES: my_print_defaults mysqld mysql_install_db mysql_upgrade DESCRIPTION: MySQL database server binaries nast PROVIDES: nast DESCRIPTION: packet sniffer and lan analyzer #nbd-client PROVIDES: nbd-client DESCRIPTION: Network Block Device protocol - client ncftp PROVIDES: ncftpbatch ncftpget ncftpls ncftpput ncftpspooler DESCRIPTION: User-friendly and well-featured FTP client #netatalk PROVIDES: adv1tov2 aecho afpd asip-status.pl atalkd cnid2_create cnid_dbd cnid_metad getzones lp2pap.sh macusers megatron nbplkup nbprgstr nbpunrgstr netatalk-uniconv pap papd papstatus psorder showppd timelord DESCRIPTION: AppleTalk user binaries nfs-common PROVIDES: gss_clnt_send_err gss_destroy_creds mount.nfs mount.nfs4 nfsstat rpcdebug rpc.gssd rpc.idmapd rpc.statd rpc.svcgssd showmount sm-notify start-statd umount.nfs umount.nfs4 DESCRIPTION: NFS support files common to client and server nfs-kernel-server PROVIDES: exportfs rpc.mountd rpc.nfsd DESCRIPTION: support for NFS kernel server nis PROVIDES: rpc.yppasswdd rpc.ypxfrd ypbind ypcat ypchfn ypchsh ypmatch yppasswd yppoll yppush ypserv ypserv_test ypset yptest ypwhich DESCRIPTION: clients and daemons for the Network Information Service (NIS) nmap PROVIDES: ncat ndiff nmap nping DESCRIPTION: The Network Mapper #nscd PROVIDES: nscd DESCRIPTION: Embedded GNU C Library: Name Service Cache Daemon ntp PROVIDES: ntpd ntpdc ntp-keygen ntpq ntptime ntptrace ntp-wait sntp DESCRIPTION: Network Time Protocol daemon and utility programs ntpdate PROVIDES: ntpdate DESCRIPTION: client for setting system time from NTP servers #ocaml PROVIDES: labltk ocamlbrowser DESCRIPTION: ML language implementation with a class-based object system #ocaml-base-nox PROVIDES: ocamlrun DESCRIPTION: Runtime system for OCaml bytecode executables (no X) #ocaml-interp PROVIDES: ocaml DESCRIPTION: OCaml interactive interpreter and standard libraries #ocaml-nox PROVIDES: ocamlbuild.byte ocamlbuild.native ocamlc ocamlcp ocamldebug ocamldep ocamldoc ocamldumpobj ocamllex ocamlmklib ocamlmktop ocamlobjinfo ocamlopt ocamlprof ocamlyacc DESCRIPTION: ML implementation with a class-based object system (no X) #odt2txt PROVIDES: sxw2txt DESCRIPTION: simple converter from OpenDocument Text to plain text #omniidl PROVIDES: omnicpp omniidl DESCRIPTION: omniORB IDL to C++ and Python compiler #openbsd-inetd PROVIDES: inetd DESCRIPTION: OpenBSD Internet Superserver #openjdk-6-dbg PROVIDES: apt extcheck idlj javap jconsole jhat jinfo jmap jps jrunscript jsadebugd jstack jstat jstatd pack200 policytool schemagen servertool unpack200 wsgen wsimport xjc DESCRIPTION: Java runtime based on OpenJDK (debugging symbols) openresolv PROVIDES: resolvconf DESCRIPTION: management framework for resolv.conf openssh-client PROVIDES: scp sftp slogin ssh ssh-add ssh-agent ssh-argv0 ssh-copy-id ssh-keygen ssh-keyscan DESCRIPTION: secure shell (SSH) client, for secure access to remote machines openssh-server PROVIDES: sshd DESCRIPTION: secure shell (SSH) server, for secure access from remote machines openssl PROVIDES: c_rehash openssl DESCRIPTION: Secure Socket Layer (SSL) binary and related cryptographic tools #openswan PROVIDES: ipsec DESCRIPTION: Internet Key Exchange daemon #orbit2 PROVIDES: ior-decode-2 linc-cleanup-sockets typelib-dump DESCRIPTION: a CORBA ORB patch PROVIDES: patch DESCRIPTION: Apply a diff file to an original #pciutils PROVIDES: lspci pcimodules setpci update-pciids DESCRIPTION: Linux PCI Utilities #pcregrep PROVIDES: pcregrep DESCRIPTION: grep utility that uses perl 5 compatible regexes. picolisp PROVIDES: watchdog DESCRIPTION: Lisp interpreter and application server framework #pidentd PROVIDES: identd ikeygen DESCRIPTION: TCP/IP IDENT protocol server with DES support #pkg-config PROVIDES: pkg-config DESCRIPTION: manage compile and link flags for libraries #policycoreutils PROVIDES: audit2allow audit2why chcat fixfiles genhomedircon load_policy newrole open_init_pty restorecon run_init secon se_dpkg semanage semodule semodule_deps semodule_expand semodule_link semodule_package sepolgen-ifgen sestatus setfiles setsebool DESCRIPTION: SELinux core policy utilities #policykit-1 PROVIDES: pkaction pkcheck pkexec DESCRIPTION: framework for managing administrative policies and privileges postfix PROVIDES: postalias postcat postconf postdrop postfix postkick postlock postlog postmap postmulti postqueue postsuper qmqp-sink qmqp-source qshape smtp-sink smtp-source DESCRIPTION: High-performance mail transport agent #powertop PROVIDES: powertop DESCRIPTION: Linux tool to find out what is using power on a laptop #ppl-dev PROVIDES: ppl-config DESCRIPTION: Parma Polyhedra Library (development binaries) ppp PROVIDES: chat DESCRIPTION: Point-to-Point Protocol (PPP) - daemon #proftpd-basic PROVIDES: ftpcount ftpdctl ftpshut ftptop proftpd DESCRIPTION: Versatile, virtual-hosting FTP daemon - binaries #protoize PROVIDES: protoize unprotoize DESCRIPTION: Create/remove ANSI prototypes from C code #pscan PROVIDES: pscan DESCRIPTION: Format string security checker for C files psmisc PROVIDES: fuser killall peekfd pstree pstree.x11 DESCRIPTION: utilities that use the proc file system #pulseaudio PROVIDES: pulseaudio DESCRIPTION: PulseAudio sound server #pulseaudio-esound-compat PROVIDES: esd esdcompat DESCRIPTION: PulseAudio ESD compatibility layer #python PROVIDES: 2to3 pydoc DESCRIPTION: interactive high-level object-oriented language (default version) #python2.6-dbg PROVIDES: python2.6 DESCRIPTION: Debug Build of the Python Interpreter (version 2.6) #python-central PROVIDES: dh_pycentral pycentral py_compilefiles DESCRIPTION: register and build utility for Python packages python-minimal PROVIDES: python DESCRIPTION: minimal subset of the Python language (default version) #python-support PROVIDES: dh_pysupport update-python-modules DESCRIPTION: automated rebuilding support for Python modules #qmail PROVIDES: maildirmake DESCRIPTION: a secure, reliable, efficient, simple message transfer agent quagga PROVIDES: vtysh DESCRIPTION: BGP/OSPF/RIP routing daemon racoon PROVIDES: plainrsa-gen racoon racoonctl DESCRIPTION: IPsec Internet Key Exchange daemon radvd PROVIDES: radvd radvdump DESCRIPTION: Router Advertisement Daemon rdate PROVIDES: rdate DESCRIPTION: sets the system's date from a remote host #readahead-fedora PROVIDES: readahead DESCRIPTION: Fedora's implementation of readahead to preload boot process files #reportbug PROVIDES: querybts reportbug DESCRIPTION: reports bugs in the Debian distribution #rlinetd PROVIDES: update-inetd DESCRIPTION: gruesomely over-featured inetd replacement rox-filer PROVIDES: rox-filer DESCRIPTION: A simple graphical file manager for X11 roxterm-gtk2 PROVIDES: roxterm roxterm-config DESCRIPTION: Multi-tabbed GTK+/VTE terminal emulator - GTK2 version rpcbind PROVIDES: rpcbind DESCRIPTION: converts RPC program numbers into universal addresses #rpm PROVIDES: gendiff rpmquery rpmverify DESCRIPTION: package manager for RPM rsync PROVIDES: rsync DESCRIPTION: fast, versatile, remote (and local) file-copying tool rsyslog PROVIDES: rsyslogd DESCRIPTION: reliable system and kernel logging daemon #rtkit PROVIDES: rtkitctl DESCRIPTION: Realtime Policy and Watchdog Daemon #ruby1.8 PROVIDES: erb1.8 testrb1.8 DESCRIPTION: Interpreter of object-oriented scripting language Ruby 1.8 runit PROVIDES: chpst runsv runsvdir sv svlogd DESCRIPTION: system-wide service supervision rxvt PROVIDES: rclock rxvt-xpm rxvt-xterm DESCRIPTION: VT102 terminal emulator for the X Window System samba-common-bin PROVIDES: smbpasswd DESCRIPTION: common files used by both the Samba server and client #sash PROVIDES: sash DESCRIPTION: Stand-alone shell #sasl2-bin PROVIDES: saslauthd sasldblistusers2 saslpasswd2 testsaslauthd DESCRIPTION: Cyrus SASL - administration programs for SASL users database #sawfish PROVIDES: sawfish sawfish-client sawfish-ui DESCRIPTION: a window manager for X11 setserial PROVIDES: setserial DESCRIPTION: controls configuration of serial ports #sgml-base PROVIDES: install-sgmlcatalog update-catalog DESCRIPTION: SGML infrastructure and SGML catalog file support sharutils PROVIDES: shar unshar uudecode uuencode DESCRIPTION: shar, unshar, uuencode, uudecode slapd PROVIDES: slapacl slapadd slapauth slapcat slapd slapdn slapindex slappasswd slapschema slaptest DESCRIPTION: OpenLDAP server (slapd) #smartlist PROVIDES: digest DESCRIPTION: Versatile and Intelligent List Processor #smistrip PROVIDES: smistrip DESCRIPTION: extract MIB from text files like RFC #smitools PROVIDES: smicache smidiff smidump smilint smiquery smixlate DESCRIPTION: various tools operating on MIB module files #snacc PROVIDES: berdecode mkchdr ptbl pval snacc snacc-config DESCRIPTION: ASN.1 to C or C++ or IDL compiler snmp PROVIDES: encode_keychange snmpbulkget snmpbulkwalk snmpdelta snmpdf snmpget snmpgetnext snmpinform snmpnetstat snmpset snmpstatus snmptable snmptest snmptranslate snmptrap snmpusm snmpvacm snmpwalk DESCRIPTION: SNMP (Simple Network Management Protocol) applications snmpd PROVIDES: snmpd snmptrapd DESCRIPTION: SNMP (Simple Network Management Protocol) agents socat PROVIDES: filan procan socat DESCRIPTION: multipurpose relay for bidirectional data transfer sshfs PROVIDES: sshfs DESCRIPTION: filesystem client based on SSH File Transfer Protocol #ssl-cert PROVIDES: make-ssl-cert DESCRIPTION: simple debconf wrapper for OpenSSL strace PROVIDES: strace DESCRIPTION: A system call tracer sudo PROVIDES: sudo sudoedit sudoreplay visudo DESCRIPTION: Provide limited super user privileges to specific users sysfsutils PROVIDES: systool DESCRIPTION: sysfs query tool and boot-time setup sysstat PROVIDES: iostat mpstat DESCRIPTION: system performance tools for Linux #tack PROVIDES: tack DESCRIPTION: terminfo action checker tcl8.4 PROVIDES: tclsh8.4 DESCRIPTION: Tcl (the Tool Command Language) v8.4 - run-time files #tcm PROVIDES: tcpd DESCRIPTION: Toolkit for Conceptual Modeling (TCM) #tcpd PROVIDES: safe_finger tcpdchk tcpdmatch try-from DESCRIPTION: Wietse Venema's TCP wrapper utilities tcpdump PROVIDES: tcpdump DESCRIPTION: command-line network traffic analyzer tcsh PROVIDES: tcsh DESCRIPTION: TENEX C Shell, an enhanced version of Berkeley csh telnet PROVIDES: telnet.netkit DESCRIPTION: The telnet client #texinfo PROVIDES: makeinfo texi2dvi texi2pdf texindex DESCRIPTION: Documentation system for on-line information and printed output tftp PROVIDES: tftp DESCRIPTION: Trivial file transfer protocol client #thunar PROVIDES: Thunar DESCRIPTION: File Manager for Xfce time PROVIDES: time DESCRIPTION: GNU time program for measuring CPU resource usage tk8.4 PROVIDES: wish8.4 DESCRIPTION: Tk toolkit for Tcl and X11, v8.4 - run-time files tshark PROVIDES: tshark DESCRIPTION: network traffic analyzer - console version #ucf PROVIDES: lcf ucf ucfq ucfr DESCRIPTION: Update Configuration File: preserve user changes to config files. ucspi-tcp-ipv6 PROVIDES: tcpclient tcpserver DESCRIPTION: command-line tools for building TCP client-server applications (IPv6) #udev PROVIDES: udevadm udevd DESCRIPTION: /dev/ and hotplug management daemon #udhcpc PROVIDES: udhcpc DESCRIPTION: Provides the busybox DHCP client implementation #udhcpd PROVIDES: dumpleases udhcpd DESCRIPTION: Provides the busybox DHCP server implementation #uml-utilities PROVIDES: tunctl DESCRIPTION: User-mode Linux (utility programs) unzip PROVIDES: unzip DESCRIPTION: De-archiver for .zip files #usbutils PROVIDES: lsusb update-usbids usb-devices DESCRIPTION: Linux USB utilities #usermode PROVIDES: consolehelper userhelper DESCRIPTION: Graphical tools for certain user account management tasks #uuid-runtime PROVIDES: uuidgen DESCRIPTION: runtime components for the Universally Unique ID library vim PROVIDES: vim.basic DESCRIPTION: Vi IMproved - enhanced vi editor vim-addon-manager PROVIDES: vim-addons DESCRIPTION: manager of addons for the Vim editor vim-runtime PROVIDES: vimtutor DESCRIPTION: Vi IMproved - Runtime files vim-scripts PROVIDES: dtd2vim vimplate DESCRIPTION: plugins for vim, adding bells and whistles vlan PROVIDES: vconfig DESCRIPTION: user mode programs to enable VLANs on your ethernet devices #vlock PROVIDES: vlock DESCRIPTION: Virtual Console locking program w3m PROVIDES: w3m w3mman DESCRIPTION: WWW browsable pager with excellent tables/frames support whois PROVIDES: mkpasswd whois DESCRIPTION: intelligent WHOIS client wireshark PROVIDES: wireshark DESCRIPTION: network traffic analyzer - GTK+ version wireshark-common PROVIDES: capinfos dumpcap editcap mergecap text2pcap DESCRIPTION: network traffic analyzer - common files #wireshark-dev PROVIDES: asn2deb idl2deb idl2wrs DESCRIPTION: network traffic analyzer - development tools x11-apps PROVIDES: atobm bitmap bmtoa ico oclock x11perf x11perfcomp xbiff xcalc xclipboard xclock xconsole xcursorgen xcutsel xditview xedit xeyes xgc xload xlogo xmag xman xmore xwd xwud DESCRIPTION: X applications #x11-session-utils PROVIDES: rstart rstartd smproxy xsm DESCRIPTION: X session utilities x11-utils PROVIDES: appres editres listres luit viewres xdpyinfo xdriinfo xev xfd xfontsel xkill xlsatoms xlsclients xlsfonts xmessage xprop xvinfo xwininfo DESCRIPTION: X11 utilities #x11-xfs-utils PROVIDES: fslsfonts fstobdf showfont xfsinfo DESCRIPTION: X font server utilities x11-xkb-utils PROVIDES: setxkbmap xkbbell xkbcomp xkbevd xkbprint xkbvleds xkbwatch DESCRIPTION: X11 XKB utilities #x11-xserver-utils PROVIDES: iceauth sessreg showrgb xcmsdb xgamma xhost xmodmap xrandr xrdb xrefresh xset xsetmode xsetpointer xsetroot xstdcmap xvidtune DESCRIPTION: X server utilities xauth PROVIDES: xauth DESCRIPTION: X authentication utility #xdg-user-dirs PROVIDES: xdg-user-dir xdg-user-dirs-update DESCRIPTION: tool to manage well known user directories #xdg-user-dirs-gtk PROVIDES: xdg-user-dirs-gtk-update DESCRIPTION: tool to manage well known user directories (Gtk extension) #xdg-utils PROVIDES: xdg-desktop-icon xdg-desktop-menu xdg-email xdg-icon-resource xdg-mime xdg-open xdg-screensaver xdg-settings DESCRIPTION: desktop integration utilities from freedesktop.org #xfce4-panel PROVIDES: xfce4-panel DESCRIPTION: panel for Xfce4 desktop environment #xfce4-session PROVIDES: xfce4-session xfce4-session-logout xfce4-tips DESCRIPTION: Xfce4 Session Manager #xfce4-terminal PROVIDES: xfce4-terminal xfce4-terminal.wrapper DESCRIPTION: Xfce terminal emulator #xfce4-utils PROVIDES: startxfce4 xfbrowser4 xfce4-about xfhelp4 xflock4 xfmountdev4 xfrun4 xfterm4 DESCRIPTION: Various tools for Xfce #xfdesktop4 PROVIDES: xfdesktop DESCRIPTION: xfce desktop background, icons and root menu manager xfonts-utils PROVIDES: bdftopcf bdftruncate mkfontdir mkfontscale ucs2any update-fonts-alias update-fonts-dir update-fonts-scale DESCRIPTION: X Window System font utility programs #xfwm4 PROVIDES: xfwm4 DESCRIPTION: window manager of the Xfce project #xinetd PROVIDES: itox xinetd DESCRIPTION: replacement for inetd with many enhancements #xinit PROVIDES: startx xinit DESCRIPTION: X server initialisation tool #xml-core PROVIDES: dh_installxmlcatalogs update-xmlcatalog DESCRIPTION: XML infrastructure and XML catalog file support #xserver-xorg PROVIDES: X DESCRIPTION: X.Org X server xterm PROVIDES: koi8rxterm lxterm resize uxterm xterm DESCRIPTION: X terminal emulator xtermcontrol PROVIDES: xtermcontrol DESCRIPTION: dynamic configuration of xterm properties xtermset PROVIDES: xtermset DESCRIPTION: change the characteristics of an xterm #xutils-dev PROVIDES: ccmakedep cleanlinks gccmakedep imake lndir makedepend makeg mergelib mkdirhier mkhtmlindex revpath xmkmf DESCRIPTION: X Window System utility programs for development #xview-clients PROVIDES: clock cmdtool props textedit DESCRIPTION: XView client programs #xviewg PROVIDES: capitalize insert_brackets remove_brackets shift_lines DESCRIPTION: XView shared libraries xvt PROVIDES: xvt DESCRIPTION: X terminal-emulator similar to xterm, but smaller ././@LongLink0000644000000000000000000000017600000000000011607 Lustar rootrootmarionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/binary_list.machine-guignol-60440.543marionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh.files/package_catalog/binary_list.0000644000175000017500000001001113175722671032357 0ustar lucaslucas acpid addgroup add-shell adduser adjtimex agentxtrap ar arp arping ash awk babeld base64 basename bash beep bgpd blkid blockdev bootchartd brctl bridg bridge bunzip2 busybox bzcat bzcmp bzdiff bzegrep bzfgrep bzgrep bzip2 bzip2recover bzless bzmore cal cat catv chat chattr chgrp chmod chown chpasswd chpst chroot chrt chvt cksum clear cmp comm conspy cp cpio crond crontab cryptpw ctstat cttyhack curl curlftpfs cut date dc dd deallocvt delgroup deluser depmod devmem df dhclient dhcpd dhcprelay diff dig dirname dmesg dnsd dnsdomainname dnssec-dsfromkey dnssec-keyfromlabel dnssec-keygen dnssec-signzone dos2unix du dumpkeys dumpkmap dumpleases e echo ed egrep eject em encode_keychange env envdir envuidgid ether-wake ethghost ethtool expand expr fakeidentd false fbset fbsplash fdflush fdformat fdisk fgconsole fgrep filan file find findfs flex++ flock fold free freeramdisk fsck fsck.minix fsync ftpd ftpget ftpput fuser fusermount gdbus gdbus-codegen genl getconf getkeycodes getopt getty gio-querymodules glib-compile-schemas grep groups gsettings gunzip gzip halt hd hdparm head hexdump host hostid hostname httpd hush hwclock iconv id ifconfig ifconfig.busybox ifdown ifenslave ifplugd ifstat ifup inetd init insmod install ionice iostat ip ip6tables ip6tables-restore ip6tables-save ipaddr ipcalc ipcrm ipcs iplink iproute iprule iptables iptables-restore iptables-save iptables-xml iptunnel isisd kbd_mode kbdrate kill killall killall5 klogd last ldconfig ldd less lighttpd lighttpd-angel links linux32 linux64 ln lnstat loadfont loadkeys loadkmap loadunimap logger login logname logread losetup lpd lpq lpr ls lsattr lsmod lsof lspci lsusb lwresd lzcat lzcmp lzdiff lzegrep lzfgrep lzgrep lzless lzma lzmadec lzmainfo lzmore lzop lzopcat makedevs makemime man mapscrn md5sum mdev mesg microcom mkdir mkdosfs mke2fs mkfifo mkfs.ext2 mkfs.minix mkfs.vfat mknod mkpasswd mkswap mktemp modinfo modprobe more mount mountpoint mpstat mt mv named named-checkconf named-checkzone named-compilezone nameif nanddump nandwrite nano nbd-client nc ncat ncftp ncftpbatch ncftpget ncftpls ncftpput ncftpspooler ndiff netcat net-snmp-config net-snmp-create-v3-user netstat nice nmap nmeter nohup nping nslookup nstat nsupdate ntpd ntpdate ntpdc ntpq od openvt ospf6d ospfclient ospfd passwd patch pcregrep pcretest pgrep pidof ping ping6 pipe_progress pivot_root pkill pmap popmaildir poweroff powertop printenv printf procan ps pscan psfaddtable psfgettable psfstriptable psfxtable pstree pwd pwdx radvd radvdump raidautorun rdate rdev readahead readlink readprofile realpath reboot reformime remove-shell renice reset resize resizecons rev ripd ripngd rm rmdir rmmod rndc rndc-confgen route routef routel rpcbind rpcgen rpcinfo rpm rpm2cpio rsync rtacct rtcwake rtmon rtpr rtstat runlevel run-parts runsv runsvdir rx scp script scriptreplay sed sendmail seq setarch setconsole setfont setkeycodes setleds setlogcons setmetamode setserial setsid setuidgid sftp sh sha1sum sha256sum sha3sum sha512sum showconsolefont showkey sh.prebash slattach sleep slogin smemcap snmpbulkget snmpbulkwalk snmpd snmpdelta snmpdf snmpget snmpgetnext snmpinform snmpnetstat snmpset snmpstatus snmptable snmptest snmptranslate snmptrap snmptrapd snmpusm snmpvacm snmpwalk sntp socat softlimit sort split ss ssh ssh-add ssh-agent sshd sshfs ssh-keygen ssh-keyscan start-stop-daemon stat strace strace-log-merge strings stty su sudo sudoedit sudoreplay sulogin sum sv svlogd swapoff swapon switch_root sync sysctl syslogd tac tail tar tc tcpdump tcpsvd tee telnet telnetd test tftp tftpd time timeout top touch tr traceroute traceroute6 true tty ttysize tunctl ubiattach ubidetach ubimkvol ubirmvol ubirsvol ubiupdatevol udhcpc udhcpd udpsvd umount uname uncompress unexpand unicode_start unicode_stop uniq unix2dos unlzma unlzop unxz unzip uptime users usleep uudecode uuencode vconfig vi visudo vlock volname wall watch watchdog watchquagga wc wget which who whoami whois xargs xtables-multi xz xzcat xzcmp xzdec xzdiff xzegrep xzfgrep xzgrep xzless xzmore yes zcat zcip zcmp zdiff zebra zegrep zfgrep zgrep zhead zless ztail marionnet-0.90.6+bzr508.orig/uml/pupisto.debian/pupisto.debian.sh0000755000175000017500000010427013175722671023612 0ustar lucaslucas#!/bin/bash # This file is part of Marionnet, a virtual network laboratory # Copyright (C) 2013 Jean vincent Loddo # Copyright (C) 2013 Antoine Seignard # Copyright (C) 2013 Université Paris 13 # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program. If not, see . # This script helps people to build a debian filesystem # with debootstrap according to the Marionnet requirements. # ============================================================= # AUTOMATIC LOG-FILE GENERATION # ============================================================= MY_BASENAME=$(basename $0) if [[ $1 = "--help" || $1 = "-h" ]]; then # do nothing and continue : elif grep -q "log_${MY_BASENAME}[.]......$" <<<"$1"; then LOGFILE=$1 shift # and continue else LOGFILE=$(mktemp /tmp/log_${MY_BASENAME}.XXXXXX) EXIT_CODE_FILE=$(mktemp /tmp/exit_code_${MY_BASENAME}.XXXXXX) echo -e "Log file of command:\n$0" "$@" "\n---" | tee $LOGFILE COLUMNS=$(tput cols) # Recursive call to this script, but with logging capabilities: { time $0 "$LOGFILE" "$@"; echo $? >$EXIT_CODE_FILE; } 2>&1 | tee -a "$LOGFILE" | cut -c1-$((COLUMNS)) read EXIT_CODE <$EXIT_CODE_FILE rm -f $EXIT_CODE_FILE echo "---" echo "$MY_BASENAME: previous running logged into $LOGFILE" exit $EXIT_CODE fi # Script body: set -e # ============================================================= # CMDLINE PARSING # ============================================================= # Getopt's format used to parse the command line: OPTSTRING="hmc:Kk:dn:s:r:t:L" function parse_cmdline { local i j flag # Transform long format options into the short one: for i in "$@"; do if [[ double_dash_found = 1 ]]; then ARGS+=("$i") else case "$i" in --help) ARGS+=("-h"); ;; --custom) ARGS+=("-m"); ;; --continue) ARGS+=("-c"); ;; --name) ARGS+=("-n"); ;; --kernel) ARGS+=("-k"); ;; --no-kernel) ARGS+=("-K"); ;; --debug) ARGS+=("-d"); ;; --release) ARGS+=("-r"); ;; --server) ARGS+=("-s"); ;; --fstype) ARGS+=("-t"); ;; --no-locales) ARGS+=("-L"); ;; --) ARGS+=("--"); double_dash_found=1; ;; --[a-zA-Z0-9]*) echo "*** Illegal long option $i."; exit 1; ;; -[a-zA-Z0-9]*) j="${i:1}"; while [[ $j != "" ]]; do ARGS+=("-${j:0:1}"); j="${j:1}"; done; ;; *) ARGS+=("$i") ;; esac fi done set - "${ARGS[@]}" unset ARGS # Interpret short format options: while [[ $# -gt 0 ]]; do OPTIND=1 while getopts ":$OPTSTRING" flag; do if [[ $flag = '?' ]]; then echo "ERROR: illegal option -$OPTARG."; exit 1; fi eval "option_${flag}=$OPTIND" eval "option_${flag}_arg='$OPTARG'" done for ((j=1; j ca:12345:ctrlaltdel:/sbin/halt # (2) add a line: # > 0:12345:respawn:/sbin/getty 38400 tty0 xterm # (3) comment lines in the form: # > #1:2345:respawn:/sbin/getty 38400 tty1 # > #2:23:respawn:/sbin/getty 38400 tty2 # > ... # > #6:23:respawn:/sbin/getty 38400 tty6 # Note that the function is idempotent. function fix_etc_inittab { # global DEBIANROOT local ROOT=${1:-$DEBIANROOT} local TMPFILE=$(mktemp) local AWK_PROGRAM='/^1:2345:respawn:/ {print line} /^[1-6]:[1-6]*:respawn/ {print "#"$0; next} {print}' # Note that th -L option is very relevant to obtain a console quicly reacting to CTRL-C/CTRL-Z etc: sudo awk -v line="0:12345:respawn:/sbin/getty -L 38400 tty0 xterm" "$AWK_PROGRAM" "$ROOT/etc/inittab" > $TMPFILE tabular_file_update --ignore-unchanged -i -d ":" -k 1 --key-value "ca" -f 4 --field-value "/sbin/halt" $TMPFILE sudo cp $TMPFILE $ROOT/etc/inittab rm -f $TMPFILE } function fix_etc_fstab { # global DEBIANROOT FSTYPE local ROOT=${1:-$DEBIANROOT} local TYPE=${FSTYPE:-$DEFAULT_FSTYPE} local TMPFILE=$(mktemp) cat 1>$TMPFILE < $TMPFILE sudo cp $TMPFILE $TARGET rm -f $TMPFILE fi } # Executed by `sudo_chroot_fcall' (i.e. as `root' in a chrooted environment): # We suppose that the directory containing ethghost in the # chrooted environment is "/tmp/ethghost": function make_ethghost { local ETHGHOST=/tmp/ethghost make -C $ETHGHOST strip $ETHGHOST/ethghost make DESTDIR=/usr/local -C $ETHGHOST install rm -rf $ETHGHOST } # Compile ethghost into the 32-bits filesystem. # Here we suppose that the apt sources have been fixed: function compile_and_install_ethghost { # global DEBIANROOT local ROOT=${1:-$DEBIANROOT} sudo cp -dR ../ethghost $ROOT/tmp/ sudo chroot ${ROOT} apt-get install -y linux-libc-dev libc6-dev || true export -f make_ethghost sudo_chroot_fcall ${ROOT} make_ethghost } function make_symlink_etc_init_dhcpd_in_chroot { if [[ ! -e /etc/init.d/dhcpd && -x /etc/init.d/isc-dhcp-server ]]; then ln -s isc-dhcp-server /etc/init.d/dhcpd; fi } function make_symlink_etc_init_dhcpd { # global DEBIANROOT local ROOT=${1:-$DEBIANROOT} export -f make_symlink_etc_init_dhcpd_in_chroot sudo_chroot_fcall ${ROOT} make_symlink_etc_init_dhcpd_in_chroot } function install_marionnet_relay_as_root { # global PUPISTO_FILES DEBIANROOT local ROOT=${1:-$DEBIANROOT} cp -v $PUPISTO_FILES/marionnet-relay ${ROOT}/etc/init.d/ chmod +x ${ROOT}/etc/init.d/marionnet-relay chroot $ROOT update-rc.d marionnet-relay defaults } function install_marionnet_relay { # global PUPISTO_FILES DEBIANROOT export PUPISTO_FILES DEBIANROOT sudo_fcall install_marionnet_relay_as_root } function install_bashrc_in_the_skeleton { # global PUPISTO_FILES DEBIANROOT local ROOT=${1:-$DEBIANROOT} local BASHRC=$PUPISTO_FILES/bashrc sudo cp $BASHRC $ROOT/etc/skel/.bash_aliases } function copy_bashrc_in_the_root_home { # global PUPISTO_FILES DEBIANROOT local ROOT=${1:-$DEBIANROOT} local BASHRC=$PUPISTO_FILES/bashrc # Make the `root' directory similar to the `student' one about Bash settings: sudo cp -f $ROOT/etc/skel/.bash* $ROOT/root/ # Copy our bashrc (as bash_aliases, that will be sourced by the actual bashrc): sudo cp $BASHRC $ROOT/root/.bash_aliases } function create_user_student { # global DEBIANROOT local ROOT=${1:-$DEBIANROOT} sudo_careful_chroot $ROOT adduser --home /home/student --shell /bin/bash --uid 1001 --disabled-password --gecos "Student,,," student fix_student_password $ROOT sudo_careful_chroot $ROOT adduser student sudo } function configure_daemon_and_accounts_to_accept_ssh_connection_as_root { # global DEBIANROOT PUPISTO_FILES local ROOT=${1:-$DEBIANROOT} SSHD_CONFIG=$ROOT/etc/ssh/sshd_config SSH_DIR=$PUPISTO_FILES/ssh if [[ -f "$SSHD_CONFIG" ]]; then user_config_set --ignore-unchanged "PermitRootLogin" " " "yes" $SSHD_CONFIG user_config_set --ignore-unchanged "StrictModes" " " "no" $SSHD_CONFIG user_config_set --ignore-unchanged "PubkeyAuthentication" " " "yes" $SSHD_CONFIG mkdir -p $ROOT/{home/student,root}/.ssh chmod 700 $ROOT/{home/student,root}/.ssh chown 1001:1001 $ROOT/home/student/.ssh cat ${SSH_DIR}/id_rsa_marionnet.pub >> $ROOT/home/student/.ssh/authorized_keys cat ${SSH_DIR}/id_rsa_marionnet.pub >> $ROOT/root/.ssh/authorized_keys chmod 644 $ROOT/{home/student,root}/.ssh/authorized_keys else echo "Warning: $SSHD_CONFIG not found. I can't configure daemon and accounts to accept Marionnet connections." fi } # configure_daemon_and_accounts_to_accept_ssh_connection function configure_daemon_and_accounts_to_accept_ssh_connection { # global PUPISTO_FILES DEBIANROOT export PUPISTO_FILES DEBIANROOT sudo_fcall configure_daemon_and_accounts_to_accept_ssh_connection_as_root } # Fix /etc/issue according to $INSTALL_LINUXLOGO # Note that the script `marionnet_relay' will catenate the # output of the command `linuxlogo' with the content of # the file "/etc/issue.marionnet": function fix_etc_issue_as_root { # global DEBIANROOT INSTALL_LINUXLOGO local ROOT=${1:-$DEBIANROOT} local PREVIOUS_MESSAGE TARGET if [[ $INSTALL_LINUXLOGO = y ]]; then unset $PREVIOUS_MESSAGE TARGET=$ROOT/etc/issue.marionnet else # For instance PREVIOUS_MESSAGE could be "Debian GNU/Linux 7" PREVIOUS_MESSAGE=$(awk <$ROOT/etc/issue -F "\\" '{print $1; exit 0}') PREVIOUS_MESSAGE+="\n" TARGET=$ROOT/etc/issue fi cat >$TARGET <$TARGET <<"EOF" #!/bin/bash # The option -f prevent a Marionnet crash using kernels 3.2.x # For a similar reason, the option "-a reboot" must no be used: exec /sbin/halt "$@" -f EOF # --- chmod +x $TARGET # --- Fix `shutdown' TARGET=$ROOT/sbin/shutdown mv $TARGET $TARGET.unsafe cat >$TARGET <<"EOF" #!/bin/bash # The option -h neutralize the option -r that causes a # Marionnet crash using kernels 3.2.x exec -a shutdown /sbin/shutdown.unsafe "$@" -h EOF # --- chmod +x $TARGET } # fix_reboot_as_root function fix_reboot { # global DEBIANROOT export DEBIANROOT sudo_fcall fix_reboot_as_root } function fix_wireshark_init_lua { # global DEBIANROOT local ROOT=${1:-$DEBIANROOT} local TARGET=$ROOT/etc/wireshark/init.lua if [[ -f $TARGET ]]; then sudo sed -i -e 's/dofile(DATA_DIR.."console.lua")/--dofile(DATA_DIR.."console.lua")/' $TARGET fi } function fix_locales_as_root { # global DEBIANROOT local ROOT=${1:-$DEBIANROOT} [[ -n $ROOT ]] || return 1 # --- cat >$ROOT/etc/locale.gen <<"EOF" # This file lists locales that you wish to have built. You can find a list # of valid supported locales at /usr/share/i18n/SUPPORTED. Other # combinations are possible, but may not be well tested. If you change # this file, you need to rerun locale-gen. # # XXX GENERATED XXX # # NOTE!!! If you change this file by hand, and want to continue # maintaining manually, remove the above line. Otherwise, use the command # "dpkg-reconfigure locales" to manipulate this file. You can manually # change this file without affecting the use of debconf, however, since it # does read in your changes. en_US.UTF-8 UTF-8 EOF # --- # Equivalent to `dpkg-reconfigure locales': chroot $ROOT locale-gen } function fix_locales { # global DEBIANROOT INSTALL_LOCALES [[ -n $INSTALL_LOCALES ]] || return 0 export DEBIANROOT sudo_fcall fix_locales_as_root } function prevent_non_vital_services_from_starting { # global DEBIANROOT local ROOT=${1:-$DEBIANROOT} # Note that `console-screen.sh' creates a second windows. So, we don't consider it as required. # Note that `linuxlogo' is lanched manually by `marionnet_relay'. So, we don't consider it as required. # The service `x11-common' should be required for x-nested machines. local REQUIRED_SERVICES="bootlogs bootmisc.sh checkroot-bootclean.sh checkroot.sh cron halt hostname.sh killprocs kmod marionnet-relay mountall-bootclean.sh mountall.sh mtab.sh networking procps rc rc.local rcS reboot rmnologin sendsigs single skeleton sudo sysfsutils sysstat umountfs umountroot urandom" local TMPFILE1=$(mktemp) local TMPFILE2=$(mktemp) find $ROOT/etc/init.d/ -mindepth 1 -maxdepth 1 -name "[a-z][a-z.\-0-9]*" -exec basename {} \; > $TMPFILE1 echo $REQUIRED_SERVICES | tr ' ' '\n' > $TMPFILE2 SERVICES_TO_REMOVE=$(list_diff $TMPFILE1 $TMPFILE2) # Example: SERVICES_TO_REMOVE="apache2 atftpd babeld bind9 checkfs.sh courier-authdaemon courier-imap courier-ldap courier-mta dbus dhcpd etc-setserial hwclock.sh inetutils-inetd inetutils-syslogd isc-dhcp-server lighttpd motd mountdevsubfs.sh mountkernfs.sh mountnfs-bootclean.sh mountnfs.sh nfs-common nfs-kernel-server nis ntp pppd-dns quagga racoon radvd rpcbind rsync setkey setserial slapd snmpd ssh udev udev-mtab umountnfs.sh x11-common" rm -f $TMPFILE1 $TMPFILE2 local i for i in $SERVICES_TO_REMOVE; do sudo chroot $ROOT update-rc.d -f "$i" remove || true done # Fix some annoying messages on boot: local TARGET=$ROOT/etc/init.d/mountall.sh if [[ -f $TARGET ]]; then sudo sed -i -e 's/kill -s USR1/kill 2>\/dev\/null -s USR1/' $TARGET fi } function install_ipv6_care_in_chroot { cd /tmp wget 'http://sourceforge.net/projects/ipv6-care/files/latest/' -O ipv6_care-latest.tar.gz || return 1 tar xvzf ipv6_care-latest.tar.gz cd ipv6_care-* { ./configure && make && make install; } || return 2 } function install_ipv6_care { # global DEBIANROOT local ROOT=${1:-$DEBIANROOT} export -f install_ipv6_care_in_chroot sudo_chroot_fcall $ROOT install_ipv6_care_in_chroot } function clean_debian_filesystem { # global DEBIANROOT INSTALL_LOCALES TWDIR local ROOT=${1:-$DEBIANROOT} [[ -n $ROOT ]] || return 1 # 1) apt-get install deborphan echo "* Installing deborphan if necessary..."; install_package deborphan || true # 2) apt-clean echo "* Cleaning..." sudo chroot "$ROOT" bash -c "apt-get -y clean; apt-get -y autoremove" sudo chroot "$ROOT" bash -c "dpkg -l | grep '^rc' && COLUMNS=200 dpkg -l | grep '^rc' | awk '{print \$2}' | xargs dpkg -P" || true # 3) deborphan echo "* Removing orphans..." sudo chroot "$ROOT" bash -c "deborphan | xargs apt-get -y --purge remove 2>/dev/null" # 4) clean /var/cache echo "* Removing all directories in /var/cache..." sudo find "$ROOT"/var/cache/* -type f -exec rm -f {} \; # 5) clean tmp/ echo "* Cleaning /tmp and /root..." sudo chroot "$ROOT" bash -c ">root/.bash_history; rm -rf tmp/*; rm -rf .rr_moved; >var/mail/root" # 6) locales if [[ $INSTALL_LOCALES = y ]]; then echo "* File *.mo in /usr/share/locale NOT removed" else echo "* Removing files *.mo from /usr/share/locale..." sudo find "$ROOT"/usr/share/locale/ -type f -name "*.mo" -exec rm {} \; fi # 7) accelerate future 'apt-get update' (very slow with cow-files): local TARGET=$ROOT/etc/apt/apt.conf.d/99translations sudo_fprintf $TARGET 'Acquire::Languages "none";\n' sudo find $ROOT/var/lib/apt/lists -name "*i18n_Translation*" -exec rm {} \; # 8) remove /var/lib/apt/lists/* # sudo chroot "$ROOT" bash -c "apt-get update; aptitude update" echo "* Removing /var/lib/apt/lists/* ..." sudo rm -rf "$ROOT"/var/lib/apt/lists/* # 9) move /debootstrap to $TWDIR sudo mv "$ROOT"/debootstrap $TWDIR/ sudo chown -R ${USER:-nobody} $TWDIR/debootstrap/ grep "conflict" $TWDIR/debootstrap/debootstrap.log | sort | uniq >> $TWDIR/README.debootstrap.conflicts echo "Success." } function make_the_image { # global DEBIANROOT IMAGE (or TWDIR and RELEASE) local IMAGE=${1:-$TWDIR/machine-debian-${RELEASE}} local FS_SIZE IMAGE_SIZE # Megabytes local MOUNTDIR local RETURN_CODE=0 # --- FS_SIZE=$(sudo du -sm $DEBIANROOT | awk '{print $1}') # Add 20% let IMAGE_SIZE="FS_SIZE*120/100" echo "Creating the image (${IMAGE_SIZE}M) ..." dd if=/dev/zero of=$IMAGE bs=1M count=$IMAGE_SIZE # --- echo "Formatting the image ($FSTYPE) ..." local MKFS_OPTIONS case $FSTYPE in ext?) MKFS_OPTIONS="-q -F";; esac sudo mkfs.$FSTYPE $MKFS_OPTIONS $IMAGE ### TODO: check the existence of mkfs.$FSTYPE at the beginning of the script # --- MOUNTDIR=$IMAGE.mnt mkdir -v -p $MOUNTDIR echo "Mounting the image ($MOUNTDIR) ..." sudo mount -o loop $IMAGE $MOUNTDIR # --- echo "Copying the filesystem content into the image..." sudo_fcall copy_content_into_directory $DEBIANROOT/ $MOUNTDIR/ || RETURN_CODE=$? # --- echo "Unmounting the image ($MOUNTDIR) ..." sudo umount $MOUNTDIR rmdir $MOUNTDIR # --- if [[ $RETURN_CODE = 0 ]]; then echo "Image built into: $IMAGE" echo "Success." else return $RETURN_CODE fi } # This function is not called directly here but is called by the generic function # `rename_with_sum_and_make_image_dot_conf' defined in ../pupisto.common/toolkit_image. function set_X11_SUPPORT_and_related_variables_according_to_choosed_packages { # global (input) DEBIANROOT FSTYPE # global (output) X11_SUPPORT MEMORY_MIN_SIZE MEMORY_SUGGESTED_SIZE # --- # The file compression used with btrfs (lzo) requires more memory: if [[ $FSTYPE = btrfs ]]; then if sudo chroot $DEBIANROOT dpkg -l | \grep -q "ii[ ][ ]*libx11-"; then if sudo chroot $DEBIANROOT dpkg -l | \grep -q "ii[ ][ ]*xserver-"; then X11_SUPPORT="xnested" MEMORY_MIN_SIZE=128 MEMORY_SUGGESTED_SIZE=192 else X11_SUPPORT="xhosted" MEMORY_MIN_SIZE=96 # tested MEMORY_SUGGESTED_SIZE=128 fi else X11_SUPPORT="none" MEMORY_MIN_SIZE=32 # tested MEMORY_SUGGESTED_SIZE=40 fi else # Normal case (no btrfs): if sudo chroot $DEBIANROOT dpkg -l | \grep -q "ii[ ][ ]*libx11-"; then if sudo chroot $DEBIANROOT dpkg -l | \grep -q "ii[ ][ ]*xserver-"; then X11_SUPPORT="xnested" MEMORY_MIN_SIZE=64 MEMORY_SUGGESTED_SIZE=128 else X11_SUPPORT="xhosted" MEMORY_MIN_SIZE=64 # tested MEMORY_SUGGESTED_SIZE=80 # tested fi else X11_SUPPORT="none" MEMORY_MIN_SIZE=24 # tested MEMORY_SUGGESTED_SIZE=32 fi fi # btrfs or not } function mknod_for_virtual_disks_in_chroot { local i j p rm -f /dev/ubd* # --- for i in {0..7}; do mknod /dev/ubd$i b 98 $((i*16)); done # Generated: # mknod /dev/ubd0 b 98 0 # mknod /dev/ubd1 b 98 16 # ... # mknod /dev/ubd7 b 98 112 let j=0; for i in {a..h}; do mknod /dev/ubd$i b 98 $((j*16)); let j=j+1; done # Generated: # mknod /dev/ubda b 98 0 # mknod /dev/ubdb b 98 16 # ... # mknod /dev/ubdh b 98 112 let j=0; for i in {a..h}; do for p in {1..4}; do mknod /dev/ubd$i$p b 98 $((j*16+p)); done; let j=j+1; done # Generated: # --- # mknod /dev/ubda1 b 98 1 # mknod /dev/ubda2 b 98 2 # mknod /dev/ubda3 b 98 3 # mknod /dev/ubda4 b 98 4 # # mknod /dev/ubdb1 b 98 17 # mknod /dev/ubdb2 b 98 18 # mknod /dev/ubdb3 b 98 19 # mknod /dev/ubdb4 b 98 20 # ... # mknod /dev/ubdh1 b 98 113 # mknod /dev/ubdh2 b 98 114 # mknod /dev/ubdh3 b 98 115 # mknod /dev/ubdh4 b 98 116 } function mknod_for_virtual_disks { # global DEBIANROOT PUPISTO_FILES local ROOT=${1:-$DEBIANROOT} export -f mknod_for_virtual_disks_in_chroot sudo_chroot_fcall $ROOT mknod_for_virtual_disks_in_chroot sudo tar -C $ROOT -xz --keep-newer-files --keep-old-files -f $PUPISTO_FILES/dev.tar.gz || true } # ============================================================= # KERNEL # ============================================================= function make_or_link_the_kernel { # global option_K TWDIR KERNEL_VERSION local EXISTING_KERNEL_DIR BUILT_DIR local DOWNLOADS_DIRECTORY=../pupisto.kernel/_build.downloads # --- # Option -K/--no-kernel if [[ -z ${option_K} ]]; then EXISTING_KERNEL_DIR=$(find ../pupisto.kernel/ -maxdepth 1 -type d -name "_build.linux-$KERNEL_VERSION*" | sort | tail -n 1) if [[ -d $EXISTING_KERNEL_DIR ]]; then echo 1>&2 "A directory \`$EXISTING_KERNEL_DIR' already exists: making a symlink to!" ln -s ../"$EXISTING_KERNEL_DIR" "$TWDIR/linux-$KERNEL_VERSION" else # In order to have a unique log, we will use the script as # a library of functions instead of as a standalone program: source ../pupisto.kernel/pupisto.kernel.sh --source # Now call the function: download_patch_and_compile_kernel ${KERNEL_VERSION} ${TWDIR} ${DOWNLOADS_DIRECTORY} # Move the whole directory to the good place (../pupisto.kernel/) # in order to potentially share it among other filesystem building: BUILT_DIR=_build.linux-${KERNEL_VERSION}.$(date +%Y-%m-%d.%H\h%M).$RANDOM echo "Moving \`$TWDIR/linux-$KERNEL_VERSION' -> \`../pupisto.kernel/$BUILT_DIR'" mv $TWDIR/linux-$KERNEL_VERSION ../pupisto.kernel/$BUILT_DIR ln -s ../../pupisto.kernel/$BUILT_DIR $TWDIR/linux-$KERNEL_VERSION fi else # --no-kernel echo 1>&2 "Option -K (--no-kernel) selected: nothing to do" fi } # make_or_link_the_kernel # ============================================================= # ACTIONS # ============================================================= # The first step is to create the Debian directory with debootstrap: once launch_debootstrap_and_then_apt_get_install # Fix apt sources, update and upgrade: once fix_apt_sources_update_and_upgrade # Fix locales (if installed) to "en_US.UTF-8": once fix_locales # Remove package `udev' (and packages depending to) once remove_package udev || true # Fix /etc/inittab: once fix_etc_inittab # Fix /etc/securetty: once fix_etc_securetty # Fix /etc/fstab: once fix_etc_fstab # Fix the problem of /sbin/reboot and /sbin/shutdown that may # provoke a Marionnet crash: once fix_reboot # Set the `root' passwd to "root": once fix_root_password # Compile ethghost into the 32-bits filesystem: once compile_and_install_ethghost # <= # Make a symlink: /etc/init.d/dhcpd -> isc-dhcp-server once make_symlink_etc_init_dhcpd # Install our marionnet-startup script: once install_marionnet_relay # <= # Install our bashrc into $DEBIANROOT/etc/skel/ once install_bashrc_in_the_skeleton # Copy our bashrc in the root's home directory: once copy_bashrc_in_the_root_home # Create user "student" (with the modified skeleton): once create_user_student # Configure the ssh daemon and root/student accounts to accept Marionnet connections: once configure_daemon_and_accounts_to_accept_ssh_connection # Login message. once fix_etc_issue # Do not start services at boot (except the vital ones): once prevent_non_vital_services_from_starting # Create devices /dev/ubd? for virtual disks: once mknod_for_virtual_disks # Prevent a noising warning window to appear when # wireshark is called as root (that is usual with # Marionnet: once fix_wireshark_init_lua # Install this nice program, useful for labs about IPv6 compliance: once install_ipv6_care # Final cleaning: once clean_debian_filesystem # Get the binary list: BINARY_LIST=$(sudo_chroot_binary_list $DEBIANROOT) # Go: FS_LOC=$TWDIR/machine-debian-${RELEASE} once make_the_image "$FS_LOC" # Build image's meta-data. # This call defines FS_NAME once rename_with_sum_and_make_image_dot_conf "$FS_LOC" # Make now the kernel or just link it: once make_or_link_the_kernel $KERNEL_VERSION # ============================================================= # GREETINGS # ============================================================= # Store the log file into the output directory: # make_a_human_readable_log_into_working_directory # [[ -f $CUSTOM_PACKAGES_NO ]] && mv $CUSTOM_PACKAGES_NO $TWDIR/ # [[ -f $CUSTOM_PACKAGES_YES ]] && mv $CUSTOM_PACKAGES_YES $TWDIR/ echo "---" ls -l $TWDIR echo "---" echo "Pay attention to move (or copy with option \`-a') the filesystem in order to preserve the MTIME." echo "If something goes wrong installing your filesystem, you can restore the correct" echo "MTIME with the following command:" echo "sudo touch -d \$(date -d '@$MTIME') $FS_NAME" echo echo "Success." # Copy log and exit: cat $LOGFILE > $TWDIR/$(basename $LOGFILE) exit 0 marionnet-0.90.6+bzr508.orig/uml/pupisto.buildroot/0000755000175000017500000000000013175722671021104 5ustar lucaslucasmarionnet-0.90.6+bzr508.orig/uml/pupisto.buildroot/pupisto.buildroot.sh.files/0000755000175000017500000000000013175722671026323 5ustar lucaslucasmarionnet-0.90.6+bzr508.orig/uml/pupisto.buildroot/pupisto.buildroot.sh.files/ssh0000777000175000017500000000000013175722671031335 2../../guest/sshustar lucaslucasmarionnet-0.90.6+bzr508.orig/uml/pupisto.buildroot/pupisto.buildroot.sh.files/nanorc0000644000175000017500000027664413175722671027551 0ustar lucaslucas## Sample initialization file for GNU nano. ## ## Please note that you must have configured nano with --enable-nanorc ## for this file to be read! Also note that this file should not be in ## DOS or Mac format, and that characters specially interpreted by the ## shell should not be escaped here. ## ## To make sure a value is disabled, use "unset

    It works!

    ' >var/www/index.html fi # Login message. # Note that setting BR2_TARGET_GENERIC_ISSUE no gives the expected effect, # so we write the message directly in the good place: # # # cat >etc/issue <<\EOF_issue # # # ####################################################### # # # Welcome to \`$DISTRIBUTION_NAME', a compact GNU/Linux filesystem # # # conceived for Marionnet, based on Busybox and made with # # # Buildroot ($(LC_ALL=us date "+%B %Y")). # # # ####################################################### # # # Running with kernel \r # # # # # # Use the account root/root or student/student # # # # # # EOF_issue # cp $LINUXLOGO etc/issue sed -i -e "s/DISTRIBUTION_NAME/$DISTRIBUTION_NAME/" etc/issue sed -i -e "s/DATE/$(LC_ALL=us date "+%B %Y")/" etc/issue EOF # Append some treatments for quagga: if [[ -n ${option_q} ]]; then cat 1>>$OUR_TUNING_SCRIPT <> etc/group echo "quagga:x:117:" >> etc/group # TODO: FIX /home/quagga echo "quagga:x:108:117:Linux User,,,:/home/quagga:/bin/false" >> etc/passwd echo 'quagga:!:15815:0:99999:7:::' >> etc/shadow # Fix quagga ownership: # # # chown -R 108:117 etc/quagga # NOT PERMITTED!!! => to do in marionnet_relay! EOF fi # We dont know how to exploit this information: # FAKEROOT_SCRIPT=$BUILDROOT/output/build/_fakeroot.fs # Append other things to do as is (without interpretation, see "EOF"): cat 1>>$OUR_TUNING_SCRIPT <<"EOF" # Creating 'student/student': # Ask Buildroot to do it: # Source: http://lists.busybox.net/pipermail/buildroot/2012-December/064450.html # +============+=====+=======+=====+==========+=============+=========+=======+===========+ # | username | uid | group | gid | password | home | shell |groups | comment | # +============+=====+=======+=====+==========+=============+=========+=======+===========+ # User `student' defined into `pupisto.buildroot.sh.files/ethghost/ethghost.mk' # Add student to the `sudo' group. TODO: ensure that the line exists! TMPFILE=$(mktemp) awk $TMPFILE '$1=="#" && $2=="%sudo" && $3=="ALL=(ALL)" {print $2,$3,$4; next} {print}' chmod u+w etc/sudoers cat $TMPFILE >etc/sudoers chmod u-w etc/sudoers echo 'sudo:x:27:student' >> etc/group # Remove the symlink /etc/resolv.conf rm etc/resolv.conf >etc/resolv.conf # Change the `ctrlaltdel' behaviour: no `reboot' but `halt'. This setting is # very relevant because with `reboot' Marionnet will not be able to cleanly # shutdown the machine: sed -i -e 's/::ctrlaltdel:\/sbin\/reboot/::ctrlaltdel:\/sbin\/halt/' etc/inittab # Add tty0 as available root console: echo 'tty0' >> etc/securetty # Add a wrapper `dhclient -> udhcpc (busybox)' if needed: if [[ -e sbin/udhcpc && ! -e sbin/dhclient ]]; then echo '#!/bin/bash eval exec -a udhcpc busybox -fnq "$@" ' > sbin/dhclient chmod +x sbin/dhclient fi # Do not start services at boot (except S90marionnet-relay and some other): pushd etc/init.d/ for i in $(find . -maxdepth 1 -name "S*" -a ! -name "S90marionnet-relay" -a ! -name "S01logging" -a ! -name "S20urandom" -a ! -name "S40network"); do j=${i#./S??}; mv $i $j; echo "$j was $i" >> README.script_order done # Create links for the remaining services: for i in $(find . -maxdepth 1 -name "S*" -a ! -name "S90marionnet-relay"); do j=${i#./S??}; mv $i $j; ln -s $j $i done popd EOF # Make it executable and bind it with the Buildroot process: chmod +x $OUR_TUNING_SCRIPT # Do not execute our script the first time: # set_config_variable "BR2_ROOTFS_POST_BUILD_SCRIPT" '"'$OUR_TUNING_SCRIPT'"' # ============================================================= # BUILDROOT PATCHES # ============================================================= # Package `net-tools': if [[ -d $BUILDROOT/package/net-tools ]]; then echo "No need to apply the \`net-tools' buildroot patch. Fine." else echo "Applying the \`net-tools' buildroot patch." patch -d $BUILDROOT -p1 <$PUPISTO_FILES/net-tools.patch fi # ============================================================= # BUILDROOT CONFIGURATION (Step 1) # working on `project_defconfig' # ============================================================= # Antoine: when you update Buildroot the new configuration options appear, # so if you copy an old .config and start the build, Buildroot # will ask you the values for the new options. In order to workaround # this behaviour, select automatically the default value for the new options, then, do: # cp your.config.file /path/to/buildroot/sources/configs/project_defconfig && # make project_defconfig && make if [[ -z ${CONFIG} ]]; then >$BUILDROOT/configs/project_defconfig else cp -fv $CONFIG $BUILDROOT/configs/project_defconfig fi # Set the initial config file we will working on # until the next `make project_defconfig': set_default_config_file $BUILDROOT/configs/project_defconfig # BR2_ARCH corresponds to SUBARCH during kernel compilation set_config_variable "BR2_ARCH" '"i386"' set_config_variable "BR2_i386" "y" set_config_variable "BR2_ENDIAN" '"LITTLE"' set_config_variable "BR2_GCC_TARGET_TUNE" '"i386"' set_config_variable "BR2_GCC_TARGET_ARCH" '"i386"' set_config_variable "BR2_x86_i386" "y" set_config_variable "BR2_TARGET_GENERIC_ROOT_PASSWD" '"root"' # /etc/inittab is built according to the following three lines # according to the compiled kernel: set_config_variable "BR2_TARGET_GENERIC_GETTY_PORT" '"tty0"' set_config_variable "BR2_TARGET_GENERIC_GETTY_BAUDRATE_38400" "y" unset_config_variable "BR2_TARGET_GENERIC_GETTY_TERM" ########################################## # (Step 1) Improve building efficiency # ########################################## # Share and reuse DOWNLOAD results among separate Buildroot builds: BUILDROOT_DL_DIR="$HOME/.buildroot-downld" set_config_variable "BR2_DL_DIR" '"'$BUILDROOT_DL_DIR'"' mkdir -p $BUILDROOT_DL_DIR ln -sf $BUILDROOT_DL_DIR "_build.buildroot-downld" # Share and reuse COMPILATION results among separate Buildroot builds # (`ccache' support); fix PATH (if needed) and set BR2_CCACHE: if [[ -e /usr/lib/ccache/gcc ]]; then if ! grep -q "ccache" <<<$PATH; then export PATH=$(dirname $(which gcc)):$PATH fi set_config_variable "BR2_CCACHE" "y" mkdir -p "$HOME/.buildroot-ccache" ln -sf "$HOME/.buildroot-ccache" "_build.buildroot-ccache" fi ############################################ # (Step 1) Additional Buildroot packages # ############################################ # This sub-section is about adding custom packages, library, or applications # in buildroot. # Example: # add_extra_buildroot_package $PUPISTO_FILES/ethghost $ETHGHOST_VERSION ../ethghost # add_extra_buildroot_package $PUPISTO_FILES/bind function add_extra_buildroot_package { # global BUILDROOT BUILDROOT_DL_DIR local PACKAGE_DEFINITION_DIR=$1 local PACKAGE_VERSION=$2 # optional local SOURCE_DIR=$3 # optional #--- local NAME=$(basename $PACKAGE_DEFINITION_DIR) local CONFIG_IN=$PACKAGE_DEFINITION_DIR/Config.in local PACKAGE_MK=$PACKAGE_DEFINITION_DIR/$NAME.mk [[ -f $CONFIG_IN ]] || { echo "Expected file $CONFIG_IN doesn't exist" 1>&2; return 1; } [[ -f $PACKAGE_MK ]] || { echo "Expected file $PACKAGE_MK doesn't exist" 1>&2; return 1; } local UPPER_NAME=$(echo $NAME | tr '[a-z]' '[A-Z]') mkdir -p $BUILDROOT/package/$NAME # Simulate the package download if the SOURCE_DIR is given: if [[ -n $SOURCE_DIR ]]; then tar -C $(dirname $SOURCE_DIR) -czf $BUILDROOT_DL_DIR/${NAME}-${PACKAGE_VERSION}.tar.gz $NAME/ fi # Copy all things as they are from $PACKAGE_DEFINITION_DIR: cp $PACKAGE_DEFINITION_DIR/* $BUILDROOT/package/$NAME/ # Creation of the config.in needed for package description and dependencies. cp -f $CONFIG_IN $BUILDROOT/package/$NAME/ # Copy $PACKAGE_MK as is or trying to update the version number: if [[ -z $PACKAGE_VERSION ]]; then cp -f $PACKAGE_MK $BUILDROOT/package/$NAME/$NAME.mk else awk <$PACKAGE_MK >$BUILDROOT/package/$NAME/$NAME.mk \ -v version="$PACKAGE_VERSION" '$1 ~ /^[A-Z0-9]*_VERSION$/ {print $1,$2,version; next} {print}' fi #Append the package/Config.in file to make appear our new package cat 1>>$BUILDROOT/package/Config.in<&2 } fi } # Add now our package `ethghost' ETHGHOST_VERSION=$(\make --quiet -C ../ethghost print_version) add_extra_buildroot_package $PUPISTO_FILES/ethghost $ETHGHOST_VERSION ../ethghost ####################################### # (Step 1) Packages' selection # ####################################### # Add some essential packages: set_config_variable "BR2_PACKAGE_BUSYBOX" "y" set_config_variable "BR2_PACKAGE_BUSYBOX_SHOW_OTHERS" "y" set_config_variable "BR2_PACKAGE_BASH" "y" # set_config_variable "BR2_PACKAGE_BRIDGE_UTILS" "y" # busybox! # set_config_variable "BR2_PACKAGE_BZIP2" "y" # busybox! set_config_variable "BR2_PACKAGE_HOST_E2FSPROGS" "y" set_config_variable "BR2_PACKAGE_DHCP" "y" set_config_variable "BR2_PACKAGE_DHCP_SERVER" "y" # set_config_variable "BR2_PACKAGE_DHCP_RELAY" "y" # busybox! set_config_variable "BR2_PACKAGE_BIND" "y" set_config_variable "BR2_PACKAGE_BIND_SERVER" "y" set_config_variable "BR2_PACKAGE_BIND_TOOLS" "y" set_config_variable "BR2_PACKAGE_RPCBIND" "y" set_config_variable "BR2_PACKAGE_SOCAT" "y" set_config_variable "BR2_PACKAGE_RSYNC" "y" set_config_variable "BR2_PACKAGE_CURL" "y" set_config_variable "BR2_PACKAGE_CURLFTPFS" "y" set_config_variable "BR2_PACKAGE_SSHFS" "y" set_config_variable "BR2_PACKAGE_STRACE" "y" set_config_variable "BR2_PACKAGE_UEMACS" "y" set_config_variable "BR2_PACKAGE_ETHTOOL" "y" set_config_variable "BR2_PACKAGE_FILE" "y" set_config_variable "BR2_PACKAGE_IPROUTE2" "y" set_config_variable "BR2_PACKAGE_IPTABLES" "y" set_config_variable "BR2_PACKAGE_IPUTILS" "y" # ping6 traceroute6 tracepath6 set_config_variable "BR2_PACKAGE_KBD" "y" set_config_variable "BR2_PACKAGE_LESS" "y" set_config_variable "BR2_PACKAGE_LIGHTTPD" "y" set_config_variable "BR2_PACKAGE_LIGHTTPD_OPENSSL" "y" set_config_variable "BR2_PACKAGE_LIGHTTPD_BZIP2" "y" set_config_variable "BR2_PACKAGE_LINKS" "y" set_config_variable "BR2_PACKAGE_NANO" "y" set_config_variable "BR2_PACKAGE_NANO_TINY" "n" set_config_variable "BR2_PACKAGE_NCFTP" "y" # set_config_variable "BR2_PACKAGE_NETCAT" "y" # busybox! set_config_variable "BR2_PACKAGE_NMAP" "y" set_config_variable "BR2_PACKAGE_NTP" "y" # set_config_variable "BR2_PACKAGE_NTP_NTPD" "y" # busybox! set_config_variable "BR2_PACKAGE_NTP_SNTP" "y" set_config_variable "BR2_PACKAGE_NTP_NTPDATE" "y" set_config_variable "BR2_PACKAGE_NTP_NTPDC" "y" set_config_variable "BR2_PACKAGE_NTP_NTPQ" "y" set_config_variable "BR2_PACKAGE_OPENSSH" "y" set_config_variable "BR2_PACKAGE_OPENSSL" "y" set_config_variable "BR2_PACKAGE_RADVD" "y" set_config_variable "BR2_PACKAGE_READLINE" "y" set_config_variable "BR2_PACKAGE_SUDO" "y" set_config_variable "BR2_PACKAGE_TCPDUMP" "y" # set_config_variable "BR2_PACKAGE_TFTPD" "y" # busybox! # set_config_variable "BR2_PACKAGE_XZ" "y" # busybox! set_config_variable "BR2_PACKAGE_WGET" "y" set_config_variable "BR2_PACKAGE_ZLIB" "y" # Basic essential settings: set_config_variable "BR2_TOOLCHAIN_BUILDROOT_INET_IPV6" "y" set_config_variable "BR2_TOOLCHAIN_BUILDROOT_INET_RPC" "y" set_config_variable "BR2_ROOTFS_DEVICE_CREATION_STATIC" "y" set_config_variable "BR2_INIT_BUSYBOX" "y" set_config_variable "BR2_ROOTFS_SKELETON_DEFAULT" "y" set_config_variable "BR2_TARGET_GENERIC_REMOUNT_ROOTFS_RW" "y" set_config_variable "BR2_TARGET_ROOTFS_EXT2" "y" set_config_variable "BR2_TARGET_ROOTFS_EXT2_BLOCKS" "0" set_config_variable "BR2_TARGET_ROOTFS_EXT2_INODES" "0" set_config_variable "BR2_TARGET_ROOTFS_EXT2_RESBLKS" "0" set_config_variable "BR2_TARGET_ROOTFS_EXT2_NONE" "y" # net-tools (in order to have `arp' and an ifconfig acceptiong CIDR notation): # set_config_variable "BR2_PACKAGE_NET_TOOLS" "y" # busybox + our ifconfig wrapper! set_config_variable "BR2_PACKAGE_NET_TOOLS" "y" # in order to have `arp' # Option -q/--quagga if [[ -n ${option_q} ]]; then # Package needed for quagga set_config_variable "BR2_PACKAGE_QUAGGA" "y" set_config_variable "BR2_PACKAGE_QUAGGA_ZEBRA" "y" set_config_variable "BR2_PACKAGE_QUAGGA_TCP_ZEBRA" "y" set_config_variable "BR2_PACKAGE_QUAGGA_BABELD" "y" set_config_variable "BR2_PACKAGE_QUAGGA_BGPD" "y" set_config_variable "BR2_PACKAGE_QUAGGA_BGP_ANNOUNCE" "y" set_config_variable "BR2_PACKAGE_QUAGGA_ISISD" "y" set_config_variable "BR2_PACKAGE_QUAGGA_OSPFD" "y" set_config_variable "BR2_PACKAGE_QUAGGA_OPAQUE_LSA" "y" set_config_variable "BR2_PACKAGE_QUAGGA_OSPF6D" "y" set_config_variable "BR2_PACKAGE_QUAGGA_RIPD" "y" set_config_variable "BR2_PACKAGE_QUAGGA_RIPNGD" "y" set_config_variable "BR2_PACKAGE_QUAGGA_WATCHQUAGGA" "y" set_config_variable "BR2_PACKAGE_QUAGGA_SNMP" "y" fi # Tell Buildroot which kernel version we are supposing: set_config_variable "BR2_KERNEL_HEADERS_VERSION" "y" set_config_variable "BR2_DEFAULT_KERNEL_VERSION" '"'$KERNEL_VERSION'"' set_config_variable "BR2_DEFAULT_KERNEL_HEADERS" '"'$KERNEL_VERSION'"' set_config_variable "BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_${KERNEL_FAMILY//./_}" "y" # Ex: BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_3_2 set_config_variable "BR2_KERNEL_HEADERS_${KERNEL_FAMILY//./_}" "y" # Ex: BR2_KERNEL_HEADERS_3_2 # Mr proper: set_config_variable "BR2_ENABLE_LOCALE_PURGE" "y" set_config_variable "BR2_ENABLE_LOCALE_WHITELIST" "C en_US de fr" # Some features are not supported anymore for i386, so: set_config_variable "BR2_x86_i486" "y" # Optimization: PROCESSOR_NO=$(\grep "^processor.*:" /proc/cpuinfo | sort | uniq | wc -l) set_config_variable "BR2_JLEVEL" "$PROCESSOR_NO" ####################################### # (Step 1) custom_packages_{yes,no} # ####################################### # Last-minute package's installation directives, using files # _build.custom_packages_{no,yes} built and edited with specific # `make' entries. Note that "yes" is prioritary over "no". unset_tracing # otherwise too verbose! CUSTOM_PACKAGES_NO="_build.custom_packages_no" if [[ -f $CUSTOM_PACKAGES_NO ]]; then echo "Removing packages from uncommented lines of $CUSTOM_PACKAGES_NO" \grep -v "^#" $CUSTOM_PACKAGES_NO | \grep "BR2_PACKAGE_[A-Z0-9_][A-Z0-9_]*" | \ while read PACKAGE; do set_config_variable "$PACKAGE" "n" done fi CUSTOM_PACKAGES_YES="_build.custom_packages_yes" if [[ -f $CUSTOM_PACKAGES_YES ]]; then echo "Adding packages from uncommented lines of $CUSTOM_PACKAGES_YES" \grep -v "^#" $CUSTOM_PACKAGES_YES | \grep "BR2_PACKAGE_[A-Z0-9_][A-Z0-9_]*" | \ while read PACKAGE; do set_config_variable "$PACKAGE" "y" done fi set_tracing # continue now in verbose mode ####################################################### # (Step 1) Last configurations on project_defconfig # ####################################################### # Bash will be (re-)selected anyway, even in a minimal setting: set_config_variable "BR2_PACKAGE_BASH" "y" # Toolchain settings: these three variables are initially set to "yes" # in order to force Buildroot to consider all packages. Their value will # be reconsidered in a second step: set_config_variable "BR2_TOOLCHAIN_BUILDROOT_LARGEFILE" "y" set_config_variable "BR2_TOOLCHAIN_BUILDROOT_WCHAR" "y" set_config_variable "BR2_TOOLCHAIN_BUILDROOT_CXX" "y" ######################################## # (Step 1) Make project_defconfig # ######################################## # Merge our minimal `project_defconfig' with # Buildroot's defaults in order to generate $BUILDROOT/.config once make -C $BUILDROOT project_defconfig # ============================================================= # BUILDROOT CONFIGURATION (Step 2) # working on `.config' # ============================================================= # At this point we can forget the old configuration file used to # build $BUILDROOT/.config with the previous `make' call. From # this moment, we will work on $BUILDROOT/.config, so: set_default_config_file $BUILDROOT/.config # ___break_point___ # The `unset' function must act on the .config file generated by Buildroot, # because Buildroot merges the `project_defconfig' with its own defaults. unset_config_variable "BR2_LINUX_KERNEL" # ignore anyway the Buildroot's kernel compilation unset_config_variable "BR2_TARGET_ROOTFS_TAR" unset_config_variable "BR2_TARGET_ROOTFS_TAR_NONE" unset_config_variable "BR2_TARGET_ROOTFS_TAR_OPTIONS" set_config_variable "BR2_TAR_OPTIONS" '""' set_config_variable "BR2_TARGET_ROOTFS_TAR" "n" ####################################### # (Step 2) TOOLCHAIN dependencies # ####################################### DEPENDENCIES=$(mktemp) SELECTED_PACKAGES=$(awk <$BUILDROOT/.config -F "=" '$1 ~ /^BR2_PACKAGE_[A-Z][A-Z0-9_]*/ && $2 == "y" {print $1}') for i in $SELECTED_PACKAGES; do j=${i#BR2_PACKAGE_} j=${j,,} CONFIG_IN=$BUILDROOT/package/$j/Config.in if [[ -f $CONFIG_IN ]]; then \grep -o 'depends on.*[!].*BR2_.*' $CONFIG_IN || true fi done | tr ' ' '\n' | \grep -o "BR2_[A-Z][A-Z0-9_]*" | uniq | sort | uniq > $DEPENDENCIES # Here $DEPENDENCIES contains a list like the following: # BR2_INET_IPV6 # BR2_INSTALL_LIBSTDCPP # BR2_LARGEFILE # BR2_PACKAGE_QUAGGA # BR2_PREFER_STATIC_LIB # BR2_TOOLCHAIN_HAS_THREADS # BR2_USE_WCHAR function yes_or_no_according_to { if "$@"; then echo y; else echo n; fi } # In order to be able to select additional packages (nmap, wget): # BR2_TOOLCHAIN_BUILDROOT_LARGEFILE is required for instance # by BR2_PACKAGE_BIND but it is not automatically set by Buildroot, so: y_or_n=$(yes_or_no_according_to grep -q "BR2_.*LARGEFILE" $DEPENDENCIES) set_config_variable "BR2_TOOLCHAIN_BUILDROOT_LARGEFILE" ${y_or_n} # y_or_n=$(yes_or_no_according_to grep -q "BR2_.*WCHAR" $DEPENDENCIES) # Forced because the version 3.2.44 of kernel's headers need this # toolchain setting: y_or_n=y set_config_variable "BR2_TOOLCHAIN_BUILDROOT_WCHAR" ${y_or_n} y_or_n=$(yes_or_no_according_to grep -q "BR2_.*LIBSTDCPP" $DEPENDENCIES) set_config_variable "BR2_TOOLCHAIN_BUILDROOT_CXX" ${y_or_n} echo "TOOLCHAIN dependencies:" tr '\n' ' ' <$DEPENDENCIES rm $DEPENDENCIES ___break_point___ ############################################ # (Step 2) custom (interactive) running # ############################################ # Custom? --custom -m if [[ -n ${option_m} ]]; then PSEUDO_TERMINAL=$(tty) make -C $BUILDROOT menuconfig 0<$PSEUDO_TERMINAL 1>$PSEUDO_TERMINAL fi # ============================================================= # BUILDROOT COMPILATION # (first round) # ============================================================= # Compile all stuff a first time: once make -C $BUILDROOT # ============================================================= # BUSYBOX REBUILDING # (second round) # ============================================================= # We perform some settings directly into the Busybox's config file: # Example: BUSYBOX_CONFIG=package/busybox/busybox-1.21.x.config BUSYBOX_CONFIG=${BUILDROOT}/$(awk <$BUILDROOT/.config -F= '$1 == "BR2_PACKAGE_BUSYBOX_CONFIG" {print $2}' | tr -d '"') set_config_variable "CONFIG_BRCTL" "y" $BUSYBOX_CONFIG set_config_variable "CONFIG_FEATURE_BRCTL_FANCY" "y" $BUSYBOX_CONFIG set_config_variable "CONFIG_FEATURE_BRCTL_SHOW" "y" $BUSYBOX_CONFIG set_config_variable "CONFIG_IPCALC" "y" $BUSYBOX_CONFIG set_config_variable "CONFIG_FEATURE_IPCALC_FANCY" "y" $BUSYBOX_CONFIG set_config_variable "CONFIG_FEATURE_IPCALC_LONG_OPTIONS" "y" $BUSYBOX_CONFIG set_config_variable "CONFIG_PGREP" "y" $BUSYBOX_CONFIG set_config_variable "CONFIG_PING6" "y" $BUSYBOX_CONFIG set_config_variable "CONFIG_PKILL" "y" $BUSYBOX_CONFIG set_config_variable "CONFIG_SPLIT" "y" $BUSYBOX_CONFIG set_config_variable "CONFIG_FEATURE_SPLIT_FANCY" "y" $BUSYBOX_CONFIG set_config_variable "CONFIG_STAT" "y" $BUSYBOX_CONFIG set_config_variable "CONFIG_FEATURE_STAT_FORMAT" "y" $BUSYBOX_CONFIG set_config_variable "CONFIG_SUM" "y" $BUSYBOX_CONFIG set_config_variable "CONFIG_TAC" "y" $BUSYBOX_CONFIG set_config_variable "CONFIG_UNCOMPRESS" "y" $BUSYBOX_CONFIG set_config_variable "CONFIG_UNEXPAND" "y" $BUSYBOX_CONFIG set_config_variable "CONFIG_FEATURE_UNEXPAND_LONG_OPTIONS" "y" $BUSYBOX_CONFIG set_config_variable "CONFIG_MKFS_EXT2" "y" $BUSYBOX_CONFIG set_config_variable "CONFIG_PSTREE" "y" $BUSYBOX_CONFIG # At this point $BUSYBOX_CONFIG is a merging of Builroot's settings # with our settings. # Now rebuild busybox with our specific settings: BUSYBOX_BUILT_DIR=$(echo $BUILDROOT/output/build/busybox-*) make -C $BUSYBOX_BUILT_DIR clean sort_and_merge_config_files $BUSYBOX_CONFIG $BUSYBOX_BUILT_DIR/.config > $BUSYBOX_BUILT_DIR/.config.merged cp $BUSYBOX_BUILT_DIR/{.config,.config.orig} cp $BUSYBOX_BUILT_DIR/{.config.merged,.config} # The second time we want execute the our filesystem tuning script: set_config_variable "BR2_ROOTFS_POST_BUILD_SCRIPT" '"'$OUR_TUNING_SCRIPT'"' $BUILDROOT/.config set_config_variable "BR2_ROOTFS_POST_SCRIPT_ARGS" '""' $BUILDROOT/.config ############################ # (Second round) Compile # ############################ # Note that the target `busybox-rebuild' doesn't have the expected behaviour: once make -C $BUILDROOT busybox-reconfigure once make -C $BUILDROOT all #################################### # (Second round) Store the image # #################################### # Move the image to $TWDIR: FS_LOC=$TWDIR/$FS_NAME mv $BUILDROOT/output/images/rootfs.ext2 $FS_LOC cp $BUILDROOT/.config $TWDIR/buildroot.config cp $BUSYBOX_BUILT_DIR/.config $TWDIR/busybox.config # ============================================================= # GENERATING FILES # {machine,router}-*.conf # ============================================================= #################################### # MD5SUM and other simple fields # #################################### MD5SUM=$(md5sum "$FS_LOC" | awk '{print $1}') SUM=$(sum "$FS_LOC" | awk '{print $1}') MTIME=$(stat -c "%Y" "$FS_LOC") DATE=$(date +%Y-%m-%d) AUTHOR=$(awk ghost or not else # With option --router the console must be 'none' except when the user # explicitely requires a unix terminal: SUPPORTED_KERNELS="/$KERNEL_VERSION/" # /../ => ghost or not fi ############################################## # X11_SUPPORT and memory-related variables # ############################################## function set_X11_SUPPORT_and_related_variables_according_to_choosed_packages { # global X11_SUPPORT BUILDROOT local CONFIG_FILE=${1:-$BUILDROOT/.config} local X11_RELATED_PACKAGES # --- if grep -q "BR2_PACKAGE_XLIB_LIBX11=y" "$CONFIG_FILE"; then if grep -q "BR2_PACKAGE_XSERVER_XORG_SERVER=y" "$CONFIG_FILE"; then X11_SUPPORT="xnested" MEMORY_MIN_SIZE=32 MEMORY_SUGGESTED_SIZE=48 else X11_SUPPORT="xhosted" MEMORY_MIN_SIZE=24 MEMORY_SUGGESTED_SIZE=48 fi else X11_SUPPORT="none" MEMORY_MIN_SIZE=16 # tested MEMORY_SUGGESTED_SIZE=24 fi } # Launch the function: set_X11_SUPPORT_and_related_variables_according_to_choosed_packages "$BUILDROOT/.config" ################### # BINARY_LIST # ################### # Looking for binaries in $BUILDROOT/output/target TARGET_DIR=$BUILDROOT/output/target pushd $TARGET_DIR BIN_OR_SBIN_DIRS=$(find . -type d \( -name "bin" -o -name "sbin" \) ) BINARY_LIST=$(find $BIN_OR_SBIN_DIRS -perm -u=x ! -type d ! -name "*[.]so*" -exec basename {} \; | sort) # Some binaries like '[' or '[[' will provoke some problems applying `sed' or `awk' (see above), so: BINARY_LIST=$(echo $BINARY_LIST | tr ' ' '\n' | \grep "[a-zA-Z][a-zA-Z_.]*") BINARY_LIST=$(echo $BINARY_LIST) popd ####################### # FILLING TEMPLATE # ####################### cp ../../share/filesystems/machine-template.conf $FS_LOC.conf # Using `sed' for simple replacements: sed -e "s/^MD5SUM=.*/MD5SUM=$MD5SUM/" \ -e "s/^SUM=.*/SUM=$SUM/" \ -e "s/^MTIME=.*/MTIME=$MTIME/" \ -e "s/^DATE=.*/DATE=$DATE/" \ -e "s/^AUTHOR=.*/AUTHOR=\"$AUTHOR\"/" \ -e "s/^X11_SUPPORT=.*/X11_SUPPORT=\"$X11_SUPPORT\"/" \ -e "s/^MEMORY_MIN_SIZE=.*/MEMORY_MIN_SIZE=$MEMORY_MIN_SIZE/" \ -e "s/^MEMORY_SUGGESTED_SIZE=.*/MEMORY_SUGGESTED_SIZE=$MEMORY_SUGGESTED_SIZE/" \ -i ${FS_LOC}.conf # Using `user_config_set' for replacements involving variables # bound to values with special characters (as '/') and/or multiple lines. user_config_set "BINARY_LIST" "=" "'$BINARY_LIST'" ${FS_LOC}.conf user_config_set "SUPPORTED_KERNELS" "=" "'$SUPPORTED_KERNELS'" ${FS_LOC}.conf # Rename the built filesystem and its .conf file simply adding the suffix $SUM: mv $FS_LOC ${FS_LOC}-${SUM} mv $FS_LOC.conf ${FS_LOC}-${SUM}.conf # ============================================================= # ROUTER LINK AND OTHER FINAL ACTIONS # ============================================================= pushd "$(dirname $FS_LOC)" if [[ -n $option_r ]]; then FS_BASENAME="$(basename ${FS_LOC}-${SUM})" ROUTER_FS_BASENAME=router-${FS_BASENAME#machine-} cp $FS_BASENAME.conf $ROUTER_FS_BASENAME.conf ln -s $FS_BASENAME $ROUTER_FS_BASENAME cat >INSTALL <INSTALL <&2 "A directory \`$EXISTING_KERNEL_DIR' already exists: making a symlink to!" ln -s ../"$EXISTING_KERNEL_DIR" "$TWDIR/linux-$KERNEL_VERSION" else # In order to have a unique log, we will use the script as # a library of functions instead of as a standalone program: source ../pupisto.kernel/pupisto.kernel.sh --source # Now call the function: download_patch_and_compile_kernel $KERNEL_VERSION $TWDIR # Move the whole directory to the good place (../pupisto.kernel/) # in order to potentially share it among other filesystem building: BUILT_DIR=_build.linux-${KERNEL_VERSION}.$(date +%Y-%m-%d.%H\h%M).$RANDOM echo "Moving \`$TWDIR/linux-$KERNEL_VERSION' -> \`../pupisto.kernel/$BUILT_DIR'" mv $TWDIR/linux-$KERNEL_VERSION ../pupisto.kernel/$BUILT_DIR ln -s ../../pupisto.kernel/$BUILT_DIR $TWDIR/linux-$KERNEL_VERSION fi fi # ============================================================= # GREETINGS # ============================================================= # Store the log file into the output directory: make_a_human_readable_log_into_working_directory [[ -f $CUSTOM_PACKAGES_NO ]] && mv $CUSTOM_PACKAGES_NO $TWDIR/ [[ -f $CUSTOM_PACKAGES_YES ]] && mv $CUSTOM_PACKAGES_YES $TWDIR/ echo "---" ls -ld $TWDIR echo "---" echo "Pay attention to move (or copy with option \`-a') the filesystem in order to preserve the MTIME." echo "If something goes wrong installing your filesystem, you can restore the correct" echo "MTIME with the following command:" echo "sudo touch -d \$(date -d '@$MTIME') $FS_NAME" echo echo "Success." marionnet-0.90.6+bzr508.orig/uml/pupisto.buildroot/Makefile0000644000175000017500000001576413175722671022561 0ustar lucaslucas# This file is part of marionnet # Copyright (C) 2013, 2014 Jean-Vincent Loddo # Copyright (C) 2013, 2014 Université Paris 13 # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # File system creation based on Builroot (itself based on Busybox) and # kernel patch (ghostification) and compilation # This script builds from scratch a filesystem with the buildroot utilities. # Be careful because sometimes buildroot needs some extras packages according # to the choosen configuration. # ============================================================= # Building `guignol' # ============================================================= KERNEL_VERSION=3.2.64 guignol: dependencies buildroot ./pupisto.buildroot.sh --kernel $(KERNEL_VERSION) --router --name guignol $(OPTIONS) guignol-no-kernel: dependencies buildroot ./pupisto.buildroot.sh --kernel $(KERNEL_VERSION) --router --no-kernel --name guignol $(OPTIONS) guignol-custom: dependencies buildroot ./pupisto.buildroot.sh --kernel $(KERNEL_VERSION) --router --name guignol --custom $(OPTIONS) guignol-debug: dependencies buildroot ./pupisto.buildroot.sh --debug --kernel $(KERNEL_VERSION) --router --name guignol $(OPTIONS) # Make a minimal filesystem, just with Busybox and Bash (useful for testing), without quagga (no --router) and without kernel: minimal: @{ test -f $(CUSTOM_PACKAGES_NO) && cp -v $(CUSTOM_PACKAGES_NO) $(CUSTOM_PACKAGES_NO).backup --backup="numbered"; } || true @{ test -f $(CUSTOM_PACKAGES_YES) && cp -v $(CUSTOM_PACKAGES_YES) $(CUSTOM_PACKAGES_YES).backup --backup="numbered"; } || true @cat /dev/null > $(CUSTOM_PACKAGES_YES) @find ./_build.buildroot/package -name "Config.in" -exec \grep -o "BR2_PACKAGE_[A-Z0-9_]*" {} \; | uniq | sort | uniq > $(CUSTOM_PACKAGES_NO) ./pupisto.buildroot.sh --kernel $(KERNEL_VERSION) --no-kernel --name minimal $(OPTIONS) # ============================================================= # Dependencies # ============================================================= buildroot: ./_build.buildroot ./_build.buildroot: git clone git://git.buildroot.net/buildroot mv buildroot ./_build.buildroot REQUIRED_PACKAGES=whois texinfo git mercurial gcc-multilib unifdef ccache wget fakeroot patch dependencies: @echo "Required packages: $(REQUIRED_PACKAGES)" @which dpkg 1>/dev/null || { echo "Not a Debian system (oh my god!); please install packages corresponding to: $(REQUIRED_PACKAGES)"; exit 1; } @dpkg 1>/dev/null -l $(REQUIRED_PACKAGES) || \ if which aptitude; then \ sudo aptitude install -q -q -q -y $(REQUIRED_PACKAGES); \ elif which apt-get; then \ sudo apt-get install -q -q -q -y $(REQUIRED_PACKAGES); \ else \ exit 1; \ fi @echo Ok. # ============================================================= # Managing and quickly customizing Buildroot's packages # ============================================================= # List all available Buildroot's packages list-available: buildroot @find ./_build.buildroot/package -name Config.in -exec \grep -o "BR2_PACKAGE_[A-Z0-9_]*" {} \; \ | uniq | sort | uniq # List Buildroot's packages cited by our building script: LIST_CITED="\grep -o "BR2_PACKAGE_[A-Z0-9_][A-Z0-9_]*" ./pupisto.buildroot.sh | sort | uniq" list-cited: buildroot @eval $(LIST_CITED) TMPFILE1=/tmp/Makefile.pupisto.buildroot.1 TMPFILE2=/tmp/Makefile.pupisto.buildroot.2 TMPFILE3=/tmp/Makefile.pupisto.buildroot.3 TMPFILE4=/tmp/Makefile.pupisto.buildroot.4 TMPFILES=$(TMPFILE1) $(TMPFILE2) $(TMPFILE3) $(TMPFILE4) CUSTOM_PACKAGES_NO=./_build.custom_packages_no CUSTOM_PACKAGES_YES=./_build.custom_packages_yes # List Buildroot's packages selected by our building script, plus packages manually # selected with $(CUSTOM_PACKAGES_YES), minus package manually selected with $(CUSTOM_PACKAGES_NO). # Note that if a package is customized both as "yes" and "no", the "yes" is prioritary. # In other words, the list of selected packages is built using the formula: # (cited DIFF no) UNION yes list-selected: buildroot @eval $(LIST_CITED) | \grep -v "^BR2_PACKAGE_QUAGGA" > $(TMPFILE1) @cat /dev/null > $(TMPFILE2); @if test -f $(CUSTOM_PACKAGES_NO); then \grep -v "^#" $(CUSTOM_PACKAGES_NO) | sort | uniq > $(TMPFILE2); fi @\grep <$(TMPFILE1) -v -w -F "$$(cat $(TMPFILE2))" > $(TMPFILE3) @cat /dev/null > $(TMPFILE4); @if test -f $(CUSTOM_PACKAGES_YES); then \grep -v "^#" $(CUSTOM_PACKAGES_YES) | sort | uniq > $(TMPFILE4); fi @cat $(TMPFILE3) $(TMPFILE4) | sort | uniq @rm -f $(TMPFILES) # Quickly customize which packages you don't want in the filesystem: customize-packages-no: ./_build.custom_packages_no $$EDITOR $< # Quickly customize which packages you want in the filesystem: customize-packages-yes: ./_build.custom_packages_yes $$EDITOR $< ./_build.custom_packages_no: buildroot @test -f $@ || { make ./_build.custom_packages.initial && mv ./_build.custom_packages.initial $@; } ./_build.custom_packages_yes: buildroot @test -f $@ || { make ./_build.custom_packages.initial && mv ./_build.custom_packages.initial $@; } ./_build.custom_packages.initial: @find ./_build.buildroot/package -name Config.in -exec \grep -o "BR2_PACKAGE_[A-Z0-9_]*" {} \; | uniq | sort | uniq | awk '{print "#"$$0}' >$@ # ============================================================= # clean & help # ============================================================= clean: rm -rf _build.* help: @echo "Usage: make guignol" @echo " or: make guignol-custom" @echo " or: make minimal" @echo " or: make customize-packages-yes" @echo " or: make customize-packages-no" @echo " or: make dependencies" @echo " or: make clean" @echo " or: make help-pupisto" @echo " or: make help" @echo "Examples:" @echo "[1] make guignol" @echo "[2] make guignol-custom" @echo "[3] make customize-packages-no customize-packages-yes guignol" @echo "[4] make customize-packages-no customize-packages-yes guignol-custom" @echo "[5] make help-pupisto" @echo "---" @echo "The example [2] gives you access to the Buildroot's menu configuration." @echo "The example [3] allows you to quickly customize the package selection removing comments from files \`_build.custom_packages_{yes,no}'." @echo "The example [4] provides you both customization methods." @echo "The example [5] is simply equivalent to \`pupisto.buildroot.sh --help'; you can launch directly this script if you want to create the Buildroot's filesystem with special options (name, config)." help-pupisto: ./pupisto.buildroot.sh --help marionnet-0.90.6+bzr508.orig/uml/pupisto.buildroot/README.buildroot0000644000175000017500000000447313175722671023776 0ustar lucaslucasThe compilation of buildroot may fail, depending on the git version. In this case, you can revert to a tested running version (May-June 2013 or June 2014) getting a tarball from our website: #TARBALL=buildroot.2013-05.tar.xz # May-June 2013 TARBALL=buildroot.2014-06.tar.xz # June 2014 wget http://www.marionnet.org/downloads/buildroot/$TARBALL rm -rf _build.buildroot tar xJf $TARBALL make guignol Note also that `make guignol' may fail for a reason that I don't understand currently (and I have no time to understand). But forcing the command to restart in the same directory, the error disappears and the virtual machine is correctly built: OPTIONS='-c _build.guignol-with-linux-3.2.60.2014-06-30.16h14/' make guignol or directly something like: ./pupisto.buildroot.sh --kernel 3.2.60 --router --name guignol -c _build.guignol-with-linux-3.2.60.2014-06-30.16h14/ Note that the same error appears with kernel 3.2.64: --- >>> linux-headers 3.2.64 Configuring (cd /homes/unison/jean/DEVEL/repos/marionnet/uml/pupisto.buildroot/_build.guignol-with-linux-3.2.64.2014-11-25.16h46/buildroot/output/build/linux-headers-3.2.64; PATH="/homes/unison/jean/DEVEL/repo make[1]: entrant dans le répertoire « /homes/unison/jean/DEVEL/repos/marionnet/uml/pupisto.buildroot/_build.guignol-with-linux-3.2.64.2014-11-25.16h46/buildroot/output/build/linux-headers-3.2.64 CHK include/linux/version.h HOSTCC scripts/basic/fixdep HOSTCC arch/x86/tools/relocs UPD include/linux/version.h /bin/sh: 1: scripts/basic/fixdep: not found make[2]: *** [arch/x86/tools/relocs] Erreur 127 make[1]: *** [archscripts] Erreur 2 make[1]: *** Attente des tâches non terminées.... make[1]: quittant le répertoire « /homes/unison/jean/DEVEL/repos/marionnet/uml/pupisto.buildroot/_build.guignol-with-linux-3.2.64.2014-11-25.16h46/buildroot/output/build/linux-headers-3.2.64 » make: *** [/homes/unison/jean/DEVEL/repos/marionnet/uml/pupisto.buildroot/_build.guignol-with-linux-3.2.64.2014-11-25.16h46/buildroot/output/build/linux-headers-3.2.64/.stamp_configured] Erreur 2 make: quittant le répertoire « /homes/unison/jean/DEVEL/repos/marionnet/uml/pupisto.buildroot/_build.guignol-with-linux-3.2.64.2014-11-25.16h46/buildroot » Exiting because of an unexpected error in line 152 --- and disappears in the same way re-launching the script in the same directory. marionnet-0.90.6+bzr508.orig/uml/guest/0000755000175000017500000000000013175722671016526 5ustar lucaslucasmarionnet-0.90.6+bzr508.orig/uml/guest/ssh/0000755000175000017500000000000013175722671017323 5ustar lucaslucasmarionnet-0.90.6+bzr508.orig/uml/guest/ssh/README0000644000175000017500000000102313175722671020177 0ustar lucaslucas1) The following settings in `/etc/sshd_config' allow Marionnet to connect or send commands to virtual machines: PermitRootLogin yes StrictModes no PubkeyAuthentication yes 2) The private key `id_rsa_marionnet' should be used by Marionnet in a command like the following: ssh -i id_rsa_marionnet -o PreferredAuthentications=publickey root@172.23.0.1 ls / 3) The public key `id_rsa_marionnet.pub' should be appended to .ssh/authorized_keys for both "root" and "student" accounts into the virtual machines. marionnet-0.90.6+bzr508.orig/uml/guest/ssh/id_rsa_marionnet.pub0000644000175000017500000000061413175722671023351 0ustar lucaslucasssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPNzykHXpxvqlTqXUjq/7R6D5+QGMy9vlK9P2+P7b15Ihcq2WT2GCpfZzVxuLTGMyI9hiwT0CSE3Y6QLWpiqHc55YZJmDwFPcd84wqRVw9xRtNhMHmLtV2PGptGnehpi/YaBLY5c/5dj8IaXJ3ZDPMxsjn0Iz0WBgvPOcW0ESIioP/ORHz7d+yvNFFPJzLAvOVW7pDEg11eqxCW74azzPnhmVzvUpUH595vH/fQTt6v/bobgWRKBacQ8uoBPR4c9KhV++ZwtUnlGi2juvO0A8+qrcObpa/HZ0bwVS2f87j2fcSEMbxyfAj4knCOGeDLF24c/PWhlCbwPPAqIuQ/aTX root@localhost marionnet-0.90.6+bzr508.orig/uml/guest/ssh/id_rsa_marionnet0000777000175000017500000000000013175722671027763 2../../../share/id_rsa_marionnetustar lucaslucasmarionnet-0.90.6+bzr508.orig/uml/guest/marionnet-relay0000755000175000017500000003657013175722671021575 0ustar lucaslucas#!/bin/bash # This file is part of Marionnet, a virtual network laboratory # Copyright (C) 2007 Luca Saiu # Copyright (C) 2007-2017 Jean-Vincent Loddo # Copyright (C) 2007-2017 Université Paris 13 # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program. If not, see . ### BEGIN INIT INFO # Provides: marionnet-startup # Required-Start: $local_fs $network $syslog # Required-Stop: # Should-Start: # Should-Stop: # Default-Start: 2 3 4 5 # Default-Stop: # Short-Description: Execute actions according to the kernel command line # Description: When Marionnet launches a kernel, it puts on the kernel # command line a set of bindings VARIABLE=VALUE which are # interpreted by this script to execute some actions in # order to make the virtual machine suitable for the user. ### END INIT INFO ########################################### # Source-ing kernel command line # ########################################### # Read kernel command line variables into this shell's environment: # Expected variables: hostname hostfs guestkind ubd0s (or ubda) timezone numeric_TZ console_no debug_mode export $(tr > "$FILE" } ########################################### # hostname # ########################################### # Set the hostname according to the kernel command line: if [[ -n $hostname ]]; then echo $hostname > /etc/hostname # The script `/etc/init.d/hostname.sh' belonged to the package `initscripts' # on old debian systems: if [[ -x /etc/init.d/hostname.sh ]]; then /etc/init.d/hostname.sh start elif type hostname; then hostname $hostname fi &>/dev/null # Make a correct entry in /etc/hosts: append_line_if_needed "127.0.0.1 $hostname" /etc/hosts else echo "Warning: variable 'hostname' undefined" 1>&2 fi ########################################### # hostfs # ########################################### # Mount the hostfs filesystem and add bindings from the hostfs file # `boot_parameters' to this shell environment: if [[ -n $hostfs ]]; then mkdir -p /mnt/hostfs mount none /mnt/hostfs -t hostfs && HOSTFS_MOUNTED=yes && # And also record it on the hostfs filesystem, so that we can # easily tell which guest machine the directory belongs to # *from the host*: [[ -n $hostname ]] && echo $hostname > /mnt/hostfs/GUESTNAME && source /mnt/hostfs/boot_parameters else echo "Warning: variable 'hostfs' undefined" 1>&2 fi ########################################### # xterm title # ########################################### # Show the hostname (and its filesystem) in the terminal window title bar virtual_disk=${ubd0s:-$ubda} if [[ -n $virtual_disk ]]; then # Get the name of the virtual filesystem choosen by the user: virtualfs_name="${virtual_disk##*/}" virtualfs_kind=${virtualfs_name%%-*} # "machine" or "router" virtualfs_name=${virtualfs_name#router-} virtualfs_name=${virtualfs_name#machine-} echo -e '\033]0;'"$hostname ($virtualfs_name)"'\007' else echo "Warning: variable '$virtual_disk' undefined" 1>&2 fi ########################################### # Network configurations # ########################################### # Perform an indirect lookup of the variable $1'_eth'$2, i.e. return # the value of the variable which is the value of the variable named # $1'_eth'$2. function lookup { echo $(eval echo '$'$1'_eth'$2) } # Configure network interfaces: if [[ -n $ethernet_interfaces_no ]]; then for i in $(eval echo {0..$((ethernet_interfaces_no-1))}); do mac_address=`lookup mac_address $i` mtu=`lookup mtu $i` ipv4_address=`lookup ipv4_address $i` ipv4_gateway=`lookup ipv4_gateway $i` ipv4_netmask=`lookup ipv4_netmask $i` ipv6_address=`lookup ipv6_address $i` ipv6_gateway=`lookup ipv6_gateway $i` [[ -z $mac_address ]] || ifconfig eth$i hw ether $mac_address [[ -z $mtu ]] || ifconfig eth$i mtu $mtu # IPv4 configuration. # The variable `ipv4_address' may be defined via the Marionnet GUI with the # CIDR notation, i.e. in the form x.y.z.t/N. However, in order to be # compatible with the busybox (buildroot) implementation of `ifconfig', # Marionnet extracts the address into x.y.z.t and sets `ipv4_address', # then it computes the corresponding netmask and sets `ipv4_netmask'. # So, the command executed here may have a form like: # ifconfig eth0 192.168.0.1 # or # ifconfig eth0 192.168.0.1 netmask 255.255.255.0 if [[ -n $ipv4_address ]]; then if [[ -n $ipv4_netmask ]]; then ifconfig eth$i $ipv4_address netmask $ipv4_netmask else ifconfig eth$i $ipv4_address fi fi if [[ -n $ipv4_gateway ]]; then route add default gw $ipv4_gateway eth$i || \ route add default gw $ipv4_gateway || \ echo 1>&2 "The Ipv4 gateway address (device eth$i) cannot be set" fi # IPv6 configuration. # The variable `ipv6_address' may be defined via the Marionnet GUI with the # CIDR notation. So, the command executed here may have a form like: # ifconfig eth0 inet6 add 2003:abd::1/32 if [[ -n $ipv6_address ]]; then # Try several commands: ifconfig eth$i add $ipv6_address up || \ ifconfig eth$i add $ipv6_address || \ ifconfig eth$i inet6 add $ipv6_address up || \ ifconfig eth$i inet6 add $ipv6_address || \ ip addr add $ipv6_address dev eth0 eth$i || \ ip -6 addr add $ipv6_address dev eth0 eth$i || \ echo 1>&2 "The Ipv6 address cannot be set, neither with \`ifconfig' nor with \`ip'" fi if [[ -n $ipv6_gateway ]]; then # Try several commands: route -A inet6 add default gw $ipv6_gateway eth$i || \ route -A inet6 add default gw $ipv6_gateway || \ ip -6 route add to default via $ipv6_gateway dev eth$i || \ ip -6 route add to default via $ipv6_gateway || \ echo 1>&2 "The Ipv6 gateway address (device eth$i) cannot be set, neither with \`route' nor with \`ip'" fi done fi ########################################### # Ghost interface (eth42) # ########################################### # Activate and immediately "ghostify" our special network # interface communicating with the host: ifconfig eth42 $ip42 up &>/dev/null if type ethghost; then ethghost -g eth42; fi &>/dev/null ########################################### # /etc/fstab # ########################################### # TODO: according to the kernel version! SWAP_DEVICE=/dev/ubdb if [[ -n ${ubd0s} ]]; then ROOT_DEVICE=/dev/ubd0 else ROOT_DEVICE=/dev/ubda fi # Add swap (the swap 'partition' was already created as a # sparse file and initialized with mkswap from the host side): append_line_if_needed \ "$SWAP_DEVICE none swap sw 0 0" \ /etc/fstab ROOT_FS_TYPE=$(awk /proc/sys/kernel/printk ########################################### # DISPLAY # ########################################### # Setting DISPLAY # x11_display_number means and should be renamed "x11_display_number_and_screen": x11_display_number=${x11_display_number#:} DISPLAY_VALUE=172.23.0.254:${x11_display_number:-0} # Support for `ssh' tunnelling: if [[ -n "${mit_magic_cookie_1}" ]] && type -t xauth &>/dev/null; then # We set XAUTHORITY in order to have a configuration # suitable for all users, not just for `root': mkdir -p /etc/X11 export XAUTHORITY="/etc/X11/Xauthority" >$XAUTHORITY chmod a+r $XAUTHORITY xauth add $DISPLAY_VALUE . ${mit_magic_cookie_1} fi # Find a suitable shell configuration file and append the line setting the # variable DISPLAY: for i in /etc/profile /etc/bash.bashrc /root/.bash_profile /root/.bashrc; do if [[ -f $i ]]; then append_line_if_needed "export DISPLAY=$DISPLAY_VALUE" $i if [[ -n $XAUTHORITY ]]; then append_line_if_needed "export XAUTHORITY=$XAUTHORITY" $i; fi break; fi done ########################################### # export TERM=xterm # ########################################### # Find a suitable shell configuration file and append the line setting the # variable TERM: for i in /etc/profile /etc/bash.bashrc /root/.bash_profile /root/.bashrc; do if [[ -f $i ]]; then append_line_if_needed "export TERM=xterm" $i break; fi done ########################################### # Additional consoles (tty1, tty2,..) # ########################################### # Modify /etc/inittab then signal the `init' process # in order to create new tty? consoles: function start_consoles { local LINE_PREFIX="tty" if [[ $1 = "--empty-prefix" ]]; then unset LINE_PREFIX shift fi local REQUIRED_CONSOLE_NO="${1:-1}" local ADDITIONAL_CONSOLES=$((REQUIRED_CONSOLE_NO-1)) local TARGET=/etc/inittab local skip=0 local i for ((i=1; i<=ADDITIONAL_CONSOLES; i=i+1)); do if grep -q "^#${LINE_PREFIX}${i}:" $TARGET; then sed -i -e "s/^#${LINE_PREFIX}${i}:/${LINE_PREFIX}${i}:/" $TARGET elif ! grep -q "^${LINE_PREFIX}${i}:" $TARGET; then local TTY0_LINE LINE TTY0_LINE=$(grep "^${LINE_PREFIX}0:" $TARGET) LINE=$(echo ${TTY0_LINE//${LINE_PREFIX}0/${LINE_PREFIX}$i}) [[ -z "$LINE" ]] || echo $LINE >> $TARGET else let skip=skip+1 fi done [[ $skip = $ADDITIONAL_CONSOLES ]] || kill -HUP 1 # Update inittab: for ((i=ADDITIONAL_CONSOLES+1; i<=8; i=i+1)); do if grep -q "^${LINE_PREFIX}${i}:" $TARGET; then sed -i -e "s/^${LINE_PREFIX}${i}:/#${LINE_PREFIX}${i}:/" $TARGET fi done } # LINE_PREFIX may be empty (Debian) or "tty" (Buildroot): local LINE_PREFIX=$(grep "^[^#].*/sbin/getty" /etc/inittab | cut -f1 -d: | head -n 1) LINE_PREFIX=${LINE_PREFIX%?} # chop last char case "$LINE_PREFIX" in tty) start_consoles "$console_no" ;; "") start_consoles --empty-prefix "$console_no" ;; esac ########################################### # quagga # ########################################### # Fix owner and modalities anyway (machine or router): # --- # Fix quagga ownership, if required, in order to enable # the user to save his configurations (write memory): TARGET=/var/quagga mkdir -p $TARGET chown quagga:quagga $TARGET # --- TARGET=/etc/quagga { [[ -d $TARGET ]] && grep -q quagga /etc/group && ls -ld $TARGET | awk '{print $4}' | grep -q root && chown -R quagga:quagga $TARGET; } || true # --- if [[ $virtualfs_kind = "router" || $guestkind = "router" ]]; then # Activate IP (v4/v6) forwarding: echo 1 > /proc/sys/net/ipv4/ip_forward echo 1 > /proc/sys/net/ipv6/conf/all/forwarding # The following lines should be unnecessary: TARGET="/etc/init.d/S91quagga" if [[ ! -e $TARGET ]]; then ln -sf quagga $TARGET # will be useful the next boot /etc/init.d/quagga start # useful now fi # --- fi ########################################### # timezone # ########################################### function echo_export_TZ { # global numeric_TZ local NTZ=${1:-$numeric_TZ} local h IFS=: read h _ <<<"$NTZ" let h=-1*h if [[ $h -gt 0 ]]; then echo "export TZ=UTC+$h" elif [[ $h -lt 0 ]]; then echo "export TZ=UTC$h" else echo "export TZ=UTC" fi } # echo_export_TZ # Example: timezone="Europe/Paris" if [[ -n $timezone && -e /usr/share/zoneinfo/$timezone ]]; then rm -f /etc/{timezone,localtime} ln -s /usr/share/zoneinfo/$timezone /etc/timezone ln -s /usr/share/zoneinfo/$timezone /etc/localtime fi if [[ -n $numeric_TZ ]]; then local LINE LINE=$(echo_export_TZ $numeric_TZ) append_line_if_needed "$LINE" /etc/profile fi ###################################### # Source `marionnet-relay' patches # ###################################### # 1) Source generic patches: # /mnt/hostfs/marionnet-relay* # # 2) Source machine-specific (or router-specific) patches: # /mnt/hostfs/${virtualfs_name}.relay* if [[ $HOSTFS_MOUNTED = yes ]]; then # Ex: machine-debian-wheezy-42007 virtualfs_name="${virtual_disk##*/}" local i for i in /mnt/hostfs/{$virtualfs_name.,marionnet-}relay*; do echo "Source-ing $i ..." source "$i"; done fi ### echo "OK" clear # Instead of launching getty with option "-f /etc/issue.linuxlogo", # we simply execute the command linuxlogo: if type &>/dev/null linuxlogo && [[ -f /etc/issue.marionnet ]]; then linuxlogo > /etc/issue cat /etc/issue.marionnet >>/etc/issue fi } ########################## END of function start() # ======================================================== # # STOP () # # ======================================================== # function stop { echo -n "Marionnet shutdown tunings... " ########################################### # Mrproper take care of /etc/hosts # ########################################### function remove_line_if_needed { local LINE="$1" local FILE="$2" local temporary_file if test -f "$FILE" && grep -q "^${LINE}$" "$FILE"; then temporary_file=$(mktemp /tmp/$(basename $0).XXXXXX) && \ grep -v "^${LINE}$" "$FILE" > $temporary_file && \ mv -f $temporary_file "$FILE" fi } # Remove the host name from /etc/hosts: the user might change it # when the virtual machine is off: remove_line_if_needed "127.0.0.1 $hostname" /etc/hosts echo "OK" } ########################## END of function stop() case "$1" in start) start ;; stop) stop ;; *) echo "Usage: $0 {start|stop}" exit 1 ;; esac marionnet-0.90.6+bzr508.orig/uml/guest/bashrc0000644000175000017500000000451713175722671017722 0ustar lucaslucas# Some aliases and simple but useful functions for system/network exercices. # J.V. Loddo - Licence: GPL export PS1='[$? \u@\[\e[0;36m\]\h\[\e[m\] \w]\\$ ' # Without colored hostname: # export PS1='[$? \u@\h \w]\\$ ' alias ls='ls -Fs --color' alias ll="ls -lh" alias la="ls -alh" alias lt="ls -lth" alias '..'='cd ..' # Verbose dhclient (ignored by busybox) alias dhclient='dhclient -v' # The preferable default is "nullglob on" but the # bash-completion doesn't run properly with it, so: if type &>/dev/null dh_bash-completion; then shopt -u nullglob else shopt -s nullglob fi # Clean $PATH export PATH=$(for i in ${PATH//:/ }; do [[ -d $i ]] && echo $i ; done | uniq | tr '\n' ':') PATH=${PATH%:} export EDITOR="nano" # Get the specified field of each line: function field { local N=${1:-1}; shift; cat "$@" | awk -v N=$N '{print $N}'; } export field # Like `which' but reads links recursively. Useful for instance to quickly know # if a binary name corresponds to busybox: function what { local W B if W=$(which "$1"); then if B=$(readlink -f $W); then echo $B else echo $W fi else return 1 fi } export what # TCP listening ports: function tcp_ports { local CMD if [[ $(what netstat) = "/bin/busybox" ]]; then CMD="sudo netstat -tln" else CMD="sudo netstat -tlnp" fi if [[ $# = 0 ]]; then $CMD else local ARGS="$@"; $CMD | \grep "${ARGS// /\\|}" fi } export tcp_ports # UDP waiting ports: function udp_ports { local CMD if [[ $(what netstat) = "/bin/busybox" ]]; then CMD="sudo netstat -una" else CMD="sudo netstat -unpa" fi if [[ $# = 0 ]]; then $CMD else local ARGS="$@"; $CMD | \grep "${ARGS// /\\|}" fi } export udp_ports # Listening unix ports function unix_ports { local CMD="sudo netstat -xnpa | \grep LISTENING" if [[ $# = 0 ]]; then eval $CMD else local ARGS="$@"; eval $CMD | \grep "${ARGS// /\\|}" fi } export unix_ports # Service ports (TCP, UDP or UNIX): function srv_ports { echo "--- TCP listening ports" tcp_ports "$@" echo "--- UDP waiting ports" udp_ports "$@" echo "--- UNIX listening ports" unix_ports "$@" } export srv_ports # Files opened by a command: # Example: opened_by bash function opened_by { local TMPFILE=$(mktemp) strace 2>$TMPFILE "$@" . # When tracing, print the line number and current stack of function calls: PS4='+ [#${LINENO}$(A=${FUNCNAME[@]}; A=${A% main}; A=${A// /\|}; [[ -n $A ]] && echo " ${A}")] ' # ============================================================= # REMEMBER TRACING ACTIONS # (set [-+]x) # ============================================================= function set_tracing { # global BASH_XTRACING export BASH_XTRACING=y set -x } function unset_tracing { # global BASH_XTRACING set +x unset BASH_XTRACING } function pause_tracing { # global BASH_XTRACING BASH_XTRACING_PAUSE if [[ $BASH_XTRACING = y ]]; then export BASH_XTRACING_PAUSE=y unset_tracing fi } function continue_tracing { # global BASH_XTRACING BASH_XTRACING_PAUSE if [[ $BASH_XTRACING_PAUSE = y ]]; then unset BASH_XTRACING_PAUSE set_tracing fi } # ============================================================= # BREAK POINTS # ============================================================= function set_debugging { # global DEBUGGING_MODE DEBUGGING_MODE=y } function unset_debugging { # global DEBUGGING_MODE unset DEBUGGING_MODE } # Set a break point for debugging. When a break point is reached # in "debugging" mode, a bash shell is launched in order to allow # to inspect current variables or file contents. # # Usage: # source toolkit_debugging.sh # set_debugging # ... # ___break_point___ # ... # ___break_point___ # ... function ___break_point___ { # global BASH_XTRACING DEBUGGING_MODE BREAK_POINT_NO local restore_tracing if [[ -n $BASH_XTRACING ]]; then unset_tracing restore_tracing=y fi let BREAK_POINT_NO=BREAK_POINT_NO+1 # Ignore if we are not in debugging mode: [[ $DEBUGGING_MODE = "y" ]] || return 0 local f fl v # Export all defined UPPERCASE variables: v=$(\grep -o '[A-Z][A-Z_0-9]*=' $0 | awk -F= '{print $1}' | uniq | sort | uniq | tr '\n' ' ') export $v # Export all defined functions (defined with the syntax "function foo {..}"): for f in $(awk '/^[ ]*function/ {print $2}' $0); do { type &>/dev/null $f && export -f $f && fl+="$f\n"; } || true done echo "--- Break point" echo "--- Variables:" echo "${v// / }" | fmt -w 80 echo "--- Functions:" echo "$(echo -e $fl | sort | tr '\n' ' ')" | fmt -w 80 echo "---" echo "--- Bash subshell launched for debugging: (exit with CTRL-D)" echo "---" PS1='--- [BREAK-POINT-'$BREAK_POINT_NO'][$? \W]\\$ ' bash --noprofile --norc 0<$(tty) 1>$(tty) 2>$(tty) if [[ -n $restore_tracing ]]; then set_tracing fi } function set_once_actions_file { # global ONCE_ACTIONS_FILE ONCE_ACTIONS_FILE="$1" echo 1>&2 "Once actions file set to \`$ONCE_ACTIONS_FILE'" } function make_temporary_once_actions_file { # global ONCE_ACTIONS_FILE set_once_actions_file "$(mktemp /tmp/$(basename $0).once_actions_file.XXXXXX)" } # Usage: once [-r/--register-anyway] # Register successfully executed commands in order to prevent to repeat their execution. function once { local REGISTER_ANYWAY if [[ $1 = "--register-anyway" || $1 = "-r" ]]; then REGISTER_ANYWAY=y shift fi # global ONCE_ACTIONS_FILE [[ -n "$ONCE_ACTIONS_FILE" ]] || make_temporary_once_actions_file >>"$ONCE_ACTIONS_FILE" # We define variable with unusual names in order to prevent us to # hide some environment variable with these names. local ___CODE___=0 local ___POINT___ ___POINT___=$(echo "${FUNCNAME[@]} ### ${BASH_SOURCE[@]} ### ""$@") if grep -q "^${___POINT___}$" "$ONCE_ACTIONS_FILE"; then echo "Already done, skipping." else "$@" || ___CODE___=$? if [[ -n $REGISTER_ANYWAY || ${___CODE___} -eq 0 ]]; then echo "${___POINT___}" >> $ONCE_ACTIONS_FILE fi fi return ${___CODE___} } function exiting_because_error { echo -e "Exiting because of an unexpected error in line $BASH_LINENO" exit 3 } # Trap errors: trap exiting_because_error ERR # Automatically export previously defined functions: export -f $(awk '/^function/ {print $2}' ${BASH_SOURCE[0]}) marionnet-0.90.6+bzr508.orig/uml/pupisto.common/toolkit_config_files.sh0000644000175000017500000003135113175722671025124 0ustar lucaslucas#!/bin/bash # (file to be sourced) # This file is part of marionnet # Copyright (C) 2013 Jean-Vincent Loddo # Copyright (C) 2013 Université Paris 13 # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # ============================================================= # TABULAR FILES UPDATES # ============================================================= # Example: # tabular_file_update -i -d ":" -k 1 --key-value "root" -f 7 --field-value "/bin/bash" --field-old-value "/bin/sh" etc/passwd # Returns with following codes: # 0 => successfully finished and file updated # 1 => successfully finished but file unchanged (neutralized by option --ignore-unchanged) # 2 => failed somewhere function tabular_file_update { local SEP KEY KEY_VALUE FIELD_NO FIELD_NEW_VALUE FIELD_OLD_VALUE FIELD_OLD_REGEXP local EDIT_IN_PLACE BACKUP IGNORE_BLANKS IGNORE_UNCHANGED local RETURN_CODE local BOOLEAN_AND=1 # Defaults KEY=1 FIELD_OLD_REGEXP="" # Parsing actuals: while [[ -${1#-} = $1 ]]; do case "$1" in -d|-F|--field-separator) SEP="$2"; shift 2 ;; -k|--key-no) KEY="$2"; shift 2 ;; -kv|--key-value) KEY_VALUE="$2"; shift 2 ;; -f|--field-no) FIELD_NO="$2"; shift 2 ;; -fv|--field-value) FIELD_NEW_VALUE="$2"; shift 2 ;; -fov|--field-old-value) FIELD_OLD_VALUE="$2"; shift 2 ;; -for|--field-old-regexp) FIELD_OLD_REGEXP="$2"; shift 2 ;; --ignore-blanks) IGNORE_BLANKS=y; shift ;; --ignore-unchanged) IGNORE_UNCHANGED=y; shift ;; -i|--in-place) EDIT_IN_PLACE=y; shift ;; -b|--backup) BACKUP=y; shift ;; *) echo "Unknown option: $1"; return 2 ;; esac done local FS OFS if [[ -z "$SEP" ]]; then # Awk defaults: FS="[ \t][ \t]*" OFS=" " elif [[ -z "$IGNORE_BLANKS" ]]; then FS="$SEP" OFS="$SEP" else FS="[ \t]*${SEP}[ \t]*" OFS="$SEP" fi [[ -n "$KEY_VALUE" ]] || { echo "Wrong arguments: --key-value must be specified" ; return 2; } FIELD_NO=${FIELD_NO:-$KEY} if [[ -z "$FIELD_OLD_VALUE" && "$KEY" = "$FIELD_NO" ]]; then FIELD_OLD_VALUE=$KEY_VALUE fi local TMPFILE=$(mktemp) for FILE in "$@"; do if [[ -n "$FIELD_OLD_VALUE" ]]; then awk <"$FILE" >"$TMPFILE" \ -F "$FS" -v OFS="$OFS" \ -v KEY="$KEY" \ -v KEY_VALUE="$KEY_VALUE" \ -v FIELD_NO=$FIELD_NO \ -v FIELD_NEW_VALUE="$FIELD_NEW_VALUE" \ -v FIELD_OLD_VALUE="$FIELD_OLD_VALUE" \ -v FIELD_OLD_REGEXP="$FIELD_OLD_REGEXP" \ '($KEY == KEY_VALUE) && ($FIELD_NO == FIELD_OLD_VALUE) && ($FIELD_NO ~ FIELD_OLD_REGEXP) { for (i=1; i$TMPFILE \ -F "$FS" -v OFS="$OFS" \ -v KEY="$KEY" \ -v KEY_VALUE="$KEY_VALUE" \ -v FIELD_NO=$FIELD_NO \ -v FIELD_NEW_VALUE="$FIELD_NEW_VALUE" \ -v FIELD_OLD_REGEXP="$FIELD_OLD_REGEXP" \ '($KEY == KEY_VALUE) && ($FIELD_NO ~ FIELD_OLD_REGEXP) { for (i=1; i/dev/null -q "$FILE" $TMPFILE; then RETURN_CODE=1 # no update! else RETURN_CODE=0 # update occurred (or ignore the question if --ignore-unchanged is set) fi let BOOLEAN_AND="BOOLEAN_AND*RETURN_CODE" || true # An update occurred: if [[ $EDIT_IN_PLACE = "y" && $RETURN_CODE = 0 ]]; then if [[ $BACKUP = "y" ]]; then cp -v "$FILE" "$FILE.backup" --backup="numbered" 1>&2 fi # Now rewrite FILE: cat "$TMPFILE" > "$FILE" elif [[ $EDIT_IN_PLACE = "y" && $RETURN_CODE = 1 ]]; then : else cat "$TMPFILE" fi || return 2 done rm $TMPFILE # Return 0 if at least one update occurred: return $BOOLEAN_AND } # Build the `grep' regexp that exactly matches the given string: function quoting_for_grep { sed <<<"$1" \ -e 's/\[/\\\[/g' \ -e 's/\]/\\\]/g' \ -e 's/\./\\\./g' \ -e 's/[*]/\\*/g' \ -e 's/[|]/\\|/g' \ -e 's/^\^/\\\^/g' \ -e 's/\$$/\\\$/g' } # Example: # test_quoting_for_grep '^[2.6.18-(ghost)] | con=none^ ssl=$xterm console=ttyS0$' # returns with 0 function test_quoting_for_grep { \grep "$(quoting_for_grep "$1")" <<<"$1" # must return 0 everytime! } # ============================================================= # USER-COMPLIANT CONFIGURATION FILES # ============================================================= # Set a configuration binding (,) updating a line if possible, # or removing (and updating) a commented line if it exists or, as last # attempt, appending a row in the form "" in the specified # file(s). # # Usage: user_config_set [].. # # Examples: # user_config_set "PermitRootLogin" " " "yes" /etc/sshd_config # # Returns with following codes: # 0 => successfully finished and file updated (or --ignore-unchanged is set) # 1 => successfully finished but file unchanged (and --ignore-unchanged is not set) # 2 => failed somewhere function user_config_set { local RETURN_CODE_WHEN_UNCHANGED=1 # by default local IGNORE_UNCHANGED # --- if [[ $1 = "--ignore-unchanged" ]]; then RETURN_CODE_WHEN_UNCHANGED=0 IGNORE_UNCHANGED="$1" shift fi # --- local KEY_VALUE="$1" local DELIMITER="$2" # '=', ':', .. local FIELD_VALUE="$3" # Check actuals: [[ $# -ge 3 && -n $KEY_VALUE && -n $DELIMITER ]] || { echo "Usage: user_config_set [].." return 2 } # --- local INFILE OUTFILE local WORKINGFILE=$(mktemp) shift 3 if [[ $# -eq 1 ]]; then INFILE="$1" OUTFILE="$1" { [[ -f "$INFILE" ]] && [[ -r "$INFILE" ]] && [[ -w "$INFILE" ]]; } || { echo "File $INFILE doesn't exist or doesn't have read-write permissions." echo "Usage: user_config_set [].." return 2 } elif [[ $# -eq 0 ]]; then INFILE=/dev/stdin OUTFILE=/dev/stdout else local BOOLEAN_AND=1 for INFILE in "$@"; do if user_config_set $IGNORE_UNCHANGED "$KEY_VALUE" "$DELIMITER" "$FIELD_VALUE" "$INFILE"; then BOOLEAN_AND=0; else true fi done return $BOOLEAN_AND fi cat "$INFILE" > $WORKINGFILE local FS="[ \t]*[$DELIMITER][ \t]*" local OFS="$DELIMITER" # Try to find the required binding: if \grep -q "^[ \t]*${KEY_VALUE}${FS}$(quoting_for_grep "${FIELD_VALUE}")[ \t]*$" $WORKINGFILE; then # Fine! no update required: rm $WORKINGFILE return $RETURN_CODE_WHEN_UNCHANGED fi # Unset keys at the same place if the delimiter appears twice: sed -i -e "s/^[ \t]*${KEY_VALUE}${FS}.*${FS}.*/${KEY_VALUE}${OFS}/" $WORKINGFILE # Try to update the file with `tabular_file_update': if tabular_file_update -d "$DELIMITER" --ignore-blanks -i -k 1 --key-value "$KEY_VALUE" -f 2 --field-value "$FIELD_VALUE" "$WORKINGFILE"; then cat $WORKINGFILE > $OUTFILE rm $WORKINGFILE return 0 elif \grep -q "^[ \t]*${KEY_VALUE}${FS}$(quoting_for_grep "${FIELD_VALUE}")[ \t]*" $WORKINGFILE; then # Fine! no update performed: return $RETURN_CODE_WHEN_UNCHANGED else # No update occurred but it's needed, so: local TMPFILE=$(mktemp) # Remove comment any line "# ": sed -e "s/^[#][#]*[ \t]*${KEY_VALUE}${FS}/${KEY_VALUE}${OFS}/" $WORKINGFILE > $TMPFILE if diff 1>/dev/null -q $TMPFILE "$WORKINGFILE"; then # There wasn't a commented line, so we append a new line: echo "${KEY_VALUE}${OFS}${FIELD_VALUE}" >> $WORKINGFILE else local CODE=0 # There was a commented line, so we have just to update (if required) this line: tabular_file_update $IGNORE_UNCHANGED -d "$DELIMITER" --ignore-blanks -k 1 --key-value "$KEY_VALUE" -f 2 --field-value "$FIELD_VALUE" "$TMPFILE" > $WORKINGFILE || CODE=$? if [[ $CODE = 2 ]]; then return 2; fi fi cat $WORKINGFILE > $OUTFILE rm $TMPFILE $WORKINGFILE return 0 fi } # ============================================================= # CONFIGURATION FILES # (not necessarily user-compliant) # # Lines are supposed structured as: # where is by default the regexp [ \t]*[=][ \t]* # ============================================================= # Note that these files are considered not necessarily user-compliant # in the sense that the update of a binding (key,value) it's not written # at the line citing `key' in a comment or in a previous binding. # Any previous binding with the same key is removed and the new binding is # (re-)appended. # For a more user-friendly update, call the function `user_config_set' defined # below. # Example of session: # --- # source toolkit_config_files.sh # set_default_config_field_separator "=" # not really needed, the default would be suitable # set_default_config_file "linux-3.2.44/.config" # cp linux-3.2.44/.config{,.0} # get_config_variable CONFIG_UML # n # set_config_variable CONFIG_UML y # get_config_variable CONFIG_UML # y # set_config_variable CONFIG_UML '"YES"' # get_config_variable CONFIG_UML # "YES" # get_config_variable_unquoting CONFIG_UML # YES # get_config_variable CONFIG_UML linux-3.2.44/.config.0 # n # --- # Global default used by configuration variable setter/getter: function set_default_config_file { # global DEFAULT_CONFIG_FILE DEFAULT_CONFIG_FILE="$1" } # Set these defaults source-ing: DEFAULT_CONFIG_FILE_FS="[ \t]*[=][ \t]*" DEFAULT_CONFIG_FILE_OFS="=" # Examples: # set_default_config_field_separator ":" # set_default_config_field_separator "=" # set_default_config_field_separator "=" "=" # set_default_config_field_separator "[ \t]*[=][ \t]*" "=" # it's the default! # set_default_config_field_separator "[ \t]*[:][ \t]*" "=" function set_default_config_field_separator { # global DEFAULT_CONFIG_FILE_{FS,OFS} if [[ $# = 2 ]]; then DEFAULT_CONFIG_FILE_FS="$1" DEFAULT_CONFIG_FILE_OFS="$2" elif [[ $# = 1 && $(echo -n "$1" | wc -c) = 1 ]]; then DEFAULT_CONFIG_FILE_FS="$1" DEFAULT_CONFIG_FILE_OFS="$1" else echo "Usage: set_default_config_field_separator []" return 2 fi } # Set removing potential similar binding, then appending the # provided binding. # Note that the target ($3) is by default the file defined # by the global variable DEFAULT_CONFIG_FILE function set_config_variable { # global DEFAULT_CONFIG_FILE{,_FS,_OFS} local NAME=$1 local VALUE="$2" local CONFIG_FILE=${3:-$DEFAULT_CONFIG_FILE} # --- local LOCAL_DEFAULT_FS="[ \t]*[=][ \t]*" local FS="${DEFAULT_CONFIG_FILE_FS:-$LOCAL_DEFAULT_FS}" local OFS=${DEFAULT_CONFIG_FILE_OFS:-=} sed -i -e "s/^${NAME}${FS}.*$//" $CONFIG_FILE echo "${NAME}${OFS}${VALUE}" >> $CONFIG_FILE } # Note that the target ($2) is by default the file defined # by the global variable DEFAULT_CONFIG_FILE function unset_config_variable { # global DEFAULT_CONFIG_FILE{,_FS} local NAME=$1 local CONFIG_FILE=${2:-$DEFAULT_CONFIG_FILE} # --- local LOCAL_DEFAULT_FS="[ \t]*[=][ \t]*" local FS="${DEFAULT_CONFIG_FILE_FS:-$LOCAL_DEFAULT_FS}" local TMPFILE=$(mktemp) \grep -v "^${NAME}${FS}" $CONFIG_FILE >$TMPFILE cat $TMPFILE >$CONFIG_FILE rm -f $TMPFILE } function get_config_variable { # global DEFAULT_CONFIG_FILE{,_FS} local NAME=$1 local CONFIG_FILE=${2:-$DEFAULT_CONFIG_FILE} # --- local LOCAL_DEFAULT_FS="[ \t]*[=][ \t]*" local FS="${DEFAULT_CONFIG_FILE_FS:-$LOCAL_DEFAULT_FS}" awk <$CONFIG_FILE -v NAME=$NAME -F "$FS" '$1 == NAME {print $2}' } function get_config_variable_unquoting { # global DEFAULT_CONFIG_FILE{,_FS} get_config_variable "$@" | sed -e 's/^"\(.*\)"$/\1/' -e "s/^'\(.*\)'$/\1/" } # Sort and merge configuration files removing comments and empty lines. # We are supposing that the order of line is not important. # TODO: it would be nice to implement `sort_and_merge_user_config_files' function sort_and_merge_config_files { cat "$@" | awk 'NF>0 && $1 !~ /^#/' | sort | uniq } # Automatically export previously defined functions: export -f $(awk '/^function/ {print $2}' ${BASH_SOURCE[0]}) marionnet-0.90.6+bzr508.orig/uml/pupisto.common/toolkit_chroot.sh0000644000175000017500000002666713175722671024011 0ustar lucaslucas#!/bin/bash # (file to be sourced) # This file is part of marionnet # Copyright (C) 2013 Jean-Vincent Loddo # Copyright (C) 2013 Université Paris 13 # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # ============================================================= # ENHANCED VERSION OF chroot # ============================================================= # In order to prevent annoying messages related to locales: GLOBAL_LOCALE="en_US.utf8" shopt -s expand_aliases alias chroot='LANG='$GLOBAL_LOCALE' LC_ALL=$LANG LC_MESSAGES=$LANG LANGUAGE=$LANG chroot' # Create a temporary file in /tmp/ starting with "$1" and followed by # the current timestamp: function mkTMPFILE { mktemp /tmp/${1}.$(date +%H\h%M | tr -d " ").XXXXXX } # 1-column file difference: function list_diff { [[ -f "$1" && -f "$2" ]] || { return 1; } local PATTERNS=$(sort "$2" | uniq) sort "$1" | uniq | \grep -v -w -F "$PATTERNS" } # rewrite [-f/--follow] FILE with COMMAND # Examples: # $ rewrite FOO with grep "DATE=" FOO # $ rewrite FOO with grep "DATE=" $TMPFILE CODE=$? else "$@" >> $TMPFILE CODE=$? fi else "$@" | tee $APPEND $TMPFILE CODE=$? fi cat $TMPFILE > $TARGET rm -f $TMPFILE return $CODE } # A straightforward alternative to `sudo_fcall rewrite'. # Note that it's important to leave the sudo stdin empty # in order to prevent `sudo' from asking the password every time. # # Usage: sudo_fprintf [-a|--append] [-m|--mode|--chmod MODE] FILE FORMAT [ARGUMENT]... function sudo_fprintf { local APPEND if [[ $1 = "-a" || $1 = "--append" ]]; then APPEND="y" shift fi # --- local MODALITIES if [[ $1 = "-m" || $1 = "--mode" || $1 = "--chmod" ]]; then MODALITIES="$2" shift 2 || return 1 fi # --- local TARGET="$1" shift # --- local TMPFILE=$(mktemp) if [[ -n $APPEND && -f $TARGET ]]; then sudo cp "$TARGET" "$TMPFILE" fi printf "$@" >>$TMPFILE && sudo cp $TMPFILE "$TARGET" if [[ -n $MODALITIES ]]; then sudo chmod $MODALITIES $TARGET; fi rm $TMPFILE } # Return the list of pids still rooted in $1 function pidsrooted { local ROOT=$(realpath "$1") local i # The command `find' below is too noisy: type pause_tracing &>/dev/null && pause_tracing for i in $(find /proc -maxdepth 1 -noleaf -name "[1-9]*"); do echo -n "$i "; readlink $i/root; done | cut -c7- | \grep $ROOT | cut -d" " -f1 | tac | tr '\n' ' ' type continue_tracing &>/dev/null && continue_tracing } # Return the list of fs mounted in $1 (except /proc and /sys) function fsmounted { local ROOT=$(realpath "$1") cat /proc/mounts | \grep "$ROOT/" | awk '{print $2}' | \grep -v "$ROOT/proc" | \grep -v "$ROOT/sys" | tac | tr '\n' ' ' } # Usage: TICKET=$(save_files XXX YYY ... ZZZ) function save_files { local ARCHIVE=$(mktemp) tar -czf $ARCHIVE "$@" echo "$PWD:$ARCHIVE" } # Usage: restore_files $TICKET # where TICKET has been provided by `save_files' function restore_files { local OLD_PWD ARCHIVE IFS=: read OLD_PWD ARCHIVE <<<"$1" tar -C $OLD_PWD -xzf $ARCHIVE && rm -f $ARCHIVE } # Usage: sudo_fcall FUNCTION ACTUALS.. # Limitations: the called function can call itself only the exported functions; # you can show these functions with `export -fp'. function sudo_fcall { # global COOL_SUDO [[ $# -ge 1 ]] || return 2 local FUNC="$1" if [[ -z $COOL_SUDO ]]; then COOL_SUDO=$(mktemp /tmp/COOL_SUDO.XXXXXX) export COOL_SUDO chmod +x $COOL_SUDO fi # --- echo '#!/bin/bash' > $COOL_SUDO # Put the definition of all exported functions: export -pf >> $COOL_SUDO # --- # Put the definition of all exported variables: { echo 'PATH_BACKUP=$PATH'; # save the current root's setting export -p; echo 'PATH=$PATH_BACKUP:$PATH'; # restore the root's setting; } >> $COOL_SUDO # --- # Put all current set-options (-e, -x, ..): echo "set -$-"; # --- # Put the definition of the called function: type $FUNC | tail -n +2 >> $COOL_SUDO # --- # Tracing: if [[ $BASH_XTRACING = y ]]; then echo "PS4='+ [$COOL_SUDO] $PS4'" >> $COOL_SUDO fi # --- # Put now the command that we want to execute as root: echo "$@" >> $COOL_SUDO # --- # Finally call the script with sudo: sudo $COOL_SUDO } # Enhanced chroot: imports caller's system configurations (network,X,..) # and exits very cleanly (killing, unmounting,..). # Usage: sudo_fcall careful_chroot ... function careful_chroot { # global GLOBAL_LOCALE [[ $# -ge 1 ]] || return 2 local ROOT=$(realpath "$1") shift [[ -d $ROOT && -x $ROOT ]] || return 1 test $(id -u) -eq 0 || { echo 1>&2 "You must be root to call this function"; return 3; } # --- local i # Go to the target, but not in a chrooted environnement: pushd "$ROOT" 1>&2 2>/dev/null # Manage the /dev/null problem local DEV=$(df "$ROOT" | grep "^/dev" | cut -f1 -d" ") if [[ -n $DEV ]]; then mount -o remount,dev $DEV else # May be an aufs? DEV=$(df . | tail -n 1 | cut -f1 -d" ") if [[ "$DEV" = aufs ]]; then : # Do nothing else # Probably a loopback, try to remount with the dev option mount -o remount,dev . || true fi fi # Mount /proc and /sys local LEAVE_PROC_MOUNTED LEAVE_SYS_MOUNTED mount -t proc proc ./proc || LEAVE_PROC_MOUNTED=y mount -t sysfs sysfs ./sys || LEAVE_SYS_MOUNTED=y # Save relevant files local TICKET=$(save_files "etc/resolv.conf" "root/.bashrc" "etc/fstab") # Copy relevant files from current root: local TFILES="etc/resolv.conf" for i in $TFILES; do rm -f $i; cat /$i > $i; done # X server type -P xhost &>/dev/null && xhost 1>&2 + localhost echo "export DISPLAY=${DISPLAY:-localhost:0.0}" >> root/.bashrc # clear fstab >etc/fstab # Go: local L="${GLOBAL_LOCALE:-en_US.utf8}" LANG=$L LC_ALL=$L LC_MESSAGES=$L LANGUAGE=$L chroot $PWD "$@" local RETURN_CODE=$? sync # Restore previously saved files: restore_files $TICKET # Clean history echo 1>&2 "Cleaning history..." # Note that the following setting is not persistent, because this # function will be executed by a distinct Bash interpreter (called # by the wrapper `sudo_fcall'): shopt -s nullglob for i in "$PWD"/{root/,home/*/}.bash_history; do >$i; done # Kills all processes rooted in the previous root ROOT=$(realpath $PWD) local LIST=$(pidsrooted $PWD) echo 1>&2 -n "Killing all processes rooted here (${LIST% *}) ..." chroot "$ROOT" bash -c "for i in $LIST; do kill -15 \$i && sleep 1s; done" 2>/dev/null || true sleep 1s chroot "$ROOT" bash -c "for i in $LIST; do kill -9 \$i && sleep 1s; done" 2>/dev/null || true echo 1>&2 " done." # Warning for processes still running LIST=$(pidsrooted $PWD) [[ -z $LIST ]] || { echo 1>&2 "WARNING: the following list of processes still running with root=$ROOT" local NAME PID for i in $LIST; do NAME=$(grep '^Name:' /proc/$i/status) PID=$(grep '^Pid:' /proc/$i/status) echo 1>&2 -e "$NAME\t($PID)" done } # Umount all but /proc and /sys LIST=$(fsmounted $PWD) for i in $LIST; do umount $i 2>/dev/null; done # Warning for fs still mounted LIST=$(fsmounted $PWD) if [[ -z $LIST ]]; then # Finally umount /proc and /sys [[ $LEAVE_PROC_MOUNTED = y ]] || umount ./proc [[ $LEAVE_SYS_MOUNTED = y ]] || umount ./sys else echo 1>&2 "WARNING: the following list of filesystems are still mounted in $ROOT" cat /proc/mounts | \grep "$ROOT/" 1>&2 fi popd 1>&2 return $RETURN_CODE } # Simply an shorthand to `sudo_fcall careful_chroot': function sudo_careful_chroot { sudo_fcall careful_chroot "$@" } # Copy with tar the content of directory into another (existing or not). # Usage: copy_content_into_directory ORIGDIR [DESTDIR] # By default DESTDIR=. function copy_content_into_directory { [[ $# -ge 1 && -e "$1" ]] || return 2 local ORIG="$1"; local ORIGDIR ORIGNAME if [[ -d $ORIG ]]; then ORIGDIR="$ORIG"; ORIGNAME=./ else ORIGDIR=$(dirname "$ORIG"); ORIGNAME=$(basename "$ORIG"); fi local DESTDIR="${2:-$PWD}"; [[ -d $DESTDIR ]] || mkdir -p $DESTDIR if [[ $(realpath $ORIGDIR) = $(realpath $DESTDIR) ]]; then echo "Sorry, same origin and destination directory ($(realpath $DESTDIR))"; return 1 fi local R # In any case, don't stop the execution in case of error: if tar -C "$ORIGDIR" -cf - -- "$ORIGNAME" | tar -C "$DESTDIR" -xf -; then R=0; else R=$?; fi return $R } function binary_list { local i DIRS BINARY_LIST DIRS=$(for i in ${PATH//:/ }; do [[ -d $i ]] && echo $i; done) find $DIRS -perm -u=x ! -type d ! -name "*[.]so*" -exec basename {} \; | sort | tr '\n' ' ' } function make_shellshock_somewhere { # global SHELLSHOCK [[ -x $SHELLSHOCK ]] && return 0 # else continue: SHELLSHOCK=$(mktemp "/tmp/shellshock.XXXXXX.py") cat >$SHELLSHOCK <. # ============================================================= # GENERATING FILES # {machine,router}-*.conf # ============================================================= function rename_with_sum_and_make_image_dot_conf { # global FS_NAME (output) local $FS_LOC="$1" # Checking parameters and calling context: [[ -f "$FS_LOC" ]] || return 2 # This image-dependent function must be provided independently: type -p set_X11_SUPPORT_and_related_variables_according_to_choosed_packages || return 3 # The following global variables must be set: [[ -n $KERNEL_VERSION && -n $BINARY_LIST ]] || return 4 # The following template must be available: [[ -f ../../share/filesystems/machine-template.conf ]] || return 5 # --- # MD5SUM and other simple fields local MD5SUM=$(md5sum "$FS_LOC" | awk '{print $1}') local SUM=$(sum "$FS_LOC" | awk '{print $1}') local MTIME=$(stat -c "%Y" "$FS_LOC") local DATE=$(date +%Y-%m-%d) local AUTHOR=$(awk ghost or not # X11_SUPPORT and memory-related variables set_X11_SUPPORT_and_related_variables_according_to_choosed_packages [[ -n $X11_SUPPORT && -n $MEMORY_MIN_SIZE && -n $MEMORY_SUGGESTED_SIZE ]] || return 6 # FILLING TEMPLATE cp ../../share/filesystems/machine-template.conf $FS_LOC.conf # Using `sed' for simple replacements: sed -e "s/^MD5SUM=.*/MD5SUM=$MD5SUM/" \ -e "s/^SUM=.*/SUM=$SUM/" \ -e "s/^MTIME=.*/MTIME=$MTIME/" \ -e "s/^DATE=.*/DATE=$DATE/" \ -e "s/^AUTHOR=.*/AUTHOR=\"$AUTHOR\"/" \ -e "s/^X11_SUPPORT=.*/X11_SUPPORT=\"$X11_SUPPORT\"/" \ -e "s/^MEMORY_MIN_SIZE=.*/MEMORY_MIN_SIZE=$MEMORY_MIN_SIZE/" \ -e "s/^MEMORY_SUGGESTED_SIZE=.*/MEMORY_SUGGESTED_SIZE=$MEMORY_SUGGESTED_SIZE/" \ -i ${FS_LOC}.conf # Using `user_config_set' for replacements involving variables # bound to values with special characters (as '/') and/or multiple lines. user_config_set "BINARY_LIST" "=" "'$BINARY_LIST'" ${FS_LOC}.conf user_config_set "SUPPORTED_KERNELS" "=" "'$SUPPORTED_KERNELS'" ${FS_LOC}.conf || true # Rename the built filesystem and its .conf file simply adding the suffix $SUM: mv $FS_LOC ${FS_LOC}-${SUM} mv $FS_LOC.conf ${FS_LOC}-${SUM}.conf export FS_NAME=${FS_LOC}-${SUM} return 0 } # rename_with_sum_and_make_image_dot_conf # Automatically export previously defined functions: export -f $(awk '/^function/ {print $2}' ${BASH_SOURCE[0]}) marionnet-0.90.6+bzr508.orig/uml/kernel/0000755000175000017500000000000013175722671016657 5ustar lucaslucasmarionnet-0.90.6+bzr508.orig/uml/kernel/README0000644000175000017500000000507313175722671017544 0ustar lucaslucasThis directory contains patch files and .config files. .config files ------------- Each DOT-config-* file is specific to one certain kernel version -- the file name cleraly says which one. A DOT-config-* file should be renamed to .config and copied into the main directory of unpacked kernel sources. patch files ----------- We distribute patch files, hopefully applicable to several kernel versions, but named after a specific version we tested. History and current status --------------------------- Since unfortunately Jonathan Roudiere is no longer very active in the project, we (Luca Saiu and Jean-Vincent Loddo) have taken over maintenance. I (Luca Saiu) had the original idea and wrote the original ghostification kernel patch in 2007, against Linux 2.6.18; the idea of modifying the kernel in order to shield students from the frighteningly complex reality of X11 network communication started as a joke between me and Jean-Vincent; but then he encouraged me to actually do it, and of course I was happy to accept the challenge. When Jonathan joined the project (was it 2009 or 2010?) he ported my patch to more recent kernel versions, and in particular to the new internal network infrastructure. He also cleaned up the sources, correctly interfaced them to the Linux configuration system, rewrote from scratch the userland utilties (my version was just a hacked-up ifconfig), and generally made the code much more powerful. Jonathan released patches for Linux 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31 and 2.6.32. Now in 2011 those versions have become old, and more importantly are starting to become problematic to compile on new hosts; that's why I've taken Jonathan's last patch and ported it to the most recent stable kernel available as of this writing, Linux 3.0.8. Of course the code changes rapidly, and some changes were required: for example the filed named "u" in struct rtable, defined in include/net/route.h, has been removed some versions ago; we used to use "u" to access its field "dst", but now dst is directly referred by a new pointer field in struct rtable. Even without studying the kernel code in detail as Jonathan did I've fixed some problems such as this, and the result seems to work reliably. I have not cleaned up the code unless it was necessary for building: what I have done until this moment is just porting work. In the future we plan to drop support for old kernel versions, but for the time being we prefer to keep the older patches around, since the latest one hasn't been tested much yet. Have fun with ghostification. -- Luca Saiu, October 2011 marionnet-0.90.6+bzr508.orig/uml/kernel/linux-3.8.%.compile_with_ARCH_um_SUBARCH_i386.diff0000644000175000017500000000143013175722671027177 0ustar lucaslucas*** linux-3.2.13.original/arch/x86/um/Makefile 2012-03-19 17:03:17.000000000 +0100 --- linux-3.2.13.modified/arch/x86/um/Makefile 2013-04-30 18:09:48.000000000 +0200 *************** *** 19,25 **** obj-y += checksum_32.o obj-$(CONFIG_BINFMT_ELF) += elfcore.o ! subarch-y = ../lib/string_32.o ../lib/atomic64_32.o ../lib/atomic64_cx8_32.o subarch-$(CONFIG_RWSEM_XCHGADD_ALGORITHM) += ../lib/rwsem.o subarch-$(CONFIG_HIGHMEM) += ../mm/highmem_32.o --- 19,27 ---- obj-y += checksum_32.o obj-$(CONFIG_BINFMT_ELF) += elfcore.o ! subarch-y = ../lib/string_32.o ../lib/atomic64_32.o ../lib/atomic64_cx8_32.o \ ! ../lib/atomic64_386_32.o ../lib/cmpxchg8b_emu.o ! subarch-$(CONFIG_RWSEM_XCHGADD_ALGORITHM) += ../lib/rwsem.o subarch-$(CONFIG_HIGHMEM) += ../mm/highmem_32.o marionnet-0.90.6+bzr508.orig/uml/kernel/linux-3.7.%.compile_with_ARCH_um_SUBARCH_i386.diff0000644000175000017500000000143013175722671027176 0ustar lucaslucas*** linux-3.2.13.original/arch/x86/um/Makefile 2012-03-19 17:03:17.000000000 +0100 --- linux-3.2.13.modified/arch/x86/um/Makefile 2013-04-30 18:09:48.000000000 +0200 *************** *** 19,25 **** obj-y += checksum_32.o obj-$(CONFIG_BINFMT_ELF) += elfcore.o ! subarch-y = ../lib/string_32.o ../lib/atomic64_32.o ../lib/atomic64_cx8_32.o subarch-$(CONFIG_RWSEM_XCHGADD_ALGORITHM) += ../lib/rwsem.o subarch-$(CONFIG_HIGHMEM) += ../mm/highmem_32.o --- 19,27 ---- obj-y += checksum_32.o obj-$(CONFIG_BINFMT_ELF) += elfcore.o ! subarch-y = ../lib/string_32.o ../lib/atomic64_32.o ../lib/atomic64_cx8_32.o \ ! ../lib/atomic64_386_32.o ../lib/cmpxchg8b_emu.o ! subarch-$(CONFIG_RWSEM_XCHGADD_ALGORITHM) += ../lib/rwsem.o subarch-$(CONFIG_HIGHMEM) += ../mm/highmem_32.o marionnet-0.90.6+bzr508.orig/uml/kernel/linux-3.2.%.add_include_resource_h.diff0000644000175000017500000000070713175722671025747 0ustar lucaslucasdiff -ruN linux-3.2.48--original/arch/um/os-Linux/start_up.c linux-3.2.48/arch/um/os-Linux/start_up.c --- linux-3.2.48--original/arch/um/os-Linux/start_up.c 2013-06-29 05:06:45.000000000 +0200 +++ linux-3.2.48/arch/um/os-Linux/start_up.c 2013-07-01 11:37:13.000000000 +0200 @@ -13,6 +13,7 @@ #include #include #include +#include #include #include #include marionnet-0.90.6+bzr508.orig/uml/kernel/linux-3.6.%.compile_with_ARCH_um_SUBARCH_i386.diff0000644000175000017500000000143013175722671027175 0ustar lucaslucas*** linux-3.2.13.original/arch/x86/um/Makefile 2012-03-19 17:03:17.000000000 +0100 --- linux-3.2.13.modified/arch/x86/um/Makefile 2013-04-30 18:09:48.000000000 +0200 *************** *** 19,25 **** obj-y += checksum_32.o obj-$(CONFIG_BINFMT_ELF) += elfcore.o ! subarch-y = ../lib/string_32.o ../lib/atomic64_32.o ../lib/atomic64_cx8_32.o subarch-$(CONFIG_RWSEM_XCHGADD_ALGORITHM) += ../lib/rwsem.o subarch-$(CONFIG_HIGHMEM) += ../mm/highmem_32.o --- 19,27 ---- obj-y += checksum_32.o obj-$(CONFIG_BINFMT_ELF) += elfcore.o ! subarch-y = ../lib/string_32.o ../lib/atomic64_32.o ../lib/atomic64_cx8_32.o \ ! ../lib/atomic64_386_32.o ../lib/cmpxchg8b_emu.o ! subarch-$(CONFIG_RWSEM_XCHGADD_ALGORITHM) += ../lib/rwsem.o subarch-$(CONFIG_HIGHMEM) += ../mm/highmem_32.o marionnet-0.90.6+bzr508.orig/uml/kernel/CONFIG-3.2.640000644000175000017500000007440513175722671020311 0ustar lucaslucas# # Automatically generated file; DO NOT EDIT. # User Mode Linux/i386 3.2.64 Kernel Configuration # CONFIG_DEFCONFIG_LIST="arch/$ARCH/defconfig" CONFIG_UML=y CONFIG_MMU=y CONFIG_NO_IOMEM=y # CONFIG_TRACE_IRQFLAGS_SUPPORT is not set CONFIG_LOCKDEP_SUPPORT=y # CONFIG_STACKTRACE_SUPPORT is not set CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_CLOCKEVENTS=y CONFIG_IRQ_RELEASE_METHOD=y CONFIG_HZ=100 # # UML-specific options # # # Host processor type and features # # CONFIG_CMPXCHG_LOCAL is not set # CONFIG_CMPXCHG_DOUBLE is not set # CONFIG_M486 is not set # CONFIG_M586 is not set # CONFIG_M586TSC is not set CONFIG_M586MMX=y # CONFIG_M686 is not set # CONFIG_MPENTIUMII is not set # CONFIG_MPENTIUMIII is not set # CONFIG_MPENTIUMM is not set # CONFIG_MPENTIUM4 is not set # CONFIG_MK6 is not set # CONFIG_MK7 is not set # CONFIG_MK8 is not set # CONFIG_MCRUSOE is not set # CONFIG_MEFFICEON is not set # CONFIG_MWINCHIPC6 is not set # CONFIG_MWINCHIP3D is not set # CONFIG_MELAN is not set # CONFIG_MGEODEGX1 is not set # CONFIG_MGEODE_LX is not set # CONFIG_MCYRIXIII is not set # CONFIG_MVIAC3_2 is not set # CONFIG_MVIAC7 is not set # CONFIG_MCORE2 is not set # CONFIG_MATOM is not set CONFIG_X86_GENERIC=y CONFIG_X86_INTERNODE_CACHE_SHIFT=6 CONFIG_X86_CMPXCHG=y CONFIG_X86_L1_CACHE_SHIFT=6 CONFIG_X86_XADD=y CONFIG_X86_PPRO_FENCE=y CONFIG_X86_F00F_BUG=y CONFIG_X86_WP_WORKS_OK=y CONFIG_X86_INVLPG=y CONFIG_X86_BSWAP=y CONFIG_X86_POPAD_OK=y CONFIG_X86_ALIGNMENT_16=y CONFIG_X86_INTEL_USERCOPY=y CONFIG_X86_TSC=y CONFIG_X86_MINIMUM_CPU_FAMILY=4 CONFIG_CPU_SUP_INTEL=y CONFIG_CPU_SUP_CYRIX_32=y CONFIG_CPU_SUP_AMD=y CONFIG_CPU_SUP_CENTAUR=y CONFIG_CPU_SUP_TRANSMETA_32=y CONFIG_CPU_SUP_UMC_32=y CONFIG_UML_X86=y # CONFIG_64BIT is not set CONFIG_X86_32=y # CONFIG_X86_64 is not set # CONFIG_RWSEM_XCHGADD_ALGORITHM is not set CONFIG_RWSEM_GENERIC_SPINLOCK=y CONFIG_3_LEVEL_PGTABLES=y CONFIG_ARCH_HAS_SC_SIGNALS=y CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA=y CONFIG_GENERIC_HWEIGHT=y # CONFIG_STATIC_LINK is not set CONFIG_SELECT_MEMORY_MODEL=y CONFIG_FLATMEM_MANUAL=y CONFIG_FLATMEM=y CONFIG_FLAT_NODE_MEM_MAP=y CONFIG_PAGEFLAGS_EXTENDED=y CONFIG_SPLIT_PTLOCK_CPUS=4 # CONFIG_COMPACTION is not set # CONFIG_PHYS_ADDR_T_64BIT is not set CONFIG_ZONE_DMA_FLAG=0 CONFIG_VIRT_TO_BUS=y # CONFIG_KSM is not set CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 CONFIG_NEED_PER_CPU_KM=y # CONFIG_CLEANCACHE is not set CONFIG_TICK_ONESHOT=y CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y CONFIG_GENERIC_CLOCKEVENTS_BUILD=y CONFIG_LD_SCRIPT_DYN=y CONFIG_BINFMT_ELF=y CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y CONFIG_HAVE_AOUT=y # CONFIG_BINFMT_AOUT is not set CONFIG_BINFMT_MISC=y CONFIG_HOSTFS=y # CONFIG_HPPFS is not set CONFIG_MCONSOLE=y CONFIG_MAGIC_SYSRQ=y CONFIG_KERNEL_STACK_ORDER=2 # CONFIG_MMAPPER is not set CONFIG_NO_DMA=y # # General setup # CONFIG_EXPERIMENTAL=y CONFIG_BROKEN_ON_SMP=y CONFIG_INIT_ENV_ARG_LIMIT=128 CONFIG_CROSS_COMPILE="" CONFIG_LOCALVERSION="" CONFIG_LOCALVERSION_AUTO=y CONFIG_DEFAULT_HOSTNAME="(none)" CONFIG_SWAP=y CONFIG_SYSVIPC=y CONFIG_SYSVIPC_SYSCTL=y CONFIG_POSIX_MQUEUE=y CONFIG_POSIX_MQUEUE_SYSCTL=y CONFIG_BSD_PROCESS_ACCT=y # CONFIG_BSD_PROCESS_ACCT_V3 is not set # CONFIG_FHANDLE is not set # CONFIG_TASKSTATS is not set # CONFIG_AUDIT is not set CONFIG_HAVE_GENERIC_HARDIRQS=y # # IRQ subsystem # CONFIG_GENERIC_HARDIRQS=y CONFIG_GENERIC_IRQ_SHOW=y # # RCU Subsystem # CONFIG_TINY_RCU=y # CONFIG_PREEMPT_RCU is not set # CONFIG_RCU_TRACE is not set # CONFIG_TREE_RCU_TRACE is not set CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y CONFIG_LOG_BUF_SHIFT=14 CONFIG_CGROUPS=y # CONFIG_CGROUP_DEBUG is not set CONFIG_CGROUP_FREEZER=y CONFIG_CGROUP_DEVICE=y # CONFIG_CPUSETS is not set # CONFIG_CGROUP_CPUACCT is not set CONFIG_RESOURCE_COUNTERS=y # CONFIG_CGROUP_MEM_RES_CTLR is not set CONFIG_CGROUP_SCHED=y CONFIG_FAIR_GROUP_SCHED=y CONFIG_CFS_BANDWIDTH=y CONFIG_RT_GROUP_SCHED=y CONFIG_BLK_CGROUP=y # CONFIG_DEBUG_BLK_CGROUP is not set CONFIG_NAMESPACES=y CONFIG_UTS_NS=y CONFIG_IPC_NS=y CONFIG_USER_NS=y CONFIG_PID_NS=y CONFIG_NET_NS=y # CONFIG_SCHED_AUTOGROUP is not set CONFIG_SYSFS_DEPRECATED=y # CONFIG_SYSFS_DEPRECATED_V2 is not set CONFIG_RELAY=y CONFIG_BLK_DEV_INITRD=y CONFIG_INITRAMFS_SOURCE="" CONFIG_RD_GZIP=y CONFIG_RD_BZIP2=y CONFIG_RD_LZMA=y CONFIG_RD_XZ=y CONFIG_RD_LZO=y CONFIG_CC_OPTIMIZE_FOR_SIZE=y CONFIG_SYSCTL=y CONFIG_ANON_INODES=y # CONFIG_EXPERT is not set CONFIG_UID16=y # CONFIG_SYSCTL_SYSCALL is not set CONFIG_KALLSYMS=y # CONFIG_KALLSYMS_ALL is not set CONFIG_HOTPLUG=y CONFIG_PRINTK=y CONFIG_BUG=y CONFIG_ELF_CORE=y CONFIG_BASE_FULL=y CONFIG_FUTEX=y CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_SHMEM=y CONFIG_AIO=y # CONFIG_EMBEDDED is not set # # Kernel Performance Events And Counters # CONFIG_VM_EVENT_COUNTERS=y CONFIG_COMPAT_BRK=y CONFIG_SLAB=y # CONFIG_SLUB is not set # CONFIG_PROFILING is not set # # GCOV-based kernel profiling # # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set CONFIG_SLABINFO=y CONFIG_RT_MUTEXES=y CONFIG_BASE_SMALL=0 CONFIG_MODULES=y # CONFIG_MODULE_FORCE_LOAD is not set CONFIG_MODULE_UNLOAD=y # CONFIG_MODULE_FORCE_UNLOAD is not set # CONFIG_MODVERSIONS is not set # CONFIG_MODULE_SRCVERSION_ALL is not set CONFIG_BLOCK=y CONFIG_LBDAF=y CONFIG_BLK_DEV_BSG=y # CONFIG_BLK_DEV_BSGLIB is not set # CONFIG_BLK_DEV_INTEGRITY is not set # CONFIG_BLK_DEV_THROTTLING is not set # # IO Schedulers # CONFIG_IOSCHED_NOOP=y CONFIG_IOSCHED_DEADLINE=y CONFIG_IOSCHED_CFQ=y # CONFIG_CFQ_GROUP_IOSCHED is not set # CONFIG_DEFAULT_DEADLINE is not set CONFIG_DEFAULT_CFQ=y # CONFIG_DEFAULT_NOOP is not set CONFIG_DEFAULT_IOSCHED="cfq" # CONFIG_INLINE_SPIN_TRYLOCK is not set # CONFIG_INLINE_SPIN_TRYLOCK_BH is not set # CONFIG_INLINE_SPIN_LOCK is not set # CONFIG_INLINE_SPIN_LOCK_BH is not set # CONFIG_INLINE_SPIN_LOCK_IRQ is not set # CONFIG_INLINE_SPIN_LOCK_IRQSAVE is not set CONFIG_INLINE_SPIN_UNLOCK=y # CONFIG_INLINE_SPIN_UNLOCK_BH is not set CONFIG_INLINE_SPIN_UNLOCK_IRQ=y # CONFIG_INLINE_SPIN_UNLOCK_IRQRESTORE is not set # CONFIG_INLINE_READ_TRYLOCK is not set # CONFIG_INLINE_READ_LOCK is not set # CONFIG_INLINE_READ_LOCK_BH is not set # CONFIG_INLINE_READ_LOCK_IRQ is not set # CONFIG_INLINE_READ_LOCK_IRQSAVE is not set CONFIG_INLINE_READ_UNLOCK=y # CONFIG_INLINE_READ_UNLOCK_BH is not set CONFIG_INLINE_READ_UNLOCK_IRQ=y # CONFIG_INLINE_READ_UNLOCK_IRQRESTORE is not set # CONFIG_INLINE_WRITE_TRYLOCK is not set # CONFIG_INLINE_WRITE_LOCK is not set # CONFIG_INLINE_WRITE_LOCK_BH is not set # CONFIG_INLINE_WRITE_LOCK_IRQ is not set # CONFIG_INLINE_WRITE_LOCK_IRQSAVE is not set CONFIG_INLINE_WRITE_UNLOCK=y # CONFIG_INLINE_WRITE_UNLOCK_BH is not set CONFIG_INLINE_WRITE_UNLOCK_IRQ=y # CONFIG_INLINE_WRITE_UNLOCK_IRQRESTORE is not set CONFIG_FREEZER=y # # UML Character Devices # CONFIG_STDERR_CONSOLE=y CONFIG_STDIO_CONSOLE=y CONFIG_SSL=y CONFIG_NULL_CHAN=y CONFIG_PORT_CHAN=y CONFIG_PTY_CHAN=y CONFIG_TTY_CHAN=y CONFIG_XTERM_CHAN=y # CONFIG_NOCONFIG_CHAN is not set CONFIG_CON_ZERO_CHAN="fd:0,fd:1" CONFIG_CON_CHAN="xterm" CONFIG_SSL_CHAN="pty" CONFIG_UML_SOUND=y CONFIG_SOUND=y CONFIG_SOUND_OSS_CORE=y CONFIG_HOSTAUDIO=y # # Device Drivers # # # Generic Driver Options # CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" CONFIG_DEVTMPFS=y # CONFIG_DEVTMPFS_MOUNT is not set CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y CONFIG_FW_LOADER=y CONFIG_FIRMWARE_IN_KERNEL=y CONFIG_EXTRA_FIRMWARE="" # CONFIG_DEBUG_DRIVER is not set # CONFIG_DEBUG_DEVRES is not set # CONFIG_SYS_HYPERVISOR is not set CONFIG_CONNECTOR=y CONFIG_PROC_EVENTS=y CONFIG_BLK_DEV=y CONFIG_BLK_DEV_UBD=y CONFIG_BLK_DEV_UBD_SYNC=y CONFIG_BLK_DEV_COW_COMMON=y CONFIG_BLK_DEV_LOOP=y CONFIG_BLK_DEV_LOOP_MIN_COUNT=8 CONFIG_BLK_DEV_CRYPTOLOOP=y # CONFIG_BLK_DEV_DRBD is not set CONFIG_BLK_DEV_NBD=y CONFIG_BLK_DEV_RAM=y CONFIG_BLK_DEV_RAM_COUNT=16 CONFIG_BLK_DEV_RAM_SIZE=4096 # CONFIG_BLK_DEV_XIP is not set CONFIG_ATA_OVER_ETH=y # CONFIG_BLK_DEV_RBD is not set # CONFIG_MISC_DEVICES is not set # # SCSI device support # CONFIG_SCSI_MOD=y # CONFIG_RAID_ATTRS is not set # CONFIG_SCSI is not set # CONFIG_SCSI_DMA is not set # CONFIG_SCSI_NETLINK is not set # CONFIG_MD is not set CONFIG_NETDEVICES=y CONFIG_NET_CORE=y CONFIG_BONDING=y CONFIG_DUMMY=y # CONFIG_EQUALIZER is not set # CONFIG_MII is not set # CONFIG_MACVLAN is not set # CONFIG_NETCONSOLE is not set # CONFIG_NETPOLL is not set # CONFIG_NET_POLL_CONTROLLER is not set CONFIG_TUN=y # CONFIG_VETH is not set # # CAIF transport drivers # CONFIG_ETHERNET=y CONFIG_NET_VENDOR_CHELSIO=y CONFIG_NET_VENDOR_INTEL=y CONFIG_NET_VENDOR_I825XX=y CONFIG_NET_VENDOR_MARVELL=y CONFIG_NET_VENDOR_NATSEMI=y CONFIG_NET_VENDOR_8390=y # CONFIG_PHYLIB is not set CONFIG_PPP=y CONFIG_PPP_BSDCOMP=y CONFIG_PPP_DEFLATE=y CONFIG_PPP_FILTER=y CONFIG_PPP_MPPE=y CONFIG_PPP_MULTILINK=y CONFIG_PPPOE=y CONFIG_PPP_ASYNC=y CONFIG_PPP_SYNC_TTY=y CONFIG_SLIP=y CONFIG_SLHC=y CONFIG_SLIP_COMPRESSED=y CONFIG_SLIP_SMART=y CONFIG_SLIP_MODE_SLIP6=y CONFIG_WLAN=y # CONFIG_HOSTAP is not set # # Enable WiMAX (Networking options) to see the WiMAX drivers # # CONFIG_WAN is not set # # Character devices # CONFIG_UNIX98_PTYS=y # CONFIG_DEVPTS_MULTIPLE_INSTANCES is not set CONFIG_LEGACY_PTYS=y CONFIG_LEGACY_PTY_COUNT=32 # CONFIG_N_GSM is not set # CONFIG_TRACE_SINK is not set CONFIG_DEVKMEM=y CONFIG_HW_RANDOM=y CONFIG_UML_RANDOM=y # CONFIG_R3964 is not set # CONFIG_NSC_GPIO is not set # CONFIG_RAW_DRIVER is not set # # PPS support # # CONFIG_PPS is not set # # PPS generators support # # # PTP clock support # # # Enable Device Drivers -> PPS to see the PTP clock options. # # CONFIG_POWER_SUPPLY is not set # CONFIG_THERMAL is not set # CONFIG_WATCHDOG is not set # CONFIG_REGULATOR is not set CONFIG_SOUND_OSS_CORE_PRECLAIM=y # CONFIG_MEMSTICK is not set # CONFIG_NEW_LEDS is not set # CONFIG_ACCESSIBILITY is not set # CONFIG_AUXDISPLAY is not set # CONFIG_UIO is not set # # Virtio drivers # # CONFIG_VIRTIO_BALLOON is not set # CONFIG_STAGING is not set # # Hardware Spinlock drivers # CONFIG_IOMMU_SUPPORT=y # CONFIG_VIRT_DRIVERS is not set # CONFIG_PM_DEVFREQ is not set CONFIG_NET=y # # Networking options # CONFIG_PACKET=y CONFIG_UNIX=y CONFIG_XFRM=y CONFIG_XFRM_USER=y # CONFIG_XFRM_SUB_POLICY is not set # CONFIG_XFRM_MIGRATE is not set # CONFIG_XFRM_STATISTICS is not set CONFIG_XFRM_IPCOMP=y CONFIG_NET_KEY=y # CONFIG_NET_KEY_MIGRATE is not set CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y # CONFIG_IP_FIB_TRIE_STATS is not set CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_VERBOSE=y CONFIG_IP_ROUTE_CLASSID=y CONFIG_IP_PNP=y CONFIG_IP_PNP_DHCP=y CONFIG_IP_PNP_BOOTP=y CONFIG_IP_PNP_RARP=y CONFIG_NET_IPIP=y # CONFIG_NET_IPGRE_DEMUX is not set CONFIG_IP_MROUTE=y # CONFIG_IP_MROUTE_MULTIPLE_TABLES is not set CONFIG_IP_PIMSM_V1=y # CONFIG_IP_PIMSM_V2 is not set CONFIG_ARPD=y # CONFIG_SYN_COOKIES is not set CONFIG_INET_AH=y CONFIG_INET_ESP=y CONFIG_INET_IPCOMP=y CONFIG_INET_XFRM_TUNNEL=y CONFIG_INET_TUNNEL=y CONFIG_INET_XFRM_MODE_TRANSPORT=y CONFIG_INET_XFRM_MODE_TUNNEL=y CONFIG_INET_XFRM_MODE_BEET=y CONFIG_INET_LRO=y CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y CONFIG_TCP_CONG_ADVANCED=y CONFIG_TCP_CONG_BIC=y CONFIG_TCP_CONG_CUBIC=y CONFIG_TCP_CONG_WESTWOOD=y CONFIG_TCP_CONG_HTCP=y CONFIG_TCP_CONG_HSTCP=y CONFIG_TCP_CONG_HYBLA=y CONFIG_TCP_CONG_VEGAS=y CONFIG_TCP_CONG_SCALABLE=y CONFIG_TCP_CONG_LP=y CONFIG_TCP_CONG_VENO=y # CONFIG_TCP_CONG_YEAH is not set # CONFIG_TCP_CONG_ILLINOIS is not set # CONFIG_DEFAULT_BIC is not set CONFIG_DEFAULT_CUBIC=y # CONFIG_DEFAULT_HTCP is not set # CONFIG_DEFAULT_HYBLA is not set # CONFIG_DEFAULT_VEGAS is not set # CONFIG_DEFAULT_VENO is not set # CONFIG_DEFAULT_WESTWOOD is not set # CONFIG_DEFAULT_RENO is not set CONFIG_DEFAULT_TCP_CONG="cubic" # CONFIG_TCP_MD5SIG is not set CONFIG_IPV6=y CONFIG_IPV6_PRIVACY=y CONFIG_IPV6_ROUTER_PREF=y # CONFIG_IPV6_ROUTE_INFO is not set # CONFIG_IPV6_OPTIMISTIC_DAD is not set CONFIG_INET6_AH=y CONFIG_INET6_ESP=y CONFIG_INET6_IPCOMP=y # CONFIG_IPV6_MIP6 is not set CONFIG_INET6_XFRM_TUNNEL=y CONFIG_INET6_TUNNEL=y CONFIG_INET6_XFRM_MODE_TRANSPORT=y CONFIG_INET6_XFRM_MODE_TUNNEL=y CONFIG_INET6_XFRM_MODE_BEET=y # CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set CONFIG_IPV6_SIT=y # CONFIG_IPV6_SIT_6RD is not set CONFIG_IPV6_NDISC_NODETYPE=y CONFIG_IPV6_TUNNEL=y # CONFIG_IPV6_MULTIPLE_TABLES is not set # CONFIG_IPV6_MROUTE is not set # CONFIG_NETWORK_SECMARK is not set # CONFIG_NETWORK_PHY_TIMESTAMPING is not set CONFIG_NETFILTER=y # CONFIG_NETFILTER_DEBUG is not set CONFIG_NETFILTER_ADVANCED=y CONFIG_BRIDGE_NETFILTER=y # # Core Netfilter Configuration # CONFIG_NETFILTER_NETLINK=y CONFIG_NETFILTER_NETLINK_QUEUE=y CONFIG_NETFILTER_NETLINK_LOG=y CONFIG_NF_CONNTRACK=y CONFIG_NF_CONNTRACK_MARK=y CONFIG_NF_CONNTRACK_ZONES=y CONFIG_NF_CONNTRACK_EVENTS=y CONFIG_NF_CONNTRACK_TIMESTAMP=y CONFIG_NF_CT_PROTO_DCCP=y CONFIG_NF_CT_PROTO_GRE=y CONFIG_NF_CT_PROTO_SCTP=y CONFIG_NF_CT_PROTO_UDPLITE=y CONFIG_NF_CONNTRACK_AMANDA=y CONFIG_NF_CONNTRACK_FTP=y CONFIG_NF_CONNTRACK_H323=y CONFIG_NF_CONNTRACK_IRC=y CONFIG_NF_CONNTRACK_BROADCAST=y CONFIG_NF_CONNTRACK_NETBIOS_NS=y CONFIG_NF_CONNTRACK_SNMP=y CONFIG_NF_CONNTRACK_PPTP=y CONFIG_NF_CONNTRACK_SANE=y CONFIG_NF_CONNTRACK_SIP=y CONFIG_NF_CONNTRACK_TFTP=y CONFIG_NF_CT_NETLINK=y CONFIG_NETFILTER_TPROXY=y CONFIG_NETFILTER_XTABLES=y # # Xtables combined modules # CONFIG_NETFILTER_XT_MARK=y CONFIG_NETFILTER_XT_CONNMARK=y CONFIG_NETFILTER_XT_SET=y # # Xtables targets # # CONFIG_NETFILTER_XT_TARGET_CHECKSUM is not set CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y CONFIG_NETFILTER_XT_TARGET_CONNMARK=y CONFIG_NETFILTER_XT_TARGET_CT=y CONFIG_NETFILTER_XT_TARGET_DSCP=y CONFIG_NETFILTER_XT_TARGET_HL=y CONFIG_NETFILTER_XT_TARGET_IDLETIMER=y CONFIG_NETFILTER_XT_TARGET_MARK=y CONFIG_NETFILTER_XT_TARGET_NFLOG=y CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y CONFIG_NETFILTER_XT_TARGET_NOTRACK=y CONFIG_NETFILTER_XT_TARGET_RATEEST=y CONFIG_NETFILTER_XT_TARGET_TEE=y # CONFIG_NETFILTER_XT_TARGET_TPROXY is not set CONFIG_NETFILTER_XT_TARGET_TRACE=y CONFIG_NETFILTER_XT_TARGET_TCPMSS=y CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=y # # Xtables matches # CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=y CONFIG_NETFILTER_XT_MATCH_CLUSTER=y CONFIG_NETFILTER_XT_MATCH_COMMENT=y CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y CONFIG_NETFILTER_XT_MATCH_CONNMARK=y CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y CONFIG_NETFILTER_XT_MATCH_CPU=y CONFIG_NETFILTER_XT_MATCH_DCCP=y CONFIG_NETFILTER_XT_MATCH_DEVGROUP=y CONFIG_NETFILTER_XT_MATCH_DSCP=y CONFIG_NETFILTER_XT_MATCH_ESP=y CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y CONFIG_NETFILTER_XT_MATCH_HELPER=y CONFIG_NETFILTER_XT_MATCH_HL=y CONFIG_NETFILTER_XT_MATCH_IPRANGE=y CONFIG_NETFILTER_XT_MATCH_IPVS=y CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y CONFIG_NETFILTER_XT_MATCH_MAC=y CONFIG_NETFILTER_XT_MATCH_MARK=y CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y # CONFIG_NETFILTER_XT_MATCH_OSF is not set CONFIG_NETFILTER_XT_MATCH_OWNER=y CONFIG_NETFILTER_XT_MATCH_POLICY=y CONFIG_NETFILTER_XT_MATCH_PHYSDEV=y CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y CONFIG_NETFILTER_XT_MATCH_QUOTA=y CONFIG_NETFILTER_XT_MATCH_RATEEST=y CONFIG_NETFILTER_XT_MATCH_REALM=y CONFIG_NETFILTER_XT_MATCH_RECENT=y CONFIG_NETFILTER_XT_MATCH_SCTP=y CONFIG_NETFILTER_XT_MATCH_SOCKET=y CONFIG_NETFILTER_XT_MATCH_STATE=y CONFIG_NETFILTER_XT_MATCH_STATISTIC=y CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y CONFIG_NETFILTER_XT_MATCH_TIME=y CONFIG_NETFILTER_XT_MATCH_U32=y CONFIG_IP_SET=y CONFIG_IP_SET_MAX=256 # CONFIG_IP_SET_BITMAP_IP is not set # CONFIG_IP_SET_BITMAP_IPMAC is not set # CONFIG_IP_SET_BITMAP_PORT is not set # CONFIG_IP_SET_HASH_IP is not set # CONFIG_IP_SET_HASH_IPPORT is not set # CONFIG_IP_SET_HASH_IPPORTIP is not set # CONFIG_IP_SET_HASH_IPPORTNET is not set # CONFIG_IP_SET_HASH_NET is not set # CONFIG_IP_SET_HASH_NETPORT is not set # CONFIG_IP_SET_HASH_NETIFACE is not set # CONFIG_IP_SET_LIST_SET is not set CONFIG_IP_VS=y # CONFIG_IP_VS_IPV6 is not set # CONFIG_IP_VS_DEBUG is not set CONFIG_IP_VS_TAB_BITS=12 # # IPVS transport protocol load balancing support # # CONFIG_IP_VS_PROTO_TCP is not set # CONFIG_IP_VS_PROTO_UDP is not set # CONFIG_IP_VS_PROTO_AH_ESP is not set # CONFIG_IP_VS_PROTO_ESP is not set # CONFIG_IP_VS_PROTO_AH is not set # CONFIG_IP_VS_PROTO_SCTP is not set # # IPVS scheduler # # CONFIG_IP_VS_RR is not set # CONFIG_IP_VS_WRR is not set # CONFIG_IP_VS_LC is not set # CONFIG_IP_VS_WLC is not set # CONFIG_IP_VS_LBLC is not set # CONFIG_IP_VS_LBLCR is not set # CONFIG_IP_VS_DH is not set # CONFIG_IP_VS_SH is not set # CONFIG_IP_VS_SED is not set # CONFIG_IP_VS_NQ is not set # # IPVS application helper # # CONFIG_IP_VS_NFCT is not set # # IP: Netfilter Configuration # CONFIG_NF_DEFRAG_IPV4=y CONFIG_NF_CONNTRACK_IPV4=y CONFIG_NF_CONNTRACK_PROC_COMPAT=y CONFIG_IP_NF_QUEUE=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_AH=y CONFIG_IP_NF_MATCH_ECN=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_TARGET_LOG=y CONFIG_IP_NF_TARGET_ULOG=y CONFIG_NF_NAT=y CONFIG_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=y CONFIG_IP_NF_TARGET_NETMAP=y CONFIG_IP_NF_TARGET_REDIRECT=y CONFIG_NF_NAT_SNMP_BASIC=y CONFIG_NF_NAT_PROTO_DCCP=y CONFIG_NF_NAT_PROTO_GRE=y CONFIG_NF_NAT_PROTO_UDPLITE=y CONFIG_NF_NAT_PROTO_SCTP=y CONFIG_NF_NAT_FTP=y CONFIG_NF_NAT_IRC=y CONFIG_NF_NAT_TFTP=y CONFIG_NF_NAT_AMANDA=y CONFIG_NF_NAT_PPTP=y CONFIG_NF_NAT_H323=y CONFIG_NF_NAT_SIP=y CONFIG_IP_NF_MANGLE=y # CONFIG_IP_NF_TARGET_CLUSTERIP is not set CONFIG_IP_NF_TARGET_ECN=y CONFIG_IP_NF_TARGET_TTL=y CONFIG_IP_NF_RAW=y CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_ARPFILTER=y CONFIG_IP_NF_ARP_MANGLE=y # # IPv6: Netfilter Configuration # CONFIG_NF_DEFRAG_IPV6=y CONFIG_NF_CONNTRACK_IPV6=y # CONFIG_IP6_NF_QUEUE is not set CONFIG_IP6_NF_IPTABLES=y CONFIG_IP6_NF_MATCH_AH=y CONFIG_IP6_NF_MATCH_EUI64=y CONFIG_IP6_NF_MATCH_FRAG=y CONFIG_IP6_NF_MATCH_OPTS=y CONFIG_IP6_NF_MATCH_HL=y CONFIG_IP6_NF_MATCH_IPV6HEADER=y # CONFIG_IP6_NF_MATCH_MH is not set CONFIG_IP6_NF_MATCH_RT=y CONFIG_IP6_NF_TARGET_HL=y CONFIG_IP6_NF_TARGET_LOG=y CONFIG_IP6_NF_FILTER=y CONFIG_IP6_NF_TARGET_REJECT=y CONFIG_IP6_NF_MANGLE=y CONFIG_IP6_NF_RAW=y CONFIG_BRIDGE_NF_EBTABLES=y CONFIG_BRIDGE_EBT_BROUTE=y CONFIG_BRIDGE_EBT_T_FILTER=y CONFIG_BRIDGE_EBT_T_NAT=y CONFIG_BRIDGE_EBT_802_3=y CONFIG_BRIDGE_EBT_AMONG=y CONFIG_BRIDGE_EBT_ARP=y CONFIG_BRIDGE_EBT_IP=y # CONFIG_BRIDGE_EBT_IP6 is not set CONFIG_BRIDGE_EBT_LIMIT=y CONFIG_BRIDGE_EBT_MARK=y CONFIG_BRIDGE_EBT_PKTTYPE=y CONFIG_BRIDGE_EBT_STP=y CONFIG_BRIDGE_EBT_VLAN=y CONFIG_BRIDGE_EBT_ARPREPLY=y CONFIG_BRIDGE_EBT_DNAT=y CONFIG_BRIDGE_EBT_MARK_T=y CONFIG_BRIDGE_EBT_REDIRECT=y CONFIG_BRIDGE_EBT_SNAT=y CONFIG_BRIDGE_EBT_LOG=y CONFIG_BRIDGE_EBT_ULOG=y # CONFIG_BRIDGE_EBT_NFLOG is not set CONFIG_GHOSTIFICATION_NETFILTER=y CONFIG_GHOSTIFICATION_NETFILTER_ALL=y # CONFIG_IP_DCCP is not set CONFIG_IP_SCTP=y # CONFIG_SCTP_DBG_MSG is not set # CONFIG_SCTP_DBG_OBJCNT is not set # CONFIG_SCTP_HMAC_NONE is not set # CONFIG_SCTP_HMAC_SHA1 is not set CONFIG_SCTP_HMAC_MD5=y # CONFIG_RDS is not set # CONFIG_TIPC is not set # CONFIG_ATM is not set # CONFIG_L2TP is not set CONFIG_STP=y CONFIG_BRIDGE=y CONFIG_BRIDGE_IGMP_SNOOPING=y # CONFIG_NET_DSA is not set CONFIG_VLAN_8021Q=y # CONFIG_VLAN_8021Q_GVRP is not set # CONFIG_DECNET is not set CONFIG_LLC=y # CONFIG_LLC2 is not set # CONFIG_IPX is not set # CONFIG_ATALK is not set # CONFIG_X25 is not set # CONFIG_LAPB is not set # CONFIG_ECONET is not set # CONFIG_WAN_ROUTER is not set # CONFIG_PHONET is not set # CONFIG_IEEE802154 is not set # CONFIG_NET_SCHED is not set # CONFIG_DCB is not set # CONFIG_BATMAN_ADV is not set # # Network testing # # CONFIG_NET_PKTGEN is not set # CONFIG_HAMRADIO is not set # CONFIG_CAN is not set # CONFIG_IRDA is not set # CONFIG_BT is not set # CONFIG_AF_RXRPC is not set CONFIG_FIB_RULES=y CONFIG_WIRELESS=y # CONFIG_CFG80211 is not set # CONFIG_LIB80211 is not set # # CFG80211 needs to be enabled for MAC80211 # # CONFIG_WIMAX is not set # CONFIG_RFKILL is not set # CONFIG_NET_9P is not set # CONFIG_CAIF is not set # CONFIG_CEPH_LIB is not set # CONFIG_NFC is not set CONFIG_GHOSTIFICATION=y CONFIG_GHOSTIFICATION_NUM=8 CONFIG_GHOSTIFICATION_MESG=y CONFIG_GHOSTIFICATION_PRINTK=y # CONFIG_GHOSTIFICATION_DEBUG is not set # CONFIG_GHOSTIFICATION_DEVEL is not set # # UML Network Devices # CONFIG_UML_NET=y CONFIG_UML_NET_ETHERTAP=y CONFIG_UML_NET_TUNTAP=y CONFIG_UML_NET_SLIP=y CONFIG_UML_NET_DAEMON=y # CONFIG_UML_NET_VDE is not set CONFIG_UML_NET_MCAST=y # CONFIG_UML_NET_PCAP is not set CONFIG_UML_NET_SLIRP=y # # File systems # CONFIG_EXT2_FS=y CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_POSIX_ACL=y # CONFIG_EXT2_FS_SECURITY is not set CONFIG_EXT2_FS_XIP=y CONFIG_EXT3_FS=y CONFIG_EXT3_DEFAULTS_TO_ORDERED=y CONFIG_EXT3_FS_XATTR=y CONFIG_EXT3_FS_POSIX_ACL=y # CONFIG_EXT3_FS_SECURITY is not set # CONFIG_EXT4_FS is not set CONFIG_FS_XIP=y CONFIG_JBD=y CONFIG_JBD2=y CONFIG_FS_MBCACHE=y CONFIG_REISERFS_FS=y # CONFIG_REISERFS_CHECK is not set CONFIG_REISERFS_PROC_INFO=y CONFIG_REISERFS_FS_XATTR=y CONFIG_REISERFS_FS_POSIX_ACL=y # CONFIG_REISERFS_FS_SECURITY is not set CONFIG_JFS_FS=y CONFIG_JFS_POSIX_ACL=y # CONFIG_JFS_SECURITY is not set # CONFIG_JFS_DEBUG is not set CONFIG_JFS_STATISTICS=y CONFIG_XFS_FS=y # CONFIG_XFS_QUOTA is not set CONFIG_XFS_POSIX_ACL=y CONFIG_XFS_RT=y # CONFIG_XFS_DEBUG is not set # CONFIG_GFS2_FS is not set CONFIG_OCFS2_FS=y CONFIG_OCFS2_FS_O2CB=y CONFIG_OCFS2_DEBUG_MASKLOG=y # CONFIG_OCFS2_DEBUG_FS is not set # CONFIG_BTRFS_FS is not set # CONFIG_NILFS2_FS is not set CONFIG_FS_POSIX_ACL=y CONFIG_EXPORTFS=y CONFIG_FILE_LOCKING=y CONFIG_FSNOTIFY=y CONFIG_DNOTIFY=y CONFIG_INOTIFY_USER=y # CONFIG_FANOTIFY is not set CONFIG_QUOTA=y # CONFIG_QUOTA_NETLINK_INTERFACE is not set CONFIG_PRINT_QUOTA_WARNING=y # CONFIG_QUOTA_DEBUG is not set CONFIG_QUOTA_TREE=y # CONFIG_QFMT_V1 is not set # CONFIG_QFMT_V2 is not set CONFIG_QUOTACTL=y CONFIG_AUTOFS4_FS=y # CONFIG_FUSE_FS is not set # # Caches # # CONFIG_FSCACHE is not set # # CD-ROM/DVD Filesystems # CONFIG_ISO9660_FS=y CONFIG_JOLIET=y CONFIG_ZISOFS=y CONFIG_UDF_FS=y CONFIG_UDF_NLS=y # # DOS/FAT/NT Filesystems # CONFIG_FAT_FS=y CONFIG_MSDOS_FS=y CONFIG_VFAT_FS=y CONFIG_FAT_DEFAULT_CODEPAGE=437 CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1" CONFIG_NTFS_FS=y # CONFIG_NTFS_DEBUG is not set CONFIG_NTFS_RW=y # # Pseudo filesystems # CONFIG_PROC_FS=y CONFIG_PROC_KCORE=y CONFIG_PROC_SYSCTL=y CONFIG_PROC_PAGE_MONITOR=y CONFIG_SYSFS=y CONFIG_TMPFS=y # CONFIG_TMPFS_POSIX_ACL is not set # CONFIG_TMPFS_XATTR is not set # CONFIG_HUGETLB_PAGE is not set CONFIG_CONFIGFS_FS=y CONFIG_MISC_FILESYSTEMS=y # CONFIG_ADFS_FS is not set # CONFIG_AFFS_FS is not set # CONFIG_HFS_FS is not set # CONFIG_HFSPLUS_FS is not set # CONFIG_BEFS_FS is not set # CONFIG_BFS_FS is not set # CONFIG_EFS_FS is not set # CONFIG_LOGFS is not set CONFIG_CRAMFS=y # CONFIG_SQUASHFS is not set # CONFIG_VXFS_FS is not set CONFIG_MINIX_FS=y # CONFIG_OMFS_FS is not set # CONFIG_HPFS_FS is not set # CONFIG_QNX4FS_FS is not set CONFIG_ROMFS_FS=y CONFIG_ROMFS_BACKED_BY_BLOCK=y CONFIG_ROMFS_ON_BLOCK=y # CONFIG_PSTORE is not set # CONFIG_SYSV_FS is not set # CONFIG_UFS_FS is not set CONFIG_NETWORK_FILESYSTEMS=y CONFIG_NFS_FS=y CONFIG_NFS_V3=y # CONFIG_NFS_V3_ACL is not set # CONFIG_NFS_V4 is not set # CONFIG_ROOT_NFS is not set CONFIG_NFSD=y CONFIG_NFSD_V2_ACL=y CONFIG_NFSD_V3=y CONFIG_NFSD_V3_ACL=y # CONFIG_NFSD_V4 is not set CONFIG_LOCKD=y CONFIG_LOCKD_V4=y CONFIG_NFS_ACL_SUPPORT=y CONFIG_NFS_COMMON=y CONFIG_SUNRPC=y # CONFIG_CEPH_FS is not set CONFIG_CIFS=y CONFIG_CIFS_STATS=y CONFIG_CIFS_STATS2=y # CONFIG_CIFS_WEAK_PW_HASH is not set # CONFIG_CIFS_XATTR is not set # CONFIG_CIFS_DEBUG2 is not set # CONFIG_NCP_FS is not set # CONFIG_CODA_FS is not set # CONFIG_AFS_FS is not set # # Partition Types # CONFIG_PARTITION_ADVANCED=y # CONFIG_ACORN_PARTITION is not set # CONFIG_OSF_PARTITION is not set # CONFIG_AMIGA_PARTITION is not set # CONFIG_ATARI_PARTITION is not set # CONFIG_MAC_PARTITION is not set CONFIG_MSDOS_PARTITION=y CONFIG_BSD_DISKLABEL=y # CONFIG_MINIX_SUBPARTITION is not set # CONFIG_SOLARIS_X86_PARTITION is not set # CONFIG_UNIXWARE_DISKLABEL is not set CONFIG_LDM_PARTITION=y CONFIG_LDM_DEBUG=y # CONFIG_SGI_PARTITION is not set # CONFIG_ULTRIX_PARTITION is not set # CONFIG_SUN_PARTITION is not set # CONFIG_KARMA_PARTITION is not set # CONFIG_EFI_PARTITION is not set # CONFIG_SYSV68_PARTITION is not set CONFIG_NLS=y CONFIG_NLS_DEFAULT="iso8859-1" CONFIG_NLS_CODEPAGE_437=y # CONFIG_NLS_CODEPAGE_737 is not set # CONFIG_NLS_CODEPAGE_775 is not set CONFIG_NLS_CODEPAGE_850=y # CONFIG_NLS_CODEPAGE_852 is not set # CONFIG_NLS_CODEPAGE_855 is not set # CONFIG_NLS_CODEPAGE_857 is not set # CONFIG_NLS_CODEPAGE_860 is not set # CONFIG_NLS_CODEPAGE_861 is not set # CONFIG_NLS_CODEPAGE_862 is not set # CONFIG_NLS_CODEPAGE_863 is not set # CONFIG_NLS_CODEPAGE_864 is not set # CONFIG_NLS_CODEPAGE_865 is not set # CONFIG_NLS_CODEPAGE_866 is not set # CONFIG_NLS_CODEPAGE_869 is not set CONFIG_NLS_CODEPAGE_936=y CONFIG_NLS_CODEPAGE_950=y # CONFIG_NLS_CODEPAGE_932 is not set # CONFIG_NLS_CODEPAGE_949 is not set # CONFIG_NLS_CODEPAGE_874 is not set # CONFIG_NLS_ISO8859_8 is not set # CONFIG_NLS_CODEPAGE_1250 is not set # CONFIG_NLS_CODEPAGE_1251 is not set # CONFIG_NLS_ASCII is not set CONFIG_NLS_ISO8859_1=y # CONFIG_NLS_ISO8859_2 is not set # CONFIG_NLS_ISO8859_3 is not set # CONFIG_NLS_ISO8859_4 is not set # CONFIG_NLS_ISO8859_5 is not set CONFIG_NLS_ISO8859_6=y # CONFIG_NLS_ISO8859_7 is not set CONFIG_NLS_ISO8859_9=y # CONFIG_NLS_ISO8859_13 is not set # CONFIG_NLS_ISO8859_14 is not set # CONFIG_NLS_ISO8859_15 is not set # CONFIG_NLS_KOI8_R is not set # CONFIG_NLS_KOI8_U is not set CONFIG_NLS_UTF8=y # CONFIG_DLM is not set # # Security options # # CONFIG_KEYS is not set # CONFIG_SECURITY_DMESG_RESTRICT is not set # CONFIG_SECURITY is not set # CONFIG_SECURITYFS is not set CONFIG_DEFAULT_SECURITY_DAC=y CONFIG_DEFAULT_SECURITY="" CONFIG_CRYPTO=y # # Crypto core or helper # CONFIG_CRYPTO_ALGAPI=y CONFIG_CRYPTO_ALGAPI2=y CONFIG_CRYPTO_AEAD=y CONFIG_CRYPTO_AEAD2=y CONFIG_CRYPTO_BLKCIPHER=y CONFIG_CRYPTO_BLKCIPHER2=y CONFIG_CRYPTO_HASH=y CONFIG_CRYPTO_HASH2=y CONFIG_CRYPTO_RNG=y CONFIG_CRYPTO_RNG2=y CONFIG_CRYPTO_PCOMP2=y CONFIG_CRYPTO_MANAGER=y CONFIG_CRYPTO_MANAGER2=y # CONFIG_CRYPTO_USER is not set CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y # CONFIG_CRYPTO_GF128MUL is not set CONFIG_CRYPTO_NULL=y CONFIG_CRYPTO_WORKQUEUE=y # CONFIG_CRYPTO_CRYPTD is not set CONFIG_CRYPTO_AUTHENC=y # CONFIG_CRYPTO_TEST is not set # # Authenticated Encryption with Associated Data # # CONFIG_CRYPTO_CCM is not set # CONFIG_CRYPTO_GCM is not set # CONFIG_CRYPTO_SEQIV is not set # # Block modes # CONFIG_CRYPTO_CBC=y # CONFIG_CRYPTO_CTR is not set # CONFIG_CRYPTO_CTS is not set CONFIG_CRYPTO_ECB=y # CONFIG_CRYPTO_LRW is not set # CONFIG_CRYPTO_PCBC is not set # CONFIG_CRYPTO_XTS is not set # # Hash modes # CONFIG_CRYPTO_HMAC=y # CONFIG_CRYPTO_XCBC is not set # CONFIG_CRYPTO_VMAC is not set # # Digest # CONFIG_CRYPTO_CRC32C=y # CONFIG_CRYPTO_GHASH is not set CONFIG_CRYPTO_MD4=y CONFIG_CRYPTO_MD5=y CONFIG_CRYPTO_MICHAEL_MIC=y # CONFIG_CRYPTO_RMD128 is not set # CONFIG_CRYPTO_RMD160 is not set # CONFIG_CRYPTO_RMD256 is not set # CONFIG_CRYPTO_RMD320 is not set CONFIG_CRYPTO_SHA1=y CONFIG_CRYPTO_SHA256=y CONFIG_CRYPTO_SHA512=y CONFIG_CRYPTO_TGR192=y CONFIG_CRYPTO_WP512=y # # Ciphers # CONFIG_CRYPTO_AES=y CONFIG_CRYPTO_AES_586=y CONFIG_CRYPTO_ANUBIS=y CONFIG_CRYPTO_ARC4=y CONFIG_CRYPTO_BLOWFISH=y CONFIG_CRYPTO_BLOWFISH_COMMON=y # CONFIG_CRYPTO_CAMELLIA is not set CONFIG_CRYPTO_CAST5=y CONFIG_CRYPTO_CAST6=y CONFIG_CRYPTO_DES=y # CONFIG_CRYPTO_FCRYPT is not set CONFIG_CRYPTO_KHAZAD=y # CONFIG_CRYPTO_SALSA20 is not set # CONFIG_CRYPTO_SALSA20_586 is not set # CONFIG_CRYPTO_SEED is not set CONFIG_CRYPTO_SERPENT=y CONFIG_CRYPTO_TEA=y CONFIG_CRYPTO_TWOFISH=y CONFIG_CRYPTO_TWOFISH_COMMON=y # CONFIG_CRYPTO_TWOFISH_586 is not set # # Compression # CONFIG_CRYPTO_DEFLATE=y # CONFIG_CRYPTO_ZLIB is not set # CONFIG_CRYPTO_LZO is not set # # Random Number Generation # CONFIG_CRYPTO_ANSI_CPRNG=y # CONFIG_CRYPTO_USER_API_HASH is not set # CONFIG_CRYPTO_USER_API_SKCIPHER is not set CONFIG_CRYPTO_HW=y # CONFIG_BINARY_PRINTF is not set # # Library routines # CONFIG_BITREVERSE=y CONFIG_GENERIC_FIND_FIRST_BIT=y CONFIG_CRC_CCITT=y CONFIG_CRC16=y # CONFIG_CRC_T10DIF is not set CONFIG_CRC_ITU_T=y CONFIG_CRC32=y # CONFIG_CRC7 is not set CONFIG_LIBCRC32C=y # CONFIG_CRC8 is not set CONFIG_ZLIB_INFLATE=y CONFIG_ZLIB_DEFLATE=y CONFIG_LZO_DECOMPRESS=y CONFIG_XZ_DEC=y CONFIG_XZ_DEC_X86=y CONFIG_XZ_DEC_POWERPC=y CONFIG_XZ_DEC_IA64=y CONFIG_XZ_DEC_ARM=y CONFIG_XZ_DEC_ARMTHUMB=y CONFIG_XZ_DEC_SPARC=y CONFIG_XZ_DEC_BCJ=y # CONFIG_XZ_DEC_TEST is not set CONFIG_DECOMPRESS_GZIP=y CONFIG_DECOMPRESS_BZIP2=y CONFIG_DECOMPRESS_LZMA=y CONFIG_DECOMPRESS_XZ=y CONFIG_DECOMPRESS_LZO=y CONFIG_TEXTSEARCH=y CONFIG_TEXTSEARCH_KMP=y CONFIG_TEXTSEARCH_BM=y CONFIG_TEXTSEARCH_FSM=y CONFIG_NLATTR=y # CONFIG_AVERAGE is not set # CONFIG_CORDIC is not set # # Kernel hacking # # CONFIG_PRINTK_TIME is not set CONFIG_DEFAULT_MESSAGE_LOGLEVEL=4 CONFIG_ENABLE_WARN_DEPRECATED=y CONFIG_ENABLE_MUST_CHECK=y CONFIG_FRAME_WARN=2048 # CONFIG_STRIP_ASM_SYMS is not set # CONFIG_UNUSED_SYMBOLS is not set # CONFIG_DEBUG_FS is not set # CONFIG_DEBUG_SECTION_MISMATCH is not set CONFIG_DEBUG_KERNEL=y # CONFIG_DEBUG_SHIRQ is not set # CONFIG_LOCKUP_DETECTOR is not set # CONFIG_HARDLOCKUP_DETECTOR is not set # CONFIG_DETECT_HUNG_TASK is not set CONFIG_SCHED_DEBUG=y # CONFIG_SCHEDSTATS is not set # CONFIG_TIMER_STATS is not set # CONFIG_DEBUG_OBJECTS is not set # CONFIG_DEBUG_SLAB is not set # CONFIG_DEBUG_RT_MUTEXES is not set # CONFIG_RT_MUTEX_TESTER is not set # CONFIG_DEBUG_SPINLOCK is not set # CONFIG_DEBUG_MUTEXES is not set # CONFIG_SPARSE_RCU_POINTER is not set # CONFIG_DEBUG_ATOMIC_SLEEP is not set # CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set # CONFIG_DEBUG_STACK_USAGE is not set # CONFIG_DEBUG_KOBJECT is not set CONFIG_DEBUG_BUGVERBOSE=y CONFIG_DEBUG_INFO=y # CONFIG_DEBUG_INFO_REDUCED is not set # CONFIG_DEBUG_VM is not set # CONFIG_DEBUG_WRITECOUNT is not set CONFIG_DEBUG_MEMORY_INIT=y # CONFIG_DEBUG_LIST is not set # CONFIG_TEST_LIST_SORT is not set # CONFIG_DEBUG_SG is not set # CONFIG_DEBUG_NOTIFIERS is not set # CONFIG_DEBUG_CREDENTIALS is not set CONFIG_FRAME_POINTER=y # CONFIG_BOOT_PRINTK_DELAY is not set # CONFIG_RCU_TORTURE_TEST is not set # CONFIG_BACKTRACE_SELF_TEST is not set # CONFIG_DEBUG_BLOCK_EXT_DEVT is not set # CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set # CONFIG_FAULT_INJECTION is not set # CONFIG_SYSCTL_SYSCALL_CHECK is not set # CONFIG_DEBUG_PAGEALLOC is not set # CONFIG_ATOMIC64_SELFTEST is not set # CONFIG_SAMPLES is not set # CONFIG_TEST_KSTRTOX is not set # CONFIG_GPROF is not set # CONFIG_GCOV is not set CONFIG_EARLY_PRINTK=y marionnet-0.90.6+bzr508.orig/uml/kernel/README.linux-3.0.%0000644000175000017500000000145013175722671021316 0ustar lucaslucasNotes about the compilation of the series 3.0.% ----------------------------------------------- The execution of the script "pupisto.kernel.sh 3.0.84" produces a linking error: arch/x86/include/asm/atomic64_32.h:72: undefined reference to `atomic64_set_386' similar to the errors fixed by the patches: linux-3.?.%.compile_with_ARCH_um_SUBARCH_i386.diff for the successive kernel series (3.2, 3.4, 3.6, 3.8). There is probably a work-around for this problem by changing some configuration options. Actually, if we generate the .config file with the function: create_kernel_config_from CONFIG-3.0.8 the compilation of 3.0.8 succeed (but 3.0.84 fails). However, we are not currently able to adapt the patch for the series 3.2 to the serie 3.0, neither find the .config options to fix. J.V. Loddo marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/0000755000175000017500000000000013175722671021632 5ustar lucaslucasmarionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/CONFIG-2.6.26_x86_640000644000175000017500000005315613175722671024303 0ustar lucaslucas# # Automatically generated make config: don't edit # Linux kernel version: 2.6.26 # Fri Nov 27 10:26:00 2009 # CONFIG_DEFCONFIG_LIST="arch/$ARCH/defconfig" CONFIG_GENERIC_HARDIRQS=y CONFIG_UML=y CONFIG_MMU=y CONFIG_NO_IOMEM=y # CONFIG_TRACE_IRQFLAGS_SUPPORT is not set CONFIG_LOCKDEP_SUPPORT=y # CONFIG_STACKTRACE_SUPPORT is not set CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_TIME=y CONFIG_GENERIC_CLOCKEVENTS=y CONFIG_IRQ_RELEASE_METHOD=y CONFIG_HZ=100 # # UML-specific options # # CONFIG_STATIC_LINK is not set # # Host processor type and features # # CONFIG_M386 is not set # CONFIG_M486 is not set # CONFIG_M586 is not set # CONFIG_M586TSC is not set # CONFIG_M586MMX is not set # CONFIG_M686 is not set # CONFIG_MPENTIUMII is not set # CONFIG_MPENTIUMIII is not set # CONFIG_MPENTIUMM is not set # CONFIG_MPENTIUM4 is not set # CONFIG_MK6 is not set # CONFIG_MK7 is not set CONFIG_MK8=y # CONFIG_MCRUSOE is not set # CONFIG_MEFFICEON is not set # CONFIG_MWINCHIPC6 is not set # CONFIG_MWINCHIP2 is not set # CONFIG_MWINCHIP3D is not set # CONFIG_MGEODEGX1 is not set # CONFIG_MGEODE_LX is not set # CONFIG_MCYRIXIII is not set # CONFIG_MVIAC3_2 is not set # CONFIG_MVIAC7 is not set # CONFIG_MPSC is not set # CONFIG_MCORE2 is not set # CONFIG_GENERIC_CPU is not set CONFIG_X86_CPU=y # CONFIG_X86_CMPXCHG is not set CONFIG_X86_L1_CACHE_SHIFT=6 CONFIG_X86_GOOD_APIC=y CONFIG_X86_INTEL_USERCOPY=y CONFIG_X86_USE_PPRO_CHECKSUM=y CONFIG_X86_TSC=y CONFIG_X86_MINIMUM_CPU_FAMILY=3 CONFIG_X86_DEBUGCTLMSR=y CONFIG_UML_X86=y CONFIG_64BIT=y CONFIG_RWSEM_GENERIC_SPINLOCK=y CONFIG_3_LEVEL_PGTABLES=y # CONFIG_ARCH_HAS_SC_SIGNALS is not set # CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA is not set CONFIG_SMP_BROKEN=y CONFIG_GENERIC_HWEIGHT=y CONFIG_ARCH_SUPPORTS_AOUT=y CONFIG_SELECT_MEMORY_MODEL=y CONFIG_FLATMEM_MANUAL=y # CONFIG_DISCONTIGMEM_MANUAL is not set # CONFIG_SPARSEMEM_MANUAL is not set CONFIG_FLATMEM=y CONFIG_FLAT_NODE_MEM_MAP=y # CONFIG_SPARSEMEM_STATIC is not set # CONFIG_SPARSEMEM_VMEMMAP_ENABLE is not set CONFIG_PAGEFLAGS_EXTENDED=y CONFIG_SPLIT_PTLOCK_CPUS=4 CONFIG_RESOURCES_64BIT=y CONFIG_ZONE_DMA_FLAG=0 CONFIG_VIRT_TO_BUS=y CONFIG_TICK_ONESHOT=y CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y CONFIG_GENERIC_CLOCKEVENTS_BUILD=y CONFIG_LD_SCRIPT_DYN=y CONFIG_BINFMT_ELF=y CONFIG_BINFMT_MISC=y CONFIG_HOSTFS=y # CONFIG_HPPFS is not set CONFIG_MCONSOLE=y CONFIG_MAGIC_SYSRQ=y CONFIG_KERNEL_STACK_ORDER=1 # # General setup # CONFIG_EXPERIMENTAL=y CONFIG_BROKEN_ON_SMP=y CONFIG_INIT_ENV_ARG_LIMIT=128 CONFIG_LOCALVERSION="-marionnet-ghost" CONFIG_LOCALVERSION_AUTO=y CONFIG_SWAP=y CONFIG_SYSVIPC=y CONFIG_SYSVIPC_SYSCTL=y CONFIG_POSIX_MQUEUE=y CONFIG_BSD_PROCESS_ACCT=y # CONFIG_BSD_PROCESS_ACCT_V3 is not set # CONFIG_TASKSTATS is not set # CONFIG_AUDIT is not set CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y CONFIG_LOG_BUF_SHIFT=14 # CONFIG_CGROUPS is not set # CONFIG_GROUP_SCHED is not set CONFIG_SYSFS_DEPRECATED=y CONFIG_SYSFS_DEPRECATED_V2=y # CONFIG_RELAY is not set CONFIG_NAMESPACES=y # CONFIG_UTS_NS is not set # CONFIG_IPC_NS is not set # CONFIG_USER_NS is not set # CONFIG_PID_NS is not set # CONFIG_BLK_DEV_INITRD is not set CONFIG_CC_OPTIMIZE_FOR_SIZE=y CONFIG_SYSCTL=y # CONFIG_EMBEDDED is not set CONFIG_UID16=y CONFIG_SYSCTL_SYSCALL=y CONFIG_SYSCTL_SYSCALL_CHECK=y CONFIG_KALLSYMS=y CONFIG_KALLSYMS_EXTRA_PASS=y CONFIG_HOTPLUG=y CONFIG_PRINTK=y CONFIG_BUG=y CONFIG_ELF_CORE=y CONFIG_COMPAT_BRK=y CONFIG_BASE_FULL=y CONFIG_FUTEX=y CONFIG_ANON_INODES=y CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_SHMEM=y CONFIG_VM_EVENT_COUNTERS=y CONFIG_SLAB=y # CONFIG_SLUB is not set # CONFIG_SLOB is not set # CONFIG_PROFILING is not set # CONFIG_MARKERS is not set # CONFIG_HAVE_OPROFILE is not set # CONFIG_HAVE_KPROBES is not set # CONFIG_HAVE_KRETPROBES is not set # CONFIG_HAVE_DMA_ATTRS is not set CONFIG_PROC_PAGE_MONITOR=y CONFIG_SLABINFO=y CONFIG_RT_MUTEXES=y # CONFIG_TINY_SHMEM is not set CONFIG_BASE_SMALL=0 # CONFIG_MODULES is not set CONFIG_BLOCK=y # CONFIG_BLK_DEV_IO_TRACE is not set # CONFIG_BLK_DEV_BSG is not set # # IO Schedulers # CONFIG_IOSCHED_NOOP=y CONFIG_IOSCHED_AS=y CONFIG_IOSCHED_DEADLINE=y CONFIG_IOSCHED_CFQ=y CONFIG_DEFAULT_AS=y # CONFIG_DEFAULT_DEADLINE is not set # CONFIG_DEFAULT_CFQ is not set # CONFIG_DEFAULT_NOOP is not set CONFIG_DEFAULT_IOSCHED="anticipatory" CONFIG_CLASSIC_RCU=y CONFIG_BLK_DEV=y CONFIG_BLK_DEV_UBD=y # CONFIG_BLK_DEV_UBD_SYNC is not set CONFIG_BLK_DEV_COW_COMMON=y CONFIG_BLK_DEV_LOOP=y # CONFIG_BLK_DEV_CRYPTOLOOP is not set CONFIG_BLK_DEV_NBD=y # CONFIG_BLK_DEV_RAM is not set # CONFIG_ATA_OVER_ETH is not set # # Character Devices # CONFIG_STDERR_CONSOLE=y CONFIG_STDIO_CONSOLE=y CONFIG_SSL=y CONFIG_NULL_CHAN=y CONFIG_PORT_CHAN=y CONFIG_PTY_CHAN=y CONFIG_TTY_CHAN=y CONFIG_XTERM_CHAN=y # CONFIG_NOCONFIG_CHAN is not set CONFIG_CON_ZERO_CHAN="fd:0,fd:1" CONFIG_CON_CHAN="xterm" CONFIG_SSL_CHAN="pts" CONFIG_UNIX98_PTYS=y CONFIG_LEGACY_PTYS=y # CONFIG_RAW_DRIVER is not set CONFIG_LEGACY_PTY_COUNT=32 # CONFIG_WATCHDOG is not set CONFIG_UML_SOUND=y CONFIG_SOUND=y CONFIG_HOSTAUDIO=y # CONFIG_HW_RANDOM is not set CONFIG_UML_RANDOM=y # CONFIG_MMAPPER is not set # # Generic Driver Options # CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y # CONFIG_FW_LOADER is not set # CONFIG_SYS_HYPERVISOR is not set # # Networking # CONFIG_NET=y # # Networking options # CONFIG_PACKET=y CONFIG_PACKET_MMAP=y CONFIG_UNIX=y CONFIG_XFRM=y CONFIG_XFRM_USER=y # CONFIG_XFRM_SUB_POLICY is not set # CONFIG_XFRM_MIGRATE is not set # CONFIG_XFRM_STATISTICS is not set CONFIG_NET_KEY=y # CONFIG_NET_KEY_MIGRATE is not set CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_ASK_IP_FIB_HASH=y # CONFIG_IP_FIB_TRIE is not set CONFIG_IP_FIB_HASH=y CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_VERBOSE=y # CONFIG_IP_PNP is not set CONFIG_NET_IPIP=y CONFIG_NET_IPGRE=y CONFIG_NET_IPGRE_BROADCAST=y CONFIG_IP_MROUTE=y # CONFIG_IP_PIMSM_V1 is not set CONFIG_IP_PIMSM_V2=y CONFIG_ARPD=y CONFIG_SYN_COOKIES=y CONFIG_INET_AH=y CONFIG_INET_ESP=y CONFIG_INET_IPCOMP=y CONFIG_INET_XFRM_TUNNEL=y CONFIG_INET_TUNNEL=y CONFIG_INET_XFRM_MODE_TRANSPORT=y CONFIG_INET_XFRM_MODE_TUNNEL=y CONFIG_INET_XFRM_MODE_BEET=y # CONFIG_INET_LRO is not set CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y # CONFIG_TCP_CONG_ADVANCED is not set CONFIG_TCP_CONG_CUBIC=y CONFIG_DEFAULT_TCP_CONG="cubic" # CONFIG_TCP_MD5SIG is not set # CONFIG_IP_VS is not set CONFIG_IPV6=y # CONFIG_IPV6_PRIVACY is not set # CONFIG_IPV6_ROUTER_PREF is not set # CONFIG_IPV6_OPTIMISTIC_DAD is not set # CONFIG_INET6_AH is not set # CONFIG_INET6_ESP is not set # CONFIG_INET6_IPCOMP is not set # CONFIG_IPV6_MIP6 is not set # CONFIG_INET6_XFRM_TUNNEL is not set # CONFIG_INET6_TUNNEL is not set CONFIG_INET6_XFRM_MODE_TRANSPORT=y CONFIG_INET6_XFRM_MODE_TUNNEL=y CONFIG_INET6_XFRM_MODE_BEET=y # CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set CONFIG_IPV6_SIT=y CONFIG_IPV6_NDISC_NODETYPE=y # CONFIG_IPV6_TUNNEL is not set # CONFIG_IPV6_MULTIPLE_TABLES is not set # CONFIG_IPV6_MROUTE is not set # CONFIG_NETWORK_SECMARK is not set CONFIG_NETFILTER=y # CONFIG_NETFILTER_DEBUG is not set CONFIG_NETFILTER_ADVANCED=y CONFIG_BRIDGE_NETFILTER=y # # Core Netfilter Configuration # CONFIG_NETFILTER_NETLINK=y CONFIG_NETFILTER_NETLINK_QUEUE=y CONFIG_NETFILTER_NETLINK_LOG=y CONFIG_NF_CONNTRACK=y CONFIG_NF_CT_ACCT=y CONFIG_NF_CONNTRACK_MARK=y CONFIG_NF_CONNTRACK_EVENTS=y CONFIG_NF_CT_PROTO_DCCP=y CONFIG_NF_CT_PROTO_GRE=y CONFIG_NF_CT_PROTO_SCTP=y CONFIG_NF_CT_PROTO_UDPLITE=y CONFIG_NF_CONNTRACK_AMANDA=y CONFIG_NF_CONNTRACK_FTP=y CONFIG_NF_CONNTRACK_H323=y CONFIG_NF_CONNTRACK_IRC=y CONFIG_NF_CONNTRACK_NETBIOS_NS=y CONFIG_NF_CONNTRACK_PPTP=y CONFIG_NF_CONNTRACK_SANE=y CONFIG_NF_CONNTRACK_SIP=y CONFIG_NF_CONNTRACK_TFTP=y CONFIG_NF_CT_NETLINK=y CONFIG_NETFILTER_XTABLES=y CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y CONFIG_NETFILTER_XT_TARGET_CONNMARK=y CONFIG_NETFILTER_XT_TARGET_DSCP=y CONFIG_NETFILTER_XT_TARGET_MARK=y CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y CONFIG_NETFILTER_XT_TARGET_NFLOG=y CONFIG_NETFILTER_XT_TARGET_NOTRACK=y CONFIG_NETFILTER_XT_TARGET_RATEEST=y CONFIG_NETFILTER_XT_TARGET_TRACE=y CONFIG_NETFILTER_XT_TARGET_TCPMSS=y CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=y CONFIG_NETFILTER_XT_MATCH_COMMENT=y CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y CONFIG_NETFILTER_XT_MATCH_CONNMARK=y CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y CONFIG_NETFILTER_XT_MATCH_DCCP=y CONFIG_NETFILTER_XT_MATCH_DSCP=y CONFIG_NETFILTER_XT_MATCH_ESP=y CONFIG_NETFILTER_XT_MATCH_HELPER=y CONFIG_NETFILTER_XT_MATCH_IPRANGE=y CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y CONFIG_NETFILTER_XT_MATCH_MAC=y CONFIG_NETFILTER_XT_MATCH_MARK=y CONFIG_NETFILTER_XT_MATCH_OWNER=y CONFIG_NETFILTER_XT_MATCH_POLICY=y CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y CONFIG_NETFILTER_XT_MATCH_PHYSDEV=y CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y CONFIG_NETFILTER_XT_MATCH_QUOTA=y CONFIG_NETFILTER_XT_MATCH_RATEEST=y CONFIG_NETFILTER_XT_MATCH_REALM=y CONFIG_NETFILTER_XT_MATCH_SCTP=y CONFIG_NETFILTER_XT_MATCH_STATE=y CONFIG_NETFILTER_XT_MATCH_STATISTIC=y CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y CONFIG_NETFILTER_XT_MATCH_TIME=y CONFIG_NETFILTER_XT_MATCH_U32=y CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y # # IP: Netfilter Configuration # CONFIG_NF_CONNTRACK_IPV4=y CONFIG_NF_CONNTRACK_PROC_COMPAT=y CONFIG_IP_NF_QUEUE=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_RECENT=y CONFIG_IP_NF_MATCH_ECN=y CONFIG_IP_NF_MATCH_AH=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_MATCH_ADDRTYPE=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_TARGET_LOG=y CONFIG_IP_NF_TARGET_ULOG=y CONFIG_NF_NAT=y CONFIG_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=y CONFIG_IP_NF_TARGET_REDIRECT=y CONFIG_IP_NF_TARGET_NETMAP=y CONFIG_NF_NAT_SNMP_BASIC=y CONFIG_NF_NAT_PROTO_DCCP=y CONFIG_NF_NAT_PROTO_GRE=y CONFIG_NF_NAT_PROTO_UDPLITE=y CONFIG_NF_NAT_PROTO_SCTP=y CONFIG_NF_NAT_FTP=y CONFIG_NF_NAT_IRC=y CONFIG_NF_NAT_TFTP=y CONFIG_NF_NAT_AMANDA=y CONFIG_NF_NAT_PPTP=y CONFIG_NF_NAT_H323=y CONFIG_NF_NAT_SIP=y CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_TARGET_ECN=y CONFIG_IP_NF_TARGET_TTL=y CONFIG_IP_NF_TARGET_CLUSTERIP=y CONFIG_IP_NF_RAW=y CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_ARPFILTER=y CONFIG_IP_NF_ARP_MANGLE=y # # IPv6: Netfilter Configuration # CONFIG_NF_CONNTRACK_IPV6=y CONFIG_IP6_NF_QUEUE=y CONFIG_IP6_NF_IPTABLES=y CONFIG_IP6_NF_MATCH_RT=y CONFIG_IP6_NF_MATCH_OPTS=y CONFIG_IP6_NF_MATCH_FRAG=y CONFIG_IP6_NF_MATCH_HL=y CONFIG_IP6_NF_MATCH_IPV6HEADER=y CONFIG_IP6_NF_MATCH_AH=y CONFIG_IP6_NF_MATCH_MH=y CONFIG_IP6_NF_MATCH_EUI64=y CONFIG_IP6_NF_FILTER=y CONFIG_IP6_NF_TARGET_LOG=y CONFIG_IP6_NF_TARGET_REJECT=y CONFIG_IP6_NF_MANGLE=y CONFIG_IP6_NF_TARGET_HL=y CONFIG_IP6_NF_RAW=y # # DECnet: Netfilter Configuration # # CONFIG_DECNET_NF_GRABULATOR is not set # # Bridge: Netfilter Configuration # CONFIG_BRIDGE_NF_EBTABLES=y CONFIG_BRIDGE_EBT_BROUTE=y CONFIG_BRIDGE_EBT_T_FILTER=y CONFIG_BRIDGE_EBT_T_NAT=y CONFIG_BRIDGE_EBT_802_3=y CONFIG_BRIDGE_EBT_AMONG=y CONFIG_BRIDGE_EBT_ARP=y CONFIG_BRIDGE_EBT_IP=y CONFIG_BRIDGE_EBT_LIMIT=y CONFIG_BRIDGE_EBT_MARK=y CONFIG_BRIDGE_EBT_PKTTYPE=y CONFIG_BRIDGE_EBT_STP=y CONFIG_BRIDGE_EBT_VLAN=y CONFIG_BRIDGE_EBT_ARPREPLY=y CONFIG_BRIDGE_EBT_DNAT=y CONFIG_BRIDGE_EBT_MARK_T=y CONFIG_BRIDGE_EBT_REDIRECT=y CONFIG_BRIDGE_EBT_SNAT=y CONFIG_BRIDGE_EBT_LOG=y CONFIG_BRIDGE_EBT_ULOG=y CONFIG_BRIDGE_EBT_NFLOG=y CONFIG_GHOSTIFICATION_NETFILTER=y CONFIG_GHOSTIFICATION_NETFILTER_ALL=y # CONFIG_IP_DCCP is not set # CONFIG_IP_SCTP is not set # CONFIG_TIPC is not set # CONFIG_ATM is not set CONFIG_BRIDGE=y CONFIG_VLAN_8021Q=y CONFIG_DECNET=y # CONFIG_DECNET_ROUTER is not set CONFIG_LLC=y CONFIG_LLC2=y # CONFIG_IPX is not set # CONFIG_ATALK is not set # CONFIG_X25 is not set # CONFIG_LAPB is not set # CONFIG_ECONET is not set # CONFIG_WAN_ROUTER is not set CONFIG_NET_SCHED=y # # Queueing/Scheduling # CONFIG_NET_SCH_CBQ=y CONFIG_NET_SCH_HTB=y CONFIG_NET_SCH_HFSC=y CONFIG_NET_SCH_PRIO=y CONFIG_NET_SCH_RED=y CONFIG_NET_SCH_SFQ=y CONFIG_NET_SCH_TEQL=y CONFIG_NET_SCH_TBF=y CONFIG_NET_SCH_GRED=y CONFIG_NET_SCH_DSMARK=y CONFIG_NET_SCH_NETEM=y # CONFIG_NET_SCH_INGRESS is not set # # Classification # CONFIG_NET_CLS=y CONFIG_NET_CLS_BASIC=y CONFIG_NET_CLS_TCINDEX=y CONFIG_NET_CLS_ROUTE4=y CONFIG_NET_CLS_ROUTE=y CONFIG_NET_CLS_FW=y CONFIG_NET_CLS_U32=y CONFIG_CLS_U32_PERF=y CONFIG_CLS_U32_MARK=y CONFIG_NET_CLS_RSVP=y CONFIG_NET_CLS_RSVP6=y CONFIG_NET_CLS_FLOW=y CONFIG_NET_EMATCH=y CONFIG_NET_EMATCH_STACK=32 CONFIG_NET_EMATCH_CMP=y CONFIG_NET_EMATCH_NBYTE=y CONFIG_NET_EMATCH_U32=y CONFIG_NET_EMATCH_META=y CONFIG_NET_EMATCH_TEXT=y CONFIG_NET_CLS_ACT=y CONFIG_NET_ACT_POLICE=y CONFIG_NET_ACT_GACT=y CONFIG_GACT_PROB=y CONFIG_NET_ACT_MIRRED=y CONFIG_NET_ACT_IPT=y CONFIG_NET_ACT_NAT=y CONFIG_NET_ACT_PEDIT=y # CONFIG_NET_ACT_SIMP is not set CONFIG_NET_CLS_IND=y CONFIG_NET_SCH_FIFO=y # # Network testing # # CONFIG_NET_PKTGEN is not set # CONFIG_HAMRADIO is not set # CONFIG_CAN is not set # CONFIG_IRDA is not set # CONFIG_BT is not set # CONFIG_AF_RXRPC is not set CONFIG_FIB_RULES=y # # Wireless # # CONFIG_CFG80211 is not set # CONFIG_WIRELESS_EXT is not set # CONFIG_MAC80211 is not set # CONFIG_IEEE80211 is not set # CONFIG_RFKILL is not set # CONFIG_NET_9P is not set CONFIG_GHOSTIFICATION=y CONFIG_GHOSTIFICATION_NUM=9 CONFIG_GHOSTIFICATION_MESG=y CONFIG_GHOSTIFICATION_PRINTK=y # CONFIG_GHOSTIFICATION_DEBUG is not set # CONFIG_GHOSTIFICATION_DEVEL is not set # # UML Network Devices # CONFIG_UML_NET=y CONFIG_UML_NET_ETHERTAP=y CONFIG_UML_NET_TUNTAP=y CONFIG_UML_NET_SLIP=y CONFIG_UML_NET_DAEMON=y CONFIG_UML_NET_VDE=y CONFIG_UML_NET_MCAST=y CONFIG_UML_NET_PCAP=y CONFIG_UML_NET_SLIRP=y CONFIG_NETDEVICES=y CONFIG_NETDEVICES_MULTIQUEUE=y # CONFIG_IFB is not set CONFIG_DUMMY=y CONFIG_BONDING=y CONFIG_MACVLAN=y # CONFIG_EQUALIZER is not set CONFIG_TUN=y # CONFIG_VETH is not set # # Wireless LAN # # CONFIG_WLAN_PRE80211 is not set # CONFIG_WLAN_80211 is not set # CONFIG_IWLWIFI_LEDS is not set # CONFIG_WAN is not set CONFIG_PPP=y # CONFIG_PPP_MULTILINK is not set # CONFIG_PPP_FILTER is not set # CONFIG_PPP_ASYNC is not set # CONFIG_PPP_SYNC_TTY is not set # CONFIG_PPP_DEFLATE is not set # CONFIG_PPP_BSDCOMP is not set # CONFIG_PPP_MPPE is not set # CONFIG_PPPOE is not set # CONFIG_PPPOL2TP is not set CONFIG_SLIP=y # CONFIG_SLIP_COMPRESSED is not set CONFIG_SLHC=y # CONFIG_SLIP_SMART is not set # CONFIG_SLIP_MODE_SLIP6 is not set # CONFIG_NETCONSOLE is not set # CONFIG_NETPOLL is not set # CONFIG_NET_POLL_CONTROLLER is not set # CONFIG_CONNECTOR is not set # # File systems # CONFIG_EXT2_FS=y CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_POSIX_ACL=y # CONFIG_EXT2_FS_SECURITY is not set # CONFIG_EXT2_FS_XIP is not set CONFIG_EXT3_FS=y CONFIG_EXT3_FS_XATTR=y CONFIG_EXT3_FS_POSIX_ACL=y CONFIG_EXT3_FS_SECURITY=y # CONFIG_EXT4DEV_FS is not set CONFIG_JBD=y CONFIG_FS_MBCACHE=y # CONFIG_REISERFS_FS is not set # CONFIG_JFS_FS is not set CONFIG_FS_POSIX_ACL=y # CONFIG_XFS_FS is not set # CONFIG_GFS2_FS is not set # CONFIG_OCFS2_FS is not set CONFIG_DNOTIFY=y CONFIG_INOTIFY=y CONFIG_INOTIFY_USER=y CONFIG_QUOTA=y # CONFIG_QUOTA_NETLINK_INTERFACE is not set CONFIG_PRINT_QUOTA_WARNING=y # CONFIG_QFMT_V1 is not set # CONFIG_QFMT_V2 is not set CONFIG_QUOTACTL=y CONFIG_AUTOFS_FS=y CONFIG_AUTOFS4_FS=y # CONFIG_FUSE_FS is not set # # CD-ROM/DVD Filesystems # # CONFIG_ISO9660_FS is not set # CONFIG_UDF_FS is not set # # DOS/FAT/NT Filesystems # # CONFIG_MSDOS_FS is not set # CONFIG_VFAT_FS is not set # CONFIG_NTFS_FS is not set # # Pseudo filesystems # CONFIG_PROC_FS=y CONFIG_PROC_KCORE=y CONFIG_PROC_SYSCTL=y CONFIG_SYSFS=y CONFIG_TMPFS=y # CONFIG_TMPFS_POSIX_ACL is not set # CONFIG_HUGETLB_PAGE is not set # CONFIG_CONFIGFS_FS is not set # # Miscellaneous filesystems # # CONFIG_ADFS_FS is not set # CONFIG_AFFS_FS is not set # CONFIG_HFS_FS is not set # CONFIG_HFSPLUS_FS is not set # CONFIG_BEFS_FS is not set # CONFIG_BFS_FS is not set # CONFIG_EFS_FS is not set # CONFIG_CRAMFS is not set # CONFIG_VXFS_FS is not set # CONFIG_MINIX_FS is not set # CONFIG_HPFS_FS is not set # CONFIG_QNX4FS_FS is not set # CONFIG_ROMFS_FS is not set # CONFIG_SYSV_FS is not set # CONFIG_UFS_FS is not set CONFIG_NETWORK_FILESYSTEMS=y CONFIG_NFS_FS=y CONFIG_NFS_V3=y CONFIG_NFS_V3_ACL=y CONFIG_NFS_V4=y CONFIG_NFSD=y CONFIG_NFSD_V2_ACL=y CONFIG_NFSD_V3=y CONFIG_NFSD_V3_ACL=y CONFIG_NFSD_V4=y CONFIG_LOCKD=y CONFIG_LOCKD_V4=y CONFIG_EXPORTFS=y CONFIG_NFS_ACL_SUPPORT=y CONFIG_NFS_COMMON=y CONFIG_SUNRPC=y CONFIG_SUNRPC_GSS=y CONFIG_SUNRPC_BIND34=y CONFIG_RPCSEC_GSS_KRB5=y CONFIG_RPCSEC_GSS_SPKM3=y # CONFIG_SMB_FS is not set CONFIG_CIFS=y # CONFIG_CIFS_STATS is not set # CONFIG_CIFS_WEAK_PW_HASH is not set CONFIG_CIFS_XATTR=y CONFIG_CIFS_POSIX=y CONFIG_CIFS_DEBUG2=y # CONFIG_CIFS_EXPERIMENTAL is not set # CONFIG_NCP_FS is not set # CONFIG_CODA_FS is not set # CONFIG_AFS_FS is not set # # Partition Types # CONFIG_PARTITION_ADVANCED=y # CONFIG_ACORN_PARTITION is not set # CONFIG_OSF_PARTITION is not set # CONFIG_AMIGA_PARTITION is not set # CONFIG_ATARI_PARTITION is not set # CONFIG_MAC_PARTITION is not set CONFIG_MSDOS_PARTITION=y # CONFIG_BSD_DISKLABEL is not set # CONFIG_MINIX_SUBPARTITION is not set # CONFIG_SOLARIS_X86_PARTITION is not set # CONFIG_UNIXWARE_DISKLABEL is not set # CONFIG_LDM_PARTITION is not set # CONFIG_SGI_PARTITION is not set # CONFIG_ULTRIX_PARTITION is not set # CONFIG_SUN_PARTITION is not set # CONFIG_KARMA_PARTITION is not set # CONFIG_EFI_PARTITION is not set # CONFIG_SYSV68_PARTITION is not set CONFIG_NLS=y CONFIG_NLS_DEFAULT="iso8859-1" # CONFIG_NLS_CODEPAGE_437 is not set # CONFIG_NLS_CODEPAGE_737 is not set # CONFIG_NLS_CODEPAGE_775 is not set # CONFIG_NLS_CODEPAGE_850 is not set # CONFIG_NLS_CODEPAGE_852 is not set # CONFIG_NLS_CODEPAGE_855 is not set # CONFIG_NLS_CODEPAGE_857 is not set # CONFIG_NLS_CODEPAGE_860 is not set # CONFIG_NLS_CODEPAGE_861 is not set # CONFIG_NLS_CODEPAGE_862 is not set # CONFIG_NLS_CODEPAGE_863 is not set # CONFIG_NLS_CODEPAGE_864 is not set # CONFIG_NLS_CODEPAGE_865 is not set # CONFIG_NLS_CODEPAGE_866 is not set # CONFIG_NLS_CODEPAGE_869 is not set # CONFIG_NLS_CODEPAGE_936 is not set # CONFIG_NLS_CODEPAGE_950 is not set # CONFIG_NLS_CODEPAGE_932 is not set # CONFIG_NLS_CODEPAGE_949 is not set # CONFIG_NLS_CODEPAGE_874 is not set # CONFIG_NLS_ISO8859_8 is not set # CONFIG_NLS_CODEPAGE_1250 is not set # CONFIG_NLS_CODEPAGE_1251 is not set # CONFIG_NLS_ASCII is not set # CONFIG_NLS_ISO8859_1 is not set # CONFIG_NLS_ISO8859_2 is not set # CONFIG_NLS_ISO8859_3 is not set # CONFIG_NLS_ISO8859_4 is not set # CONFIG_NLS_ISO8859_5 is not set # CONFIG_NLS_ISO8859_6 is not set # CONFIG_NLS_ISO8859_7 is not set # CONFIG_NLS_ISO8859_9 is not set # CONFIG_NLS_ISO8859_13 is not set # CONFIG_NLS_ISO8859_14 is not set # CONFIG_NLS_ISO8859_15 is not set # CONFIG_NLS_KOI8_R is not set # CONFIG_NLS_KOI8_U is not set # CONFIG_NLS_UTF8 is not set # CONFIG_DLM is not set # # Security options # # CONFIG_KEYS is not set # CONFIG_SECURITY is not set # CONFIG_SECURITY_FILE_CAPABILITIES is not set CONFIG_CRYPTO=y # # Crypto core or helper # CONFIG_CRYPTO_ALGAPI=y CONFIG_CRYPTO_AEAD=y CONFIG_CRYPTO_BLKCIPHER=y CONFIG_CRYPTO_HASH=y CONFIG_CRYPTO_MANAGER=y # CONFIG_CRYPTO_GF128MUL is not set # CONFIG_CRYPTO_NULL is not set # CONFIG_CRYPTO_CRYPTD is not set CONFIG_CRYPTO_AUTHENC=y # # Authenticated Encryption with Associated Data # # CONFIG_CRYPTO_CCM is not set # CONFIG_CRYPTO_GCM is not set # CONFIG_CRYPTO_SEQIV is not set # # Block modes # CONFIG_CRYPTO_CBC=y # CONFIG_CRYPTO_CTR is not set # CONFIG_CRYPTO_CTS is not set # CONFIG_CRYPTO_ECB is not set # CONFIG_CRYPTO_LRW is not set # CONFIG_CRYPTO_PCBC is not set # CONFIG_CRYPTO_XTS is not set # # Hash modes # CONFIG_CRYPTO_HMAC=y # CONFIG_CRYPTO_XCBC is not set # # Digest # # CONFIG_CRYPTO_CRC32C is not set # CONFIG_CRYPTO_MD4 is not set CONFIG_CRYPTO_MD5=y # CONFIG_CRYPTO_MICHAEL_MIC is not set CONFIG_CRYPTO_SHA1=y # CONFIG_CRYPTO_SHA256 is not set # CONFIG_CRYPTO_SHA512 is not set # CONFIG_CRYPTO_TGR192 is not set # CONFIG_CRYPTO_WP512 is not set # # Ciphers # CONFIG_CRYPTO_AES=y CONFIG_CRYPTO_AES_X86_64=y # CONFIG_CRYPTO_ANUBIS is not set # CONFIG_CRYPTO_ARC4 is not set # CONFIG_CRYPTO_BLOWFISH is not set # CONFIG_CRYPTO_CAMELLIA is not set CONFIG_CRYPTO_CAST5=y # CONFIG_CRYPTO_CAST6 is not set CONFIG_CRYPTO_DES=y # CONFIG_CRYPTO_FCRYPT is not set # CONFIG_CRYPTO_KHAZAD is not set # CONFIG_CRYPTO_SALSA20 is not set CONFIG_CRYPTO_SALSA20_X86_64=y # CONFIG_CRYPTO_SEED is not set # CONFIG_CRYPTO_SERPENT is not set # CONFIG_CRYPTO_TEA is not set # CONFIG_CRYPTO_TWOFISH is not set CONFIG_CRYPTO_TWOFISH_COMMON=y CONFIG_CRYPTO_TWOFISH_X86_64=y # # Compression # CONFIG_CRYPTO_DEFLATE=y # CONFIG_CRYPTO_LZO is not set CONFIG_CRYPTO_HW=y # # Library routines # CONFIG_BITREVERSE=y CONFIG_GENERIC_FIND_FIRST_BIT=y CONFIG_GENERIC_FIND_NEXT_BIT=y # CONFIG_CRC_CCITT is not set CONFIG_CRC16=y # CONFIG_CRC_ITU_T is not set CONFIG_CRC32=y # CONFIG_CRC7 is not set CONFIG_LIBCRC32C=y CONFIG_ZLIB_INFLATE=y CONFIG_ZLIB_DEFLATE=y CONFIG_TEXTSEARCH=y CONFIG_TEXTSEARCH_KMP=y CONFIG_TEXTSEARCH_BM=y CONFIG_TEXTSEARCH_FSM=y CONFIG_PLIST=y CONFIG_HAS_DMA=y # # SCSI device support # # CONFIG_RAID_ATTRS is not set # CONFIG_SCSI is not set # CONFIG_SCSI_DMA is not set # CONFIG_SCSI_NETLINK is not set CONFIG_MD=y # CONFIG_BLK_DEV_MD is not set CONFIG_BLK_DEV_DM=y # CONFIG_DM_DEBUG is not set CONFIG_DM_CRYPT=y CONFIG_DM_SNAPSHOT=y CONFIG_DM_MIRROR=y # CONFIG_DM_ZERO is not set # CONFIG_DM_MULTIPATH is not set # CONFIG_DM_DELAY is not set # CONFIG_DM_UEVENT is not set # CONFIG_NEW_LEDS is not set # CONFIG_INPUT is not set # # Kernel hacking # # CONFIG_PRINTK_TIME is not set # CONFIG_ENABLE_WARN_DEPRECATED is not set CONFIG_ENABLE_MUST_CHECK=y CONFIG_FRAME_WARN=1024 # CONFIG_UNUSED_SYMBOLS is not set # CONFIG_DEBUG_FS is not set # CONFIG_DEBUG_KERNEL is not set CONFIG_DEBUG_BUGVERBOSE=y # CONFIG_SAMPLES is not set # CONFIG_DEBUG_STACK_USAGE is not set marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/CONFIG-2.6.290000644000175000017500000005576413175722671023277 0ustar lucaslucas# # Automatically generated make config: don't edit # Linux kernel version: 2.6.29 # Fri Nov 27 12:37:56 2009 # CONFIG_DEFCONFIG_LIST="arch/$ARCH/defconfig" CONFIG_GENERIC_HARDIRQS=y CONFIG_UML=y CONFIG_MMU=y CONFIG_NO_IOMEM=y # CONFIG_TRACE_IRQFLAGS_SUPPORT is not set CONFIG_LOCKDEP_SUPPORT=y # CONFIG_STACKTRACE_SUPPORT is not set CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_TIME=y CONFIG_GENERIC_CLOCKEVENTS=y CONFIG_IRQ_RELEASE_METHOD=y CONFIG_HZ=100 # # UML-specific options # # # Host processor type and features # # CONFIG_M386 is not set # CONFIG_M486 is not set # CONFIG_M586 is not set # CONFIG_M586TSC is not set # CONFIG_M586MMX is not set CONFIG_M686=y # CONFIG_MPENTIUMII is not set # CONFIG_MPENTIUMIII is not set # CONFIG_MPENTIUMM is not set # CONFIG_MPENTIUM4 is not set # CONFIG_MK6 is not set # CONFIG_MK7 is not set # CONFIG_MK8 is not set # CONFIG_MCRUSOE is not set # CONFIG_MEFFICEON is not set # CONFIG_MWINCHIPC6 is not set # CONFIG_MWINCHIP3D is not set # CONFIG_MGEODEGX1 is not set # CONFIG_MGEODE_LX is not set # CONFIG_MCYRIXIII is not set # CONFIG_MVIAC3_2 is not set # CONFIG_MVIAC7 is not set # CONFIG_MPSC is not set # CONFIG_MCORE2 is not set # CONFIG_GENERIC_CPU is not set CONFIG_X86_GENERIC=y CONFIG_X86_CPU=y CONFIG_X86_CMPXCHG=y CONFIG_X86_L1_CACHE_SHIFT=7 CONFIG_X86_XADD=y CONFIG_X86_PPRO_FENCE=y CONFIG_X86_WP_WORKS_OK=y CONFIG_X86_INVLPG=y CONFIG_X86_BSWAP=y CONFIG_X86_POPAD_OK=y CONFIG_X86_INTEL_USERCOPY=y CONFIG_X86_USE_PPRO_CHECKSUM=y CONFIG_X86_TSC=y CONFIG_X86_CMOV=y CONFIG_X86_MINIMUM_CPU_FAMILY=4 CONFIG_CPU_SUP_INTEL=y CONFIG_CPU_SUP_CYRIX_32=y CONFIG_CPU_SUP_AMD=y CONFIG_CPU_SUP_CENTAUR_32=y CONFIG_CPU_SUP_TRANSMETA_32=y CONFIG_CPU_SUP_UMC_32=y CONFIG_UML_X86=y # CONFIG_64BIT is not set CONFIG_X86_32=y CONFIG_RWSEM_XCHGADD_ALGORITHM=y # CONFIG_RWSEM_GENERIC_SPINLOCK is not set # CONFIG_3_LEVEL_PGTABLES is not set CONFIG_ARCH_HAS_SC_SIGNALS=y CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA=y # CONFIG_SMP_BROKEN is not set CONFIG_GENERIC_HWEIGHT=y # CONFIG_STATIC_LINK is not set CONFIG_SELECT_MEMORY_MODEL=y CONFIG_FLATMEM_MANUAL=y # CONFIG_DISCONTIGMEM_MANUAL is not set # CONFIG_SPARSEMEM_MANUAL is not set CONFIG_FLATMEM=y CONFIG_FLAT_NODE_MEM_MAP=y CONFIG_PAGEFLAGS_EXTENDED=y CONFIG_SPLIT_PTLOCK_CPUS=4 # CONFIG_PHYS_ADDR_T_64BIT is not set CONFIG_ZONE_DMA_FLAG=0 CONFIG_VIRT_TO_BUS=y CONFIG_UNEVICTABLE_LRU=y CONFIG_TICK_ONESHOT=y CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y CONFIG_GENERIC_CLOCKEVENTS_BUILD=y CONFIG_LD_SCRIPT_DYN=y CONFIG_BINFMT_ELF=y # CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS is not set CONFIG_HAVE_AOUT=y # CONFIG_BINFMT_AOUT is not set CONFIG_BINFMT_MISC=y CONFIG_HOSTFS=y # CONFIG_HPPFS is not set CONFIG_MCONSOLE=y CONFIG_MAGIC_SYSRQ=y # CONFIG_HIGHMEM is not set CONFIG_KERNEL_STACK_ORDER=0 # # General setup # CONFIG_EXPERIMENTAL=y CONFIG_BROKEN_ON_SMP=y CONFIG_INIT_ENV_ARG_LIMIT=128 CONFIG_LOCALVERSION="-marionnet-ghost" CONFIG_LOCALVERSION_AUTO=y CONFIG_SWAP=y CONFIG_SYSVIPC=y CONFIG_SYSVIPC_SYSCTL=y CONFIG_POSIX_MQUEUE=y CONFIG_BSD_PROCESS_ACCT=y # CONFIG_BSD_PROCESS_ACCT_V3 is not set # CONFIG_TASKSTATS is not set # CONFIG_AUDIT is not set # # RCU Subsystem # CONFIG_CLASSIC_RCU=y # CONFIG_TREE_RCU is not set # CONFIG_PREEMPT_RCU is not set # CONFIG_TREE_RCU_TRACE is not set # CONFIG_PREEMPT_RCU_TRACE is not set CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y CONFIG_LOG_BUF_SHIFT=14 # CONFIG_GROUP_SCHED is not set # CONFIG_CGROUPS is not set CONFIG_SYSFS_DEPRECATED=y CONFIG_SYSFS_DEPRECATED_V2=y # CONFIG_RELAY is not set CONFIG_NAMESPACES=y # CONFIG_UTS_NS is not set # CONFIG_IPC_NS is not set # CONFIG_USER_NS is not set # CONFIG_PID_NS is not set # CONFIG_NET_NS is not set # CONFIG_BLK_DEV_INITRD is not set CONFIG_CC_OPTIMIZE_FOR_SIZE=y CONFIG_SYSCTL=y CONFIG_ANON_INODES=y # CONFIG_EMBEDDED is not set CONFIG_UID16=y CONFIG_SYSCTL_SYSCALL=y CONFIG_KALLSYMS=y CONFIG_KALLSYMS_EXTRA_PASS=y CONFIG_HOTPLUG=y CONFIG_PRINTK=y CONFIG_BUG=y CONFIG_ELF_CORE=y CONFIG_BASE_FULL=y CONFIG_FUTEX=y CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_SHMEM=y CONFIG_AIO=y CONFIG_VM_EVENT_COUNTERS=y CONFIG_COMPAT_BRK=y CONFIG_SLAB=y # CONFIG_SLUB is not set # CONFIG_SLOB is not set # CONFIG_PROFILING is not set # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set CONFIG_SLABINFO=y CONFIG_RT_MUTEXES=y CONFIG_BASE_SMALL=0 # CONFIG_MODULES is not set CONFIG_BLOCK=y # CONFIG_LBD is not set # CONFIG_BLK_DEV_IO_TRACE is not set # CONFIG_BLK_DEV_BSG is not set # CONFIG_BLK_DEV_INTEGRITY is not set # # IO Schedulers # CONFIG_IOSCHED_NOOP=y CONFIG_IOSCHED_AS=y CONFIG_IOSCHED_DEADLINE=y CONFIG_IOSCHED_CFQ=y CONFIG_DEFAULT_AS=y # CONFIG_DEFAULT_DEADLINE is not set # CONFIG_DEFAULT_CFQ is not set # CONFIG_DEFAULT_NOOP is not set CONFIG_DEFAULT_IOSCHED="anticipatory" # CONFIG_FREEZER is not set CONFIG_BLK_DEV=y CONFIG_BLK_DEV_UBD=y # CONFIG_BLK_DEV_UBD_SYNC is not set CONFIG_BLK_DEV_COW_COMMON=y CONFIG_BLK_DEV_LOOP=y # CONFIG_BLK_DEV_CRYPTOLOOP is not set CONFIG_BLK_DEV_NBD=y # CONFIG_BLK_DEV_RAM is not set # CONFIG_ATA_OVER_ETH is not set # # Character Devices # CONFIG_STDERR_CONSOLE=y CONFIG_STDIO_CONSOLE=y CONFIG_SSL=y CONFIG_NULL_CHAN=y CONFIG_PORT_CHAN=y CONFIG_PTY_CHAN=y CONFIG_TTY_CHAN=y CONFIG_XTERM_CHAN=y # CONFIG_NOCONFIG_CHAN is not set CONFIG_CON_ZERO_CHAN="fd:0,fd:1" CONFIG_CON_CHAN="xterm" CONFIG_SSL_CHAN="pts" CONFIG_UNIX98_PTYS=y CONFIG_LEGACY_PTYS=y # CONFIG_RAW_DRIVER is not set CONFIG_LEGACY_PTY_COUNT=32 # CONFIG_WATCHDOG is not set CONFIG_UML_SOUND=y CONFIG_SOUND=y CONFIG_SOUND_OSS_CORE=y CONFIG_HOSTAUDIO=y # CONFIG_HW_RANDOM is not set CONFIG_UML_RANDOM=y # CONFIG_MMAPPER is not set # # Generic Driver Options # CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y CONFIG_FW_LOADER=y CONFIG_FIRMWARE_IN_KERNEL=y CONFIG_EXTRA_FIRMWARE="" # CONFIG_SYS_HYPERVISOR is not set CONFIG_NET=y # # Networking options # CONFIG_COMPAT_NET_DEV_OPS=y CONFIG_PACKET=y CONFIG_PACKET_MMAP=y CONFIG_UNIX=y CONFIG_XFRM=y CONFIG_XFRM_USER=y # CONFIG_XFRM_SUB_POLICY is not set # CONFIG_XFRM_MIGRATE is not set # CONFIG_XFRM_STATISTICS is not set CONFIG_XFRM_IPCOMP=y CONFIG_NET_KEY=y # CONFIG_NET_KEY_MIGRATE is not set CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_ASK_IP_FIB_HASH=y # CONFIG_IP_FIB_TRIE is not set CONFIG_IP_FIB_HASH=y CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_VERBOSE=y # CONFIG_IP_PNP is not set CONFIG_NET_IPIP=y CONFIG_NET_IPGRE=y CONFIG_NET_IPGRE_BROADCAST=y CONFIG_IP_MROUTE=y # CONFIG_IP_PIMSM_V1 is not set CONFIG_IP_PIMSM_V2=y CONFIG_ARPD=y CONFIG_SYN_COOKIES=y CONFIG_INET_AH=y CONFIG_INET_ESP=y CONFIG_INET_IPCOMP=y CONFIG_INET_XFRM_TUNNEL=y CONFIG_INET_TUNNEL=y CONFIG_INET_XFRM_MODE_TRANSPORT=y CONFIG_INET_XFRM_MODE_TUNNEL=y CONFIG_INET_XFRM_MODE_BEET=y # CONFIG_INET_LRO is not set CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y # CONFIG_TCP_CONG_ADVANCED is not set CONFIG_TCP_CONG_CUBIC=y CONFIG_DEFAULT_TCP_CONG="cubic" # CONFIG_TCP_MD5SIG is not set CONFIG_IPV6=y # CONFIG_IPV6_PRIVACY is not set # CONFIG_IPV6_ROUTER_PREF is not set # CONFIG_IPV6_OPTIMISTIC_DAD is not set # CONFIG_INET6_AH is not set # CONFIG_INET6_ESP is not set # CONFIG_INET6_IPCOMP is not set # CONFIG_IPV6_MIP6 is not set # CONFIG_INET6_XFRM_TUNNEL is not set # CONFIG_INET6_TUNNEL is not set CONFIG_INET6_XFRM_MODE_TRANSPORT=y CONFIG_INET6_XFRM_MODE_TUNNEL=y CONFIG_INET6_XFRM_MODE_BEET=y # CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set CONFIG_IPV6_SIT=y CONFIG_IPV6_NDISC_NODETYPE=y # CONFIG_IPV6_TUNNEL is not set # CONFIG_IPV6_MULTIPLE_TABLES is not set # CONFIG_IPV6_MROUTE is not set # CONFIG_NETWORK_SECMARK is not set CONFIG_NETFILTER=y # CONFIG_NETFILTER_DEBUG is not set CONFIG_NETFILTER_ADVANCED=y CONFIG_BRIDGE_NETFILTER=y # # Core Netfilter Configuration # CONFIG_NETFILTER_NETLINK=y CONFIG_NETFILTER_NETLINK_QUEUE=y CONFIG_NETFILTER_NETLINK_LOG=y CONFIG_NF_CONNTRACK=y CONFIG_NF_CT_ACCT=y CONFIG_NF_CONNTRACK_MARK=y CONFIG_NF_CONNTRACK_EVENTS=y CONFIG_NF_CT_PROTO_DCCP=y CONFIG_NF_CT_PROTO_GRE=y CONFIG_NF_CT_PROTO_SCTP=y CONFIG_NF_CT_PROTO_UDPLITE=y CONFIG_NF_CONNTRACK_AMANDA=y CONFIG_NF_CONNTRACK_FTP=y CONFIG_NF_CONNTRACK_H323=y CONFIG_NF_CONNTRACK_IRC=y CONFIG_NF_CONNTRACK_NETBIOS_NS=y CONFIG_NF_CONNTRACK_PPTP=y CONFIG_NF_CONNTRACK_SANE=y CONFIG_NF_CONNTRACK_SIP=y CONFIG_NF_CONNTRACK_TFTP=y CONFIG_NF_CT_NETLINK=y # CONFIG_NETFILTER_TPROXY is not set CONFIG_NETFILTER_XTABLES=y CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y CONFIG_NETFILTER_XT_TARGET_CONNMARK=y CONFIG_NETFILTER_XT_TARGET_DSCP=y CONFIG_NETFILTER_XT_TARGET_MARK=y CONFIG_NETFILTER_XT_TARGET_NFLOG=y CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y CONFIG_NETFILTER_XT_TARGET_NOTRACK=y CONFIG_NETFILTER_XT_TARGET_RATEEST=y CONFIG_NETFILTER_XT_TARGET_TRACE=y CONFIG_NETFILTER_XT_TARGET_TCPMSS=y CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=y CONFIG_NETFILTER_XT_MATCH_COMMENT=y CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y CONFIG_NETFILTER_XT_MATCH_CONNMARK=y CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y CONFIG_NETFILTER_XT_MATCH_DCCP=y CONFIG_NETFILTER_XT_MATCH_DSCP=y CONFIG_NETFILTER_XT_MATCH_ESP=y CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y CONFIG_NETFILTER_XT_MATCH_HELPER=y CONFIG_NETFILTER_XT_MATCH_IPRANGE=y CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y CONFIG_NETFILTER_XT_MATCH_MAC=y CONFIG_NETFILTER_XT_MATCH_MARK=y CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y CONFIG_NETFILTER_XT_MATCH_OWNER=y CONFIG_NETFILTER_XT_MATCH_POLICY=y CONFIG_NETFILTER_XT_MATCH_PHYSDEV=y CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y CONFIG_NETFILTER_XT_MATCH_QUOTA=y CONFIG_NETFILTER_XT_MATCH_RATEEST=y CONFIG_NETFILTER_XT_MATCH_REALM=y # CONFIG_NETFILTER_XT_MATCH_RECENT is not set CONFIG_NETFILTER_XT_MATCH_SCTP=y CONFIG_NETFILTER_XT_MATCH_STATE=y CONFIG_NETFILTER_XT_MATCH_STATISTIC=y CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y CONFIG_NETFILTER_XT_MATCH_TIME=y CONFIG_NETFILTER_XT_MATCH_U32=y # CONFIG_IP_VS is not set # # IP: Netfilter Configuration # CONFIG_NF_DEFRAG_IPV4=y CONFIG_NF_CONNTRACK_IPV4=y CONFIG_NF_CONNTRACK_PROC_COMPAT=y CONFIG_IP_NF_QUEUE=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_ADDRTYPE=y CONFIG_IP_NF_MATCH_AH=y CONFIG_IP_NF_MATCH_ECN=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_TARGET_LOG=y CONFIG_IP_NF_TARGET_ULOG=y CONFIG_NF_NAT=y CONFIG_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=y CONFIG_IP_NF_TARGET_NETMAP=y CONFIG_IP_NF_TARGET_REDIRECT=y CONFIG_NF_NAT_SNMP_BASIC=y CONFIG_NF_NAT_PROTO_DCCP=y CONFIG_NF_NAT_PROTO_GRE=y CONFIG_NF_NAT_PROTO_UDPLITE=y CONFIG_NF_NAT_PROTO_SCTP=y CONFIG_NF_NAT_FTP=y CONFIG_NF_NAT_IRC=y CONFIG_NF_NAT_TFTP=y CONFIG_NF_NAT_AMANDA=y CONFIG_NF_NAT_PPTP=y CONFIG_NF_NAT_H323=y CONFIG_NF_NAT_SIP=y CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_TARGET_CLUSTERIP=y CONFIG_IP_NF_TARGET_ECN=y CONFIG_IP_NF_TARGET_TTL=y CONFIG_IP_NF_RAW=y CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_ARPFILTER=y CONFIG_IP_NF_ARP_MANGLE=y # # IPv6: Netfilter Configuration # CONFIG_NF_CONNTRACK_IPV6=y CONFIG_IP6_NF_QUEUE=y CONFIG_IP6_NF_IPTABLES=y CONFIG_IP6_NF_MATCH_AH=y CONFIG_IP6_NF_MATCH_EUI64=y CONFIG_IP6_NF_MATCH_FRAG=y CONFIG_IP6_NF_MATCH_OPTS=y CONFIG_IP6_NF_MATCH_HL=y CONFIG_IP6_NF_MATCH_IPV6HEADER=y CONFIG_IP6_NF_MATCH_MH=y CONFIG_IP6_NF_MATCH_RT=y CONFIG_IP6_NF_TARGET_LOG=y CONFIG_IP6_NF_FILTER=y CONFIG_IP6_NF_TARGET_REJECT=y CONFIG_IP6_NF_MANGLE=y CONFIG_IP6_NF_TARGET_HL=y CONFIG_IP6_NF_RAW=y CONFIG_BRIDGE_NF_EBTABLES=y CONFIG_BRIDGE_EBT_BROUTE=y CONFIG_BRIDGE_EBT_T_FILTER=y CONFIG_BRIDGE_EBT_T_NAT=y CONFIG_BRIDGE_EBT_802_3=y CONFIG_BRIDGE_EBT_AMONG=y CONFIG_BRIDGE_EBT_ARP=y CONFIG_BRIDGE_EBT_IP=y CONFIG_BRIDGE_EBT_IP6=y CONFIG_BRIDGE_EBT_LIMIT=y CONFIG_BRIDGE_EBT_MARK=y CONFIG_BRIDGE_EBT_PKTTYPE=y CONFIG_BRIDGE_EBT_STP=y CONFIG_BRIDGE_EBT_VLAN=y CONFIG_BRIDGE_EBT_ARPREPLY=y CONFIG_BRIDGE_EBT_DNAT=y CONFIG_BRIDGE_EBT_MARK_T=y CONFIG_BRIDGE_EBT_REDIRECT=y CONFIG_BRIDGE_EBT_SNAT=y CONFIG_BRIDGE_EBT_LOG=y CONFIG_BRIDGE_EBT_ULOG=y CONFIG_BRIDGE_EBT_NFLOG=y CONFIG_GHOSTIFICATION_NETFILTER=y CONFIG_GHOSTIFICATION_NETFILTER_ALL=y # CONFIG_IP_DCCP is not set # CONFIG_IP_SCTP is not set # CONFIG_TIPC is not set # CONFIG_ATM is not set CONFIG_STP=y CONFIG_GARP=y CONFIG_BRIDGE=y # CONFIG_NET_DSA is not set CONFIG_VLAN_8021Q=y CONFIG_VLAN_8021Q_GVRP=y # CONFIG_DECNET is not set CONFIG_LLC=y CONFIG_LLC2=y # CONFIG_IPX is not set # CONFIG_ATALK is not set # CONFIG_X25 is not set # CONFIG_LAPB is not set # CONFIG_ECONET is not set # CONFIG_WAN_ROUTER is not set CONFIG_NET_SCHED=y # # Queueing/Scheduling # CONFIG_NET_SCH_CBQ=y CONFIG_NET_SCH_HTB=y CONFIG_NET_SCH_HFSC=y CONFIG_NET_SCH_PRIO=y # CONFIG_NET_SCH_MULTIQ is not set CONFIG_NET_SCH_RED=y CONFIG_NET_SCH_SFQ=y CONFIG_NET_SCH_TEQL=y CONFIG_NET_SCH_TBF=y CONFIG_NET_SCH_GRED=y CONFIG_NET_SCH_DSMARK=y CONFIG_NET_SCH_NETEM=y # CONFIG_NET_SCH_DRR is not set # CONFIG_NET_SCH_INGRESS is not set # # Classification # CONFIG_NET_CLS=y CONFIG_NET_CLS_BASIC=y CONFIG_NET_CLS_TCINDEX=y CONFIG_NET_CLS_ROUTE4=y CONFIG_NET_CLS_ROUTE=y CONFIG_NET_CLS_FW=y CONFIG_NET_CLS_U32=y CONFIG_CLS_U32_PERF=y CONFIG_CLS_U32_MARK=y CONFIG_NET_CLS_RSVP=y CONFIG_NET_CLS_RSVP6=y CONFIG_NET_CLS_FLOW=y CONFIG_NET_EMATCH=y CONFIG_NET_EMATCH_STACK=32 CONFIG_NET_EMATCH_CMP=y CONFIG_NET_EMATCH_NBYTE=y CONFIG_NET_EMATCH_U32=y CONFIG_NET_EMATCH_META=y CONFIG_NET_EMATCH_TEXT=y CONFIG_NET_CLS_ACT=y CONFIG_NET_ACT_POLICE=y CONFIG_NET_ACT_GACT=y CONFIG_GACT_PROB=y CONFIG_NET_ACT_MIRRED=y CONFIG_NET_ACT_IPT=y CONFIG_NET_ACT_NAT=y CONFIG_NET_ACT_PEDIT=y # CONFIG_NET_ACT_SIMP is not set # CONFIG_NET_ACT_SKBEDIT is not set CONFIG_NET_CLS_IND=y CONFIG_NET_SCH_FIFO=y # CONFIG_DCB is not set # # Network testing # # CONFIG_NET_PKTGEN is not set # CONFIG_HAMRADIO is not set # CONFIG_CAN is not set # CONFIG_IRDA is not set # CONFIG_BT is not set # CONFIG_AF_RXRPC is not set # CONFIG_PHONET is not set CONFIG_FIB_RULES=y # CONFIG_WIRELESS is not set # CONFIG_WIMAX is not set # CONFIG_RFKILL is not set # CONFIG_NET_9P is not set CONFIG_GHOSTIFICATION=y CONFIG_GHOSTIFICATION_NUM=9 CONFIG_GHOSTIFICATION_MESG=y CONFIG_GHOSTIFICATION_PRINTK=y # CONFIG_GHOSTIFICATION_DEBUG is not set # CONFIG_GHOSTIFICATION_DEVEL is not set # # UML Network Devices # CONFIG_UML_NET=y CONFIG_UML_NET_ETHERTAP=y CONFIG_UML_NET_TUNTAP=y CONFIG_UML_NET_SLIP=y CONFIG_UML_NET_DAEMON=y CONFIG_UML_NET_VDE=y CONFIG_UML_NET_MCAST=y CONFIG_UML_NET_PCAP=y CONFIG_UML_NET_SLIRP=y CONFIG_NETDEVICES=y # CONFIG_IFB is not set CONFIG_DUMMY=y CONFIG_BONDING=y CONFIG_MACVLAN=y # CONFIG_EQUALIZER is not set CONFIG_TUN=y # CONFIG_VETH is not set # # Wireless LAN # # CONFIG_WLAN_PRE80211 is not set # CONFIG_WLAN_80211 is not set # CONFIG_IWLWIFI_LEDS is not set # # Enable WiMAX (Networking options) to see the WiMAX drivers # # CONFIG_WAN is not set CONFIG_PPP=y # CONFIG_PPP_MULTILINK is not set # CONFIG_PPP_FILTER is not set # CONFIG_PPP_ASYNC is not set # CONFIG_PPP_SYNC_TTY is not set # CONFIG_PPP_DEFLATE is not set # CONFIG_PPP_BSDCOMP is not set # CONFIG_PPP_MPPE is not set # CONFIG_PPPOE is not set # CONFIG_PPPOL2TP is not set CONFIG_SLIP=y # CONFIG_SLIP_COMPRESSED is not set CONFIG_SLHC=y # CONFIG_SLIP_SMART is not set # CONFIG_SLIP_MODE_SLIP6 is not set # CONFIG_NETCONSOLE is not set # CONFIG_NETPOLL is not set # CONFIG_NET_POLL_CONTROLLER is not set # CONFIG_CONNECTOR is not set # # File systems # CONFIG_EXT2_FS=y CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_POSIX_ACL=y # CONFIG_EXT2_FS_SECURITY is not set # CONFIG_EXT2_FS_XIP is not set CONFIG_EXT3_FS=y CONFIG_EXT3_FS_XATTR=y CONFIG_EXT3_FS_POSIX_ACL=y CONFIG_EXT3_FS_SECURITY=y # CONFIG_EXT4_FS is not set CONFIG_JBD=y CONFIG_FS_MBCACHE=y # CONFIG_REISERFS_FS is not set # CONFIG_JFS_FS is not set CONFIG_FS_POSIX_ACL=y CONFIG_FILE_LOCKING=y # CONFIG_XFS_FS is not set # CONFIG_OCFS2_FS is not set # CONFIG_BTRFS_FS is not set CONFIG_DNOTIFY=y CONFIG_INOTIFY=y CONFIG_INOTIFY_USER=y CONFIG_QUOTA=y # CONFIG_QUOTA_NETLINK_INTERFACE is not set CONFIG_PRINT_QUOTA_WARNING=y # CONFIG_QFMT_V1 is not set # CONFIG_QFMT_V2 is not set CONFIG_QUOTACTL=y CONFIG_AUTOFS_FS=y CONFIG_AUTOFS4_FS=y # CONFIG_FUSE_FS is not set # # CD-ROM/DVD Filesystems # # CONFIG_ISO9660_FS is not set # CONFIG_UDF_FS is not set # # DOS/FAT/NT Filesystems # # CONFIG_MSDOS_FS is not set # CONFIG_VFAT_FS is not set # CONFIG_NTFS_FS is not set # # Pseudo filesystems # CONFIG_PROC_FS=y CONFIG_PROC_KCORE=y CONFIG_PROC_SYSCTL=y CONFIG_PROC_PAGE_MONITOR=y CONFIG_SYSFS=y CONFIG_TMPFS=y # CONFIG_TMPFS_POSIX_ACL is not set # CONFIG_HUGETLB_PAGE is not set # CONFIG_CONFIGFS_FS is not set CONFIG_MISC_FILESYSTEMS=y # CONFIG_ADFS_FS is not set # CONFIG_AFFS_FS is not set # CONFIG_HFS_FS is not set # CONFIG_HFSPLUS_FS is not set # CONFIG_BEFS_FS is not set # CONFIG_BFS_FS is not set # CONFIG_EFS_FS is not set # CONFIG_CRAMFS is not set # CONFIG_SQUASHFS is not set # CONFIG_VXFS_FS is not set # CONFIG_MINIX_FS is not set # CONFIG_OMFS_FS is not set # CONFIG_HPFS_FS is not set # CONFIG_QNX4FS_FS is not set # CONFIG_ROMFS_FS is not set # CONFIG_SYSV_FS is not set # CONFIG_UFS_FS is not set CONFIG_NETWORK_FILESYSTEMS=y CONFIG_NFS_FS=y CONFIG_NFS_V3=y CONFIG_NFS_V3_ACL=y CONFIG_NFS_V4=y CONFIG_NFSD=y CONFIG_NFSD_V2_ACL=y CONFIG_NFSD_V3=y CONFIG_NFSD_V3_ACL=y CONFIG_NFSD_V4=y CONFIG_LOCKD=y CONFIG_LOCKD_V4=y CONFIG_EXPORTFS=y CONFIG_NFS_ACL_SUPPORT=y CONFIG_NFS_COMMON=y CONFIG_SUNRPC=y CONFIG_SUNRPC_GSS=y # CONFIG_SUNRPC_REGISTER_V4 is not set CONFIG_RPCSEC_GSS_KRB5=y CONFIG_RPCSEC_GSS_SPKM3=y # CONFIG_SMB_FS is not set CONFIG_CIFS=y # CONFIG_CIFS_STATS is not set # CONFIG_CIFS_WEAK_PW_HASH is not set CONFIG_CIFS_XATTR=y CONFIG_CIFS_POSIX=y CONFIG_CIFS_DEBUG2=y # CONFIG_CIFS_EXPERIMENTAL is not set # CONFIG_NCP_FS is not set # CONFIG_CODA_FS is not set # CONFIG_AFS_FS is not set # # Partition Types # CONFIG_PARTITION_ADVANCED=y # CONFIG_ACORN_PARTITION is not set # CONFIG_OSF_PARTITION is not set # CONFIG_AMIGA_PARTITION is not set # CONFIG_ATARI_PARTITION is not set # CONFIG_MAC_PARTITION is not set CONFIG_MSDOS_PARTITION=y # CONFIG_BSD_DISKLABEL is not set # CONFIG_MINIX_SUBPARTITION is not set # CONFIG_SOLARIS_X86_PARTITION is not set # CONFIG_UNIXWARE_DISKLABEL is not set # CONFIG_LDM_PARTITION is not set # CONFIG_SGI_PARTITION is not set # CONFIG_ULTRIX_PARTITION is not set # CONFIG_SUN_PARTITION is not set # CONFIG_KARMA_PARTITION is not set # CONFIG_EFI_PARTITION is not set # CONFIG_SYSV68_PARTITION is not set CONFIG_NLS=y CONFIG_NLS_DEFAULT="iso8859-1" # CONFIG_NLS_CODEPAGE_437 is not set # CONFIG_NLS_CODEPAGE_737 is not set # CONFIG_NLS_CODEPAGE_775 is not set # CONFIG_NLS_CODEPAGE_850 is not set # CONFIG_NLS_CODEPAGE_852 is not set # CONFIG_NLS_CODEPAGE_855 is not set # CONFIG_NLS_CODEPAGE_857 is not set # CONFIG_NLS_CODEPAGE_860 is not set # CONFIG_NLS_CODEPAGE_861 is not set # CONFIG_NLS_CODEPAGE_862 is not set # CONFIG_NLS_CODEPAGE_863 is not set # CONFIG_NLS_CODEPAGE_864 is not set # CONFIG_NLS_CODEPAGE_865 is not set # CONFIG_NLS_CODEPAGE_866 is not set # CONFIG_NLS_CODEPAGE_869 is not set # CONFIG_NLS_CODEPAGE_936 is not set # CONFIG_NLS_CODEPAGE_950 is not set # CONFIG_NLS_CODEPAGE_932 is not set # CONFIG_NLS_CODEPAGE_949 is not set # CONFIG_NLS_CODEPAGE_874 is not set # CONFIG_NLS_ISO8859_8 is not set # CONFIG_NLS_CODEPAGE_1250 is not set # CONFIG_NLS_CODEPAGE_1251 is not set # CONFIG_NLS_ASCII is not set # CONFIG_NLS_ISO8859_1 is not set # CONFIG_NLS_ISO8859_2 is not set # CONFIG_NLS_ISO8859_3 is not set # CONFIG_NLS_ISO8859_4 is not set # CONFIG_NLS_ISO8859_5 is not set # CONFIG_NLS_ISO8859_6 is not set # CONFIG_NLS_ISO8859_7 is not set # CONFIG_NLS_ISO8859_9 is not set # CONFIG_NLS_ISO8859_13 is not set # CONFIG_NLS_ISO8859_14 is not set # CONFIG_NLS_ISO8859_15 is not set # CONFIG_NLS_KOI8_R is not set # CONFIG_NLS_KOI8_U is not set # CONFIG_NLS_UTF8 is not set # CONFIG_DLM is not set # # Security options # # CONFIG_KEYS is not set # CONFIG_SECURITY is not set # CONFIG_SECURITYFS is not set # CONFIG_SECURITY_FILE_CAPABILITIES is not set CONFIG_CRYPTO=y # # Crypto core or helper # # CONFIG_CRYPTO_FIPS is not set CONFIG_CRYPTO_ALGAPI=y CONFIG_CRYPTO_ALGAPI2=y CONFIG_CRYPTO_AEAD=y CONFIG_CRYPTO_AEAD2=y CONFIG_CRYPTO_BLKCIPHER=y CONFIG_CRYPTO_BLKCIPHER2=y CONFIG_CRYPTO_HASH=y CONFIG_CRYPTO_HASH2=y CONFIG_CRYPTO_RNG2=y CONFIG_CRYPTO_MANAGER=y CONFIG_CRYPTO_MANAGER2=y # CONFIG_CRYPTO_GF128MUL is not set # CONFIG_CRYPTO_NULL is not set # CONFIG_CRYPTO_CRYPTD is not set CONFIG_CRYPTO_AUTHENC=y # # Authenticated Encryption with Associated Data # # CONFIG_CRYPTO_CCM is not set # CONFIG_CRYPTO_GCM is not set # CONFIG_CRYPTO_SEQIV is not set # # Block modes # CONFIG_CRYPTO_CBC=y # CONFIG_CRYPTO_CTR is not set # CONFIG_CRYPTO_CTS is not set # CONFIG_CRYPTO_ECB is not set # CONFIG_CRYPTO_LRW is not set # CONFIG_CRYPTO_PCBC is not set # CONFIG_CRYPTO_XTS is not set # # Hash modes # CONFIG_CRYPTO_HMAC=y # CONFIG_CRYPTO_XCBC is not set # # Digest # CONFIG_CRYPTO_CRC32C=y # CONFIG_CRYPTO_MD4 is not set CONFIG_CRYPTO_MD5=y # CONFIG_CRYPTO_MICHAEL_MIC is not set # CONFIG_CRYPTO_RMD128 is not set # CONFIG_CRYPTO_RMD160 is not set # CONFIG_CRYPTO_RMD256 is not set # CONFIG_CRYPTO_RMD320 is not set CONFIG_CRYPTO_SHA1=y # CONFIG_CRYPTO_SHA256 is not set # CONFIG_CRYPTO_SHA512 is not set # CONFIG_CRYPTO_TGR192 is not set # CONFIG_CRYPTO_WP512 is not set # # Ciphers # # CONFIG_CRYPTO_AES is not set # CONFIG_CRYPTO_AES_586 is not set # CONFIG_CRYPTO_ANUBIS is not set # CONFIG_CRYPTO_ARC4 is not set # CONFIG_CRYPTO_BLOWFISH is not set # CONFIG_CRYPTO_CAMELLIA is not set CONFIG_CRYPTO_CAST5=y # CONFIG_CRYPTO_CAST6 is not set CONFIG_CRYPTO_DES=y # CONFIG_CRYPTO_FCRYPT is not set # CONFIG_CRYPTO_KHAZAD is not set # CONFIG_CRYPTO_SALSA20 is not set # CONFIG_CRYPTO_SALSA20_586 is not set # CONFIG_CRYPTO_SEED is not set # CONFIG_CRYPTO_SERPENT is not set # CONFIG_CRYPTO_TEA is not set # CONFIG_CRYPTO_TWOFISH is not set # CONFIG_CRYPTO_TWOFISH_586 is not set # # Compression # CONFIG_CRYPTO_DEFLATE=y # CONFIG_CRYPTO_LZO is not set # # Random Number Generation # # CONFIG_CRYPTO_ANSI_CPRNG is not set CONFIG_CRYPTO_HW=y # # Library routines # CONFIG_BITREVERSE=y CONFIG_GENERIC_FIND_FIRST_BIT=y CONFIG_GENERIC_FIND_NEXT_BIT=y CONFIG_GENERIC_FIND_LAST_BIT=y # CONFIG_CRC_CCITT is not set CONFIG_CRC16=y # CONFIG_CRC_T10DIF is not set # CONFIG_CRC_ITU_T is not set CONFIG_CRC32=y # CONFIG_CRC7 is not set CONFIG_LIBCRC32C=y CONFIG_ZLIB_INFLATE=y CONFIG_ZLIB_DEFLATE=y CONFIG_TEXTSEARCH=y CONFIG_TEXTSEARCH_KMP=y CONFIG_TEXTSEARCH_BM=y CONFIG_TEXTSEARCH_FSM=y CONFIG_PLIST=y CONFIG_HAS_DMA=y # # SCSI device support # # CONFIG_RAID_ATTRS is not set # CONFIG_SCSI is not set # CONFIG_SCSI_DMA is not set # CONFIG_SCSI_NETLINK is not set CONFIG_MD=y # CONFIG_BLK_DEV_MD is not set CONFIG_BLK_DEV_DM=y # CONFIG_DM_DEBUG is not set CONFIG_DM_CRYPT=y CONFIG_DM_SNAPSHOT=y CONFIG_DM_MIRROR=y # CONFIG_DM_ZERO is not set # CONFIG_DM_MULTIPATH is not set # CONFIG_DM_DELAY is not set # CONFIG_DM_UEVENT is not set # CONFIG_NEW_LEDS is not set # CONFIG_INPUT is not set # # Kernel hacking # # CONFIG_PRINTK_TIME is not set # CONFIG_ENABLE_WARN_DEPRECATED is not set CONFIG_ENABLE_MUST_CHECK=y CONFIG_FRAME_WARN=1024 # CONFIG_UNUSED_SYMBOLS is not set # CONFIG_DEBUG_FS is not set # CONFIG_DEBUG_KERNEL is not set CONFIG_DEBUG_BUGVERBOSE=y CONFIG_DEBUG_MEMORY_INIT=y # CONFIG_RCU_CPU_STALL_DETECTOR is not set CONFIG_SYSCTL_SYSCALL_CHECK=y # # Tracers # # CONFIG_DYNAMIC_PRINTK_DEBUG is not set # CONFIG_SAMPLES is not set # CONFIG_DEBUG_STACK_USAGE is not set marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/CONFIG-2.6.310000644000175000017500000005715513175722671023264 0ustar lucaslucas# # Automatically generated make config: don't edit # Linux kernel version: 2.6.31 # Fri Nov 27 12:46:13 2009 # CONFIG_DEFCONFIG_LIST="arch/$ARCH/defconfig" CONFIG_GENERIC_HARDIRQS=y CONFIG_UML=y CONFIG_MMU=y CONFIG_NO_IOMEM=y # CONFIG_TRACE_IRQFLAGS_SUPPORT is not set CONFIG_LOCKDEP_SUPPORT=y # CONFIG_STACKTRACE_SUPPORT is not set CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_TIME=y CONFIG_GENERIC_CLOCKEVENTS=y CONFIG_IRQ_RELEASE_METHOD=y CONFIG_HZ=100 # # UML-specific options # # # Host processor type and features # # CONFIG_M386 is not set # CONFIG_M486 is not set # CONFIG_M586 is not set # CONFIG_M586TSC is not set # CONFIG_M586MMX is not set CONFIG_M686=y # CONFIG_MPENTIUMII is not set # CONFIG_MPENTIUMIII is not set # CONFIG_MPENTIUMM is not set # CONFIG_MPENTIUM4 is not set # CONFIG_MK6 is not set # CONFIG_MK7 is not set # CONFIG_MK8 is not set # CONFIG_MCRUSOE is not set # CONFIG_MEFFICEON is not set # CONFIG_MWINCHIPC6 is not set # CONFIG_MWINCHIP3D is not set # CONFIG_MGEODEGX1 is not set # CONFIG_MGEODE_LX is not set # CONFIG_MCYRIXIII is not set # CONFIG_MVIAC3_2 is not set # CONFIG_MVIAC7 is not set # CONFIG_MPSC is not set # CONFIG_MCORE2 is not set # CONFIG_GENERIC_CPU is not set CONFIG_X86_GENERIC=y CONFIG_X86_CPU=y CONFIG_X86_L1_CACHE_BYTES=64 CONFIG_X86_INTERNODE_CACHE_BYTES=64 CONFIG_X86_CMPXCHG=y CONFIG_X86_L1_CACHE_SHIFT=5 CONFIG_X86_XADD=y CONFIG_X86_PPRO_FENCE=y CONFIG_X86_WP_WORKS_OK=y CONFIG_X86_INVLPG=y CONFIG_X86_BSWAP=y CONFIG_X86_POPAD_OK=y CONFIG_X86_INTEL_USERCOPY=y CONFIG_X86_USE_PPRO_CHECKSUM=y CONFIG_X86_TSC=y CONFIG_X86_CMOV=y CONFIG_X86_MINIMUM_CPU_FAMILY=4 CONFIG_CPU_SUP_INTEL=y CONFIG_CPU_SUP_CYRIX_32=y CONFIG_CPU_SUP_AMD=y CONFIG_CPU_SUP_CENTAUR=y CONFIG_CPU_SUP_TRANSMETA_32=y CONFIG_CPU_SUP_UMC_32=y CONFIG_UML_X86=y # CONFIG_64BIT is not set CONFIG_X86_32=y CONFIG_RWSEM_XCHGADD_ALGORITHM=y # CONFIG_RWSEM_GENERIC_SPINLOCK is not set # CONFIG_3_LEVEL_PGTABLES is not set CONFIG_ARCH_HAS_SC_SIGNALS=y CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA=y # CONFIG_SMP_BROKEN is not set CONFIG_GENERIC_HWEIGHT=y # CONFIG_STATIC_LINK is not set CONFIG_SELECT_MEMORY_MODEL=y CONFIG_FLATMEM_MANUAL=y # CONFIG_DISCONTIGMEM_MANUAL is not set # CONFIG_SPARSEMEM_MANUAL is not set CONFIG_FLATMEM=y CONFIG_FLAT_NODE_MEM_MAP=y CONFIG_PAGEFLAGS_EXTENDED=y CONFIG_SPLIT_PTLOCK_CPUS=4 # CONFIG_PHYS_ADDR_T_64BIT is not set CONFIG_ZONE_DMA_FLAG=0 CONFIG_VIRT_TO_BUS=y CONFIG_HAVE_MLOCK=y CONFIG_HAVE_MLOCKED_PAGE_BIT=y CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 CONFIG_TICK_ONESHOT=y CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y CONFIG_GENERIC_CLOCKEVENTS_BUILD=y CONFIG_LD_SCRIPT_DYN=y CONFIG_BINFMT_ELF=y # CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS is not set CONFIG_HAVE_AOUT=y # CONFIG_BINFMT_AOUT is not set CONFIG_BINFMT_MISC=y CONFIG_HOSTFS=y # CONFIG_HPPFS is not set CONFIG_MCONSOLE=y CONFIG_MAGIC_SYSRQ=y # CONFIG_HIGHMEM is not set CONFIG_KERNEL_STACK_ORDER=0 # # General setup # CONFIG_EXPERIMENTAL=y CONFIG_BROKEN_ON_SMP=y CONFIG_INIT_ENV_ARG_LIMIT=128 CONFIG_LOCALVERSION="-marionnet-ghost" CONFIG_LOCALVERSION_AUTO=y CONFIG_SWAP=y CONFIG_SYSVIPC=y CONFIG_SYSVIPC_SYSCTL=y CONFIG_POSIX_MQUEUE=y CONFIG_POSIX_MQUEUE_SYSCTL=y CONFIG_BSD_PROCESS_ACCT=y # CONFIG_BSD_PROCESS_ACCT_V3 is not set # CONFIG_TASKSTATS is not set # CONFIG_AUDIT is not set # # RCU Subsystem # CONFIG_CLASSIC_RCU=y # CONFIG_TREE_RCU is not set # CONFIG_PREEMPT_RCU is not set # CONFIG_TREE_RCU_TRACE is not set # CONFIG_PREEMPT_RCU_TRACE is not set CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y CONFIG_LOG_BUF_SHIFT=14 # CONFIG_GROUP_SCHED is not set # CONFIG_CGROUPS is not set CONFIG_SYSFS_DEPRECATED=y CONFIG_SYSFS_DEPRECATED_V2=y # CONFIG_RELAY is not set CONFIG_NAMESPACES=y # CONFIG_UTS_NS is not set # CONFIG_IPC_NS is not set # CONFIG_USER_NS is not set # CONFIG_PID_NS is not set # CONFIG_NET_NS is not set # CONFIG_BLK_DEV_INITRD is not set CONFIG_CC_OPTIMIZE_FOR_SIZE=y CONFIG_SYSCTL=y CONFIG_ANON_INODES=y # CONFIG_EMBEDDED is not set CONFIG_UID16=y CONFIG_SYSCTL_SYSCALL=y CONFIG_KALLSYMS=y CONFIG_KALLSYMS_EXTRA_PASS=y CONFIG_HOTPLUG=y CONFIG_PRINTK=y CONFIG_BUG=y CONFIG_ELF_CORE=y CONFIG_BASE_FULL=y CONFIG_FUTEX=y CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_SHMEM=y CONFIG_AIO=y # # Performance Counters # CONFIG_VM_EVENT_COUNTERS=y # CONFIG_STRIP_ASM_SYMS is not set CONFIG_COMPAT_BRK=y CONFIG_SLAB=y # CONFIG_SLUB is not set # CONFIG_SLOB is not set # CONFIG_PROFILING is not set # CONFIG_MARKERS is not set # # GCOV-based kernel profiling # # CONFIG_SLOW_WORK is not set # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set CONFIG_SLABINFO=y CONFIG_RT_MUTEXES=y CONFIG_BASE_SMALL=0 # CONFIG_MODULES is not set CONFIG_BLOCK=y CONFIG_LBDAF=y # CONFIG_BLK_DEV_BSG is not set # CONFIG_BLK_DEV_INTEGRITY is not set # # IO Schedulers # CONFIG_IOSCHED_NOOP=y CONFIG_IOSCHED_AS=y CONFIG_IOSCHED_DEADLINE=y CONFIG_IOSCHED_CFQ=y CONFIG_DEFAULT_AS=y # CONFIG_DEFAULT_DEADLINE is not set # CONFIG_DEFAULT_CFQ is not set # CONFIG_DEFAULT_NOOP is not set CONFIG_DEFAULT_IOSCHED="anticipatory" # CONFIG_FREEZER is not set CONFIG_BLK_DEV=y CONFIG_BLK_DEV_UBD=y # CONFIG_BLK_DEV_UBD_SYNC is not set CONFIG_BLK_DEV_COW_COMMON=y CONFIG_BLK_DEV_LOOP=y # CONFIG_BLK_DEV_CRYPTOLOOP is not set CONFIG_BLK_DEV_NBD=y # CONFIG_BLK_DEV_RAM is not set # CONFIG_ATA_OVER_ETH is not set # # Character Devices # CONFIG_STDERR_CONSOLE=y CONFIG_STDIO_CONSOLE=y CONFIG_SSL=y CONFIG_NULL_CHAN=y CONFIG_PORT_CHAN=y CONFIG_PTY_CHAN=y CONFIG_TTY_CHAN=y CONFIG_XTERM_CHAN=y # CONFIG_NOCONFIG_CHAN is not set CONFIG_CON_ZERO_CHAN="fd:0,fd:1" CONFIG_CON_CHAN="xterm" CONFIG_SSL_CHAN="pts" CONFIG_UNIX98_PTYS=y CONFIG_LEGACY_PTYS=y # CONFIG_RAW_DRIVER is not set CONFIG_LEGACY_PTY_COUNT=32 # CONFIG_WATCHDOG is not set CONFIG_UML_SOUND=y CONFIG_SOUND=y CONFIG_SOUND_OSS_CORE=y CONFIG_HOSTAUDIO=y # CONFIG_HW_RANDOM is not set CONFIG_UML_RANDOM=y # CONFIG_MMAPPER is not set # # Generic Driver Options # CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y CONFIG_FW_LOADER=y CONFIG_FIRMWARE_IN_KERNEL=y CONFIG_EXTRA_FIRMWARE="" # CONFIG_SYS_HYPERVISOR is not set CONFIG_NET=y # # Networking options # CONFIG_PACKET=y CONFIG_PACKET_MMAP=y CONFIG_UNIX=y CONFIG_XFRM=y CONFIG_XFRM_USER=y # CONFIG_XFRM_SUB_POLICY is not set # CONFIG_XFRM_MIGRATE is not set # CONFIG_XFRM_STATISTICS is not set CONFIG_XFRM_IPCOMP=y CONFIG_NET_KEY=y # CONFIG_NET_KEY_MIGRATE is not set CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_ASK_IP_FIB_HASH=y # CONFIG_IP_FIB_TRIE is not set CONFIG_IP_FIB_HASH=y CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_VERBOSE=y # CONFIG_IP_PNP is not set CONFIG_NET_IPIP=y CONFIG_NET_IPGRE=y CONFIG_NET_IPGRE_BROADCAST=y CONFIG_IP_MROUTE=y # CONFIG_IP_PIMSM_V1 is not set CONFIG_IP_PIMSM_V2=y CONFIG_ARPD=y CONFIG_SYN_COOKIES=y CONFIG_INET_AH=y CONFIG_INET_ESP=y CONFIG_INET_IPCOMP=y CONFIG_INET_XFRM_TUNNEL=y CONFIG_INET_TUNNEL=y CONFIG_INET_XFRM_MODE_TRANSPORT=y CONFIG_INET_XFRM_MODE_TUNNEL=y CONFIG_INET_XFRM_MODE_BEET=y # CONFIG_INET_LRO is not set CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y # CONFIG_TCP_CONG_ADVANCED is not set CONFIG_TCP_CONG_CUBIC=y CONFIG_DEFAULT_TCP_CONG="cubic" # CONFIG_TCP_MD5SIG is not set CONFIG_IPV6=y # CONFIG_IPV6_PRIVACY is not set # CONFIG_IPV6_ROUTER_PREF is not set # CONFIG_IPV6_OPTIMISTIC_DAD is not set # CONFIG_INET6_AH is not set # CONFIG_INET6_ESP is not set # CONFIG_INET6_IPCOMP is not set # CONFIG_IPV6_MIP6 is not set # CONFIG_INET6_XFRM_TUNNEL is not set # CONFIG_INET6_TUNNEL is not set CONFIG_INET6_XFRM_MODE_TRANSPORT=y CONFIG_INET6_XFRM_MODE_TUNNEL=y CONFIG_INET6_XFRM_MODE_BEET=y # CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set CONFIG_IPV6_SIT=y CONFIG_IPV6_NDISC_NODETYPE=y # CONFIG_IPV6_TUNNEL is not set # CONFIG_IPV6_MULTIPLE_TABLES is not set # CONFIG_IPV6_MROUTE is not set # CONFIG_NETWORK_SECMARK is not set CONFIG_NETFILTER=y # CONFIG_NETFILTER_DEBUG is not set CONFIG_NETFILTER_ADVANCED=y CONFIG_BRIDGE_NETFILTER=y # # Core Netfilter Configuration # CONFIG_NETFILTER_NETLINK=y CONFIG_NETFILTER_NETLINK_QUEUE=y CONFIG_NETFILTER_NETLINK_LOG=y CONFIG_NF_CONNTRACK=y CONFIG_NF_CT_ACCT=y CONFIG_NF_CONNTRACK_MARK=y CONFIG_NF_CONNTRACK_EVENTS=y CONFIG_NF_CT_PROTO_DCCP=y CONFIG_NF_CT_PROTO_GRE=y CONFIG_NF_CT_PROTO_SCTP=y CONFIG_NF_CT_PROTO_UDPLITE=y CONFIG_NF_CONNTRACK_AMANDA=y CONFIG_NF_CONNTRACK_FTP=y CONFIG_NF_CONNTRACK_H323=y CONFIG_NF_CONNTRACK_IRC=y CONFIG_NF_CONNTRACK_NETBIOS_NS=y CONFIG_NF_CONNTRACK_PPTP=y CONFIG_NF_CONNTRACK_SANE=y CONFIG_NF_CONNTRACK_SIP=y CONFIG_NF_CONNTRACK_TFTP=y CONFIG_NF_CT_NETLINK=y # CONFIG_NETFILTER_TPROXY is not set CONFIG_NETFILTER_XTABLES=y CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y CONFIG_NETFILTER_XT_TARGET_CONNMARK=y CONFIG_NETFILTER_XT_TARGET_DSCP=y CONFIG_NETFILTER_XT_TARGET_HL=y CONFIG_NETFILTER_XT_TARGET_MARK=y CONFIG_NETFILTER_XT_TARGET_NFLOG=y CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y CONFIG_NETFILTER_XT_TARGET_NOTRACK=y CONFIG_NETFILTER_XT_TARGET_RATEEST=y CONFIG_NETFILTER_XT_TARGET_TRACE=y CONFIG_NETFILTER_XT_TARGET_TCPMSS=y CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=y # CONFIG_NETFILTER_XT_MATCH_CLUSTER is not set CONFIG_NETFILTER_XT_MATCH_COMMENT=y CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y CONFIG_NETFILTER_XT_MATCH_CONNMARK=y CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y CONFIG_NETFILTER_XT_MATCH_DCCP=y CONFIG_NETFILTER_XT_MATCH_DSCP=y CONFIG_NETFILTER_XT_MATCH_ESP=y CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y CONFIG_NETFILTER_XT_MATCH_HELPER=y CONFIG_NETFILTER_XT_MATCH_HL=y CONFIG_NETFILTER_XT_MATCH_IPRANGE=y CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y CONFIG_NETFILTER_XT_MATCH_MAC=y CONFIG_NETFILTER_XT_MATCH_MARK=y CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y CONFIG_NETFILTER_XT_MATCH_OWNER=y CONFIG_NETFILTER_XT_MATCH_POLICY=y CONFIG_NETFILTER_XT_MATCH_PHYSDEV=y CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y CONFIG_NETFILTER_XT_MATCH_QUOTA=y CONFIG_NETFILTER_XT_MATCH_RATEEST=y CONFIG_NETFILTER_XT_MATCH_REALM=y # CONFIG_NETFILTER_XT_MATCH_RECENT is not set CONFIG_NETFILTER_XT_MATCH_SCTP=y CONFIG_NETFILTER_XT_MATCH_STATE=y CONFIG_NETFILTER_XT_MATCH_STATISTIC=y CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y CONFIG_NETFILTER_XT_MATCH_TIME=y CONFIG_NETFILTER_XT_MATCH_U32=y # CONFIG_NETFILTER_XT_MATCH_OSF is not set # CONFIG_IP_VS is not set # # IP: Netfilter Configuration # CONFIG_NF_DEFRAG_IPV4=y CONFIG_NF_CONNTRACK_IPV4=y CONFIG_NF_CONNTRACK_PROC_COMPAT=y CONFIG_IP_NF_QUEUE=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_ADDRTYPE=y CONFIG_IP_NF_MATCH_AH=y CONFIG_IP_NF_MATCH_ECN=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_TARGET_LOG=y CONFIG_IP_NF_TARGET_ULOG=y CONFIG_NF_NAT=y CONFIG_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=y CONFIG_IP_NF_TARGET_NETMAP=y CONFIG_IP_NF_TARGET_REDIRECT=y CONFIG_NF_NAT_SNMP_BASIC=y CONFIG_NF_NAT_PROTO_DCCP=y CONFIG_NF_NAT_PROTO_GRE=y CONFIG_NF_NAT_PROTO_UDPLITE=y CONFIG_NF_NAT_PROTO_SCTP=y CONFIG_NF_NAT_FTP=y CONFIG_NF_NAT_IRC=y CONFIG_NF_NAT_TFTP=y CONFIG_NF_NAT_AMANDA=y CONFIG_NF_NAT_PPTP=y CONFIG_NF_NAT_H323=y CONFIG_NF_NAT_SIP=y CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_TARGET_CLUSTERIP=y CONFIG_IP_NF_TARGET_ECN=y CONFIG_IP_NF_TARGET_TTL=y CONFIG_IP_NF_RAW=y CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_ARPFILTER=y CONFIG_IP_NF_ARP_MANGLE=y # # IPv6: Netfilter Configuration # CONFIG_NF_CONNTRACK_IPV6=y CONFIG_IP6_NF_QUEUE=y CONFIG_IP6_NF_IPTABLES=y CONFIG_IP6_NF_MATCH_AH=y CONFIG_IP6_NF_MATCH_EUI64=y CONFIG_IP6_NF_MATCH_FRAG=y CONFIG_IP6_NF_MATCH_OPTS=y CONFIG_IP6_NF_MATCH_HL=y CONFIG_IP6_NF_MATCH_IPV6HEADER=y CONFIG_IP6_NF_MATCH_MH=y CONFIG_IP6_NF_MATCH_RT=y CONFIG_IP6_NF_TARGET_HL=y CONFIG_IP6_NF_TARGET_LOG=y CONFIG_IP6_NF_FILTER=y CONFIG_IP6_NF_TARGET_REJECT=y CONFIG_IP6_NF_MANGLE=y CONFIG_IP6_NF_RAW=y CONFIG_BRIDGE_NF_EBTABLES=y CONFIG_BRIDGE_EBT_BROUTE=y CONFIG_BRIDGE_EBT_T_FILTER=y CONFIG_BRIDGE_EBT_T_NAT=y CONFIG_BRIDGE_EBT_802_3=y CONFIG_BRIDGE_EBT_AMONG=y CONFIG_BRIDGE_EBT_ARP=y CONFIG_BRIDGE_EBT_IP=y CONFIG_BRIDGE_EBT_IP6=y CONFIG_BRIDGE_EBT_LIMIT=y CONFIG_BRIDGE_EBT_MARK=y CONFIG_BRIDGE_EBT_PKTTYPE=y CONFIG_BRIDGE_EBT_STP=y CONFIG_BRIDGE_EBT_VLAN=y CONFIG_BRIDGE_EBT_ARPREPLY=y CONFIG_BRIDGE_EBT_DNAT=y CONFIG_BRIDGE_EBT_MARK_T=y CONFIG_BRIDGE_EBT_REDIRECT=y CONFIG_BRIDGE_EBT_SNAT=y CONFIG_BRIDGE_EBT_LOG=y CONFIG_BRIDGE_EBT_ULOG=y CONFIG_BRIDGE_EBT_NFLOG=y CONFIG_GHOSTIFICATION_NETFILTER=y CONFIG_GHOSTIFICATION_NETFILTER_ALL=y # CONFIG_IP_DCCP is not set # CONFIG_IP_SCTP is not set # CONFIG_TIPC is not set # CONFIG_ATM is not set CONFIG_STP=y CONFIG_GARP=y CONFIG_BRIDGE=y # CONFIG_NET_DSA is not set CONFIG_VLAN_8021Q=y CONFIG_VLAN_8021Q_GVRP=y # CONFIG_DECNET is not set CONFIG_LLC=y CONFIG_LLC2=y # CONFIG_IPX is not set # CONFIG_ATALK is not set # CONFIG_X25 is not set # CONFIG_LAPB is not set # CONFIG_ECONET is not set # CONFIG_WAN_ROUTER is not set # CONFIG_PHONET is not set # CONFIG_IEEE802154 is not set CONFIG_NET_SCHED=y # # Queueing/Scheduling # CONFIG_NET_SCH_CBQ=y CONFIG_NET_SCH_HTB=y CONFIG_NET_SCH_HFSC=y CONFIG_NET_SCH_PRIO=y # CONFIG_NET_SCH_MULTIQ is not set CONFIG_NET_SCH_RED=y CONFIG_NET_SCH_SFQ=y CONFIG_NET_SCH_TEQL=y CONFIG_NET_SCH_TBF=y CONFIG_NET_SCH_GRED=y CONFIG_NET_SCH_DSMARK=y CONFIG_NET_SCH_NETEM=y # CONFIG_NET_SCH_DRR is not set # CONFIG_NET_SCH_INGRESS is not set # # Classification # CONFIG_NET_CLS=y CONFIG_NET_CLS_BASIC=y CONFIG_NET_CLS_TCINDEX=y CONFIG_NET_CLS_ROUTE4=y CONFIG_NET_CLS_ROUTE=y CONFIG_NET_CLS_FW=y CONFIG_NET_CLS_U32=y CONFIG_CLS_U32_PERF=y CONFIG_CLS_U32_MARK=y CONFIG_NET_CLS_RSVP=y CONFIG_NET_CLS_RSVP6=y CONFIG_NET_CLS_FLOW=y CONFIG_NET_EMATCH=y CONFIG_NET_EMATCH_STACK=32 CONFIG_NET_EMATCH_CMP=y CONFIG_NET_EMATCH_NBYTE=y CONFIG_NET_EMATCH_U32=y CONFIG_NET_EMATCH_META=y CONFIG_NET_EMATCH_TEXT=y CONFIG_NET_CLS_ACT=y CONFIG_NET_ACT_POLICE=y CONFIG_NET_ACT_GACT=y CONFIG_GACT_PROB=y CONFIG_NET_ACT_MIRRED=y CONFIG_NET_ACT_IPT=y CONFIG_NET_ACT_NAT=y CONFIG_NET_ACT_PEDIT=y # CONFIG_NET_ACT_SIMP is not set # CONFIG_NET_ACT_SKBEDIT is not set CONFIG_NET_CLS_IND=y CONFIG_NET_SCH_FIFO=y # CONFIG_DCB is not set # # Network testing # # CONFIG_NET_PKTGEN is not set # CONFIG_HAMRADIO is not set # CONFIG_CAN is not set # CONFIG_IRDA is not set # CONFIG_BT is not set # CONFIG_AF_RXRPC is not set CONFIG_FIB_RULES=y # CONFIG_WIRELESS is not set # CONFIG_WIMAX is not set # CONFIG_RFKILL is not set # CONFIG_NET_9P is not set CONFIG_GHOSTIFICATION=y CONFIG_GHOSTIFICATION_NUM=9 CONFIG_GHOSTIFICATION_MESG=y CONFIG_GHOSTIFICATION_PRINTK=y # CONFIG_GHOSTIFICATION_DEBUG is not set # CONFIG_GHOSTIFICATION_DEVEL is not set # # UML Network Devices # CONFIG_UML_NET=y CONFIG_UML_NET_ETHERTAP=y CONFIG_UML_NET_TUNTAP=y CONFIG_UML_NET_SLIP=y CONFIG_UML_NET_DAEMON=y CONFIG_UML_NET_VDE=y CONFIG_UML_NET_MCAST=y CONFIG_UML_NET_PCAP=y CONFIG_UML_NET_SLIRP=y CONFIG_NETDEVICES=y # CONFIG_IFB is not set CONFIG_DUMMY=y CONFIG_BONDING=y CONFIG_MACVLAN=y # CONFIG_EQUALIZER is not set CONFIG_TUN=y # CONFIG_VETH is not set # # Wireless LAN # # CONFIG_WLAN_PRE80211 is not set # CONFIG_WLAN_80211 is not set # # Enable WiMAX (Networking options) to see the WiMAX drivers # # CONFIG_WAN is not set CONFIG_PPP=y # CONFIG_PPP_MULTILINK is not set # CONFIG_PPP_FILTER is not set # CONFIG_PPP_ASYNC is not set # CONFIG_PPP_SYNC_TTY is not set # CONFIG_PPP_DEFLATE is not set # CONFIG_PPP_BSDCOMP is not set # CONFIG_PPP_MPPE is not set # CONFIG_PPPOE is not set # CONFIG_PPPOL2TP is not set CONFIG_SLIP=y # CONFIG_SLIP_COMPRESSED is not set CONFIG_SLHC=y # CONFIG_SLIP_SMART is not set # CONFIG_SLIP_MODE_SLIP6 is not set # CONFIG_NETCONSOLE is not set # CONFIG_NETPOLL is not set # CONFIG_NET_POLL_CONTROLLER is not set # CONFIG_CONNECTOR is not set # # File systems # CONFIG_EXT2_FS=y CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_POSIX_ACL=y # CONFIG_EXT2_FS_SECURITY is not set # CONFIG_EXT2_FS_XIP is not set CONFIG_EXT3_FS=y # CONFIG_EXT3_DEFAULTS_TO_ORDERED is not set CONFIG_EXT3_FS_XATTR=y CONFIG_EXT3_FS_POSIX_ACL=y CONFIG_EXT3_FS_SECURITY=y # CONFIG_EXT4_FS is not set CONFIG_JBD=y CONFIG_FS_MBCACHE=y # CONFIG_REISERFS_FS is not set # CONFIG_JFS_FS is not set CONFIG_FS_POSIX_ACL=y # CONFIG_XFS_FS is not set # CONFIG_GFS2_FS is not set # CONFIG_OCFS2_FS is not set # CONFIG_BTRFS_FS is not set CONFIG_FILE_LOCKING=y CONFIG_FSNOTIFY=y CONFIG_DNOTIFY=y CONFIG_INOTIFY=y CONFIG_INOTIFY_USER=y CONFIG_QUOTA=y # CONFIG_QUOTA_NETLINK_INTERFACE is not set CONFIG_PRINT_QUOTA_WARNING=y # CONFIG_QFMT_V1 is not set # CONFIG_QFMT_V2 is not set CONFIG_QUOTACTL=y CONFIG_AUTOFS_FS=y CONFIG_AUTOFS4_FS=y # CONFIG_FUSE_FS is not set # # Caches # # CONFIG_FSCACHE is not set # # CD-ROM/DVD Filesystems # # CONFIG_ISO9660_FS is not set # CONFIG_UDF_FS is not set # # DOS/FAT/NT Filesystems # # CONFIG_MSDOS_FS is not set # CONFIG_VFAT_FS is not set # CONFIG_NTFS_FS is not set # # Pseudo filesystems # CONFIG_PROC_FS=y CONFIG_PROC_KCORE=y CONFIG_PROC_SYSCTL=y CONFIG_PROC_PAGE_MONITOR=y CONFIG_SYSFS=y CONFIG_TMPFS=y # CONFIG_TMPFS_POSIX_ACL is not set # CONFIG_HUGETLB_PAGE is not set # CONFIG_CONFIGFS_FS is not set CONFIG_MISC_FILESYSTEMS=y # CONFIG_ADFS_FS is not set # CONFIG_AFFS_FS is not set # CONFIG_HFS_FS is not set # CONFIG_HFSPLUS_FS is not set # CONFIG_BEFS_FS is not set # CONFIG_BFS_FS is not set # CONFIG_EFS_FS is not set # CONFIG_CRAMFS is not set # CONFIG_SQUASHFS is not set # CONFIG_VXFS_FS is not set # CONFIG_MINIX_FS is not set # CONFIG_OMFS_FS is not set # CONFIG_HPFS_FS is not set # CONFIG_QNX4FS_FS is not set # CONFIG_ROMFS_FS is not set # CONFIG_SYSV_FS is not set # CONFIG_UFS_FS is not set # CONFIG_NILFS2_FS is not set CONFIG_NETWORK_FILESYSTEMS=y CONFIG_NFS_FS=y CONFIG_NFS_V3=y CONFIG_NFS_V3_ACL=y CONFIG_NFS_V4=y # CONFIG_NFS_V4_1 is not set CONFIG_NFSD=y CONFIG_NFSD_V2_ACL=y CONFIG_NFSD_V3=y CONFIG_NFSD_V3_ACL=y CONFIG_NFSD_V4=y CONFIG_LOCKD=y CONFIG_LOCKD_V4=y CONFIG_EXPORTFS=y CONFIG_NFS_ACL_SUPPORT=y CONFIG_NFS_COMMON=y CONFIG_SUNRPC=y CONFIG_SUNRPC_GSS=y CONFIG_RPCSEC_GSS_KRB5=y CONFIG_RPCSEC_GSS_SPKM3=y # CONFIG_SMB_FS is not set CONFIG_CIFS=y # CONFIG_CIFS_STATS is not set # CONFIG_CIFS_WEAK_PW_HASH is not set CONFIG_CIFS_XATTR=y CONFIG_CIFS_POSIX=y CONFIG_CIFS_DEBUG2=y # CONFIG_CIFS_EXPERIMENTAL is not set # CONFIG_NCP_FS is not set # CONFIG_CODA_FS is not set # CONFIG_AFS_FS is not set # # Partition Types # CONFIG_PARTITION_ADVANCED=y # CONFIG_ACORN_PARTITION is not set # CONFIG_OSF_PARTITION is not set # CONFIG_AMIGA_PARTITION is not set # CONFIG_ATARI_PARTITION is not set # CONFIG_MAC_PARTITION is not set CONFIG_MSDOS_PARTITION=y # CONFIG_BSD_DISKLABEL is not set # CONFIG_MINIX_SUBPARTITION is not set # CONFIG_SOLARIS_X86_PARTITION is not set # CONFIG_UNIXWARE_DISKLABEL is not set # CONFIG_LDM_PARTITION is not set # CONFIG_SGI_PARTITION is not set # CONFIG_ULTRIX_PARTITION is not set # CONFIG_SUN_PARTITION is not set # CONFIG_KARMA_PARTITION is not set # CONFIG_EFI_PARTITION is not set # CONFIG_SYSV68_PARTITION is not set CONFIG_NLS=y CONFIG_NLS_DEFAULT="iso8859-1" # CONFIG_NLS_CODEPAGE_437 is not set # CONFIG_NLS_CODEPAGE_737 is not set # CONFIG_NLS_CODEPAGE_775 is not set # CONFIG_NLS_CODEPAGE_850 is not set # CONFIG_NLS_CODEPAGE_852 is not set # CONFIG_NLS_CODEPAGE_855 is not set # CONFIG_NLS_CODEPAGE_857 is not set # CONFIG_NLS_CODEPAGE_860 is not set # CONFIG_NLS_CODEPAGE_861 is not set # CONFIG_NLS_CODEPAGE_862 is not set # CONFIG_NLS_CODEPAGE_863 is not set # CONFIG_NLS_CODEPAGE_864 is not set # CONFIG_NLS_CODEPAGE_865 is not set # CONFIG_NLS_CODEPAGE_866 is not set # CONFIG_NLS_CODEPAGE_869 is not set # CONFIG_NLS_CODEPAGE_936 is not set # CONFIG_NLS_CODEPAGE_950 is not set # CONFIG_NLS_CODEPAGE_932 is not set # CONFIG_NLS_CODEPAGE_949 is not set # CONFIG_NLS_CODEPAGE_874 is not set # CONFIG_NLS_ISO8859_8 is not set # CONFIG_NLS_CODEPAGE_1250 is not set # CONFIG_NLS_CODEPAGE_1251 is not set # CONFIG_NLS_ASCII is not set # CONFIG_NLS_ISO8859_1 is not set # CONFIG_NLS_ISO8859_2 is not set # CONFIG_NLS_ISO8859_3 is not set # CONFIG_NLS_ISO8859_4 is not set # CONFIG_NLS_ISO8859_5 is not set # CONFIG_NLS_ISO8859_6 is not set # CONFIG_NLS_ISO8859_7 is not set # CONFIG_NLS_ISO8859_9 is not set # CONFIG_NLS_ISO8859_13 is not set # CONFIG_NLS_ISO8859_14 is not set # CONFIG_NLS_ISO8859_15 is not set # CONFIG_NLS_KOI8_R is not set # CONFIG_NLS_KOI8_U is not set # CONFIG_NLS_UTF8 is not set # CONFIG_DLM is not set # # Security options # # CONFIG_KEYS is not set # CONFIG_SECURITY is not set # CONFIG_SECURITYFS is not set # CONFIG_SECURITY_FILE_CAPABILITIES is not set CONFIG_CRYPTO=y # # Crypto core or helper # # CONFIG_CRYPTO_FIPS is not set CONFIG_CRYPTO_ALGAPI=y CONFIG_CRYPTO_ALGAPI2=y CONFIG_CRYPTO_AEAD=y CONFIG_CRYPTO_AEAD2=y CONFIG_CRYPTO_BLKCIPHER=y CONFIG_CRYPTO_BLKCIPHER2=y CONFIG_CRYPTO_HASH=y CONFIG_CRYPTO_HASH2=y CONFIG_CRYPTO_RNG2=y CONFIG_CRYPTO_PCOMP=y CONFIG_CRYPTO_MANAGER=y CONFIG_CRYPTO_MANAGER2=y # CONFIG_CRYPTO_GF128MUL is not set # CONFIG_CRYPTO_NULL is not set CONFIG_CRYPTO_WORKQUEUE=y # CONFIG_CRYPTO_CRYPTD is not set CONFIG_CRYPTO_AUTHENC=y # # Authenticated Encryption with Associated Data # # CONFIG_CRYPTO_CCM is not set # CONFIG_CRYPTO_GCM is not set # CONFIG_CRYPTO_SEQIV is not set # # Block modes # CONFIG_CRYPTO_CBC=y # CONFIG_CRYPTO_CTR is not set # CONFIG_CRYPTO_CTS is not set # CONFIG_CRYPTO_ECB is not set # CONFIG_CRYPTO_LRW is not set # CONFIG_CRYPTO_PCBC is not set # CONFIG_CRYPTO_XTS is not set # # Hash modes # CONFIG_CRYPTO_HMAC=y # CONFIG_CRYPTO_XCBC is not set # # Digest # CONFIG_CRYPTO_CRC32C=y # CONFIG_CRYPTO_MD4 is not set CONFIG_CRYPTO_MD5=y # CONFIG_CRYPTO_MICHAEL_MIC is not set # CONFIG_CRYPTO_RMD128 is not set # CONFIG_CRYPTO_RMD160 is not set # CONFIG_CRYPTO_RMD256 is not set # CONFIG_CRYPTO_RMD320 is not set CONFIG_CRYPTO_SHA1=y # CONFIG_CRYPTO_SHA256 is not set # CONFIG_CRYPTO_SHA512 is not set # CONFIG_CRYPTO_TGR192 is not set # CONFIG_CRYPTO_WP512 is not set # # Ciphers # # CONFIG_CRYPTO_AES is not set # CONFIG_CRYPTO_AES_586 is not set # CONFIG_CRYPTO_ANUBIS is not set # CONFIG_CRYPTO_ARC4 is not set # CONFIG_CRYPTO_BLOWFISH is not set # CONFIG_CRYPTO_CAMELLIA is not set CONFIG_CRYPTO_CAST5=y # CONFIG_CRYPTO_CAST6 is not set CONFIG_CRYPTO_DES=y # CONFIG_CRYPTO_FCRYPT is not set # CONFIG_CRYPTO_KHAZAD is not set # CONFIG_CRYPTO_SALSA20 is not set # CONFIG_CRYPTO_SALSA20_586 is not set # CONFIG_CRYPTO_SEED is not set # CONFIG_CRYPTO_SERPENT is not set # CONFIG_CRYPTO_TEA is not set # CONFIG_CRYPTO_TWOFISH is not set # CONFIG_CRYPTO_TWOFISH_586 is not set # # Compression # CONFIG_CRYPTO_DEFLATE=y # CONFIG_CRYPTO_ZLIB is not set # CONFIG_CRYPTO_LZO is not set # # Random Number Generation # # CONFIG_CRYPTO_ANSI_CPRNG is not set CONFIG_CRYPTO_HW=y # CONFIG_BINARY_PRINTF is not set # # Library routines # CONFIG_BITREVERSE=y CONFIG_GENERIC_FIND_FIRST_BIT=y CONFIG_GENERIC_FIND_NEXT_BIT=y CONFIG_GENERIC_FIND_LAST_BIT=y # CONFIG_CRC_CCITT is not set CONFIG_CRC16=y # CONFIG_CRC_T10DIF is not set # CONFIG_CRC_ITU_T is not set CONFIG_CRC32=y # CONFIG_CRC7 is not set CONFIG_LIBCRC32C=y CONFIG_ZLIB_INFLATE=y CONFIG_ZLIB_DEFLATE=y CONFIG_TEXTSEARCH=y CONFIG_TEXTSEARCH_KMP=y CONFIG_TEXTSEARCH_BM=y CONFIG_TEXTSEARCH_FSM=y CONFIG_HAS_DMA=y CONFIG_NLATTR=y # # SCSI device support # # CONFIG_RAID_ATTRS is not set # CONFIG_SCSI is not set # CONFIG_SCSI_DMA is not set # CONFIG_SCSI_NETLINK is not set CONFIG_MD=y # CONFIG_BLK_DEV_MD is not set CONFIG_BLK_DEV_DM=y # CONFIG_DM_DEBUG is not set CONFIG_DM_CRYPT=y CONFIG_DM_SNAPSHOT=y CONFIG_DM_MIRROR=y # CONFIG_DM_LOG_USERSPACE is not set # CONFIG_DM_ZERO is not set # CONFIG_DM_MULTIPATH is not set # CONFIG_DM_DELAY is not set # CONFIG_DM_UEVENT is not set # CONFIG_NEW_LEDS is not set # CONFIG_INPUT is not set # # Kernel hacking # # CONFIG_PRINTK_TIME is not set # CONFIG_ENABLE_WARN_DEPRECATED is not set CONFIG_ENABLE_MUST_CHECK=y CONFIG_FRAME_WARN=1024 # CONFIG_UNUSED_SYMBOLS is not set # CONFIG_DEBUG_FS is not set # CONFIG_DEBUG_KERNEL is not set CONFIG_DEBUG_BUGVERBOSE=y CONFIG_DEBUG_MEMORY_INIT=y # CONFIG_RCU_CPU_STALL_DETECTOR is not set CONFIG_SYSCTL_SYSCALL_CHECK=y # CONFIG_SAMPLES is not set # CONFIG_DEBUG_STACK_USAGE is not set marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/linux-2.6.28-ghost.patch0000644000175000017500000030554413175722671025702 0ustar lucaslucasdiff -rNaud linux-2.6.28/arch/um/drivers/vde_user.c linux-2.6.28-ghost/arch/um/drivers/vde_user.c --- linux-2.6.28/arch/um/drivers/vde_user.c 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/arch/um/drivers/vde_user.c 2009-11-26 22:24:32.000000000 +0000 @@ -77,8 +77,8 @@ void vde_init_libstuff(struct vde_data *vpri, struct vde_init *init) { struct vde_open_args *args; - - vpri->args = kmalloc(sizeof(struct vde_open_args), UM_GFP_KERNEL); + /* (ghost support) kmalloc is used instead of uml_kmalloc */ + vpri->args = uml_kmalloc(sizeof(struct vde_open_args), UM_GFP_KERNEL); if (vpri->args == NULL) { printk(UM_KERN_ERR "vde_init_libstuff - vde_open_args " "allocation failed"); diff -rNaud linux-2.6.28/include/linux/netdevice.h linux-2.6.28-ghost/include/linux/netdevice.h --- linux-2.6.28/include/linux/netdevice.h 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/include/linux/netdevice.h 2009-11-26 22:24:32.000000000 +0000 @@ -14,6 +14,8 @@ * Alan Cox, * Bjorn Ekwall. * Pekka Riikonen + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -1771,4 +1773,12 @@ #endif /* __KERNEL__ */ +/* + * (ghost support) Just check whether the given name + * belongs to the ghost interface + */ +#ifdef CONFIG_GHOSTIFICATION +int is_a_ghost_interface_name(const char *interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + #endif /* _LINUX_DEV_H */ diff -rNaud linux-2.6.28/include/linux/sockios.h linux-2.6.28-ghost/include/linux/sockios.h --- linux-2.6.28/include/linux/sockios.h 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/include/linux/sockios.h 2009-11-26 22:24:32.000000000 +0000 @@ -9,6 +9,8 @@ * * Authors: Ross Biro * Fred N. van Kempen, + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -83,6 +85,13 @@ #define SIOCWANDEV 0x894A /* get/set netdev parameters */ +/* (ghost support) ghostification's ioctl */ +#ifdef CONFIG_GHOSTIFICATION +#define SIOKLOG 0x894D /* Write a string to the log */ +#define SIOCGIFGHOSTIFY 0x894E /* Make a network device 'ghost' */ +#define SIOCGIFUNGHOSTIFY 0x894F /* Make a network device 'ghost' */ +#endif /* CONFIG_GHOSTIFICATION */ + /* ARP cache control calls. */ /* 0x8950 - 0x8952 * obsolete calls, don't re-use */ #define SIOCDARP 0x8953 /* delete ARP table entry */ diff -rNaud linux-2.6.28/include/net/ghostdebug.h linux-2.6.28-ghost/include/net/ghostdebug.h --- linux-2.6.28/include/net/ghostdebug.h 1970-01-01 00:00:00.000000000 +0000 +++ linux-2.6.28-ghost/include/net/ghostdebug.h 2009-11-26 22:24:32.000000000 +0000 @@ -0,0 +1,93 @@ +/* + * Ghost support: + * Some trivials macros for display messages, trace ghost ops, + * debug and devel the ghostification kernel patch. + * + * Authors: Roudiere Jonathan, + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version + * 2 of the License, or (at your option) any later version. + */ + +#ifndef __GHOSTDEBUG__ +#define __GHOSTDEBUG__ + +#ifdef CONFIG_GHOSTIFICATION + +/* + * Ghost macros: there are three type of macros for three kind of + * information level : + * + * - the first one is ghost_ptk, that is a simple printk with the + * KERN_INFO log level, it is the standard type of display used + * by the ghostification kernel code to allow user to monitor + * ghost operations, if GHOSTIFICATION_PRINTK is not defined then + * user will not any information about the ghostified interfaces + * and the ghost engine (almost any infos ;-)), + * + * - ghost_debug and ghost_debugmsg are respectively used to show a + * calling card in a part of the code (function, files) and to show + * in plus informations additional (variable, etc ..), these two macros + * display messages with the level KERNEL_DEBUG, + * + * - ghost_devel and ghost_develmsg are very similar (redundant) + * in both previous ones, they are mainly used for the development + * of the patch to follow the stream of execution, activate + * GHOSTIFICATION_DEVEL has interest only for developers. + * +*/ + +/* + * Macro usable to debug during normal usage of the kernel. +*/ +#ifdef CONFIG_GHOSTIFICATION_DEBUG +#define ghost_debug \ + printk(KERN_DEBUG \ + "(ghost_debug): file(%s): funct(%s): line(%04d): -- info debug -- \n", \ + __FILE__, __FUNCTION__, __LINE__) +#define ghost_debugmsg(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost_debug): file(%s): funct(%s): line(%04d): " msg "\n", \ + __FILE__, __FUNCTION__, __LINE__, ##args) +#else +#define ghost_debug +#define ghost_debugmsg(msg,args...) +#endif + +/* + * A little bit redundant with the macro ghost_debug/debugmsg + * but allows a difference in the use, they are not used for the + * debugging, but to verify roads borrowed during the development. + * (note: certainly remove at next release of the patch) +*/ +#ifdef CONFIG_GHOSTIFICATION_DEVEL +#define ghost_devel \ + printk(KERN_DEBUG \ + "(ghost_devel): file(%s): funct(%s): line(%04d): -- info devel -- \n", \ + __FILE__, __FUNCTION__, __LINE__) +#define ghost_develmsg(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost_devel): file(%s): funct(%s): line(%04d): " msg "\n", \ + __FILE__, __FUNCTION__, __LINE__, ##args) +#else +#define ghost_devel +#define ghost_develmsg(msg,args...) +#endif + +/* + * Macro to display all message from chunk of code which has + * ghostification in charge (use macro to add debug level later). +*/ +#ifdef CONFIG_GHOSTIFICATION_PRINTK +#define ghost_ptk(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost) " msg "\n", ##args) +#else +#define ghost_ptk(msg,args...) +#endif + +#endif /* CONFIG_GHOSTIFICATION */ + +#endif /* __GHOSTDEBUG__ */ diff -rNaud linux-2.6.28/kernel/softirq.c linux-2.6.28-ghost/kernel/softirq.c --- linux-2.6.28/kernel/softirq.c 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/kernel/softirq.c 2009-11-26 22:24:32.000000000 +0000 @@ -123,8 +123,11 @@ */ void _local_bh_enable(void) { +/* (ghost support) we don't want disturbe user's console */ +#ifndef CONFIG_GHOSTIFICATION WARN_ON_ONCE(in_irq()); WARN_ON_ONCE(!irqs_disabled()); +#endif if (softirq_count() == SOFTIRQ_OFFSET) trace_softirqs_on((unsigned long)__builtin_return_address(0)); @@ -135,7 +138,10 @@ static inline void _local_bh_enable_ip(unsigned long ip) { +/* (ghost support) we don't want disturbe user's console */ +#ifndef CONFIG_GHOSTIFICATION WARN_ON_ONCE(in_irq() || irqs_disabled()); +#endif #ifdef CONFIG_TRACE_IRQFLAGS local_irq_disable(); #endif diff -rNaud linux-2.6.28/net/Kconfig linux-2.6.28-ghost/net/Kconfig --- linux-2.6.28/net/Kconfig 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/net/Kconfig 2009-11-26 22:24:32.000000000 +0000 @@ -172,6 +172,105 @@ source "net/decnet/netfilter/Kconfig" source "net/bridge/netfilter/Kconfig" +config GHOSTIFICATION_NETFILTER + bool "Ghostification support to netfilter" + depends on GHOSTIFICATION && NETFILTER_ADVANCED + default y + help + Ghostification support to Netfilter. Allow to bypass all + Netfilter's hooks (INPUT, OUTPUT, FORWARD, POSTROUTING and + PREROUTING (when available)) and that for all layer or protocol: + ARP, Bridge, IPv4, IPv6 (and Decnet) or just for one protocol + or layer. + If you choose to activate the Ghostification of Netfilter then + all the network packets which come from, or go to an ghostified + interface will not get through the hooks of Netfilter; so rules + which have been created with Iptables, Ip6tables, Arptables or + Ebtables will have no effect on these packets. + Note: This option allows you to have access to the options of + configuration of the Ghostification of Netfilter but it activates + no section of code; you will thus need to select one or some + among those this below. + +config GHOSTIFICATION_NETFILTER_ALL + bool "Ghostification support to netfilter, skip all hooks" + depends on GHOSTIFICATION_NETFILTER + default y + help + Netfiter Ghostification support for all protocols/layers. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass + Netfilter's hooks; thus any actions or rules which have been + created through Iptables, Ip6tables, Arptables or Ebtables + will not have any effect on this packets. + +config GHOSTIFICATION_NETFILTER_ARP + bool "Ghostification support to netfilter, skip ARP hooks" + depends on GHOSTIFICATION_NETFILTER && IP_NF_ARPTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the ARP protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass Arp + hooks of Netfilter; thus the rules which have been created + with the Arptables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_BRIDGE + bool "Ghostification support to netfilter, skip Bridge hooks" + depends on GHOSTIFICATION_NETFILTER && BRIDGE_NF_EBTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the Bridge protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass Bridge + hooks of Netfilter; thus the rules which have been created + with the Ebtables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_IPV4 + bool "Ghostification support to netfilter, skip IPv4 hooks" + depends on GHOSTIFICATION_NETFILTER && !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the IPv4 protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass IPv4 + hooks of Netfilter; thus the rules which have been created + with the Iptables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_IPV6 + bool "Ghostification support to netfilter, skip IPv6 hooks" + depends on GHOSTIFICATION_NETFILTER && IP6_NF_IPTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the IPv6 protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass IPv6 + hooks of Netfilter; thus the rules which have been created + with the Ip6tables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + endif source "net/dccp/Kconfig" @@ -254,4 +353,93 @@ source "net/rfkill/Kconfig" source "net/9p/Kconfig" +config GHOSTIFICATION + bool "Ghostification support" + depends on INET + default y + help + Ghostification support allow you to hide network interfaces + on your system. Ghostify and Unghostify are the actions which + make dynamically invisible and visible a network interface/cards + (eth0, lo, tun, ...) for the userspace. + When a network interface is ghostified, users of your system + can not see it with userspace tools like ifconfig, route, iproute, + netstat and/or have statistics about it. However even if a network + interface is ghostified it is always possible to open a socket + using the Ip address of this interface, ping this interface or + any host connected to the same network remains possible; has the + opposite, it is not possible to sniff packets on a ghostified + interface with userspace tools like tcpdump, wireshark, ... + Informations about a ghostified interface are hidden under /proc + but they can be find under /sys, it is a limit of the ghostification + patch. + For more informations about Ghostification patch and engine see + the README of the tarball that you have used or go to website of + the Marionnet project at . + + +config GHOSTIFICATION_NUM + int "Ghostification support : max number of possible ghostified interface" + depends on GHOSTIFICATION + range 4 32 + default 8 + help + Here you can choose the number of network interfaces that + you will be allowed to ghostify. This number must be between + 4 and 32. + +config GHOSTIFICATION_MESG + bool "Ghostification messages, display, debug and devel" + depends on GHOSTIFICATION + default y + help + Ghostification messages configuration. This option allow + you to have acces to the options which configure and control + the type of messages that you want the ghostification engine + diplay (visible through syslogd). + There are three options which make more or less verbose the + ghostification engine. You can choose to not select any + options below if you want to try to hide the ghostification + operations for the users of your system. + Note: This option allows you to have access to the options + which control the number of messages and the verbosity of + the Ghostification engine but it activates no section of + code; you will thus need to select one or some among those + this below. + +config GHOSTIFICATION_PRINTK + bool "Ghostification, messages to monitor ghost operations" + depends on GHOSTIFICATION_MESG + default y + help + This option allow you to activate normal messsages from the + ghostification engine, those messages are display through a + simple printk (visible through syslogd), this messages allow + to have informations about the ghost operations (like "the + interface ethX has been ghostified", "unghostified", "is already + ghostified", etc ...). If you really wish to hide ghostified + interfaces and ghost operations for the users of your system + don't select this option. + +config GHOSTIFICATION_DEBUG + bool "Ghostification, debugging messages to monitor ghost operations" + depends on GHOSTIFICATION_MESG + help + This option increase the verbosity of the ghostification engine, + allow to get more informations in order to debug the ghost ops. + This option is in general used to verify the result of a test or + to display the datas (interface name, pid of a calling process, ...) + which are treated by the ghost engine. + +config GHOSTIFICATION_DEVEL + bool "Ghostification, helping messages to trace ghost operations (devel)" + depends on GHOSTIFICATION_MESG + help + This option give more informations that the option above, it is use + by developer of the ghostification patch in order to control some + paths used in the kernel code and the datas which are manipulated. + This option is a little redundant with the debug option but allow + to have a better granularity, maybe it will be remove for the next + release of the ghostification patch. + endif # if NET diff -rNaud linux-2.6.28/net/core/dev.c linux-2.6.28-ghost/net/core/dev.c --- linux-2.6.28/net/core/dev.c 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/net/core/dev.c 2009-11-26 22:24:32.000000000 +0000 @@ -18,6 +18,7 @@ * Alexey Kuznetsov * Adam Sulmicki * Pekka Riikonen + * Luca Saiu (ghostification support) * * Changes: * D.J. Barrow : Fixed bug where dev->refcnt gets set @@ -70,6 +71,8 @@ * indefinitely on dev->refcnt * J Hadi Salim : - Backlog queue sampling * - netif_rx() feedback + * Roudiere Jonathan : make some buxfix in ghostification engine + * verify CAP_NET_ADMIN before (un)ghost iface */ #include @@ -131,6 +134,230 @@ #include "net-sysfs.h" /* + * (ghost support) Chunk of code which has in charge + * the ghostification of network interfaces. + */ +#ifdef CONFIG_GHOSTIFICATION +#include + +/* The maximum number of ghost interfaces allowed at any given time: */ +#define MAX_GHOST_INTERFACES_NO CONFIG_GHOSTIFICATION_NUM + +/* + * A crude unsorted array of unique names, where "" stands for an + * empty slot. Elements are so few that an hash table would be overkill, + * and possibly also less efficient than this solution: + */ +static char ghost_interface_names[MAX_GHOST_INTERFACES_NO][IFNAMSIZ]; + +/* A lock protecting the ghost interfaces' support structure: */ +/* static DEFINE_SPINLOCK(ghostification_spin_lock); */ +static rwlock_t ghostification_spin_lock = RW_LOCK_UNLOCKED; + +/* Lock disabling local interrupts and saving flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + unsigned long flags; write_lock_irqsave(&ghostification_spin_lock, flags) + +/* Unlock re-enabling interrupts and restoring flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + write_unlock_irqrestore(&ghostification_spin_lock, flags) + +/* Lock disabling local interrupts and saving flags. This is for + readers, which are allowed to execute concurrently: */ +#define LOCK_GHOSTIFICATION_FOR_READING \ + unsigned long flags; read_lock_irqsave(&ghostification_spin_lock, flags) + +/* Lock re-enabling interrupts and restoring flags. This is for + readers, which are allowed to execute concurrently: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING \ + read_unlock_irqrestore(&ghostification_spin_lock, flags) + +#ifdef CONFIG_IPV6 +/* Defined in net/ipv6/addrconf.c: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +#endif /* CONFIG_IPV6 */ + +/* Return the index of the given element (which may be "") within + ghost_interface_names, or -1 on failure. Note that this must be + executed in a critical section: */ +static int __lookup_ghost_interface_names(const char *interface_name) +{ + int i; + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(!strcmp(interface_name, ghost_interface_names[i])) + return i; /* we found the given name in the i-th element */ + return -1; /* we didn't find the given name in the array */ +} + +/* This is useful for debugging. It must be called in a critical section. */ +static void __dump_ghost_interfaces(void) +{ + int i; + int number_of_ghost_interfaces = 0; + + ghost_ptk("Ghost interfaces are now: "); + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(strcmp(ghost_interface_names[i], "")) { + number_of_ghost_interfaces++; + ghost_ptk("%i. %s", number_of_ghost_interfaces, + ghost_interface_names[i]); + } + + ghost_ptk("There are now %i ghost interfaces. " + "A maximum of %i can exist at any given time.", + number_of_ghost_interfaces, MAX_GHOST_INTERFACES_NO); +} + +/* Just check whether the given name belongs to a ghost interface. + This must be called in a critical section: */ +int __is_a_ghost_interface_name(const char *interface_name) +{ + /* Particular case: "" is *not* a ghost interface name, even + if it's in the ghost interfaces array (we use it just to mark + an empty slot): */ + if(interface_name[0] == '\0') + return 0; + /* Just check whether interface_name is an element of the array: */ + return __lookup_ghost_interface_names(interface_name) >= 0; +} + +/* Just check whether the given name belongs to a ghost interface: */ +int is_a_ghost_interface_name(const char *interface_name) +{ + int result; + LOCK_GHOSTIFICATION_FOR_READING; + /* Just check whether interface_name is an element of the array: */ + result = __is_a_ghost_interface_name(interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING; + return result; +} + +/* Make the given interface ghost. Return 0 on success, nonzero on + failure. Failure occours when the interface is already ghost or + does not exist: */ +static int ghostify_interface(char *interface_name) +{ + int a_free_element_index; + const size_t name_length = strlen(interface_name); + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + + /* Let's avoid buffer overflows... This could possibly be exploited: */ + if((name_length >= IFNAMSIZ) || (name_length == 0)) + { + ghost_ptk("The user asked to ghostify the interface %s, " + "which has a name of length %i. Failing.", + interface_name, name_length); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EINVAL; + } + + /* Fail if the interface is already ghostified. In particular we + want *no* duplicates in the array. Note that we're already in + a critical section here, so there's no need for locking: */ + if(__is_a_ghost_interface_name(interface_name)) + { + ghost_ptk("Could not ghostify the interface %s, " + "because it\'s already ghost.", interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EEXIST; /* File exists, seems to be more appropriate */ + /* return -EINVAL; */ + } + + /* Fail if the interface is not found. We don't want add a + no-existing interface in our array */ + struct net_device *device; + device = dev_get_by_name(&init_net, interface_name); + if (device == NULL) { + ghost_ptk("Could not ghostify the interface %s which " + "doesn't exist. Try again.", interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENODEV; + } + + /* Look for a free spot: */ + a_free_element_index = __lookup_ghost_interface_names(""); + if(a_free_element_index < 0) + { + ghost_ptk("Could not ghostify the interface %s, " + "because %i interfaces are already ghostified. Sorry.", + interface_name, MAX_GHOST_INTERFACES_NO); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENOMEM; + } + + /* Ok, we found a free spot; just copy the interface name: */ + strcpy(ghost_interface_names[a_free_element_index], interface_name); + +#ifdef CONFIG_IPV6 + /* Hide /proc/net/dev_snmp6/DEVICE for the new ghost DEVICE: */ + hide_proc_net_dev_snmp6_DEVICE_if_needed( + ghost_interface_names[a_free_element_index]); +#endif /* CONFIG_IPV6 */ + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} + +/* Make the given interface, which should be ghost, non-ghost. + Return 0 on success, nonzero on failure. Failure occours when + the given interface is non-ghost or does not exist: */ +static int unghostify_interface(char *ghost_interface_name) +{ + int the_interface_index; + struct net_device *device; + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + + /* Fail if the interface is not found. It is not necessary + to search in the array a no-existing interface and allow + to return a more appropriate error code to the userspace. */ + device = dev_get_by_name(&init_net, ghost_interface_name); + if (device == NULL) { + ghost_ptk("Could not unghostify the interface %s " + "which doesn't exist. Try again.\n", ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENODEV; + } + + /* Look for the given interface: */ + the_interface_index = + __lookup_ghost_interface_names(ghost_interface_name); + if(the_interface_index < 0) + { + ghost_ptk("Could not unghostify the interface %s, \ + because it's non-ghost or not existing.\n", + ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ESRCH; /* No such device or address, seems to be more appropriate */ + /* return -EINVAL; */ + } + + /* Ok, we found the interface: just "remove" its name from the array: */ + ghost_interface_names[the_interface_index][0] = '\0'; + +#ifdef CONFIG_IPV6 + /* Show again /proc/net/dev_snmp6/DEVICE for the now non-ghost DEVICE: */ + show_proc_net_dev_snmp6_DEVICE_if_needed(ghost_interface_name); +#endif /* CONFIG_IPV6 */ + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} +EXPORT_SYMBOL(is_a_ghost_interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + +/* + * (ghost support) End of ghostification support + */ + + +/* * The list of packet types we will receive (as opposed to discard) * and the routines to invoke. * @@ -550,6 +777,13 @@ { int ints[5]; struct ifmap map; + /* (ghost support) There are no ghost interfaces by default */ +#ifdef CONFIG_GHOSTIFICATION + int i; + + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + ghost_interface_names[i][0] = '\0'; +#endif /* CONFIG_GHOSTIFICATION */ str = get_options(str, ARRAY_SIZE(ints), ints); if (!str || !*str) @@ -2544,11 +2778,20 @@ len = ifc.ifc_len; /* - * Loop over the interfaces, and write an info block for each. + * Loop over the interfaces, and write an info block for each, + * (ghost support) unless they are ghostified. */ total = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* Don't tell the user about ghost interfaces: just skip them */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Skipping the ghost interface %s in SIOCGIFCONF", + dev->name); + continue; + } +#endif /* CONFIG_GHOSTIFICATION */ for (i = 0; i < NPROTO; i++) { if (gifconf_list[i]) { int done; @@ -2616,24 +2859,27 @@ static void dev_seq_printf_stats(struct seq_file *seq, struct net_device *dev) { struct net_device_stats *stats = dev->get_stats(dev); - - seq_printf(seq, "%6s:%8lu %7lu %4lu %4lu %4lu %5lu %10lu %9lu " - "%8lu %7lu %4lu %4lu %4lu %5lu %7lu %10lu\n", - dev->name, stats->rx_bytes, stats->rx_packets, - stats->rx_errors, - stats->rx_dropped + stats->rx_missed_errors, - stats->rx_fifo_errors, - stats->rx_length_errors + stats->rx_over_errors + - stats->rx_crc_errors + stats->rx_frame_errors, - stats->rx_compressed, stats->multicast, - stats->tx_bytes, stats->tx_packets, - stats->tx_errors, stats->tx_dropped, - stats->tx_fifo_errors, stats->collisions, - stats->tx_carrier_errors + - stats->tx_aborted_errors + - stats->tx_window_errors + - stats->tx_heartbeat_errors, - stats->tx_compressed); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't show anything in /proc if iface is ghostified */ + if(! is_a_ghost_interface_name(dev->name)) +#endif /* CONFIG_GHOSTIFICATION */ + seq_printf(seq, "%6s:%8lu %7lu %4lu %4lu %4lu %5lu %10lu %9lu " + "%8lu %7lu %4lu %4lu %4lu %5lu %7lu %10lu\n", + dev->name, stats->rx_bytes, stats->rx_packets, + stats->rx_errors, + stats->rx_dropped + stats->rx_missed_errors, + stats->rx_fifo_errors, + stats->rx_length_errors + stats->rx_over_errors + + stats->rx_crc_errors + stats->rx_frame_errors, + stats->rx_compressed, stats->multicast, + stats->tx_bytes, stats->tx_packets, + stats->tx_errors, stats->tx_dropped, + stats->tx_fifo_errors, stats->collisions, + stats->tx_carrier_errors + + stats->tx_aborted_errors + + stats->tx_window_errors + + stats->tx_heartbeat_errors, + stats->tx_compressed); } /* @@ -3512,6 +3758,16 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) skip if it is a ghostified interface */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("The user is performing a SIOCxIFxxx ioctl() " + "on the ghost interface %s, Failing.", dev->name); + ghost_debugmsg("we make the SIOCxIFxxx ioctl's call fail with -ENODEV"); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + switch (cmd) { case SIOCGIFFLAGS: /* Get interface flags */ ifr->ifr_flags = dev_get_flags(dev); @@ -3579,6 +3835,17 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) skip if it is a ghostified interface */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("The user is performing a SIOCxIFxxx ioctl() on " + "the ghost interface %s, Failing.", dev->name); + ghost_debugmsg("we make the SIOCxIFxxx ioctl's call fail " + "with -ENODEV"); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + switch (cmd) { case SIOCSIFFLAGS: /* Set interface flags */ return dev_change_flags(dev, ifr->ifr_flags); @@ -3722,6 +3989,57 @@ */ switch (cmd) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) catch ghostification's ioctl */ + case SIOKLOG: { + char text[1000]; + if(copy_from_user(text, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + text[IFNAMSIZ] = '\0'; + printk(KERN_DEBUG "%s\n", text); + return 0; + } + /* (un)ghostification ops require superuser power */ + case SIOCGIFGHOSTIFY: { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, + (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + ghost_ptk("The user asked to ghostify the interface %s.", + interface_name); + if((failure = ghostify_interface(interface_name)) == 0) + ghost_ptk("Ok, %s was ghostified.", + interface_name); + else + ghost_ptk("Failure in ghostification of %s.", + interface_name); + return failure; + } + case SIOCGIFUNGHOSTIFY: { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + ghost_ptk("The user asked to unghostify the interface %s.", + interface_name); + if((failure = unghostify_interface(interface_name)) == 0) + ghost_ptk("Ok, %s was unghostified.", + interface_name); + else + ghost_ptk("Failure in unghostification of %s.", + interface_name); + return failure; + } + /* end of ghostficiation ioctl */ +#endif /* CONFIG_GHOSTIFICATION */ + /* * These ioctl calls: * - can be done by all. diff -rNaud linux-2.6.28/net/core/dev_mcast.c linux-2.6.28-ghost/net/core/dev_mcast.c --- linux-2.6.28/net/core/dev_mcast.c 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/net/core/dev_mcast.c 2009-11-26 22:24:32.000000000 +0000 @@ -14,6 +14,8 @@ * Alan Cox : IFF_ALLMULTI support. * Alan Cox : New format set_multicast_list() calls. * Gleb Natapov : Remove dev_mc_lock. + * Luca Saiu : trivial changes for + * ghostification support. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -48,6 +50,9 @@ #include #include +#ifdef CONFIG_GHOSTIFICATION +#include +#endif /* CONFIG_GHOSTIFICATION */ /* * Device multicast list maintenance. @@ -167,7 +172,15 @@ netif_addr_lock_bh(dev); for (m = dev->mc_list; m; m = m->next) { int i; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information + in /proc about ghost interfaces */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Don't show any information in /proc " + "about ghostified interface"); + continue; + } +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(seq, "%-4d %-15s %-5d %-5d ", dev->ifindex, dev->name, m->dmi_users, m->dmi_gusers); diff -rNaud linux-2.6.28/net/core/rtnetlink.c linux-2.6.28-ghost/net/core/rtnetlink.c --- linux-2.6.28/net/core/rtnetlink.c 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/net/core/rtnetlink.c 2009-11-26 22:24:32.000000000 +0000 @@ -12,8 +12,12 @@ * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * - * Fixes: + * Fixes: * Vitaly E. Lavrov RTA_OK arithmetics was wrong. + * + * Changes: + * Roudiere Jonathan Some changes + * to ghost support, to allow to hide ghost net interfaces */ #include @@ -53,6 +57,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + struct rtnl_link { rtnl_doit_func doit; @@ -106,7 +115,10 @@ static rtnl_doit_func rtnl_get_doit(int protocol, int msgindex) { struct rtnl_link *tab; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("protocol = %i and msgindex %i ",protocol, msgindex); +#endif tab = rtnl_msg_handlers[protocol]; if (tab == NULL || tab[msgindex].doit == NULL) tab = rtnl_msg_handlers[PF_UNSPEC]; @@ -117,7 +129,10 @@ static rtnl_dumpit_func rtnl_get_dumpit(int protocol, int msgindex) { struct rtnl_link *tab; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("protocol = %i and msgindex %i ",protocol, msgindex); +#endif tab = rtnl_msg_handlers[protocol]; if (tab == NULL || tab[msgindex].dumpit == NULL) tab = rtnl_msg_handlers[PF_UNSPEC]; @@ -460,6 +475,12 @@ { struct sock *rtnl = net->rtnl; int report = 0; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add inforation to devel patch */ + ghost_develmsg("pid = %i, nlh->nlmsg_pid = %i, nlh->nlmsg_type %i " + "and nlh->nlmsg_seq = %i", pid, nlh->nlmsg_pid, + nlh->nlmsg_type, nlh->nlmsg_seq); +#endif if (nlh) report = nlmsg_report(nlh); @@ -616,6 +637,20 @@ if (nlh == NULL) return -EMSGSIZE; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("pid = %i, nlh->nlmsg_pid = %i, nlh->nlmsg_type " + "= %i, seq = %i and nlh->nlmsg_seq = %i", + pid, nlh->nlmsg_pid, nlh->nlmsg_type, + seq, nlh->nlmsg_seq); + ghost_develmsg("dev->name = %s and dev->ifindex = %i", + dev->name, + dev->ifindex); + /* function whose call rtnl_fill_ifinfo has been modified, except + rtmsg_ifinfo so if it will be necessary to skip ghost iface here then + keep in your mind to test pid because if it is eq. to 0 then it is a + kernel request (else user request) and we don't want disturbe its work. */ +#endif ifm = nlmsg_data(nlh); ifm->ifi_family = AF_UNSPEC; ifm->__ifi_pad = 0; @@ -690,6 +725,24 @@ idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) function which encapsulates calls to + * rtnl_fill_ifinfo and which is call after rtnl_get_doit/dumpit, + * use to dump list of network interfaces (as used by "ip link") + */ + ghost_develmsg("for_each_netdev, current net_device is %s", + dev->name); + ghost_develmsg("netlink cb pid = %i, cb nlh->nlmsg_type = %i, " + "cb familly/proto = %i, cb nlh->nlmsg_pid %i", + NETLINK_CB(cb->skb).pid, cb->nlh->nlmsg_type, + cb->family, cb->nlh->nlmsg_pid); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Hide ghotified interface (%s) in the dump", + dev->name); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if (rtnl_fill_ifinfo(skb, dev, RTM_NEWLINK, @@ -940,6 +993,18 @@ err = -ENODEV; goto errout; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it + with user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change state/parameters of a ghotified " + "interface (%s), skip", dev->name); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ if ((err = validate_linkmsg(dev, tb)) < 0) goto errout_dev; @@ -978,6 +1043,17 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it + with user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change dell a ghotified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ ops = dev->rtnl_link_ops; if (!ops) @@ -1180,6 +1256,17 @@ dev = dev_get_by_index(net, ifm->ifi_index); if (dev == NULL) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it with + user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get infos about a ghotified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ } else return -EINVAL; @@ -1234,6 +1321,8 @@ struct sk_buff *skb; int err = -ENOBUFS; + /* (ghost support) call rtnl_fill_ifinfo so maybe it + is need here to modify, in order to skip ghost iface */ skb = nlmsg_new(if_nlmsg_size(dev), GFP_KERNEL); if (skb == NULL) goto errout; @@ -1268,6 +1357,11 @@ int err; type = nlh->nlmsg_type; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("Enter, nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i and nlh->nlmsg_seq = %i ", + nlh->nlmsg_pid, nlh->nlmsg_seq, nlh->nlmsg_seq); +#endif /* CONFIG_GHOSTIFICATION */ + if (type > RTM_MAX) return -EOPNOTSUPP; @@ -1287,14 +1381,21 @@ if (kind != 2 && security_netlink_recv(skb, CAP_NET_ADMIN)) return -EPERM; + /* (ghost support) kind = 2 then imply RTM_GETLINK has been used */ if (kind == 2 && nlh->nlmsg_flags&NLM_F_DUMP) { struct sock *rtnl; rtnl_dumpit_func dumpit; + /* (ghost support) then rtnl_get_dumpit return pointer to the appropriate + function for this family and this type take in rtnl_msg_handler[] */ dumpit = rtnl_get_dumpit(family, type); if (dumpit == NULL) return -EOPNOTSUPP; - +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("Part 1: rtnl_get_dumpit(family %i, type %i) " + "is used before call to netlink_dump_start", + family,type); +#endif /* CONFIG_GHOSTIFICATION */ __rtnl_unlock(); rtnl = net->rtnl; err = netlink_dump_start(rtnl, skb, nlh, dumpit, NULL); @@ -1326,6 +1427,11 @@ doit = rtnl_get_doit(family, type); if (doit == NULL) return -EOPNOTSUPP; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) rtnl_get_doit return pointer to the appropriate + function for this family and this type take in rtnl_msg_handler[] */ + ghost_develmsg("Part 2: rtnl_get_doit(family %i, type %i)", family, type); +#endif /* CONFIG_GHOSTIFICATION */ return doit(skb, nlh, (void *)&rta_buf[0]); } @@ -1341,6 +1447,10 @@ { struct net_device *dev = ptr; + /* (ghost support) if we want provide a ghost's way to modify + the state of a ghost iface, it will be necessary to skip event + reports involing ghost iface (actually any changes are possible + if the iface is ghostified so there is nothing to report) */ switch (event) { case NETDEV_UNREGISTER: rtmsg_ifinfo(RTM_DELLINK, dev, ~0U); diff -rNaud linux-2.6.28/net/ipv4/arp.c linux-2.6.28-ghost/net/ipv4/arp.c --- linux-2.6.28/net/ipv4/arp.c 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/net/ipv4/arp.c 2009-11-26 22:24:32.000000000 +0000 @@ -70,6 +70,8 @@ * bonding can change the skb before * sending (e.g. insert 8021q tag). * Harald Welte : convert to make use of jenkins hash + * Luca Saiu @@ -116,6 +118,11 @@ struct neigh_table *clip_tbl_hook; #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include #include @@ -1309,9 +1316,21 @@ } #endif sprintf(tbuf, NIPQUAD_FMT, NIPQUAD(*(u32*)n->primary_key)); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show anything in /proc if it involves + ghost interfaces: */ + if (! is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Don't show any arp information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", + tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); + read_unlock(&n->lock); + } +#else seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", - tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); + tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); read_unlock(&n->lock); +#endif /* CONFIG_GHOSTIFICATION */ } static void arp_format_pneigh_entry(struct seq_file *seq, @@ -1322,9 +1341,21 @@ char tbuf[16]; sprintf(tbuf, NIPQUAD_FMT, NIPQUAD(*(u32*)n->key)); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show anything in /proc if it involves + ghost interfaces */ + if (! is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Don't show any arp information in /proc " + "about ghostified interfaces (2)."); + seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", + tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", + dev ? dev->name : "*"); + } +#else seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", - tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", - dev ? dev->name : "*"); + tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", + dev ? dev->name : "*"); +#endif /* CONFIG_GHOSTIFICATION */ } static int arp_seq_show(struct seq_file *seq, void *v) diff -rNaud linux-2.6.28/net/ipv4/devinet.c linux-2.6.28-ghost/net/ipv4/devinet.c --- linux-2.6.28/net/ipv4/devinet.c 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/net/ipv4/devinet.c 2009-11-26 22:24:32.000000000 +0000 @@ -23,6 +23,9 @@ * address (4.4BSD alias style support), * fall back to comparing just the label * if no match found. + * Roudiere Jonathan : + * some changes to ghost support, skip + * request involving a ghostified iface. */ @@ -62,6 +65,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + static struct ipv4_devconf ipv4_devconf = { .data = { [NET_IPV4_CONF_ACCEPT_REDIRECTS - 1] = 1, @@ -455,6 +463,16 @@ err = -ENODEV; goto errout; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("in_dev->dev->name = %s", in_dev->dev->name); + if (is_a_ghost_interface_name(in_dev->dev->name)) { + ghost_ptk("Try to delete address on a ghostified interface (%s), skip", + (in_dev->dev->name)); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ __in_dev_put(in_dev); @@ -504,6 +522,17 @@ if (dev == NULL) goto errout; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("(dev->name) = %s ", (dev->name)); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change/modfy address on a ghostified interface (%s), skip", + (dev->name)); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ + in_dev = __in_dev_get_rtnl(dev); err = -ENOBUFS; if (in_dev == NULL) @@ -553,6 +582,12 @@ ASSERT_RTNL(); + /* (ghost support) don't modify this funct but directly + rtm_to_ifaddr, as for others funct, with user-levels tools + (as iproute) we normaly never arrive here (because a dump + all ifaces is perform before and func which make the dump + has been modified (but we want prevent user tool request + the ghost iface directly */ ifa = rtm_to_ifaddr(net, nlh); if (IS_ERR(ifa)) return PTR_ERR(ifa); @@ -1168,6 +1203,15 @@ s_ip_idx = ip_idx = cb->args[1]; idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION /* _VERIFICATION_NEED_ */ + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("dev->name = %s", dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get address on a ghostified interface (%s), skip", + (dev->name)); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if (idx > s_idx) diff -rNaud linux-2.6.28/net/ipv4/fib_frontend.c linux-2.6.28-ghost/net/ipv4/fib_frontend.c --- linux-2.6.28/net/ipv4/fib_frontend.c 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/net/ipv4/fib_frontend.c 2009-11-26 22:24:32.000000000 +0000 @@ -6,6 +6,10 @@ * IPv4 Forwarding Information Base: FIB frontend. * * Authors: Alexey Kuznetsov, + * Luca Saiu (simple changes for ghostification + * support). + * Roudiere Jonathan (some display + * and comment for ghostification in rtnetlink functions). * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -45,6 +49,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #ifndef CONFIG_IP_MULTIPLE_TABLES static int __net_init fib4_rules_init(struct net *net) @@ -451,6 +460,11 @@ * Handle IP routing ioctl calls. These are used to manipulate the routing tables */ +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) A function implemented in net/core/dev.c */ +int is_a_ghost_interface_name(const char *interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + int ip_rt_ioctl(struct net *net, unsigned int cmd, void __user *arg) { struct fib_config cfg; @@ -465,6 +479,22 @@ if (copy_from_user(&rt, arg, sizeof(rt))) return -EFAULT; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Forbid any action involving a ghost interface */ + if (rt.rt_dev != (char __user*)NULL) { + /* We need to have this name in kernel space to check + for ghostification: */ + char interface_name[1000]; /* [IFNAMSIZ+1] is certainly sufficient */ + if(copy_from_user(interface_name, rt.rt_dev, IFNAMSIZ + 1)) + return -EFAULT; + if(is_a_ghost_interface_name(interface_name)) { + ghost_ptk("The user aked to add a route involving the " + "ghost interface %s. We make this operation fail", + interface_name); + return -ENODEV; + } + } +#endif /* CONFIG_GHOSTIFICATION */ rtnl_lock(); err = rtentry_to_fib_config(net, cmd, &rt, &cfg); @@ -473,12 +503,18 @@ if (cmd == SIOCDELRT) { tb = fib_get_table(net, cfg.fc_table); + /* (ghost support) The function pointed by tb->tb_delete was + also modified to deal with ghost interfaces. Such function + may be either fn_hash_delete() or fn_trie_delete() */ if (tb) err = tb->tb_delete(tb, &cfg); else err = -ESRCH; } else { tb = fib_new_table(net, cfg.fc_table); + /* (ghost support) The function pointed by tb->tb_insert was + also modified to deal with ghost interfaces. Such function + may be either fn_hash_insert() or fn_trie_insert() */ if (tb) err = tb->tb_insert(tb, &cfg); else @@ -585,6 +621,16 @@ struct fib_table *tb; int err; + /* + * (ghost support) add infos for patch devel, we don't modify + * inet_rtm_newroute but instead functions pointed by tb->tb_delete, + * either fn_hash_delete() (in fib_hash.c) or fn_trie_delete() + * (in fib_trie.c) + */ + ghost_develmsg(" nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i " + "and nlh->nlmsg_type = %i", nlh->nlmsg_pid, + nlh->nlmsg_seq, nlh->nlmsg_type); + err = rtm_to_fib_config(net, skb, nlh, &cfg); if (err < 0) goto errout; @@ -607,6 +653,16 @@ struct fib_table *tb; int err; + /* + * (ghost support) add infos for patch devel, we don't modify + * inet_rtm_newroute but instead function pointed by tb->tb_insert, + * either fn_hash_insert() (in fib_hash.c) or fn_trie_insert() + * (in fib_trie.c) + */ + ghost_develmsg(" nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i " + "and nlh->nlmsg_type = %i", nlh->nlmsg_pid, + nlh->nlmsg_seq, nlh->nlmsg_type); + err = rtm_to_fib_config(net, skb, nlh, &cfg); if (err < 0) goto errout; @@ -622,6 +678,12 @@ return err; } +/* + * (ghost support) Fonction called through rtnetlink to dump + * all routes, we don't change anythings here, changes have + * been made in fib_semantics.c (in fib_dump_info which is + * called by fib_trie and fib_hash). + */ static int inet_dump_fib(struct sk_buff *skb, struct netlink_callback *cb) { struct net *net = sock_net(skb->sk); @@ -634,7 +696,7 @@ if (nlmsg_len(cb->nlh) >= sizeof(struct rtmsg) && ((struct rtmsg *) nlmsg_data(cb->nlh))->rtm_flags & RTM_F_CLONED) - return ip_rt_dump(skb, cb); + return ip_rt_dump(skb, cb); /* (ghost support) need modify this func */ s_h = cb->args[0]; s_e = cb->args[1]; @@ -659,6 +721,9 @@ cb->args[1] = e; cb->args[0] = h; + /* (ghost support) Length returned can be changed by + fib_dump_info when a route of a ghositifed iface is + lookup (skb length may be abnormal, diff of mod(240)) */ return skb->len; } diff -rNaud linux-2.6.28/net/ipv4/fib_hash.c linux-2.6.28-ghost/net/ipv4/fib_hash.c --- linux-2.6.28/net/ipv4/fib_hash.c 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/net/ipv4/fib_hash.c 2009-11-26 22:24:32.000000000 +0000 @@ -6,6 +6,11 @@ * IPv4 FIB: lookup engine and maintenance routines. * * Authors: Alexey Kuznetsov, + * Luca Saiu (simple changes for ghostification + * support). + * Roudiere Jonathan (bugfixes, + * forgetting ghost support in the function fn_hash_insert, bad + * field check in fib_seq_show). * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -41,6 +46,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "fib_lookup.h" static struct kmem_cache *fn_hash_kmem __read_mostly; @@ -397,6 +407,18 @@ if (IS_ERR(fi)) return PTR_ERR(fi); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for route involving + ghostified interface, current funct is pointed by tb->tb_insert */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + if (fz->fz_nent > (fz->fz_divisor<<1) && fz->fz_divisor < FZ_MAX_DIVISOR && (cfg->fc_dst_len == 32 || @@ -580,7 +602,17 @@ fa = list_entry(fa->fa_list.prev, struct fib_alias, fa_list); list_for_each_entry_continue(fa, &f->fn_alias, fa_list) { struct fib_info *fi = fa->fa_info; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for route involving + ghostified interface, current funct is pointed by tb->tb_delete */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ if (fa->fa_tos != cfg->fc_tos) break; @@ -1022,19 +1054,39 @@ prefix = f->fn_key; mask = FZ_MASK(iter->zone); flags = fib_flag_trans(fa->fa_type, mask, fi); - if (fi) + if (fi) + { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't display any informations about + ghostified interfaces under /proc/net/route, bf */ + if (! is_a_ghost_interface_name((const char*)fi->fib_dev->name)) + { + ghost_ptk("Don't display routes for a ghostified " + "interface (%s) /proc/net/route", + (const char*)fi->fib_dev->name); + seq_printf(seq, + "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", prefix, + fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, + mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); + } +#else seq_printf(seq, - "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", - fi->fib_dev ? fi->fib_dev->name : "*", prefix, - fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, - mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), - fi->fib_window, - fi->fib_rtt >> 3, &len); - else + "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", prefix, + fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, + mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); +#endif /* CONFIG_GHOSTIFICATION */ + } + else { seq_printf(seq, - "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", - prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); - + "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); + } seq_printf(seq, "%*s\n", 127 - len, ""); out: return 0; diff -rNaud linux-2.6.28/net/ipv4/fib_semantics.c linux-2.6.28-ghost/net/ipv4/fib_semantics.c --- linux-2.6.28/net/ipv4/fib_semantics.c 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/net/ipv4/fib_semantics.c 2009-11-26 22:24:32.000000000 +0000 @@ -11,6 +11,9 @@ * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. + * Changes: + * Roudiere Jonathan trivial + * change for ghostification. */ #include @@ -43,6 +46,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "fib_lookup.h" static DEFINE_SPINLOCK(fib_info_lock); @@ -953,6 +961,23 @@ if (nlh == NULL) return -EMSGSIZE; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) function call by fib_trie and fib_hash to dump route, + * in most case we won't arrive here with usertools (like iproute), because + * modification in rtnl_dump_ifinfo hide iface and modif here may be not really + * proper because put abnormal length in the skb->len return by inet_dump_fib + * (used without error..) if pid != 0 then user talks else that is the kernel; + */ + if (pid != 0) + if (is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Try to get route about ghost iface (%s), skip", + fi->fib_dev->name); + /* return -EMSGSIZE; don't use this because that stops evaluation */ + return nlmsg_end(skb, nlh); + } +#endif /* CONFIG_GHOSTIFICATION */ + rtm = nlmsg_data(nlh); rtm->rtm_family = AF_INET; rtm->rtm_dst_len = dst_len; diff -rNaud linux-2.6.28/net/ipv4/fib_trie.c linux-2.6.28-ghost/net/ipv4/fib_trie.c --- linux-2.6.28/net/ipv4/fib_trie.c 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/net/ipv4/fib_trie.c 2009-11-26 22:24:32.000000000 +0000 @@ -12,6 +12,12 @@ * * Hans Liss Uppsala Universitet * + * Luca Saiu (simple changes for ghostification + * support) + * Roudiere Jonathan (bugfixes, + * forgetting ghost support in the function fn_trie_insert, bad + * field check in fib_route_seq_show). + * * This work is based on the LPC-trie which is originally descibed in: * * An experimental study of compression methods for dynamic tries @@ -80,6 +86,11 @@ #include #include "fib_lookup.h" +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define MAX_STAT_DEPTH 32 #define KEYLENGTH (8*sizeof(t_key)) @@ -1195,6 +1206,18 @@ goto err; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for + route involving ghostified interface */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + l = fib_find_node(t, key); fa = NULL; @@ -1623,7 +1646,17 @@ fa = list_entry(fa->fa_list.prev, struct fib_alias, fa_list); list_for_each_entry_continue(fa, fa_head, fa_list) { struct fib_info *fi = fa->fa_info; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for + route involving ghostified interface */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ if (fa->fa_tos != tos) break; @@ -2583,7 +2616,28 @@ || fa->fa_type == RTN_MULTICAST) continue; - if (fi) + if (fi) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't display any informations about + ghostified interfaces under /proc/net/route, bf */ + if (! is_a_ghost_interface_name((const char*)fi->fib_dev->name)) { + ghost_ptk("Don't display routes for a ghostified " + "interface (%s) in /proc/net/route", + (const char*)fi->fib_dev->name); + seq_printf(seq, + "%s\t%08X\t%08X\t%04X\t%d\t%u\t" + "%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", + prefix, + fi->fib_nh->nh_gw, flags, 0, 0, + fi->fib_priority, + mask, + (fi->fib_advmss ? + fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); + } +#else seq_printf(seq, "%s\t%08X\t%08X\t%04X\t%d\t%u\t" "%d\t%08X\t%d\t%u\t%u%n", @@ -2596,13 +2650,14 @@ fi->fib_advmss + 40 : 0), fi->fib_window, fi->fib_rtt >> 3, &len); - else +#endif /* CONFIG_GHOSTIFICATION */ + } else { seq_printf(seq, "*\t%08X\t%08X\t%04X\t%d\t%u\t" "%d\t%08X\t%d\t%u\t%u%n", prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); - + } seq_printf(seq, "%*s\n", 127 - len, ""); } } diff -rNaud linux-2.6.28/net/ipv4/igmp.c linux-2.6.28-ghost/net/ipv4/igmp.c --- linux-2.6.28/net/ipv4/igmp.c 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/net/ipv4/igmp.c 2009-11-26 22:24:32.000000000 +0000 @@ -68,6 +68,8 @@ * Alexey Kuznetsov: Accordance to igmp-v2-06 draft. * David L Stevens: IGMPv3 support, with help from * Vinay Kulkarni + * Luca Saiu : trivial changes for ghostification + * support */ #include @@ -105,6 +107,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define IP_MAX_MEMBERSHIPS 20 #define IP_MAX_MSF 10 @@ -2385,8 +2392,18 @@ #endif if (state->in_dev->mc_list == im) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if(! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, "%d\t%-10s: %5d %7s\n", + state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier); + } +#else seq_printf(seq, "%d\t%-10s: %5d %7s\n", state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier); +#endif /* CONFIG_GHOSTIFICATION */ } seq_printf(seq, @@ -2546,14 +2563,30 @@ "Device", "MCA", "SRC", "INC", "EXC"); } else { - seq_printf(seq, - "%3d %6.6s 0x%08x " - "0x%08x %6lu %6lu\n", - state->dev->ifindex, state->dev->name, - ntohl(state->im->multiaddr), - ntohl(psf->sf_inaddr), - psf->sf_count[MCAST_INCLUDE], - psf->sf_count[MCAST_EXCLUDE]); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if (! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp information in /proc " + "about ghostified interfaces (2)."); + seq_printf(seq, + "%3d %6.6s 0x%08x " + "0x%08x %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + ntohl(state->im->multiaddr), + ntohl(psf->sf_inaddr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); + } +#else + seq_printf(seq, + "%3d %6.6s 0x%08x " + "0x%08x %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + ntohl(state->im->multiaddr), + ntohl(psf->sf_inaddr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; } diff -rNaud linux-2.6.28/net/ipv4/route.c linux-2.6.28-ghost/net/ipv4/route.c --- linux-2.6.28/net/ipv4/route.c 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/net/ipv4/route.c 2009-11-26 22:24:32.000000000 +0000 @@ -55,6 +55,9 @@ * Eric Dumazet : hashed spinlocks and rt_check_expire() fixes. * Ilia Sotnikov : Ignore TOS on PMTUD and Redirect * Ilia Sotnikov : Removed TOS from hash calculations + * Luca Saiu : trivial changes for ghostification support + * Roudiere Jonathan : ghost support to rtnetlink + * function, ghost bugfix (field) in rt_cache_seq_show * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -108,6 +111,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define RT_FL_TOS(oldflp) \ ((u32)(oldflp->fl4_tos & (IPTOS_RT_MASK | RTO_ONLINK))) @@ -373,6 +381,14 @@ "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t" "HHUptod\tSpecDst"); else { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Dont't display informations about ghost ifaces, bf */ + if(is_a_ghost_interface_name((const char*)((struct rtable*)v)->u.dst.dev->name)) { + ghost_ptk("Don't display routing informations about ghost interface (%s)", + ((const char*)((struct rtable*)v)->u.dst.dev->name)); + return 0; + } +#endif /* CONFIG_GHOSTIFICATION */ struct rtable *r = v; int len; @@ -390,11 +406,11 @@ r->fl.fl4_tos, r->u.dst.hh ? atomic_read(&r->u.dst.hh->hh_refcnt) : -1, r->u.dst.hh ? (r->u.dst.hh->hh_output == - dev_queue_xmit) : 0, + dev_queue_xmit) : 0, r->rt_spec_dst, &len); seq_printf(seq, "%*s\n", 127 - len, ""); - } + } return 0; } @@ -2691,8 +2707,13 @@ r->rtm_src_len = 32; NLA_PUT_BE32(skb, RTA_SRC, rt->fl.fl4_src); } - if (rt->u.dst.dev) + if (rt->u.dst.dev) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) */ + ghost_develmsg("Net device is = %s ",rt->u.dst.dev->name); +#endif NLA_PUT_U32(skb, RTA_OIF, rt->u.dst.dev->ifindex); + } #ifdef CONFIG_NET_CLS_ROUTE if (rt->u.dst.tclassid) NLA_PUT_U32(skb, RTA_FLOW, rt->u.dst.tclassid); @@ -2775,7 +2796,7 @@ err = -ENOBUFS; goto errout; } - + /* Reserve room for dummy headers, this skb can pass through good chunk of routing engine. */ @@ -2797,6 +2818,17 @@ if (dev == NULL) { err = -ENODEV; goto errout_free; + +#ifdef CONFIG_GHOSTIFICATION + ghost_debugmsg("Net device is %s ", dev->name); + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get a route involving a ghostified " + "interface (%s), skip", dev->name); + err = -ENODEV; + goto errout_free; + } +#endif /* CONFIG_GHOSTIFICATION */ } skb->protocol = htons(ETH_P_IP); @@ -2822,13 +2854,31 @@ err = ip_route_output_key(net, &rt, &fl); } - if (err) + if (err) { goto errout_free; + } skb->rtable = rt; if (rtm->rtm_flags & RTM_F_NOTIFY) rt->rt_flags |= RTCF_NOTIFY; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't allow get ops for route + involving a ghostified interface, unnecessary test ..(rt) */ + if (rt) { + if (rt->u.dst.dev) { + ghost_debugmsg("Net device is %s ",rt->u.dst.dev->name); + if (is_a_ghost_interface_name(rt->u.dst.dev->name)) { + ghost_ptk("Try to get a route involving a ghostified " + "interface (%s), skip", + rt->u.dst.dev->name); + err = -ENETUNREACH; + goto errout_free; + } + } + } +#endif /* CONFIG_GHOSTIFICATION */ + err = rt_fill_info(skb, NETLINK_CB(in_skb).pid, nlh->nlmsg_seq, RTM_NEWROUTE, 0, 0); if (err <= 0) @@ -2843,6 +2893,8 @@ goto errout; } +/* (ghost support) maybe it will be necessary to modify +this func which is call in fib_frontend.c */ int ip_rt_dump(struct sk_buff *skb, struct netlink_callback *cb) { struct rtable *rt; diff -rNaud linux-2.6.28/net/ipv6/Kconfig linux-2.6.28-ghost/net/ipv6/Kconfig --- linux-2.6.28/net/ipv6/Kconfig 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/net/ipv6/Kconfig 2009-11-26 22:24:32.000000000 +0000 @@ -4,8 +4,8 @@ # IPv6 as module will cause a CRASH if you try to unload it menuconfig IPV6 - tristate "The IPv6 protocol" - default m + bool "The IPv6 protocol" + default y ---help--- This is complemental support for the IP version 6. You will still be able to do traditional IPv4 networking as well. @@ -16,6 +16,10 @@ For specific information about IPv6 under Linux, read the HOWTO at . + Ghostification notes: + ===================== + IPV6 can not be built in module with ghost support. + To compile this protocol support as a module, choose M here: the module will be called ipv6. @@ -68,7 +72,7 @@ If unsure, say N. config INET6_AH - tristate "IPv6: AH transformation" + bool "IPv6: AH transformation" select XFRM select CRYPTO select CRYPTO_HMAC @@ -80,7 +84,7 @@ If unsure, say Y. config INET6_ESP - tristate "IPv6: ESP transformation" + bool "IPv6: ESP transformation" select XFRM select CRYPTO select CRYPTO_AUTHENC @@ -95,7 +99,7 @@ If unsure, say Y. config INET6_IPCOMP - tristate "IPv6: IPComp transformation" + bool "IPv6: IPComp transformation" select INET6_XFRM_TUNNEL select XFRM_IPCOMP ---help--- @@ -105,7 +109,7 @@ If unsure, say Y. config IPV6_MIP6 - tristate "IPv6: Mobility (EXPERIMENTAL)" + bool "IPv6: Mobility (EXPERIMENTAL)" depends on EXPERIMENTAL select XFRM ---help--- @@ -114,16 +118,16 @@ If unsure, say N. config INET6_XFRM_TUNNEL - tristate + bool select INET6_TUNNEL default n config INET6_TUNNEL - tristate + bool default n config INET6_XFRM_MODE_TRANSPORT - tristate "IPv6: IPsec transport mode" + bool "IPv6: IPsec transport mode" default IPV6 select XFRM ---help--- @@ -132,7 +136,7 @@ If unsure, say Y. config INET6_XFRM_MODE_TUNNEL - tristate "IPv6: IPsec tunnel mode" + bool "IPv6: IPsec tunnel mode" default IPV6 select XFRM ---help--- @@ -141,7 +145,7 @@ If unsure, say Y. config INET6_XFRM_MODE_BEET - tristate "IPv6: IPsec BEET mode" + bool "IPv6: IPsec BEET mode" default IPV6 select XFRM ---help--- @@ -150,14 +154,14 @@ If unsure, say Y. config INET6_XFRM_MODE_ROUTEOPTIMIZATION - tristate "IPv6: MIPv6 route optimization mode (EXPERIMENTAL)" + bool "IPv6: MIPv6 route optimization mode (EXPERIMENTAL)" depends on EXPERIMENTAL select XFRM ---help--- Support for MIPv6 route optimization mode. config IPV6_SIT - tristate "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" + bool "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" select INET_TUNNEL select IPV6_NDISC_NODETYPE default y @@ -174,7 +178,7 @@ bool config IPV6_TUNNEL - tristate "IPv6: IP-in-IPv6 tunnel (RFC2473)" + bool "IPv6: IP-in-IPv6 tunnel (RFC2473)" select INET6_TUNNEL ---help--- Support for IPv6-in-IPv6 and IPv4-in-IPv6 tunnels described in diff -rNaud linux-2.6.28/net/ipv6/addrconf.c linux-2.6.28-ghost/net/ipv6/addrconf.c --- linux-2.6.28/net/ipv6/addrconf.c 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/net/ipv6/addrconf.c 2009-11-26 22:24:32.000000000 +0000 @@ -36,6 +36,9 @@ * YOSHIFUJI Hideaki @USAGI : improved source address * selection; consider scope, * status etc. + * Luca Saiu : ghostification support + * Roudiere Jonathan : ghost + * modify functions using (rt)netlink */ #include @@ -80,6 +83,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include #include @@ -445,6 +453,86 @@ return idev; } +/* + * (ghost support) Support to hide snmp6 proc infos. + */ +#ifdef CONFIG_GHOSTIFICATION +/* Utility procedure, needed for {show,hide}_proc_net_dev_snmp6_DEVICE_if_needed(). + Return a pointer to a valid inet6_dev structure on success, NULL on failure: */ +static struct inet6_dev* lookup_snmp6_device(const char *interface_name) +{ + struct net_device *device; + struct inet6_dev *idev; + + /* Lookup the device by name, obtaining an inet6_dev structure: */ + device = dev_get_by_name(&init_net, interface_name); + if(device == NULL) + return NULL; + rtnl_lock(); + idev = ipv6_find_idev(device); + rtnl_unlock(); + return idev; +} + +/* These are defined in net/ipv6/proc.c: */ +extern struct proc_dir_entry *proc_net_devsnmp6; +extern struct file_operations snmp6_seq_fops; + +/* Remove the virtual file /proc/net/dev_snmp6/DEVICE, unless + it's already hidden. Return 0 on success, nonzero on error: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name) +{ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + ghost_ptk("Hiding /proc/net/dev_snmp6/%s...", interface_name); + if(idev == NULL) /* lookup failed */ + return -EINVAL; + + /* Remove the proc/ entry, if any. If there was no entry + then remove_proc_entry() will fail, but it's ok for us: */ +#ifdef CONFIG_PROC_FS + if (!proc_net_devsnmp6) + return -ENOENT; + if (idev->stats.proc_dir_entry == NULL) + return -EINVAL; + remove_proc_entry(interface_name, proc_net_devsnmp6); +#endif /* CONFIG_PROC_FS */ + return 0; + //return snmp6_unregister_dev(idev); +} + +/* Create the virtual file /proc/net/dev_snmp6/DEVICE, unless + it's already shown. Return 0 on success, nonzero on error: */ +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name) +{ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + struct proc_dir_entry *proc_directory_entry; + ghost_ptk("Showing /proc/net/dev_snmp6/%s...", + interface_name); + if(idev == NULL) /* lookup failed */ + return -EINVAL; + if(idev->dev == NULL) /* I doubt this may happen... */ + return -EINVAL; +#ifdef CONFIG_PROC_FS + if(!proc_net_devsnmp6) /* there isn't any /proc/net/dev_snmp6 */ + return -ENOENT; + if((proc_directory_entry = create_proc_entry(interface_name, + S_IRUGO, proc_net_devsnmp6)) == NULL) + return -ENOMEM; + proc_directory_entry->data = idev; + proc_directory_entry->proc_fops = &snmp6_seq_fops; + idev->stats.proc_dir_entry = proc_directory_entry; +#endif /* CONFIG_PROC_FS */ + return 0; + /* return snmp6_register_dev(idev); */ +} +EXPORT_SYMBOL(show_proc_net_dev_snmp6_DEVICE_if_needed); +EXPORT_SYMBOL(hide_proc_net_dev_snmp6_DEVICE_if_needed); +#endif /* CONFIG_GHOSTIFICATION */ + +/* + * End of ghostification support + */ + #ifdef CONFIG_SYSCTL static void dev_forward_change(struct inet6_dev *idev) { @@ -2143,6 +2231,10 @@ return PTR_ERR(ifp); } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_addr_del(struct net *net, int ifindex, struct in6_addr *pfx, unsigned int plen) { @@ -2157,6 +2249,15 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to delete address on a ghostified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + if ((idev = __in6_dev_get(dev)) == NULL) return -ENXIO; @@ -2988,6 +3089,23 @@ static int if6_seq_show(struct seq_file *seq, void *v) { struct inet6_ifaddr *ifp = (struct inet6_ifaddr *)v; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information about ghost interfaces */ + if (is_a_ghost_interface_name(ifp->idev->dev->name)) { + ghost_ptk("Don't show informations about a ghostified " + "interface (%s) under /proc.", + ifp->idev->dev->name); + } else { + seq_printf(seq, + NIP6_SEQFMT " %02x %02x %02x %02x %8s\n", + NIP6(ifp->addr), + ifp->idev->dev->ifindex, + ifp->prefix_len, + ifp->scope, + ifp->flags, + ifp->idev->dev->name); + } +#else seq_printf(seq, NIP6_SEQFMT " %02x %02x %02x %02x %8s\n", NIP6(ifp->addr), @@ -2996,6 +3114,8 @@ ifp->scope, ifp->flags, ifp->idev->dev->name); +#endif /* CONFIG_GHOSTIFICATION */ + return 0; } @@ -3203,6 +3323,10 @@ [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) }, }; +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { @@ -3220,7 +3344,9 @@ pfx = extract_addr(tb[IFA_ADDRESS], tb[IFA_LOCAL]); if (pfx == NULL) return -EINVAL; - + /* (ghost support) we could/should stop here a request involving a + ghostified interface but inet6_addr_del already do a part of our work + (get dev etc ..) so instead we modify inet6_addr_del */ return inet6_addr_del(net, ifm->ifa_index, pfx, ifm->ifa_prefixlen); } @@ -3269,6 +3395,10 @@ return 0; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { @@ -3306,6 +3436,15 @@ if (dev == NULL) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to add a address to a ghostified interface (%s). Failing.", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + /* We ignore other flags so far. */ ifa_flags = ifm->ifa_flags & (IFA_F_NODAD | IFA_F_HOMEADDRESS); @@ -3471,6 +3610,12 @@ ANYCAST_ADDR, }; +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc; + * inet6_dump_addr is called by inet6_dump_{ifaddr,ifmcaddr,ifacaddr} + * and call the appropriate inet6_fill_* function. + */ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb, enum addr_type_t type) { @@ -3496,6 +3641,17 @@ ip_idx = 0; if ((idev = in6_dev_get(dev)) == NULL) goto cont; + +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get infos about addresses of a ghostified interface (%s), skip.", + dev->name); + goto cont; + /* return -ENODEV; don't use it */ + } +#endif /* CONFIG_GHOSTIFICATION */ + read_lock_bh(&idev->lock); switch (type) { case UNICAST_ADDR: @@ -3567,7 +3723,6 @@ return inet6_dump_addr(skb, cb, type); } - static int inet6_dump_ifacaddr(struct sk_buff *skb, struct netlink_callback *cb) { enum addr_type_t type = ANYCAST_ADDR; @@ -3575,6 +3730,10 @@ return inet6_dump_addr(skb, cb, type); } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_getaddr(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) { @@ -3601,6 +3760,17 @@ if (ifm->ifa_index) dev = __dev_get_by_index(net, ifm->ifa_index); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (dev) { + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get address of a ghostified interface (%s), skip.", + dev->name); + return -ENODEV; + } + } +#endif /* CONFIG_GHOSTIFICATION */ + if ((ifa = ipv6_get_ifaddr(net, addr, dev, 1)) == NULL) { err = -EADDRNOTAVAIL; goto errout; @@ -3808,6 +3978,10 @@ return -EMSGSIZE; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb) { struct net *net = sock_net(skb->sk); @@ -3819,6 +3993,14 @@ read_lock(&dev_base_lock); idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to dump address infos about a ghostified interface (%s), skip.", + dev->name); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if ((idev = in6_dev_get(dev)) == NULL) @@ -3846,7 +4028,6 @@ skb = nlmsg_new(inet6_if_nlmsg_size(), GFP_ATOMIC); if (skb == NULL) goto errout; - err = inet6_fill_ifinfo(skb, idev, 0, 0, event, 0); if (err < 0) { /* -EMSGSIZE implies BUG in inet6_if_nlmsg_size() */ diff -rNaud linux-2.6.28/net/ipv6/ip6_fib.c linux-2.6.28-ghost/net/ipv6/ip6_fib.c --- linux-2.6.28/net/ipv6/ip6_fib.c 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/net/ipv6/ip6_fib.c 2009-11-26 22:24:32.000000000 +0000 @@ -275,6 +275,8 @@ #endif +/* (ghost support) iterate on net device, don't modify this function, +we can return ENODEV here, user-space tools (as ip) dump iface list before */ static int fib6_dump_node(struct fib6_walker_t *w) { int res; @@ -316,7 +318,6 @@ { struct fib6_walker_t *w; int res; - w = (void *)cb->args[2]; w->root = &table->tb6_root; diff -rNaud linux-2.6.28/net/ipv6/mcast.c linux-2.6.28-ghost/net/ipv6/mcast.c --- linux-2.6.28/net/ipv6/mcast.c 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/net/ipv6/mcast.c 2009-11-26 22:24:32.000000000 +0000 @@ -24,6 +24,10 @@ * - MLD for link-local addresses. * David L Stevens : * - MLDv2 support + * Luca Saiu : + * - trivial changes for ghostification support + * Roudiere Jonathan + * - trivial changes to correct an forgetting */ #include @@ -61,6 +65,11 @@ #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Set to 3 to get tracing... */ #define MCAST_DEBUG 2 @@ -2429,6 +2438,20 @@ struct ifmcaddr6 *im = (struct ifmcaddr6 *)v; struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information about ghost interfaces */ + if(! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp6 information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, + "%-4d %-15s " NIP6_SEQFMT " %5d %08X %ld\n", + state->dev->ifindex, state->dev->name, + NIP6(im->mca_addr), + im->mca_users, im->mca_flags, + (im->mca_flags&MAF_TIMER_RUNNING) ? + jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); + } +#else seq_printf(seq, "%-4d %-15s " NIP6_SEQFMT " %5d %08X %ld\n", state->dev->ifindex, state->dev->name, @@ -2436,6 +2459,7 @@ im->mca_users, im->mca_flags, (im->mca_flags&MAF_TIMER_RUNNING) ? jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); +#endif /* CONFIG_GHOSTIFICATION */ return 0; } @@ -2590,6 +2614,20 @@ "Device", "Multicast Address", "Source Address", "INC", "EXC"); } else { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if (! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp6 information in /proc" + " about ghostified interfaces (2)."); + seq_printf(seq, + "%3d %6.6s " NIP6_SEQFMT " " NIP6_SEQFMT " %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + NIP6(state->im->mca_addr), + NIP6(psf->sf_addr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); + } +#else seq_printf(seq, "%3d %6.6s " NIP6_SEQFMT " " NIP6_SEQFMT " %6lu %6lu\n", state->dev->ifindex, state->dev->name, @@ -2597,6 +2635,7 @@ NIP6(psf->sf_addr), psf->sf_count[MCAST_INCLUDE], psf->sf_count[MCAST_EXCLUDE]); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; } diff -rNaud linux-2.6.28/net/ipv6/proc.c linux-2.6.28-ghost/net/ipv6/proc.c --- linux-2.6.28/net/ipv6/proc.c 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/net/ipv6/proc.c 2009-11-26 22:28:53.000000000 +0000 @@ -9,6 +9,8 @@ * * Authors: David S. Miller (davem@caip.rutgers.edu) * YOSHIFUJI Hideaki + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -29,6 +31,16 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include + +/* (ghost support) We don't want this to be static, as it has to + be read at ghostifying and unghostifying time */ +struct proc_dir_entry *proc_net_devsnmp6; +EXPORT_SYMBOL(proc_net_devsnmp6); +#endif /* CONFIG_GHOSTIFICATION */ + static int sockstat6_seq_show(struct seq_file *seq, void *v) { struct net *net = seq->private; @@ -194,6 +206,18 @@ return single_open_net(inode, file, snmp6_seq_show); } +/* (ghost support) This was originally static, +but we need to make it visible */ +#ifdef CONFIG_GHOSTIFICATION +struct file_operations snmp6_seq_fops = { + .owner = THIS_MODULE, + .open = snmp6_seq_open, + .read = seq_read, + .llseek = seq_lseek, + .release = single_release, +}; +EXPORT_SYMBOL(snmp6_seq_fops); +#else static const struct file_operations snmp6_seq_fops = { .owner = THIS_MODULE, .open = snmp6_seq_open, @@ -201,6 +225,7 @@ .llseek = seq_lseek, .release = single_release_net, }; +#endif /* CONFIG_GHOSTIFICATION */ static int snmp6_dev_seq_show(struct seq_file *seq, void *v) { diff -rNaud linux-2.6.28/net/ipv6/route.c linux-2.6.28-ghost/net/ipv6/route.c --- linux-2.6.28/net/ipv6/route.c 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/net/ipv6/route.c 2009-11-26 22:24:32.000000000 +0000 @@ -22,6 +22,10 @@ * reachable. otherwise, round-robin the list. * Ville Nuorvala * Fixed routing subtrees. + * Luca Saiu + * trivial changes for ghostification support + * Roudiere Jonathan + * ghostification support update, modify functions using netlink */ #include @@ -60,6 +64,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Set to 3 to get tracing. */ #define RT6_DEBUG 2 @@ -1080,10 +1089,6 @@ return hoplimit; } -/* - * - */ - int ip6_route_add(struct fib6_config *cfg) { int err; @@ -1795,6 +1800,8 @@ struct in6_rtmsg rtmsg; int err; + /* (ghost support) don't make any change, changes + have been made later for ioctl request */ switch(cmd) { case SIOCADDRT: /* Add a route */ case SIOCDELRT: /* Delete a route */ @@ -2090,26 +2097,84 @@ return err; } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc. + */ static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) { struct fib6_config cfg; int err; - err = rtm_to_fib6_config(skb, nlh, &cfg); - if (err < 0) - return err; +#ifdef CONFIG_GHOSTIFICATION + struct net *net = NULL; + struct net_device *dev = NULL; + + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; + + /* (ghost support) get the net struct through sock struct */ + net = sock_net(skb->sk); + if(!net) + return ip6_route_del(&cfg); /* do that or exit on error ... */ + /* (ghost support) get the net_device struct through fib6_config */ + dev = dev_get_by_index(net, cfg.fc_ifindex); + if(!dev) + return ip6_route_del(&cfg); /* do that or exit on error ... */ + /* (ghost support) ok we know the device name so if it + is a ghostified interface, return device not exist */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to del route involving a ghostified interface (%s). Failing", + dev->name); + return -ENODEV; + } +#else + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; +#endif /* CONFIG_GHOSTIFICATION */ return ip6_route_del(&cfg); } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc. + */ static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) { struct fib6_config cfg; int err; +#ifdef CONFIG_GHOSTIFICATION + struct net *net = NULL; + struct net_device *dev = NULL; + err = rtm_to_fib6_config(skb, nlh, &cfg); if (err < 0) return err; + + /* (ghost support) get the net struct through sock struct */ + net = sock_net(skb->sk); + if(!net) + return ip6_route_add(&cfg); /* do that or exit on error ... */ + /* (ghost support) get the net_device struct through fib6_config */ + dev = dev_get_by_index(net, cfg.fc_ifindex); + if(!dev) + return ip6_route_add(&cfg); /* do that or exit on error ... */ + /* (ghost support) ok we know the device name so if it is + a ghostified interface, return device not exist */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to add route involving a ghostified interface (%s). Failing.", + dev->name); + return -ENODEV; + } +#else + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; +#endif /* CONFIG_GHOSTIFICATION */ return ip6_route_add(&cfg); } @@ -2129,6 +2194,10 @@ + nla_total_size(sizeof(struct rta_cacheinfo)); } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc + */ static int rt6_fill_node(struct net *net, struct sk_buff *skb, struct rt6_info *rt, struct in6_addr *dst, struct in6_addr *src, @@ -2140,6 +2209,19 @@ long expires; u32 table; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("rtnetlink msg type %i, pid %i and seq %i", + type, pid, seq); + /* (ghost support) this function is called by by rt6_dump_route, and + inet6_rtm_get_route and inet6_rt_notify, test if it is a kernel request*/ + if (rt->rt6i_dev->name) + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Try to get/notify route infos about a " + "ghostified interface (%s), skip.", + rt->rt6i_dev->name); + return 1; + } +#endif /* CONFIG_GHOSTIFICATION */ if (prefix) { /* user wants prefix routes only */ if (!(rt->rt6i_flags & RTF_PREFIX_RT)) { /* success since this is not a prefix route */ @@ -2247,10 +2329,26 @@ return -EMSGSIZE; } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc, + */ int rt6_dump_route(struct rt6_info *rt, void *p_arg) { struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg; int prefix; + +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg(" rtnetlink mesg %i, pid %i and seq %i", + arg->cb->nlh->nlmsg_type, arg->cb->nlh->nlmsg_pid, arg->cb->nlh->nlmsg_seq); + /* if (rt->rt6i_dev) + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Try to dump route infos about a ghostified interface (%s), skip", + rt->rt6i_dev->name); + return -ENODEV; errro maybe come from here, modify instead + rt6_fill_node which has multiple callers + } */ +#endif /* CONFIG_GHOSTIFICATION */ if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) { struct rtmsg *rtm = nlmsg_data(arg->cb->nlh); @@ -2264,6 +2362,8 @@ prefix, 0, NLM_F_MULTI); } +/* (ghost support) Don't make changes here, function +rt6_fill_node has been modified instead */ static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) { struct net *net = sock_net(in_skb->sk); @@ -2408,6 +2508,18 @@ { struct seq_file *m = p_arg; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Do nothing if this route involves a + ghostified interface */ + if(rt->rt6i_dev != NULL) /* can't use &&: evaluation order is undefined */ + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Don't show any informations under /proc/net" + "involving a ghostified interface (%s)", + rt->rt6i_dev->name); + return 0; + } +#endif /* CONFIG_GHOSTIFICATION */ + seq_printf(m, NIP6_SEQFMT " %02x ", NIP6(rt->rt6i_dst.addr), rt->rt6i_dst.plen); diff -rNaud linux-2.6.28/net/netfilter/core.c linux-2.6.28-ghost/net/netfilter/core.c --- linux-2.6.28/net/netfilter/core.c 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/net/netfilter/core.c 2009-11-26 22:24:32.000000000 +0000 @@ -5,6 +5,8 @@ * way. * * Rusty Russell (C)2000 -- This code is GPL. + * Little change by Jonathan Roudiere to add + * Ghostification support (bypass netfilter for ghost interface). */ #include #include @@ -22,6 +24,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "nf_internals.h" static DEFINE_MUTEX(afinfo_mutex); @@ -59,7 +66,6 @@ { struct nf_hook_ops *elem; int err; - err = mutex_lock_interruptible(&nf_hook_mutex); if (err < 0) return err; @@ -169,7 +175,158 @@ rcu_read_lock(); elem = &nf_hooks[pf][hook]; + next_hook: + /* + * (ghost support) Netfilter ghostification support. + * Perform too much tests here is not a good idea because all + * network packets pass through this section but we have + * not other choice to skip netfilter hooks (per hook). + */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER + /* + * Bypass all Netfilter hooks (for ipv4/6, arp, bridge) for any + * ghostified interface (eq. to return NF_ACCEPT for each packet which + * go through an interface which is ghostified (do that at hook level + * in order to skip all chains's rules hang on the hooks)) + */ + + /* don't use ghost_debugmsg macro in this section + because it may introduce too much delay */ + ghost_develmsg("Enter in hook (pf=%i) (hook=%i) from indev->name = " + "%s to outdev->name = %s", pf, hook, indev->name, outdev->name); + +/* If we wish to skip all netfilter hooks for all PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ALL + /* + * outdev->name field is defined in OUTPUT, FORWARD and POSTROUTING hooks, + * if it is a ghostified interface then we must bypass netfilter hooks + * (and all rules chains), we start here (with outdev) to bypass netfilter's + * hooks in the case where we are in FORWARD. + */ + if ((outdev->name) != NULL) { + if (!is_a_ghost_interface_name(outdev->name)) { + ghost_develmsg("(outdev->name) = %s is not a ghostfied interface", + (outdev->name)); + goto apply_hook; + } else { + ghost_develmsg("(outdev->name) = %s is a ghostfied interface", + (outdev->name)); + ret = 1; + goto unlock; + } + } + /* + * indev->name field is defined in PREROUTING, FORWARD and INPUT hooks, + * if it is a ghostified interface then we must bypass netfilter hooks + * (and all rules chains), if we are in FORWARD hook and outdev/indev->name + * is not a ghostified interface then we can go towards hooks. + */ + if ((indev->name) != NULL) { + if (!is_a_ghost_interface_name(indev->name)) { + ghost_develmsg("(indev->name) = %s is not a ghostfied interface", + (indev->name)); + goto apply_hook; + } else { + ghost_develmsg("(indev->name) = %s is a ghostfied interface", + (indev->name)); + ret = 1; + goto unlock; + } + } + +/* + * If GHOSTIFICATION_NETFILTER_ALL is not defined neither any + * GHOSTIFICATION_NETFILTER_PF then we 'll skip all this code chunk. + * (about performance, choose to skip netfilter just for certains PF + * is the most bad things we can do, but ...) + */ +#elif (defined(CONFIG_GHOSTIFICATION_NETFILTER_IPV4) || defined(CONFIG_GHOSTIFICATION_NETFILTER_IPV6) || \ + defined(CONFIG_GHOSTIFICATION_NETFILTER_ARP) || defined(CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE)) + /* Here we have the same logic as previously (in GHOSTIFICATION_NETFILTER_ALL) + but with the ability to choose what are the PFs that we want to skip */ + if ((outdev->name) != NULL) { + if (!is_a_ghost_interface_name(outdev->name)) { + ghost_develmsg("(outdev->name) = %s is not a ghostfied interface", + (outdev->name)); + goto apply_hook; + } else { + ghost_develmsg("(outdev->name) = %s is a ghostfied interface", + (outdev->name)); + /* start with IPv4, IPv6 because they are the most current PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV4 + if (pf == PF_INET) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV4 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV6 + if (pf == PF_INET6) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV6 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ARP + if (pf == NF_ARP) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_ARP */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE + if (pf == PF_BRIDGE) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE */ + /* We arrive here that is because we are not in a PF + that we wish skip so we apply rules chain (for decnet) */ + goto apply_hook; + } + } + if ((indev->name) != NULL) { + if (!is_a_ghost_interface_name(indev->name)) { + ghost_develmsg("(indev->name) = %s is not a ghostfied interface", + (indev->name)); + goto apply_hook; + } else { + ghost_develmsg("(indev->name) = %s is a ghostfied interface", + (indev->name)); + /* start with IPv4, IPv6 because they are the most current PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV4 + if (pf == PF_INET) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV4 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV6 + if (pf == PF_INET6) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV6 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ARP + if (pf == NF_ARP) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_ARP */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE + if (pf == PF_BRIDGE) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE */ + /* We arrive here that is because we are not in a PF + that we wish skip so we apply rules chain (for decnet) */ + goto apply_hook; + } + } + +#endif /* CONFIG_GHOSTIFICATION_ALL */ +apply_hook: +#endif /* CONFIG_GHOSTIFICATION_NETFILTER */ +/* (ghost support) End of ghostification support */ + verdict = nf_iterate(&nf_hooks[pf][hook], skb, hook, indev, outdev, &elem, okfn, hook_thresh); if (verdict == NF_ACCEPT || verdict == NF_STOP) { diff -rNaud linux-2.6.28/net/packet/af_packet.c linux-2.6.28-ghost/net/packet/af_packet.c --- linux-2.6.28/net/packet/af_packet.c 2008-12-24 23:26:37.000000000 +0000 +++ linux-2.6.28-ghost/net/packet/af_packet.c 2009-11-26 22:24:32.000000000 +0000 @@ -39,6 +39,7 @@ * will simply extend the hardware address * byte arrays at the end of sockaddr_ll * and packet_mreq. + * Luca Saiu : Trivial changes for ghostification * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -82,6 +83,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Assumptions: - if device has no dev->hard_header routine, it adds and removes ll header @@ -487,6 +493,18 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Drop packets involving ghost interfaces: + * we don't want the user to be able to sniff them + */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Drop a packet which is going through a ghostified interface (rcv)"); + goto drop; + } +#endif /* CONFIG_GHOSTIFICATION */ + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -609,6 +627,18 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Drop packets involving ghost interfaces: + * we don't want the user to be able to sniff them. + */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Drop a packet which is going through a ghostified interface (trcv)"); + goto drop; + } +#endif /* CONFIG_GHOSTIFICATION */ + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -2042,17 +2072,38 @@ struct sock *s = v; const struct packet_sock *po = pkt_sk(s); +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Don't show packets involving ghost devices + */ + struct net_device *net_device = dev_get_by_index(sock_net(s), po->ifindex); + if(! is_a_ghost_interface_name(net_device->name)) { + ghost_debugmsg("Don't show packets involving ghostified interface"); + seq_printf(seq, + "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", + s, + atomic_read(&s->sk_refcnt), + s->sk_type, + ntohs(po->num), + po->ifindex, + po->running, + atomic_read(&s->sk_rmem_alloc), + sock_i_uid(s), + sock_i_ino(s) ); + } +#else seq_printf(seq, - "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", - s, - atomic_read(&s->sk_refcnt), - s->sk_type, - ntohs(po->num), - po->ifindex, - po->running, - atomic_read(&s->sk_rmem_alloc), - sock_i_uid(s), - sock_i_ino(s) ); + "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", + s, + atomic_read(&s->sk_refcnt), + s->sk_type, + ntohs(po->num), + po->ifindex, + po->running, + atomic_read(&s->sk_rmem_alloc), + sock_i_uid(s), + sock_i_ino(s) ); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/linux-2.6.31-ghost.patch0000644000175000017500000030143013175722671025662 0ustar lucaslucasdiff -rNuad linux-2.6.31/include/linux/netdevice.h linux-2.6.31-ghost/include/linux/netdevice.h --- linux-2.6.31/include/linux/netdevice.h 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/include/linux/netdevice.h 2009-11-26 22:58:23.000000000 +0000 @@ -14,6 +14,8 @@ * Alan Cox, * Bjorn Ekwall. * Pekka Riikonen + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -2001,4 +2003,12 @@ } #endif /* __KERNEL__ */ +/* + * (ghost support) Just check whether the given name + * belongs to the ghost interface + */ +#ifdef CONFIG_GHOSTIFICATION +int is_a_ghost_interface_name(const char *interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + #endif /* _LINUX_NETDEVICE_H */ diff -rNuad linux-2.6.31/include/linux/sockios.h linux-2.6.31-ghost/include/linux/sockios.h --- linux-2.6.31/include/linux/sockios.h 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/include/linux/sockios.h 2009-11-26 22:58:23.000000000 +0000 @@ -9,6 +9,8 @@ * * Authors: Ross Biro * Fred N. van Kempen, + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -83,6 +85,13 @@ #define SIOCWANDEV 0x894A /* get/set netdev parameters */ +/* (ghost support) ghostification's ioctl */ +#ifdef CONFIG_GHOSTIFICATION +#define SIOKLOG 0x894D /* Write a string to the log */ +#define SIOCGIFGHOSTIFY 0x894E /* Make a network device 'ghost' */ +#define SIOCGIFUNGHOSTIFY 0x894F /* Make a network device 'ghost' */ +#endif /* CONFIG_GHOSTIFICATION */ + /* ARP cache control calls. */ /* 0x8950 - 0x8952 * obsolete calls, don't re-use */ #define SIOCDARP 0x8953 /* delete ARP table entry */ diff -rNuad linux-2.6.31/include/net/ghostdebug.h linux-2.6.31-ghost/include/net/ghostdebug.h --- linux-2.6.31/include/net/ghostdebug.h 1970-01-01 00:00:00.000000000 +0000 +++ linux-2.6.31-ghost/include/net/ghostdebug.h 2009-11-26 22:58:23.000000000 +0000 @@ -0,0 +1,93 @@ +/* + * Ghost support: + * Some trivials macros for display messages, trace ghost ops, + * debug and devel the ghostification kernel patch. + * + * Authors: Roudiere Jonathan, + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version + * 2 of the License, or (at your option) any later version. + */ + +#ifndef __GHOSTDEBUG__ +#define __GHOSTDEBUG__ + +#ifdef CONFIG_GHOSTIFICATION + +/* + * Ghost macros: there are three type of macros for three kind of + * information level : + * + * - the first one is ghost_ptk, that is a simple printk with the + * KERN_INFO log level, it is the standard type of display used + * by the ghostification kernel code to allow user to monitor + * ghost operations, if GHOSTIFICATION_PRINTK is not defined then + * user will not any information about the ghostified interfaces + * and the ghost engine (almost any infos ;-)), + * + * - ghost_debug and ghost_debugmsg are respectively used to show a + * calling card in a part of the code (function, files) and to show + * in plus informations additional (variable, etc ..), these two macros + * display messages with the level KERNEL_DEBUG, + * + * - ghost_devel and ghost_develmsg are very similar (redundant) + * in both previous ones, they are mainly used for the development + * of the patch to follow the stream of execution, activate + * GHOSTIFICATION_DEVEL has interest only for developers. + * +*/ + +/* + * Macro usable to debug during normal usage of the kernel. +*/ +#ifdef CONFIG_GHOSTIFICATION_DEBUG +#define ghost_debug \ + printk(KERN_DEBUG \ + "(ghost_debug): file(%s): funct(%s): line(%04d): -- info debug -- \n", \ + __FILE__, __FUNCTION__, __LINE__) +#define ghost_debugmsg(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost_debug): file(%s): funct(%s): line(%04d): " msg "\n", \ + __FILE__, __FUNCTION__, __LINE__, ##args) +#else +#define ghost_debug +#define ghost_debugmsg(msg,args...) +#endif + +/* + * A little bit redundant with the macro ghost_debug/debugmsg + * but allows a difference in the use, they are not used for the + * debugging, but to verify roads borrowed during the development. + * (note: certainly remove at next release of the patch) +*/ +#ifdef CONFIG_GHOSTIFICATION_DEVEL +#define ghost_devel \ + printk(KERN_DEBUG \ + "(ghost_devel): file(%s): funct(%s): line(%04d): -- info devel -- \n", \ + __FILE__, __FUNCTION__, __LINE__) +#define ghost_develmsg(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost_devel): file(%s): funct(%s): line(%04d): " msg "\n", \ + __FILE__, __FUNCTION__, __LINE__, ##args) +#else +#define ghost_devel +#define ghost_develmsg(msg,args...) +#endif + +/* + * Macro to display all message from chunk of code which has + * ghostification in charge (use macro to add debug level later). +*/ +#ifdef CONFIG_GHOSTIFICATION_PRINTK +#define ghost_ptk(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost) " msg "\n", ##args) +#else +#define ghost_ptk(msg,args...) +#endif + +#endif /* CONFIG_GHOSTIFICATION */ + +#endif /* __GHOSTDEBUG__ */ diff -rNuad linux-2.6.31/kernel/softirq.c linux-2.6.31-ghost/kernel/softirq.c --- linux-2.6.31/kernel/softirq.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/kernel/softirq.c 2009-11-26 22:58:23.000000000 +0000 @@ -128,8 +128,11 @@ */ void _local_bh_enable(void) { +/* (ghost support) we don't want disturbe user's console */ +#ifndef CONFIG_GHOSTIFICATION WARN_ON_ONCE(in_irq()); WARN_ON_ONCE(!irqs_disabled()); +#endif if (softirq_count() == SOFTIRQ_OFFSET) trace_softirqs_on((unsigned long)__builtin_return_address(0)); @@ -140,7 +143,10 @@ static inline void _local_bh_enable_ip(unsigned long ip) { +/* (ghost support) we don't want disturbe user's console */ +#ifndef CONFIG_GHOSTIFICATION WARN_ON_ONCE(in_irq() || irqs_disabled()); +#endif #ifdef CONFIG_TRACE_IRQFLAGS local_irq_disable(); #endif diff -rNuad linux-2.6.31/net/Kconfig linux-2.6.31-ghost/net/Kconfig --- linux-2.6.31/net/Kconfig 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/Kconfig 2009-11-26 22:58:23.000000000 +0000 @@ -159,6 +159,105 @@ source "net/decnet/netfilter/Kconfig" source "net/bridge/netfilter/Kconfig" +config GHOSTIFICATION_NETFILTER + bool "Ghostification support to netfilter" + depends on GHOSTIFICATION && NETFILTER_ADVANCED + default y + help + Ghostification support to Netfilter. Allow to bypass all + Netfilter's hooks (INPUT, OUTPUT, FORWARD, POSTROUTING and + PREROUTING (when available)) and that for all layer or protocol: + ARP, Bridge, IPv4, IPv6 (and Decnet) or just for one protocol + or layer. + If you choose to activate the Ghostification of Netfilter then + all the network packets which come from, or go to an ghostified + interface will not get through the hooks of Netfilter; so rules + which have been created with Iptables, Ip6tables, Arptables or + Ebtables will have no effect on these packets. + Note: This option allows you to have access to the options of + configuration of the Ghostification of Netfilter but it activates + no section of code; you will thus need to select one or some + among those this below. + +config GHOSTIFICATION_NETFILTER_ALL + bool "Ghostification support to netfilter, skip all hooks" + depends on GHOSTIFICATION_NETFILTER + default y + help + Netfiter Ghostification support for all protocols/layers. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass + Netfilter's hooks; thus any actions or rules which have been + created through Iptables, Ip6tables, Arptables or Ebtables + will not have any effect on this packets. + +config GHOSTIFICATION_NETFILTER_ARP + bool "Ghostification support to netfilter, skip ARP hooks" + depends on GHOSTIFICATION_NETFILTER && IP_NF_ARPTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the ARP protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass Arp + hooks of Netfilter; thus the rules which have been created + with the Arptables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_BRIDGE + bool "Ghostification support to netfilter, skip Bridge hooks" + depends on GHOSTIFICATION_NETFILTER && BRIDGE_NF_EBTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the Bridge protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass Bridge + hooks of Netfilter; thus the rules which have been created + with the Ebtables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_IPV4 + bool "Ghostification support to netfilter, skip IPv4 hooks" + depends on GHOSTIFICATION_NETFILTER && !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the IPv4 protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass IPv4 + hooks of Netfilter; thus the rules which have been created + with the Iptables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_IPV6 + bool "Ghostification support to netfilter, skip IPv6 hooks" + depends on GHOSTIFICATION_NETFILTER && IP6_NF_IPTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the IPv6 protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass IPv6 + hooks of Netfilter; thus the rules which have been created + with the Ip6tables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + endif source "net/dccp/Kconfig" @@ -256,4 +355,93 @@ source "net/rfkill/Kconfig" source "net/9p/Kconfig" +config GHOSTIFICATION + bool "Ghostification support" + depends on INET + default y + help + Ghostification support allow you to hide network interfaces + on your system. Ghostify and Unghostify are the actions which + make dynamically invisible and visible a network interface/cards + (eth0, lo, tun, ...) for the userspace. + When a network interface is ghostified, users of your system + can not see it with userspace tools like ifconfig, route, iproute, + netstat and/or have statistics about it. However even if a network + interface is ghostified it is always possible to open a socket + using the Ip address of this interface, ping this interface or + any host connected to the same network remains possible; has the + opposite, it is not possible to sniff packets on a ghostified + interface with userspace tools like tcpdump, wireshark, ... + Informations about a ghostified interface are hidden under /proc + but they can be find under /sys, it is a limit of the ghostification + patch. + For more informations about Ghostification patch and engine see + the README of the tarball that you have used or go to website of + the Marionnet project at . + + +config GHOSTIFICATION_NUM + int "Ghostification support : max number of possible ghostified interface" + depends on GHOSTIFICATION + range 4 32 + default 8 + help + Here you can choose the number of network interfaces that + you will be allowed to ghostify. This number must be between + 4 and 32. + +config GHOSTIFICATION_MESG + bool "Ghostification messages, display, debug and devel" + depends on GHOSTIFICATION + default y + help + Ghostification messages configuration. This option allow + you to have acces to the options which configure and control + the type of messages that you want the ghostification engine + diplay (visible through syslogd). + There are three options which make more or less verbose the + ghostification engine. You can choose to not select any + options below if you want to try to hide the ghostification + operations for the users of your system. + Note: This option allows you to have access to the options + which control the number of messages and the verbosity of + the Ghostification engine but it activates no section of + code; you will thus need to select one or some among those + this below. + +config GHOSTIFICATION_PRINTK + bool "Ghostification, messages to monitor ghost operations" + depends on GHOSTIFICATION_MESG + default y + help + This option allow you to activate normal messsages from the + ghostification engine, those messages are display through a + simple printk (visible through syslogd), this messages allow + to have informations about the ghost operations (like "the + interface ethX has been ghostified", "unghostified", "is already + ghostified", etc ...). If you really wish to hide ghostified + interfaces and ghost operations for the users of your system + don't select this option. + +config GHOSTIFICATION_DEBUG + bool "Ghostification, debugging messages to monitor ghost operations" + depends on GHOSTIFICATION_MESG + help + This option increase the verbosity of the ghostification engine, + allow to get more informations in order to debug the ghost ops. + This option is in general used to verify the result of a test or + to display the datas (interface name, pid of a calling process, ...) + which are treated by the ghost engine. + +config GHOSTIFICATION_DEVEL + bool "Ghostification, helping messages to trace ghost operations (devel)" + depends on GHOSTIFICATION_MESG + help + This option give more informations that the option above, it is use + by developer of the ghostification patch in order to control some + paths used in the kernel code and the datas which are manipulated. + This option is a little redundant with the debug option but allow + to have a better granularity, maybe it will be remove for the next + release of the ghostification patch. + endif # if NET diff -rNuad linux-2.6.31/net/core/dev.c linux-2.6.31-ghost/net/core/dev.c --- linux-2.6.31/net/core/dev.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/core/dev.c 2009-11-26 22:58:23.000000000 +0000 @@ -18,6 +18,7 @@ * Alexey Kuznetsov * Adam Sulmicki * Pekka Riikonen + * Luca Saiu (ghostification support) * * Changes: * D.J. Barrow : Fixed bug where dev->refcnt gets set @@ -70,6 +71,8 @@ * indefinitely on dev->refcnt * J Hadi Salim : - Backlog queue sampling * - netif_rx() feedback + * Roudiere Jonathan : make some buxfix in ghostification engine + * verify CAP_NET_ADMIN before (un)ghost iface */ #include @@ -137,6 +140,230 @@ #define GRO_MAX_HEAD (MAX_HEADER + 128) /* + * (ghost support) Chunk of code which has in charge + * the ghostification of network interfaces. + */ +#ifdef CONFIG_GHOSTIFICATION +#include + +/* The maximum number of ghost interfaces allowed at any given time: */ +#define MAX_GHOST_INTERFACES_NO CONFIG_GHOSTIFICATION_NUM + +/* + * A crude unsorted array of unique names, where "" stands for an + * empty slot. Elements are so few that an hash table would be overkill, + * and possibly also less efficient than this solution: + */ +static char ghost_interface_names[MAX_GHOST_INTERFACES_NO][IFNAMSIZ]; + +/* A lock protecting the ghost interfaces' support structure: */ +/* static DEFINE_SPINLOCK(ghostification_spin_lock); */ +static rwlock_t ghostification_spin_lock = RW_LOCK_UNLOCKED; + +/* Lock disabling local interrupts and saving flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + unsigned long flags; write_lock_irqsave(&ghostification_spin_lock, flags) + +/* Unlock re-enabling interrupts and restoring flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + write_unlock_irqrestore(&ghostification_spin_lock, flags) + +/* Lock disabling local interrupts and saving flags. This is for + readers, which are allowed to execute concurrently: */ +#define LOCK_GHOSTIFICATION_FOR_READING \ + unsigned long flags; read_lock_irqsave(&ghostification_spin_lock, flags) + +/* Lock re-enabling interrupts and restoring flags. This is for + readers, which are allowed to execute concurrently: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING \ + read_unlock_irqrestore(&ghostification_spin_lock, flags) + +#ifdef CONFIG_IPV6 +/* Defined in net/ipv6/addrconf.c: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +#endif /* CONFIG_IPV6 */ + +/* Return the index of the given element (which may be "") within + ghost_interface_names, or -1 on failure. Note that this must be + executed in a critical section: */ +static int __lookup_ghost_interface_names(const char *interface_name) +{ + int i; + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(!strcmp(interface_name, ghost_interface_names[i])) + return i; /* we found the given name in the i-th element */ + return -1; /* we didn't find the given name in the array */ +} + +/* This is useful for debugging. It must be called in a critical section. */ +static void __dump_ghost_interfaces(void) +{ + int i; + int number_of_ghost_interfaces = 0; + + ghost_ptk("Ghost interfaces are now: "); + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(strcmp(ghost_interface_names[i], "")) { + number_of_ghost_interfaces++; + ghost_ptk("%i. %s", number_of_ghost_interfaces, + ghost_interface_names[i]); + } + + ghost_ptk("There are now %i ghost interfaces. " + "A maximum of %i can exist at any given time.", + number_of_ghost_interfaces, MAX_GHOST_INTERFACES_NO); +} + +/* Just check whether the given name belongs to a ghost interface. + This must be called in a critical section: */ +int __is_a_ghost_interface_name(const char *interface_name) +{ + /* Particular case: "" is *not* a ghost interface name, even + if it's in the ghost interfaces array (we use it just to mark + an empty slot): */ + if(interface_name[0] == '\0') + return 0; + /* Just check whether interface_name is an element of the array: */ + return __lookup_ghost_interface_names(interface_name) >= 0; +} + +/* Just check whether the given name belongs to a ghost interface: */ +int is_a_ghost_interface_name(const char *interface_name) +{ + int result; + LOCK_GHOSTIFICATION_FOR_READING; + /* Just check whether interface_name is an element of the array: */ + result = __is_a_ghost_interface_name(interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING; + return result; +} + +/* Make the given interface ghost. Return 0 on success, nonzero on + failure. Failure occours when the interface is already ghost or + does not exist: */ +static int ghostify_interface(char *interface_name) +{ + int a_free_element_index; + const size_t name_length = strlen(interface_name); + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + + /* Let's avoid buffer overflows... This could possibly be exploited: */ + if((name_length >= IFNAMSIZ) || (name_length == 0)) + { + ghost_ptk("The user asked to ghostify the interface %s, " + "which has a name of length %i. Failing.", + interface_name, name_length); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EINVAL; + } + + /* Fail if the interface is already ghostified. In particular we + want *no* duplicates in the array. Note that we're already in + a critical section here, so there's no need for locking: */ + if(__is_a_ghost_interface_name(interface_name)) + { + ghost_ptk("Could not ghostify the interface %s, " + "because it\'s already ghost.", interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EEXIST; /* File exists, seems to be more appropriate */ + /* return -EINVAL; */ + } + + /* Fail if the interface is not found. We don't want add a + no-existing interface in our array */ + struct net_device *device; + device = dev_get_by_name(&init_net, interface_name); + if (device == NULL) { + ghost_ptk("Could not ghostify the interface %s which " + "doesn't exist. Try again.", interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENODEV; + } + + /* Look for a free spot: */ + a_free_element_index = __lookup_ghost_interface_names(""); + if(a_free_element_index < 0) + { + ghost_ptk("Could not ghostify the interface %s, " + "because %i interfaces are already ghostified. Sorry.", + interface_name, MAX_GHOST_INTERFACES_NO); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENOMEM; + } + + /* Ok, we found a free spot; just copy the interface name: */ + strcpy(ghost_interface_names[a_free_element_index], interface_name); + +#ifdef CONFIG_IPV6 + /* Hide /proc/net/dev_snmp6/DEVICE for the new ghost DEVICE: */ + hide_proc_net_dev_snmp6_DEVICE_if_needed( + ghost_interface_names[a_free_element_index]); +#endif /* CONFIG_IPV6 */ + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} + +/* Make the given interface, which should be ghost, non-ghost. + Return 0 on success, nonzero on failure. Failure occours when + the given interface is non-ghost or does not exist: */ +static int unghostify_interface(char *ghost_interface_name) +{ + int the_interface_index; + struct net_device *device; + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + + /* Fail if the interface is not found. It is not necessary + to search in the array a no-existing interface and allow + to return a more appropriate error code to the userspace. */ + device = dev_get_by_name(&init_net, ghost_interface_name); + if (device == NULL) { + ghost_ptk("Could not unghostify the interface %s " + "which doesn't exist. Try again.\n", ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENODEV; + } + + /* Look for the given interface: */ + the_interface_index = + __lookup_ghost_interface_names(ghost_interface_name); + if(the_interface_index < 0) + { + ghost_ptk("Could not unghostify the interface %s, \ + because it's non-ghost or not existing.\n", + ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ESRCH; /* No such device or address, seems to be more appropriate */ + /* return -EINVAL; */ + } + + /* Ok, we found the interface: just "remove" its name from the array: */ + ghost_interface_names[the_interface_index][0] = '\0'; + +#ifdef CONFIG_IPV6 + /* Show again /proc/net/dev_snmp6/DEVICE for the now non-ghost DEVICE: */ + show_proc_net_dev_snmp6_DEVICE_if_needed(ghost_interface_name); +#endif /* CONFIG_IPV6 */ + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} +EXPORT_SYMBOL(is_a_ghost_interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + +/* + * (ghost support) End of ghostification support + */ + + +/* * The list of packet types we will receive (as opposed to discard) * and the routines to invoke. * @@ -539,6 +766,13 @@ { int ints[5]; struct ifmap map; + /* (ghost support) There are no ghost interfaces by default */ +#ifdef CONFIG_GHOSTIFICATION + int i; + + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + ghost_interface_names[i][0] = '\0'; +#endif /* CONFIG_GHOSTIFICATION */ str = get_options(str, ARRAY_SIZE(ints), ints); if (!str || !*str) @@ -2936,11 +3170,20 @@ len = ifc.ifc_len; /* - * Loop over the interfaces, and write an info block for each. + * Loop over the interfaces, and write an info block for each, + * (ghost support) unless they are ghostified. */ total = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* Don't tell the user about ghost interfaces: just skip them */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Skipping the ghost interface %s in SIOCGIFCONF", + dev->name); + continue; + } +#endif /* CONFIG_GHOSTIFICATION */ for (i = 0; i < NPROTO; i++) { if (gifconf_list[i]) { int done; @@ -3009,6 +3252,10 @@ { const struct net_device_stats *stats = dev_get_stats(dev); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't show anything in /proc if iface is ghostified */ + if(! is_a_ghost_interface_name(dev->name)) +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(seq, "%6s:%8lu %7lu %4lu %4lu %4lu %5lu %10lu %9lu " "%8lu %7lu %4lu %4lu %4lu %5lu %7lu %10lu\n", dev->name, stats->rx_bytes, stats->rx_packets, @@ -4210,6 +4457,16 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) skip if it is a ghostified interface */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("The user is performing a SIOCxIFxxx ioctl() " + "on the ghost interface %s, Failing.", dev->name); + ghost_debugmsg("we make the SIOCxIFxxx ioctl's call fail with -ENODEV"); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + switch (cmd) { case SIOCGIFFLAGS: /* Get interface flags */ ifr->ifr_flags = (short) dev_get_flags(dev); @@ -4280,6 +4537,17 @@ ops = dev->netdev_ops; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) skip if it is a ghostified interface */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("The user is performing a SIOCxIFxxx ioctl() on " + "the ghost interface %s, Failing.", dev->name); + ghost_debugmsg("we make the SIOCxIFxxx ioctl's call fail " + "with -ENODEV"); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + switch (cmd) { case SIOCSIFFLAGS: /* Set interface flags */ return dev_change_flags(dev, ifr->ifr_flags); @@ -4423,6 +4691,57 @@ */ switch (cmd) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) catch ghostification's ioctl */ + case SIOKLOG: { + char text[1000]; + if(copy_from_user(text, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + text[IFNAMSIZ] = '\0'; + printk(KERN_DEBUG "%s\n", text); + return 0; + } + /* (un)ghostification ops require superuser power */ + case SIOCGIFGHOSTIFY: { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, + (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + ghost_ptk("The user asked to ghostify the interface %s.", + interface_name); + if((failure = ghostify_interface(interface_name)) == 0) + ghost_ptk("Ok, %s was ghostified.", + interface_name); + else + ghost_ptk("Failure in ghostification of %s.", + interface_name); + return failure; + } + case SIOCGIFUNGHOSTIFY: { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + ghost_ptk("The user asked to unghostify the interface %s.", + interface_name); + if((failure = unghostify_interface(interface_name)) == 0) + ghost_ptk("Ok, %s was unghostified.", + interface_name); + else + ghost_ptk("Failure in unghostification of %s.", + interface_name); + return failure; + } + /* end of ghostficiation ioctl */ +#endif /* CONFIG_GHOSTIFICATION */ + /* * These ioctl calls: * - can be done by all. diff -rNuad linux-2.6.31/net/core/dev_mcast.c linux-2.6.31-ghost/net/core/dev_mcast.c --- linux-2.6.31/net/core/dev_mcast.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/core/dev_mcast.c 2009-11-26 22:58:23.000000000 +0000 @@ -14,6 +14,8 @@ * Alan Cox : IFF_ALLMULTI support. * Alan Cox : New format set_multicast_list() calls. * Gleb Natapov : Remove dev_mc_lock. + * Luca Saiu : trivial changes for + * ghostification support. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -48,6 +50,9 @@ #include #include +#ifdef CONFIG_GHOSTIFICATION +#include +#endif /* CONFIG_GHOSTIFICATION */ /* * Device multicast list maintenance. @@ -167,7 +172,15 @@ netif_addr_lock_bh(dev); for (m = dev->mc_list; m; m = m->next) { int i; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information + in /proc about ghost interfaces */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Don't show any information in /proc " + "about ghostified interface"); + continue; + } +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(seq, "%-4d %-15s %-5d %-5d ", dev->ifindex, dev->name, m->dmi_users, m->dmi_gusers); diff -rNuad linux-2.6.31/net/core/rtnetlink.c linux-2.6.31-ghost/net/core/rtnetlink.c --- linux-2.6.31/net/core/rtnetlink.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/core/rtnetlink.c 2009-11-26 22:58:23.000000000 +0000 @@ -12,8 +12,12 @@ * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * - * Fixes: + * Fixes: * Vitaly E. Lavrov RTA_OK arithmetics was wrong. + * + * Changes: + * Roudiere Jonathan Some changes + * to ghost support, to allow to hide ghost net interfaces */ #include @@ -53,6 +57,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + struct rtnl_link { rtnl_doit_func doit; @@ -106,7 +115,10 @@ static rtnl_doit_func rtnl_get_doit(int protocol, int msgindex) { struct rtnl_link *tab; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("protocol = %i and msgindex %i ",protocol, msgindex); +#endif tab = rtnl_msg_handlers[protocol]; if (tab == NULL || tab[msgindex].doit == NULL) tab = rtnl_msg_handlers[PF_UNSPEC]; @@ -117,7 +129,10 @@ static rtnl_dumpit_func rtnl_get_dumpit(int protocol, int msgindex) { struct rtnl_link *tab; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("protocol = %i and msgindex %i ",protocol, msgindex); +#endif tab = rtnl_msg_handlers[protocol]; if (tab == NULL || tab[msgindex].dumpit == NULL) tab = rtnl_msg_handlers[PF_UNSPEC]; @@ -460,6 +475,12 @@ { struct sock *rtnl = net->rtnl; int report = 0; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add inforation to devel patch */ + ghost_develmsg("pid = %i, nlh->nlmsg_pid = %i, nlh->nlmsg_type %i " + "and nlh->nlmsg_seq = %i", pid, nlh->nlmsg_pid, + nlh->nlmsg_type, nlh->nlmsg_seq); +#endif if (nlh) report = nlmsg_report(nlh); @@ -616,6 +637,20 @@ if (nlh == NULL) return -EMSGSIZE; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("pid = %i, nlh->nlmsg_pid = %i, nlh->nlmsg_type " + "= %i, seq = %i and nlh->nlmsg_seq = %i", + pid, nlh->nlmsg_pid, nlh->nlmsg_type, + seq, nlh->nlmsg_seq); + ghost_develmsg("dev->name = %s and dev->ifindex = %i", + dev->name, + dev->ifindex); + /* function whose call rtnl_fill_ifinfo has been modified, except + rtmsg_ifinfo so if it will be necessary to skip ghost iface here then + keep in your mind to test pid because if it is eq. to 0 then it is a + kernel request (else user request) and we don't want disturbe its work. */ +#endif ifm = nlmsg_data(nlh); ifm->ifi_family = AF_UNSPEC; ifm->__ifi_pad = 0; @@ -690,6 +725,24 @@ idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) function which encapsulates calls to + * rtnl_fill_ifinfo and which is call after rtnl_get_doit/dumpit, + * use to dump list of network interfaces (as used by "ip link") + */ + ghost_develmsg("for_each_netdev, current net_device is %s", + dev->name); + ghost_develmsg("netlink cb pid = %i, cb nlh->nlmsg_type = %i, " + "cb familly/proto = %i, cb nlh->nlmsg_pid %i", + NETLINK_CB(cb->skb).pid, cb->nlh->nlmsg_type, + cb->family, cb->nlh->nlmsg_pid); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Hide ghotified interface (%s) in the dump", + dev->name); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if (rtnl_fill_ifinfo(skb, dev, RTM_NEWLINK, @@ -941,6 +994,18 @@ err = -ENODEV; goto errout; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it + with user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change state/parameters of a ghotified " + "interface (%s), skip", dev->name); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ if ((err = validate_linkmsg(dev, tb)) < 0) goto errout_dev; @@ -979,6 +1044,17 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it + with user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change dell a ghotified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ ops = dev->rtnl_link_ops; if (!ops) @@ -1181,6 +1257,17 @@ dev = dev_get_by_index(net, ifm->ifi_index); if (dev == NULL) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it with + user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get infos about a ghotified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ } else return -EINVAL; @@ -1235,6 +1322,8 @@ struct sk_buff *skb; int err = -ENOBUFS; + /* (ghost support) call rtnl_fill_ifinfo so maybe it + is need here to modify, in order to skip ghost iface */ skb = nlmsg_new(if_nlmsg_size(dev), GFP_KERNEL); if (skb == NULL) goto errout; @@ -1270,6 +1359,11 @@ int err; type = nlh->nlmsg_type; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("Enter, nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i and nlh->nlmsg_seq = %i ", + nlh->nlmsg_pid, nlh->nlmsg_seq, nlh->nlmsg_seq); +#endif /* CONFIG_GHOSTIFICATION */ + if (type > RTM_MAX) return -EOPNOTSUPP; @@ -1289,14 +1383,21 @@ if (kind != 2 && security_netlink_recv(skb, CAP_NET_ADMIN)) return -EPERM; + /* (ghost support) kind = 2 then imply RTM_GETLINK has been used */ if (kind == 2 && nlh->nlmsg_flags&NLM_F_DUMP) { struct sock *rtnl; rtnl_dumpit_func dumpit; + /* (ghost support) then rtnl_get_dumpit return pointer to the appropriate + function for this family and this type take in rtnl_msg_handler[] */ dumpit = rtnl_get_dumpit(family, type); if (dumpit == NULL) return -EOPNOTSUPP; - +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("Part 1: rtnl_get_dumpit(family %i, type %i) " + "is used before call to netlink_dump_start", + family,type); +#endif /* CONFIG_GHOSTIFICATION */ __rtnl_unlock(); rtnl = net->rtnl; err = netlink_dump_start(rtnl, skb, nlh, dumpit, NULL); @@ -1328,6 +1429,11 @@ doit = rtnl_get_doit(family, type); if (doit == NULL) return -EOPNOTSUPP; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) rtnl_get_doit return pointer to the appropriate + function for this family and this type take in rtnl_msg_handler[] */ + ghost_develmsg("Part 2: rtnl_get_doit(family %i, type %i)", family, type); +#endif /* CONFIG_GHOSTIFICATION */ return doit(skb, nlh, (void *)&rta_buf[0]); } @@ -1343,6 +1449,10 @@ { struct net_device *dev = ptr; + /* (ghost support) if we want provide a ghost's way to modify + the state of a ghost iface, it will be necessary to skip event + reports involing ghost iface (actually any changes are possible + if the iface is ghostified so there is nothing to report) */ switch (event) { case NETDEV_UNREGISTER: rtmsg_ifinfo(RTM_DELLINK, dev, ~0U); diff -rNuad linux-2.6.31/net/ipv4/arp.c linux-2.6.31-ghost/net/ipv4/arp.c --- linux-2.6.31/net/ipv4/arp.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv4/arp.c 2009-11-26 22:58:23.000000000 +0000 @@ -70,6 +70,8 @@ * bonding can change the skb before * sending (e.g. insert 8021q tag). * Harald Welte : convert to make use of jenkins hash + * Luca Saiu @@ -116,6 +118,11 @@ struct neigh_table *clip_tbl_hook; #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include #include @@ -1311,9 +1318,21 @@ } #endif sprintf(tbuf, "%pI4", n->primary_key); +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) Don't show anything in /proc if it involves +ghost interfaces: */ + if (! is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Don't show any arp information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", + tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); + read_unlock(&n->lock); + } +#else seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", - tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); + tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); read_unlock(&n->lock); +#endif /* CONFIG_GHOSTIFICATION */ } static void arp_format_pneigh_entry(struct seq_file *seq, @@ -1324,9 +1343,21 @@ char tbuf[16]; sprintf(tbuf, "%pI4", n->key); +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) Don't show anything in /proc if it involves + ghost interfaces */ + if (! is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Don't show any arp information in /proc " + "about ghostified interfaces (2)."); + seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", + tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", + dev ? dev->name : "*"); + } +#else seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", - tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", - dev ? dev->name : "*"); + tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", + dev ? dev->name : "*"); +#endif /* CONFIG_GHOSTIFICATION */ } static int arp_seq_show(struct seq_file *seq, void *v) diff -rNuad linux-2.6.31/net/ipv4/devinet.c linux-2.6.31-ghost/net/ipv4/devinet.c --- linux-2.6.31/net/ipv4/devinet.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv4/devinet.c 2009-11-26 22:58:23.000000000 +0000 @@ -23,6 +23,9 @@ * address (4.4BSD alias style support), * fall back to comparing just the label * if no match found. + * Roudiere Jonathan : + * some changes to ghost support, skip + * request involving a ghostified iface. */ @@ -62,6 +65,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + static struct ipv4_devconf ipv4_devconf = { .data = { [NET_IPV4_CONF_ACCEPT_REDIRECTS - 1] = 1, @@ -448,6 +456,16 @@ err = -ENODEV; goto errout; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("in_dev->dev->name = %s", in_dev->dev->name); + if (is_a_ghost_interface_name(in_dev->dev->name)) { + ghost_ptk("Try to delete address on a ghostified interface (%s), skip", + (in_dev->dev->name)); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ __in_dev_put(in_dev); @@ -497,6 +515,17 @@ if (dev == NULL) goto errout; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("(dev->name) = %s ", (dev->name)); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change/modfy address on a ghostified interface (%s), skip", + (dev->name)); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ + in_dev = __in_dev_get_rtnl(dev); err = -ENOBUFS; if (in_dev == NULL) @@ -546,6 +575,12 @@ ASSERT_RTNL(); + /* (ghost support) don't modify this funct but directly + rtm_to_ifaddr, as for others funct, with user-levels tools + (as iproute) we normaly never arrive here (because a dump + all ifaces is perform before and func which make the dump + has been modified (but we want prevent user tool request + the ghost iface directly */ ifa = rtm_to_ifaddr(net, nlh); if (IS_ERR(ifa)) return PTR_ERR(ifa); @@ -1169,6 +1204,15 @@ s_ip_idx = ip_idx = cb->args[1]; idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION /* _VERIFICATION_NEED_ */ + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("dev->name = %s", dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get address on a ghostified interface (%s), skip", + (dev->name)); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if (idx > s_idx) diff -rNuad linux-2.6.31/net/ipv4/fib_frontend.c linux-2.6.31-ghost/net/ipv4/fib_frontend.c --- linux-2.6.31/net/ipv4/fib_frontend.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv4/fib_frontend.c 2009-11-26 22:58:23.000000000 +0000 @@ -6,6 +6,10 @@ * IPv4 Forwarding Information Base: FIB frontend. * * Authors: Alexey Kuznetsov, + * Luca Saiu (simple changes for ghostification + * support). + * Roudiere Jonathan (some display + * and comment for ghostification in rtnetlink functions). * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -44,6 +48,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #ifndef CONFIG_IP_MULTIPLE_TABLES static int __net_init fib4_rules_init(struct net *net) @@ -450,6 +459,11 @@ * Handle IP routing ioctl calls. These are used to manipulate the routing tables */ +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) A function implemented in net/core/dev.c */ +int is_a_ghost_interface_name(const char *interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + int ip_rt_ioctl(struct net *net, unsigned int cmd, void __user *arg) { struct fib_config cfg; @@ -464,6 +478,22 @@ if (copy_from_user(&rt, arg, sizeof(rt))) return -EFAULT; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Forbid any action involving a ghost interface */ + if (rt.rt_dev != (char __user*)NULL) { + /* We need to have this name in kernel space to check + for ghostification: */ + char interface_name[1000]; /* [IFNAMSIZ+1] is certainly sufficient */ + if(copy_from_user(interface_name, rt.rt_dev, IFNAMSIZ + 1)) + return -EFAULT; + if(is_a_ghost_interface_name(interface_name)) { + ghost_ptk("The user aked to add a route involving the " + "ghost interface %s. We make this operation fail", + interface_name); + return -ENODEV; + } + } +#endif /* CONFIG_GHOSTIFICATION */ rtnl_lock(); err = rtentry_to_fib_config(net, cmd, &rt, &cfg); @@ -472,12 +502,18 @@ if (cmd == SIOCDELRT) { tb = fib_get_table(net, cfg.fc_table); + /* (ghost support) The function pointed by tb->tb_delete was + also modified to deal with ghost interfaces. Such function + may be either fn_hash_delete() or fn_trie_delete() */ if (tb) err = tb->tb_delete(tb, &cfg); else err = -ESRCH; } else { tb = fib_new_table(net, cfg.fc_table); + /* (ghost support) The function pointed by tb->tb_insert was + also modified to deal with ghost interfaces. Such function + may be either fn_hash_insert() or fn_trie_insert() */ if (tb) err = tb->tb_insert(tb, &cfg); else @@ -584,6 +620,16 @@ struct fib_table *tb; int err; + /* + * (ghost support) add infos for patch devel, we don't modify + * inet_rtm_newroute but instead functions pointed by tb->tb_delete, + * either fn_hash_delete() (in fib_hash.c) or fn_trie_delete() + * (in fib_trie.c) + */ + ghost_develmsg(" nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i " + "and nlh->nlmsg_type = %i", nlh->nlmsg_pid, + nlh->nlmsg_seq, nlh->nlmsg_type); + err = rtm_to_fib_config(net, skb, nlh, &cfg); if (err < 0) goto errout; @@ -606,6 +652,16 @@ struct fib_table *tb; int err; + /* + * (ghost support) add infos for patch devel, we don't modify + * inet_rtm_newroute but instead function pointed by tb->tb_insert, + * either fn_hash_insert() (in fib_hash.c) or fn_trie_insert() + * (in fib_trie.c) + */ + ghost_develmsg(" nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i " + "and nlh->nlmsg_type = %i", nlh->nlmsg_pid, + nlh->nlmsg_seq, nlh->nlmsg_type); + err = rtm_to_fib_config(net, skb, nlh, &cfg); if (err < 0) goto errout; @@ -621,6 +677,12 @@ return err; } +/* + * (ghost support) Fonction called through rtnetlink to dump + * all routes, we don't change anythings here, changes have + * been made in fib_semantics.c (in fib_dump_info which is + * called by fib_trie and fib_hash). + */ static int inet_dump_fib(struct sk_buff *skb, struct netlink_callback *cb) { struct net *net = sock_net(skb->sk); @@ -633,7 +695,7 @@ if (nlmsg_len(cb->nlh) >= sizeof(struct rtmsg) && ((struct rtmsg *) nlmsg_data(cb->nlh))->rtm_flags & RTM_F_CLONED) - return ip_rt_dump(skb, cb); + return ip_rt_dump(skb, cb); /* (ghost support) need modify this func */ s_h = cb->args[0]; s_e = cb->args[1]; @@ -658,6 +720,9 @@ cb->args[1] = e; cb->args[0] = h; + /* (ghost support) Length returned can be changed by + fib_dump_info when a route of a ghositifed iface is + lookup (skb length may be abnormal, diff of mod(240)) */ return skb->len; } diff -rNuad linux-2.6.31/net/ipv4/fib_hash.c linux-2.6.31-ghost/net/ipv4/fib_hash.c --- linux-2.6.31/net/ipv4/fib_hash.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv4/fib_hash.c 2009-11-26 22:58:23.000000000 +0000 @@ -6,6 +6,11 @@ * IPv4 FIB: lookup engine and maintenance routines. * * Authors: Alexey Kuznetsov, + * Luca Saiu (simple changes for ghostification + * support). + * Roudiere Jonathan (bugfixes, + * forgetting ghost support in the function fn_hash_insert, bad + * field check in fib_seq_show). * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -41,6 +46,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "fib_lookup.h" static struct kmem_cache *fn_hash_kmem __read_mostly; @@ -396,6 +406,18 @@ if (IS_ERR(fi)) return PTR_ERR(fi); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for route involving + ghostified interface, current funct is pointed by tb->tb_insert */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + if (fz->fz_nent > (fz->fz_divisor<<1) && fz->fz_divisor < FZ_MAX_DIVISOR && (cfg->fc_dst_len == 32 || @@ -579,7 +601,17 @@ fa = list_entry(fa->fa_list.prev, struct fib_alias, fa_list); list_for_each_entry_continue(fa, &f->fn_alias, fa_list) { struct fib_info *fi = fa->fa_info; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for route involving + ghostified interface, current funct is pointed by tb->tb_delete */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ if (fa->fa_tos != cfg->fc_tos) break; @@ -1021,19 +1053,39 @@ prefix = f->fn_key; mask = FZ_MASK(iter->zone); flags = fib_flag_trans(fa->fa_type, mask, fi); - if (fi) + if (fi) + { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't display any informations about + ghostified interfaces under /proc/net/route, bf */ + if (! is_a_ghost_interface_name((const char*)fi->fib_dev->name)) + { + ghost_ptk("Don't display routes for a ghostified " + "interface (%s) /proc/net/route", + (const char*)fi->fib_dev->name); + seq_printf(seq, + "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", prefix, + fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, + mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); + } +#else seq_printf(seq, - "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", - fi->fib_dev ? fi->fib_dev->name : "*", prefix, - fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, - mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), - fi->fib_window, - fi->fib_rtt >> 3, &len); - else + "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", prefix, + fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, + mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); +#endif /* CONFIG_GHOSTIFICATION */ + } + else { seq_printf(seq, - "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", - prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); - + "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); + } seq_printf(seq, "%*s\n", 127 - len, ""); out: return 0; diff -rNuad linux-2.6.31/net/ipv4/fib_semantics.c linux-2.6.31-ghost/net/ipv4/fib_semantics.c --- linux-2.6.31/net/ipv4/fib_semantics.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv4/fib_semantics.c 2009-11-26 22:58:23.000000000 +0000 @@ -11,6 +11,9 @@ * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. + * Changes: + * Roudiere Jonathan trivial + * change for ghostification. */ #include @@ -43,6 +46,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "fib_lookup.h" static DEFINE_SPINLOCK(fib_info_lock); @@ -953,6 +961,23 @@ if (nlh == NULL) return -EMSGSIZE; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) function call by fib_trie and fib_hash to dump route, + * in most case we won't arrive here with usertools (like iproute), because + * modification in rtnl_dump_ifinfo hide iface and modif here may be not really + * proper because put abnormal length in the skb->len return by inet_dump_fib + * (used without error..) if pid != 0 then user talks else that is the kernel; + */ + if (pid != 0) + if (is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Try to get route about ghost iface (%s), skip", + fi->fib_dev->name); + /* return -EMSGSIZE; don't use this because that stops evaluation */ + return nlmsg_end(skb, nlh); + } +#endif /* CONFIG_GHOSTIFICATION */ + rtm = nlmsg_data(nlh); rtm->rtm_family = AF_INET; rtm->rtm_dst_len = dst_len; diff -rNuad linux-2.6.31/net/ipv4/fib_trie.c linux-2.6.31-ghost/net/ipv4/fib_trie.c --- linux-2.6.31/net/ipv4/fib_trie.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv4/fib_trie.c 2009-11-26 22:58:23.000000000 +0000 @@ -12,6 +12,12 @@ * * Hans Liss Uppsala Universitet * + * Luca Saiu (simple changes for ghostification + * support) + * Roudiere Jonathan (bugfixes, + * forgetting ghost support in the function fn_trie_insert, bad + * field check in fib_route_seq_show). + * * This work is based on the LPC-trie which is originally descibed in: * * An experimental study of compression methods for dynamic tries @@ -80,6 +86,11 @@ #include #include "fib_lookup.h" +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define MAX_STAT_DEPTH 32 #define KEYLENGTH (8*sizeof(t_key)) @@ -1225,6 +1236,18 @@ goto err; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for + route involving ghostified interface */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + l = fib_find_node(t, key); fa = NULL; @@ -1652,7 +1675,17 @@ fa = list_entry(fa->fa_list.prev, struct fib_alias, fa_list); list_for_each_entry_continue(fa, fa_head, fa_list) { struct fib_info *fi = fa->fa_info; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for + route involving ghostified interface */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ if (fa->fa_tos != tos) break; @@ -2612,7 +2645,28 @@ || fa->fa_type == RTN_MULTICAST) continue; - if (fi) + if (fi) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't display any informations about + ghostified interfaces under /proc/net/route, bf */ + if (! is_a_ghost_interface_name((const char*)fi->fib_dev->name)) { + ghost_ptk("Don't display routes for a ghostified " + "interface (%s) in /proc/net/route", + (const char*)fi->fib_dev->name); + seq_printf(seq, + "%s\t%08X\t%08X\t%04X\t%d\t%u\t" + "%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", + prefix, + fi->fib_nh->nh_gw, flags, 0, 0, + fi->fib_priority, + mask, + (fi->fib_advmss ? + fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); + } +#else seq_printf(seq, "%s\t%08X\t%08X\t%04X\t%d\t%u\t" "%d\t%08X\t%d\t%u\t%u%n", @@ -2625,13 +2679,14 @@ fi->fib_advmss + 40 : 0), fi->fib_window, fi->fib_rtt >> 3, &len); - else +#endif /* CONFIG_GHOSTIFICATION */ + } else { seq_printf(seq, "*\t%08X\t%08X\t%04X\t%d\t%u\t" "%d\t%08X\t%d\t%u\t%u%n", prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); - + } seq_printf(seq, "%*s\n", 127 - len, ""); } } diff -rNuad linux-2.6.31/net/ipv4/igmp.c linux-2.6.31-ghost/net/ipv4/igmp.c --- linux-2.6.31/net/ipv4/igmp.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv4/igmp.c 2009-11-26 22:58:23.000000000 +0000 @@ -68,6 +68,8 @@ * Alexey Kuznetsov: Accordance to igmp-v2-06 draft. * David L Stevens: IGMPv3 support, with help from * Vinay Kulkarni + * Luca Saiu : trivial changes for ghostification + * support */ #include @@ -105,6 +107,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define IP_MAX_MEMBERSHIPS 20 #define IP_MAX_MSF 10 @@ -2387,8 +2394,18 @@ #endif if (state->in_dev->mc_list == im) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if(! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, "%d\t%-10s: %5d %7s\n", + state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier); + } +#else seq_printf(seq, "%d\t%-10s: %5d %7s\n", state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier); +#endif /* CONFIG_GHOSTIFICATION */ } seq_printf(seq, @@ -2550,14 +2567,30 @@ "Device", "MCA", "SRC", "INC", "EXC"); } else { - seq_printf(seq, - "%3d %6.6s 0x%08x " - "0x%08x %6lu %6lu\n", - state->dev->ifindex, state->dev->name, - ntohl(state->im->multiaddr), - ntohl(psf->sf_inaddr), - psf->sf_count[MCAST_INCLUDE], - psf->sf_count[MCAST_EXCLUDE]); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if (! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp information in /proc " + "about ghostified interfaces (2)."); + seq_printf(seq, + "%3d %6.6s 0x%08x " + "0x%08x %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + ntohl(state->im->multiaddr), + ntohl(psf->sf_inaddr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); + } +#else + seq_printf(seq, + "%3d %6.6s 0x%08x " + "0x%08x %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + ntohl(state->im->multiaddr), + ntohl(psf->sf_inaddr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; } diff -rNuad linux-2.6.31/net/ipv4/route.c linux-2.6.31-ghost/net/ipv4/route.c --- linux-2.6.31/net/ipv4/route.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv4/route.c 2009-11-26 22:58:23.000000000 +0000 @@ -55,6 +55,9 @@ * Eric Dumazet : hashed spinlocks and rt_check_expire() fixes. * Ilia Sotnikov : Ignore TOS on PMTUD and Redirect * Ilia Sotnikov : Removed TOS from hash calculations + * Luca Saiu : trivial changes for ghostification support + * Roudiere Jonathan : ghost support to rtnetlink + * function, ghost bugfix (field) in rt_cache_seq_show * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -108,6 +111,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define RT_FL_TOS(oldflp) \ ((u32)(oldflp->fl4_tos & (IPTOS_RT_MASK | RTO_ONLINK))) @@ -375,6 +383,14 @@ "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t" "HHUptod\tSpecDst"); else { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Dont't display informations about ghost ifaces, bf */ + if(is_a_ghost_interface_name((const char*)((struct rtable*)v)->u.dst.dev->name)) { + ghost_ptk("Don't display routing informations about ghost interface (%s)", + ((const char*)((struct rtable*)v)->u.dst.dev->name)); + return 0; + } +#endif /* CONFIG_GHOSTIFICATION */ struct rtable *r = v; int len; @@ -392,11 +408,11 @@ r->fl.fl4_tos, r->u.dst.hh ? atomic_read(&r->u.dst.hh->hh_refcnt) : -1, r->u.dst.hh ? (r->u.dst.hh->hh_output == - dev_queue_xmit) : 0, + dev_queue_xmit) : 0, r->rt_spec_dst, &len); seq_printf(seq, "%*s\n", 127 - len, ""); - } + } return 0; } @@ -2833,8 +2849,13 @@ r->rtm_src_len = 32; NLA_PUT_BE32(skb, RTA_SRC, rt->fl.fl4_src); } - if (rt->u.dst.dev) + if (rt->u.dst.dev) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) */ + ghost_develmsg("Net device is = %s ",rt->u.dst.dev->name); +#endif NLA_PUT_U32(skb, RTA_OIF, rt->u.dst.dev->ifindex); + } #ifdef CONFIG_NET_CLS_ROUTE if (rt->u.dst.tclassid) NLA_PUT_U32(skb, RTA_FLOW, rt->u.dst.tclassid); @@ -2917,7 +2938,7 @@ err = -ENOBUFS; goto errout; } - + /* Reserve room for dummy headers, this skb can pass through good chunk of routing engine. */ @@ -2939,6 +2960,17 @@ if (dev == NULL) { err = -ENODEV; goto errout_free; + +#ifdef CONFIG_GHOSTIFICATION + ghost_debugmsg("Net device is %s ", dev->name); + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get a route involving a ghostified " + "interface (%s), skip", dev->name); + err = -ENODEV; + goto errout_free; + } +#endif /* CONFIG_GHOSTIFICATION */ } skb->protocol = htons(ETH_P_IP); @@ -2971,6 +3003,22 @@ if (rtm->rtm_flags & RTM_F_NOTIFY) rt->rt_flags |= RTCF_NOTIFY; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't allow get ops for route + involving a ghostified interface, unnecessary test ..(rt) */ + if (rt) { + if (rt->u.dst.dev) { + ghost_debugmsg("Net device is %s ",rt->u.dst.dev->name); + if (is_a_ghost_interface_name(rt->u.dst.dev->name)) { + ghost_ptk("Try to get a route involving a ghostified " + "interface (%s), skip", + rt->u.dst.dev->name); + err = -ENETUNREACH; + goto errout_free; + } + } + } +#endif /* CONFIG_GHOSTIFICATION */ err = rt_fill_info(net, skb, NETLINK_CB(in_skb).pid, nlh->nlmsg_seq, RTM_NEWROUTE, 0, 0); if (err <= 0) @@ -2985,6 +3033,8 @@ goto errout; } +/* (ghost support) maybe it will be necessary to modify +this func which is call in fib_frontend.c */ int ip_rt_dump(struct sk_buff *skb, struct netlink_callback *cb) { struct rtable *rt; diff -rNuad linux-2.6.31/net/ipv6/Kconfig linux-2.6.31-ghost/net/ipv6/Kconfig --- linux-2.6.31/net/ipv6/Kconfig 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv6/Kconfig 2009-11-26 22:58:23.000000000 +0000 @@ -4,8 +4,8 @@ # IPv6 as module will cause a CRASH if you try to unload it menuconfig IPV6 - tristate "The IPv6 protocol" - default m + bool "The IPv6 protocol" + default y ---help--- This is complemental support for the IP version 6. You will still be able to do traditional IPv4 networking as well. @@ -16,6 +16,10 @@ For specific information about IPv6 under Linux, read the HOWTO at . + Ghostification notes: + ===================== + IPV6 can not be built in module with ghost support. + To compile this protocol support as a module, choose M here: the module will be called ipv6. @@ -68,7 +72,7 @@ If unsure, say N. config INET6_AH - tristate "IPv6: AH transformation" + bool "IPv6: AH transformation" select XFRM select CRYPTO select CRYPTO_HMAC @@ -80,7 +84,7 @@ If unsure, say Y. config INET6_ESP - tristate "IPv6: ESP transformation" + bool "IPv6: ESP transformation" select XFRM select CRYPTO select CRYPTO_AUTHENC @@ -95,7 +99,7 @@ If unsure, say Y. config INET6_IPCOMP - tristate "IPv6: IPComp transformation" + bool "IPv6: IPComp transformation" select INET6_XFRM_TUNNEL select XFRM_IPCOMP ---help--- @@ -105,7 +109,7 @@ If unsure, say Y. config IPV6_MIP6 - tristate "IPv6: Mobility (EXPERIMENTAL)" + bool "IPv6: Mobility (EXPERIMENTAL)" depends on EXPERIMENTAL select XFRM ---help--- @@ -114,16 +118,16 @@ If unsure, say N. config INET6_XFRM_TUNNEL - tristate + bool select INET6_TUNNEL default n config INET6_TUNNEL - tristate + bool default n config INET6_XFRM_MODE_TRANSPORT - tristate "IPv6: IPsec transport mode" + bool "IPv6: IPsec transport mode" default IPV6 select XFRM ---help--- @@ -132,7 +136,7 @@ If unsure, say Y. config INET6_XFRM_MODE_TUNNEL - tristate "IPv6: IPsec tunnel mode" + bool "IPv6: IPsec tunnel mode" default IPV6 select XFRM ---help--- @@ -141,7 +145,7 @@ If unsure, say Y. config INET6_XFRM_MODE_BEET - tristate "IPv6: IPsec BEET mode" + bool "IPv6: IPsec BEET mode" default IPV6 select XFRM ---help--- @@ -150,14 +154,14 @@ If unsure, say Y. config INET6_XFRM_MODE_ROUTEOPTIMIZATION - tristate "IPv6: MIPv6 route optimization mode (EXPERIMENTAL)" + bool "IPv6: MIPv6 route optimization mode (EXPERIMENTAL)" depends on EXPERIMENTAL select XFRM ---help--- Support for MIPv6 route optimization mode. config IPV6_SIT - tristate "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" + bool "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" select INET_TUNNEL select IPV6_NDISC_NODETYPE default y @@ -174,7 +178,7 @@ bool config IPV6_TUNNEL - tristate "IPv6: IP-in-IPv6 tunnel (RFC2473)" + bool "IPv6: IP-in-IPv6 tunnel (RFC2473)" select INET6_TUNNEL ---help--- Support for IPv6-in-IPv6 and IPv4-in-IPv6 tunnels described in diff -rNuad linux-2.6.31/net/ipv6/addrconf.c linux-2.6.31-ghost/net/ipv6/addrconf.c --- linux-2.6.31/net/ipv6/addrconf.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv6/addrconf.c 2009-11-26 22:58:23.000000000 +0000 @@ -36,6 +36,9 @@ * YOSHIFUJI Hideaki @USAGI : improved source address * selection; consider scope, * status etc. + * Luca Saiu : ghostification support + * Roudiere Jonathan : ghost + * modify functions using (rt)netlink */ #include @@ -81,6 +84,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include #include @@ -446,6 +454,86 @@ return idev; } +/* + * (ghost support) Support to hide snmp6 proc infos. + */ +#ifdef CONFIG_GHOSTIFICATION +/* Utility procedure, needed for {show,hide}_proc_net_dev_snmp6_DEVICE_if_needed(). + Return a pointer to a valid inet6_dev structure on success, NULL on failure: */ +static struct inet6_dev* lookup_snmp6_device(const char *interface_name) +{ + struct net_device *device; + struct inet6_dev *idev; + + /* Lookup the device by name, obtaining an inet6_dev structure: */ + device = dev_get_by_name(&init_net, interface_name); + if(device == NULL) + return NULL; + rtnl_lock(); + idev = ipv6_find_idev(device); + rtnl_unlock(); + return idev; +} + +/* These are defined in net/ipv6/proc.c: */ +extern struct proc_dir_entry *proc_net_devsnmp6; +extern struct file_operations snmp6_seq_fops; + +/* Remove the virtual file /proc/net/dev_snmp6/DEVICE, unless + it's already hidden. Return 0 on success, nonzero on error: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name) +{ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + ghost_ptk("Hiding /proc/net/dev_snmp6/%s...", interface_name); + if(idev == NULL) /* lookup failed */ + return -EINVAL; + + /* Remove the proc/ entry, if any. If there was no entry + then remove_proc_entry() will fail, but it's ok for us: */ +#ifdef CONFIG_PROC_FS + if (!proc_net_devsnmp6) + return -ENOENT; + if (idev->stats.proc_dir_entry == NULL) + return -EINVAL; + remove_proc_entry(interface_name, proc_net_devsnmp6); +#endif /* CONFIG_PROC_FS */ + return 0; + //return snmp6_unregister_dev(idev); +} + +/* Create the virtual file /proc/net/dev_snmp6/DEVICE, unless + it's already shown. Return 0 on success, nonzero on error: */ +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name) +{ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + struct proc_dir_entry *proc_directory_entry; + ghost_ptk("Showing /proc/net/dev_snmp6/%s...", + interface_name); + if(idev == NULL) /* lookup failed */ + return -EINVAL; + if(idev->dev == NULL) /* I doubt this may happen... */ + return -EINVAL; +#ifdef CONFIG_PROC_FS + if(!proc_net_devsnmp6) /* there isn't any /proc/net/dev_snmp6 */ + return -ENOENT; + if((proc_directory_entry = create_proc_entry(interface_name, + S_IRUGO, proc_net_devsnmp6)) == NULL) + return -ENOMEM; + proc_directory_entry->data = idev; + proc_directory_entry->proc_fops = &snmp6_seq_fops; + idev->stats.proc_dir_entry = proc_directory_entry; +#endif /* CONFIG_PROC_FS */ + return 0; + /* return snmp6_register_dev(idev); */ +} +EXPORT_SYMBOL(show_proc_net_dev_snmp6_DEVICE_if_needed); +EXPORT_SYMBOL(hide_proc_net_dev_snmp6_DEVICE_if_needed); +#endif /* CONFIG_GHOSTIFICATION */ + +/* + * End of ghostification support + */ + #ifdef CONFIG_SYSCTL static void dev_forward_change(struct inet6_dev *idev) { @@ -2151,6 +2239,10 @@ return PTR_ERR(ifp); } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_addr_del(struct net *net, int ifindex, struct in6_addr *pfx, unsigned int plen) { @@ -2165,6 +2257,15 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to delete address on a ghostified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + if ((idev = __in6_dev_get(dev)) == NULL) return -ENXIO; @@ -2979,6 +3080,22 @@ static int if6_seq_show(struct seq_file *seq, void *v) { struct inet6_ifaddr *ifp = (struct inet6_ifaddr *)v; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information about ghost interfaces */ + if (is_a_ghost_interface_name(ifp->idev->dev->name)) { + ghost_ptk("Don't show informations about a ghostified " + "interface (%s) under /proc.", + ifp->idev->dev->name); + } else { + seq_printf(seq, "%pi6 %02x %02x %02x %02x %8s\n", + &ifp->addr, + ifp->idev->dev->ifindex, + ifp->prefix_len, + ifp->scope, + ifp->flags, + ifp->idev->dev->name); + } +#else seq_printf(seq, "%pi6 %02x %02x %02x %02x %8s\n", &ifp->addr, ifp->idev->dev->ifindex, @@ -2986,6 +3103,8 @@ ifp->scope, ifp->flags, ifp->idev->dev->name); +#endif /* CONFIG_GHOSTIFICATION */ + return 0; } @@ -3193,6 +3312,10 @@ [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) }, }; +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { @@ -3210,7 +3333,9 @@ pfx = extract_addr(tb[IFA_ADDRESS], tb[IFA_LOCAL]); if (pfx == NULL) return -EINVAL; - + /* (ghost support) we could/should stop here a request involving a + ghostified interface but inet6_addr_del already do a part of our work + (get dev etc ..) so instead we modify inet6_addr_del */ return inet6_addr_del(net, ifm->ifa_index, pfx, ifm->ifa_prefixlen); } @@ -3259,6 +3384,10 @@ return 0; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { @@ -3296,6 +3425,15 @@ if (dev == NULL) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to add a address to a ghostified interface (%s). Failing.", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + /* We ignore other flags so far. */ ifa_flags = ifm->ifa_flags & (IFA_F_NODAD | IFA_F_HOMEADDRESS); @@ -3464,6 +3602,12 @@ ANYCAST_ADDR, }; +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc; + * inet6_dump_addr is called by inet6_dump_{ifaddr,ifmcaddr,ifacaddr} + * and call the appropriate inet6_fill_* function. + */ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb, enum addr_type_t type) { @@ -3489,6 +3633,17 @@ ip_idx = 0; if ((idev = in6_dev_get(dev)) == NULL) goto cont; + +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get infos about addresses of a ghostified interface (%s), skip.", + dev->name); + goto cont; + /* return -ENODEV; don't use it */ + } +#endif /* CONFIG_GHOSTIFICATION */ + read_lock_bh(&idev->lock); switch (type) { case UNICAST_ADDR: @@ -3560,7 +3715,6 @@ return inet6_dump_addr(skb, cb, type); } - static int inet6_dump_ifacaddr(struct sk_buff *skb, struct netlink_callback *cb) { enum addr_type_t type = ANYCAST_ADDR; @@ -3568,6 +3722,10 @@ return inet6_dump_addr(skb, cb, type); } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_getaddr(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) { @@ -3594,6 +3752,17 @@ if (ifm->ifa_index) dev = __dev_get_by_index(net, ifm->ifa_index); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (dev) { + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get address of a ghostified interface (%s), skip.", + dev->name); + return -ENODEV; + } + } +#endif /* CONFIG_GHOSTIFICATION */ + if ((ifa = ipv6_get_ifaddr(net, addr, dev, 1)) == NULL) { err = -EADDRNOTAVAIL; goto errout; @@ -3802,6 +3971,10 @@ return -EMSGSIZE; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb) { struct net *net = sock_net(skb->sk); @@ -3813,6 +3986,14 @@ read_lock(&dev_base_lock); idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to dump address infos about a ghostified interface (%s), skip.", + dev->name); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if ((idev = in6_dev_get(dev)) == NULL) @@ -3840,7 +4021,6 @@ skb = nlmsg_new(inet6_if_nlmsg_size(), GFP_ATOMIC); if (skb == NULL) goto errout; - err = inet6_fill_ifinfo(skb, idev, 0, 0, event, 0); if (err < 0) { /* -EMSGSIZE implies BUG in inet6_if_nlmsg_size() */ diff -rNuad linux-2.6.31/net/ipv6/ip6_fib.c linux-2.6.31-ghost/net/ipv6/ip6_fib.c --- linux-2.6.31/net/ipv6/ip6_fib.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv6/ip6_fib.c 2009-11-26 22:58:23.000000000 +0000 @@ -275,6 +275,8 @@ #endif +/* (ghost support) iterate on net device, don't modify this function, +we can return ENODEV here, user-space tools (as ip) dump iface list before */ static int fib6_dump_node(struct fib6_walker_t *w) { int res; @@ -320,7 +322,6 @@ { struct fib6_walker_t *w; int res; - w = (void *)cb->args[2]; w->root = &table->tb6_root; diff -rNuad linux-2.6.31/net/ipv6/mcast.c linux-2.6.31-ghost/net/ipv6/mcast.c --- linux-2.6.31/net/ipv6/mcast.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv6/mcast.c 2009-11-26 22:59:37.000000000 +0000 @@ -24,6 +24,10 @@ * - MLD for link-local addresses. * David L Stevens : * - MLDv2 support + * Luca Saiu : + * - trivial changes for ghostification support + * Roudiere Jonathan + * - trivial changes to correct an forgetting */ #include @@ -61,6 +65,11 @@ #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Set to 3 to get tracing... */ #define MCAST_DEBUG 2 @@ -2440,6 +2449,20 @@ struct ifmcaddr6 *im = (struct ifmcaddr6 *)v; struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information about ghost interfaces */ + if(! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp6 information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, + "%-4d %-15s %pi6 %5d %08X %ld\n", + state->dev->ifindex, state->dev->name, + &im->mca_addr, + im->mca_users, im->mca_flags, + (im->mca_flags&MAF_TIMER_RUNNING) ? + jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); + } +#else seq_printf(seq, "%-4d %-15s %pi6 %5d %08X %ld\n", state->dev->ifindex, state->dev->name, @@ -2447,6 +2470,7 @@ im->mca_users, im->mca_flags, (im->mca_flags&MAF_TIMER_RUNNING) ? jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); +#endif /* CONFIG_GHOSTIFICATION */ return 0; } @@ -2601,6 +2625,20 @@ "Device", "Multicast Address", "Source Address", "INC", "EXC"); } else { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if (! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp6 information in /proc" + " about ghostified interfaces (2)."); + seq_printf(seq, + "%3d %6.6s %pi6 %pi6 %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + &state->im->mca_addr, + &psf->sf_addr, + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); + } +#else seq_printf(seq, "%3d %6.6s %pi6 %pi6 %6lu %6lu\n", state->dev->ifindex, state->dev->name, @@ -2608,6 +2646,7 @@ &psf->sf_addr, psf->sf_count[MCAST_INCLUDE], psf->sf_count[MCAST_EXCLUDE]); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; } diff -rNuad linux-2.6.31/net/ipv6/proc.c linux-2.6.31-ghost/net/ipv6/proc.c --- linux-2.6.31/net/ipv6/proc.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv6/proc.c 2009-11-26 22:59:07.000000000 +0000 @@ -9,6 +9,8 @@ * * Authors: David S. Miller (davem@caip.rutgers.edu) * YOSHIFUJI Hideaki + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -29,6 +31,16 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include + +/* (ghost support) We don't want this to be static, as it has to + be read at ghostifying and unghostifying time */ +struct proc_dir_entry *proc_net_devsnmp6; +EXPORT_SYMBOL(proc_net_devsnmp6); +#endif /* CONFIG_GHOSTIFICATION */ + static int sockstat6_seq_show(struct seq_file *seq, void *v) { struct net *net = seq->private; @@ -200,6 +212,18 @@ return single_open_net(inode, file, snmp6_seq_show); } +/* (ghost support) This was originally static, +but we need to make it visible */ +#ifdef CONFIG_GHOSTIFICATION +struct file_operations snmp6_seq_fops = { + .owner = THIS_MODULE, + .open = snmp6_seq_open, + .read = seq_read, + .llseek = seq_lseek, + .release = single_release, +}; +EXPORT_SYMBOL(snmp6_seq_fops); +#else static const struct file_operations snmp6_seq_fops = { .owner = THIS_MODULE, .open = snmp6_seq_open, @@ -207,6 +231,7 @@ .llseek = seq_lseek, .release = single_release_net, }; +#endif /* CONFIG_GHOSTIFICATION */ static int snmp6_dev_seq_show(struct seq_file *seq, void *v) { diff -rNuad linux-2.6.31/net/ipv6/route.c linux-2.6.31-ghost/net/ipv6/route.c --- linux-2.6.31/net/ipv6/route.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv6/route.c 2009-11-26 22:58:23.000000000 +0000 @@ -22,6 +22,10 @@ * reachable. otherwise, round-robin the list. * Ville Nuorvala * Fixed routing subtrees. + * Luca Saiu + * trivial changes for ghostification support + * Roudiere Jonathan + * ghostification support update, modify functions using netlink */ #include @@ -60,6 +64,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Set to 3 to get tracing. */ #define RT6_DEBUG 2 @@ -1115,10 +1124,6 @@ return hoplimit; } -/* - * - */ - int ip6_route_add(struct fib6_config *cfg) { int err; @@ -1830,6 +1835,8 @@ struct in6_rtmsg rtmsg; int err; + /* (ghost support) don't make any change, changes + have been made later for ioctl request */ switch(cmd) { case SIOCADDRT: /* Add a route */ case SIOCDELRT: /* Delete a route */ @@ -2133,26 +2140,84 @@ return err; } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc. + */ static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) { struct fib6_config cfg; int err; - err = rtm_to_fib6_config(skb, nlh, &cfg); - if (err < 0) - return err; +#ifdef CONFIG_GHOSTIFICATION + struct net *net = NULL; + struct net_device *dev = NULL; + + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; + + /* (ghost support) get the net struct through sock struct */ + net = sock_net(skb->sk); + if(!net) + return ip6_route_del(&cfg); /* do that or exit on error ... */ + /* (ghost support) get the net_device struct through fib6_config */ + dev = dev_get_by_index(net, cfg.fc_ifindex); + if(!dev) + return ip6_route_del(&cfg); /* do that or exit on error ... */ + /* (ghost support) ok we know the device name so if it + is a ghostified interface, return device not exist */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to del route involving a ghostified interface (%s). Failing", + dev->name); + return -ENODEV; + } +#else + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; +#endif /* CONFIG_GHOSTIFICATION */ return ip6_route_del(&cfg); } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc. + */ static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) { struct fib6_config cfg; int err; +#ifdef CONFIG_GHOSTIFICATION + struct net *net = NULL; + struct net_device *dev = NULL; + err = rtm_to_fib6_config(skb, nlh, &cfg); if (err < 0) return err; + + /* (ghost support) get the net struct through sock struct */ + net = sock_net(skb->sk); + if(!net) + return ip6_route_add(&cfg); /* do that or exit on error ... */ + /* (ghost support) get the net_device struct through fib6_config */ + dev = dev_get_by_index(net, cfg.fc_ifindex); + if(!dev) + return ip6_route_add(&cfg); /* do that or exit on error ... */ + /* (ghost support) ok we know the device name so if it is + a ghostified interface, return device not exist */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to add route involving a ghostified interface (%s). Failing.", + dev->name); + return -ENODEV; + } +#else + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; +#endif /* CONFIG_GHOSTIFICATION */ return ip6_route_add(&cfg); } @@ -2172,6 +2237,10 @@ + nla_total_size(sizeof(struct rta_cacheinfo)); } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc + */ static int rt6_fill_node(struct net *net, struct sk_buff *skb, struct rt6_info *rt, struct in6_addr *dst, struct in6_addr *src, @@ -2183,6 +2252,19 @@ long expires; u32 table; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("rtnetlink msg type %i, pid %i and seq %i", + type, pid, seq); + /* (ghost support) this function is called by by rt6_dump_route, and + inet6_rtm_get_route and inet6_rt_notify, test if it is a kernel request*/ + if (rt->rt6i_dev->name) + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Try to get/notify route infos about a " + "ghostified interface (%s), skip.", + rt->rt6i_dev->name); + return 1; + } +#endif /* CONFIG_GHOSTIFICATION */ if (prefix) { /* user wants prefix routes only */ if (!(rt->rt6i_flags & RTF_PREFIX_RT)) { /* success since this is not a prefix route */ @@ -2290,10 +2372,26 @@ return -EMSGSIZE; } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc, + */ int rt6_dump_route(struct rt6_info *rt, void *p_arg) { struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg; int prefix; + +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg(" rtnetlink mesg %i, pid %i and seq %i", + arg->cb->nlh->nlmsg_type, arg->cb->nlh->nlmsg_pid, arg->cb->nlh->nlmsg_seq); + /* if (rt->rt6i_dev) + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Try to dump route infos about a ghostified interface (%s), skip", + rt->rt6i_dev->name); + return -ENODEV; errro maybe come from here, modify instead + rt6_fill_node which has multiple callers + } */ +#endif /* CONFIG_GHOSTIFICATION */ if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) { struct rtmsg *rtm = nlmsg_data(arg->cb->nlh); @@ -2307,6 +2405,8 @@ prefix, 0, NLM_F_MULTI); } +/* (ghost support) Don't make changes here, function +rt6_fill_node has been modified instead */ static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) { struct net *net = sock_net(in_skb->sk); @@ -2452,6 +2552,17 @@ { struct seq_file *m = p_arg; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Do nothing if this route involves a + ghostified interface */ + if(rt->rt6i_dev != NULL) /* can't use &&: evaluation order is undefined */ + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Don't show any informations under /proc/net" + "involving a ghostified interface (%s)", + rt->rt6i_dev->name); + return 0; + } +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(m, "%pi6 %02x ", &rt->rt6i_dst.addr, rt->rt6i_dst.plen); #ifdef CONFIG_IPV6_SUBTREES diff -rNuad linux-2.6.31/net/netfilter/core.c linux-2.6.31-ghost/net/netfilter/core.c --- linux-2.6.31/net/netfilter/core.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/netfilter/core.c 2009-11-26 23:00:16.000000000 +0000 @@ -5,6 +5,8 @@ * way. * * Rusty Russell (C)2000 -- This code is GPL. + * Little change by Jonathan Roudiere to add + * Ghostification support (bypass netfilter for ghost interface). */ #include #include @@ -22,6 +24,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "nf_internals.h" static DEFINE_MUTEX(afinfo_mutex); @@ -59,7 +66,6 @@ { struct nf_hook_ops *elem; int err; - err = mutex_lock_interruptible(&nf_hook_mutex); if (err < 0) return err; @@ -169,7 +175,158 @@ rcu_read_lock(); elem = &nf_hooks[pf][hook]; + next_hook: + /* + * (ghost support) Netfilter ghostification support. + * Perform too much tests here is not a good idea because all + * network packets pass through this section but we have + * not other choice to skip netfilter hooks (per hook). + */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER + /* + * Bypass all Netfilter hooks (for ipv4/6, arp, bridge) for any + * ghostified interface (eq. to return NF_ACCEPT for each packet which + * go through an interface which is ghostified (do that at hook level + * in order to skip all chains's rules hang on the hooks)) + */ + + /* don't use ghost_debugmsg macro in this section + because it may introduce too much delay */ + ghost_develmsg("Enter in hook (pf=%i) (hook=%i) from indev->name = " + "%s to outdev->name = %s", pf, hook, indev->name, outdev->name); + +/* If we wish to skip all netfilter hooks for all PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ALL + /* + * outdev->name field is defined in OUTPUT, FORWARD and POSTROUTING hooks, + * if it is a ghostified interface then we must bypass netfilter hooks + * (and all rules chains), we start here (with outdev) to bypass netfilter's + * hooks in the case where we are in FORWARD. + */ + if ((outdev->name) != NULL) { + if (!is_a_ghost_interface_name(outdev->name)) { + ghost_develmsg("(outdev->name) = %s is not a ghostfied interface", + (outdev->name)); + goto apply_hook; + } else { + ghost_develmsg("(outdev->name) = %s is a ghostfied interface", + (outdev->name)); + ret = 1; + goto unlock; + } + } + /* + * indev->name field is defined in PREROUTING, FORWARD and INPUT hooks, + * if it is a ghostified interface then we must bypass netfilter hooks + * (and all rules chains), if we are in FORWARD hook and outdev/indev->name + * is not a ghostified interface then we can go towards hooks. + */ + if ((indev->name) != NULL) { + if (!is_a_ghost_interface_name(indev->name)) { + ghost_develmsg("(indev->name) = %s is not a ghostfied interface", + (indev->name)); + goto apply_hook; + } else { + ghost_develmsg("(indev->name) = %s is a ghostfied interface", + (indev->name)); + ret = 1; + goto unlock; + } + } + +/* + * If GHOSTIFICATION_NETFILTER_ALL is not defined neither any + * GHOSTIFICATION_NETFILTER_PF then we 'll skip all this code chunk. + * (about performance, choose to skip netfilter just for certains PF + * is the most bad things we can do, but ...) + */ +#elif (defined(CONFIG_GHOSTIFICATION_NETFILTER_IPV4) || defined(CONFIG_GHOSTIFICATION_NETFILTER_IPV6) || \ + defined(CONFIG_GHOSTIFICATION_NETFILTER_ARP) || defined(CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE)) + /* Here we have the same logic as previously (in GHOSTIFICATION_NETFILTER_ALL) + but with the ability to choose what are the PFs that we want to skip */ + if ((outdev->name) != NULL) { + if (!is_a_ghost_interface_name(outdev->name)) { + ghost_develmsg("(outdev->name) = %s is not a ghostfied interface", + (outdev->name)); + goto apply_hook; + } else { + ghost_develmsg("(outdev->name) = %s is a ghostfied interface", + (outdev->name)); + /* start with IPv4, IPv6 because they are the most current PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV4 + if (pf == PF_INET) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV4 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV6 + if (pf == PF_INET6) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV6 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ARP + if (pf == NF_ARP) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_ARP */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE + if (pf == PF_BRIDGE) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE */ + /* We arrive here that is because we are not in a PF + that we wish skip so we apply rules chain (for decnet) */ + goto apply_hook; + } + } + if ((indev->name) != NULL) { + if (!is_a_ghost_interface_name(indev->name)) { + ghost_develmsg("(indev->name) = %s is not a ghostfied interface", + (indev->name)); + goto apply_hook; + } else { + ghost_develmsg("(indev->name) = %s is a ghostfied interface", + (indev->name)); + /* start with IPv4, IPv6 because they are the most current PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV4 + if (pf == PF_INET) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV4 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV6 + if (pf == PF_INET6) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV6 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ARP + if (pf == NF_ARP) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_ARP */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE + if (pf == PF_BRIDGE) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE */ + /* We arrive here that is because we are not in a PF + that we wish skip so we apply rules chain (for decnet) */ + goto apply_hook; + } + } + +#endif /* CONFIG_GHOSTIFICATION_ALL */ +apply_hook: +#endif /* CONFIG_GHOSTIFICATION_NETFILTER */ +/* (ghost support) End of ghostification support */ + verdict = nf_iterate(&nf_hooks[pf][hook], skb, hook, indev, outdev, &elem, okfn, hook_thresh); if (verdict == NF_ACCEPT || verdict == NF_STOP) { @@ -182,6 +339,9 @@ verdict >> NF_VERDICT_BITS)) goto next_hook; } +#ifdef CONFIG_GHOSTIFICATION_NETFILTER +unlock: +#endif rcu_read_unlock(); return ret; } diff -rNuad linux-2.6.31/net/packet/af_packet.c linux-2.6.31-ghost/net/packet/af_packet.c --- linux-2.6.31/net/packet/af_packet.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/packet/af_packet.c 2009-11-26 22:58:23.000000000 +0000 @@ -8,6 +8,7 @@ * Authors: Ross Biro * Fred N. van Kempen, * Alan Cox, + * Luca Saiu : Trivial changes for ghostification * * Fixes: * Alan Cox : verify_area() now used correctly @@ -84,6 +85,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Assumptions: - if device has no dev->hard_header routine, it adds and removes ll header @@ -549,6 +555,18 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Drop packets involving ghost interfaces: + * we don't want the user to be able to sniff them + */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Drop a packet which is going through a ghostified interface (rcv)"); + goto drop; + } +#endif /* CONFIG_GHOSTIFICATION */ + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -670,6 +688,18 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Drop packets involving ghost interfaces: + * we don't want the user to be able to sniff them. + */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Drop a packet which is going through a ghostified interface (trcv)"); + goto drop; + } +#endif /* CONFIG_GHOSTIFICATION */ + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -2420,17 +2450,38 @@ struct sock *s = v; const struct packet_sock *po = pkt_sk(s); +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Don't show packets involving ghost devices + */ + struct net_device *net_device = dev_get_by_index(sock_net(s), po->ifindex); + if(! is_a_ghost_interface_name(net_device->name)) { + ghost_debugmsg("Don't show packets involving ghostified interface"); + seq_printf(seq, + "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", + s, + atomic_read(&s->sk_refcnt), + s->sk_type, + ntohs(po->num), + po->ifindex, + po->running, + atomic_read(&s->sk_rmem_alloc), + sock_i_uid(s), + sock_i_ino(s) ); + } +#else seq_printf(seq, - "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", - s, - atomic_read(&s->sk_refcnt), - s->sk_type, - ntohs(po->num), - po->ifindex, - po->running, - atomic_read(&s->sk_rmem_alloc), - sock_i_uid(s), - sock_i_ino(s) ); + "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", + s, + atomic_read(&s->sk_refcnt), + s->sk_type, + ntohs(po->num), + po->ifindex, + po->running, + atomic_read(&s->sk_rmem_alloc), + sock_i_uid(s), + sock_i_ino(s) ); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/linux-2.6.29-ghost.patch0000644000175000017500000030153113175722671025673 0ustar lucaslucasdiff -rNuad linux-2.6.29/include/linux/netdevice.h linux-2.6.29-ghost/include/linux/netdevice.h --- linux-2.6.29/include/linux/netdevice.h 2009-03-23 23:12:14.000000000 +0000 +++ linux-2.6.29-ghost/include/linux/netdevice.h 2009-11-26 22:38:27.000000000 +0000 @@ -14,6 +14,8 @@ * Alan Cox, * Bjorn Ekwall. * Pekka Riikonen + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -1896,4 +1898,12 @@ extern struct pernet_operations __net_initdata loopback_net_ops; #endif /* __KERNEL__ */ +/* + * (ghost support) Just check whether the given name + * belongs to the ghost interface + */ +#ifdef CONFIG_GHOSTIFICATION +int is_a_ghost_interface_name(const char *interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + #endif /* _LINUX_DEV_H */ diff -rNuad linux-2.6.29/include/linux/sockios.h linux-2.6.29-ghost/include/linux/sockios.h --- linux-2.6.29/include/linux/sockios.h 2009-03-23 23:12:14.000000000 +0000 +++ linux-2.6.29-ghost/include/linux/sockios.h 2009-11-26 22:38:27.000000000 +0000 @@ -9,6 +9,8 @@ * * Authors: Ross Biro * Fred N. van Kempen, + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -83,6 +85,13 @@ #define SIOCWANDEV 0x894A /* get/set netdev parameters */ +/* (ghost support) ghostification's ioctl */ +#ifdef CONFIG_GHOSTIFICATION +#define SIOKLOG 0x894D /* Write a string to the log */ +#define SIOCGIFGHOSTIFY 0x894E /* Make a network device 'ghost' */ +#define SIOCGIFUNGHOSTIFY 0x894F /* Make a network device 'ghost' */ +#endif /* CONFIG_GHOSTIFICATION */ + /* ARP cache control calls. */ /* 0x8950 - 0x8952 * obsolete calls, don't re-use */ #define SIOCDARP 0x8953 /* delete ARP table entry */ diff -rNuad linux-2.6.29/include/net/ghostdebug.h linux-2.6.29-ghost/include/net/ghostdebug.h --- linux-2.6.29/include/net/ghostdebug.h 1970-01-01 00:00:00.000000000 +0000 +++ linux-2.6.29-ghost/include/net/ghostdebug.h 2009-11-26 22:38:27.000000000 +0000 @@ -0,0 +1,93 @@ +/* + * Ghost support: + * Some trivials macros for display messages, trace ghost ops, + * debug and devel the ghostification kernel patch. + * + * Authors: Roudiere Jonathan, + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version + * 2 of the License, or (at your option) any later version. + */ + +#ifndef __GHOSTDEBUG__ +#define __GHOSTDEBUG__ + +#ifdef CONFIG_GHOSTIFICATION + +/* + * Ghost macros: there are three type of macros for three kind of + * information level : + * + * - the first one is ghost_ptk, that is a simple printk with the + * KERN_INFO log level, it is the standard type of display used + * by the ghostification kernel code to allow user to monitor + * ghost operations, if GHOSTIFICATION_PRINTK is not defined then + * user will not any information about the ghostified interfaces + * and the ghost engine (almost any infos ;-)), + * + * - ghost_debug and ghost_debugmsg are respectively used to show a + * calling card in a part of the code (function, files) and to show + * in plus informations additional (variable, etc ..), these two macros + * display messages with the level KERNEL_DEBUG, + * + * - ghost_devel and ghost_develmsg are very similar (redundant) + * in both previous ones, they are mainly used for the development + * of the patch to follow the stream of execution, activate + * GHOSTIFICATION_DEVEL has interest only for developers. + * +*/ + +/* + * Macro usable to debug during normal usage of the kernel. +*/ +#ifdef CONFIG_GHOSTIFICATION_DEBUG +#define ghost_debug \ + printk(KERN_DEBUG \ + "(ghost_debug): file(%s): funct(%s): line(%04d): -- info debug -- \n", \ + __FILE__, __FUNCTION__, __LINE__) +#define ghost_debugmsg(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost_debug): file(%s): funct(%s): line(%04d): " msg "\n", \ + __FILE__, __FUNCTION__, __LINE__, ##args) +#else +#define ghost_debug +#define ghost_debugmsg(msg,args...) +#endif + +/* + * A little bit redundant with the macro ghost_debug/debugmsg + * but allows a difference in the use, they are not used for the + * debugging, but to verify roads borrowed during the development. + * (note: certainly remove at next release of the patch) +*/ +#ifdef CONFIG_GHOSTIFICATION_DEVEL +#define ghost_devel \ + printk(KERN_DEBUG \ + "(ghost_devel): file(%s): funct(%s): line(%04d): -- info devel -- \n", \ + __FILE__, __FUNCTION__, __LINE__) +#define ghost_develmsg(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost_devel): file(%s): funct(%s): line(%04d): " msg "\n", \ + __FILE__, __FUNCTION__, __LINE__, ##args) +#else +#define ghost_devel +#define ghost_develmsg(msg,args...) +#endif + +/* + * Macro to display all message from chunk of code which has + * ghostification in charge (use macro to add debug level later). +*/ +#ifdef CONFIG_GHOSTIFICATION_PRINTK +#define ghost_ptk(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost) " msg "\n", ##args) +#else +#define ghost_ptk(msg,args...) +#endif + +#endif /* CONFIG_GHOSTIFICATION */ + +#endif /* __GHOSTDEBUG__ */ diff -rNuad linux-2.6.29/kernel/softirq.c linux-2.6.29-ghost/kernel/softirq.c --- linux-2.6.29/kernel/softirq.c 2009-03-23 23:12:14.000000000 +0000 +++ linux-2.6.29-ghost/kernel/softirq.c 2009-11-26 22:38:27.000000000 +0000 @@ -109,8 +109,11 @@ */ void _local_bh_enable(void) { +/* (ghost support) we don't want disturbe user's console */ +#ifndef CONFIG_GHOSTIFICATION WARN_ON_ONCE(in_irq()); WARN_ON_ONCE(!irqs_disabled()); +#endif if (softirq_count() == SOFTIRQ_OFFSET) trace_softirqs_on((unsigned long)__builtin_return_address(0)); @@ -121,7 +124,10 @@ static inline void _local_bh_enable_ip(unsigned long ip) { +/* (ghost support) we don't want disturbe user's console */ +#ifndef CONFIG_GHOSTIFICATION WARN_ON_ONCE(in_irq() || irqs_disabled()); +#endif #ifdef CONFIG_TRACE_IRQFLAGS local_irq_disable(); #endif diff -rNuad linux-2.6.29/net/Kconfig linux-2.6.29-ghost/net/Kconfig --- linux-2.6.29/net/Kconfig 2009-03-23 23:12:14.000000000 +0000 +++ linux-2.6.29-ghost/net/Kconfig 2009-11-26 22:38:27.000000000 +0000 @@ -167,6 +167,105 @@ source "net/decnet/netfilter/Kconfig" source "net/bridge/netfilter/Kconfig" +config GHOSTIFICATION_NETFILTER + bool "Ghostification support to netfilter" + depends on GHOSTIFICATION && NETFILTER_ADVANCED + default y + help + Ghostification support to Netfilter. Allow to bypass all + Netfilter's hooks (INPUT, OUTPUT, FORWARD, POSTROUTING and + PREROUTING (when available)) and that for all layer or protocol: + ARP, Bridge, IPv4, IPv6 (and Decnet) or just for one protocol + or layer. + If you choose to activate the Ghostification of Netfilter then + all the network packets which come from, or go to an ghostified + interface will not get through the hooks of Netfilter; so rules + which have been created with Iptables, Ip6tables, Arptables or + Ebtables will have no effect on these packets. + Note: This option allows you to have access to the options of + configuration of the Ghostification of Netfilter but it activates + no section of code; you will thus need to select one or some + among those this below. + +config GHOSTIFICATION_NETFILTER_ALL + bool "Ghostification support to netfilter, skip all hooks" + depends on GHOSTIFICATION_NETFILTER + default y + help + Netfiter Ghostification support for all protocols/layers. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass + Netfilter's hooks; thus any actions or rules which have been + created through Iptables, Ip6tables, Arptables or Ebtables + will not have any effect on this packets. + +config GHOSTIFICATION_NETFILTER_ARP + bool "Ghostification support to netfilter, skip ARP hooks" + depends on GHOSTIFICATION_NETFILTER && IP_NF_ARPTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the ARP protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass Arp + hooks of Netfilter; thus the rules which have been created + with the Arptables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_BRIDGE + bool "Ghostification support to netfilter, skip Bridge hooks" + depends on GHOSTIFICATION_NETFILTER && BRIDGE_NF_EBTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the Bridge protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass Bridge + hooks of Netfilter; thus the rules which have been created + with the Ebtables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_IPV4 + bool "Ghostification support to netfilter, skip IPv4 hooks" + depends on GHOSTIFICATION_NETFILTER && !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the IPv4 protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass IPv4 + hooks of Netfilter; thus the rules which have been created + with the Iptables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_IPV6 + bool "Ghostification support to netfilter, skip IPv6 hooks" + depends on GHOSTIFICATION_NETFILTER && IP6_NF_IPTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the IPv6 protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass IPv6 + hooks of Netfilter; thus the rules which have been created + with the Ip6tables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + endif source "net/dccp/Kconfig" @@ -251,4 +350,93 @@ source "net/rfkill/Kconfig" source "net/9p/Kconfig" +config GHOSTIFICATION + bool "Ghostification support" + depends on INET + default y + help + Ghostification support allow you to hide network interfaces + on your system. Ghostify and Unghostify are the actions which + make dynamically invisible and visible a network interface/cards + (eth0, lo, tun, ...) for the userspace. + When a network interface is ghostified, users of your system + can not see it with userspace tools like ifconfig, route, iproute, + netstat and/or have statistics about it. However even if a network + interface is ghostified it is always possible to open a socket + using the Ip address of this interface, ping this interface or + any host connected to the same network remains possible; has the + opposite, it is not possible to sniff packets on a ghostified + interface with userspace tools like tcpdump, wireshark, ... + Informations about a ghostified interface are hidden under /proc + but they can be find under /sys, it is a limit of the ghostification + patch. + For more informations about Ghostification patch and engine see + the README of the tarball that you have used or go to website of + the Marionnet project at . + + +config GHOSTIFICATION_NUM + int "Ghostification support : max number of possible ghostified interface" + depends on GHOSTIFICATION + range 4 32 + default 8 + help + Here you can choose the number of network interfaces that + you will be allowed to ghostify. This number must be between + 4 and 32. + +config GHOSTIFICATION_MESG + bool "Ghostification messages, display, debug and devel" + depends on GHOSTIFICATION + default y + help + Ghostification messages configuration. This option allow + you to have acces to the options which configure and control + the type of messages that you want the ghostification engine + diplay (visible through syslogd). + There are three options which make more or less verbose the + ghostification engine. You can choose to not select any + options below if you want to try to hide the ghostification + operations for the users of your system. + Note: This option allows you to have access to the options + which control the number of messages and the verbosity of + the Ghostification engine but it activates no section of + code; you will thus need to select one or some among those + this below. + +config GHOSTIFICATION_PRINTK + bool "Ghostification, messages to monitor ghost operations" + depends on GHOSTIFICATION_MESG + default y + help + This option allow you to activate normal messsages from the + ghostification engine, those messages are display through a + simple printk (visible through syslogd), this messages allow + to have informations about the ghost operations (like "the + interface ethX has been ghostified", "unghostified", "is already + ghostified", etc ...). If you really wish to hide ghostified + interfaces and ghost operations for the users of your system + don't select this option. + +config GHOSTIFICATION_DEBUG + bool "Ghostification, debugging messages to monitor ghost operations" + depends on GHOSTIFICATION_MESG + help + This option increase the verbosity of the ghostification engine, + allow to get more informations in order to debug the ghost ops. + This option is in general used to verify the result of a test or + to display the datas (interface name, pid of a calling process, ...) + which are treated by the ghost engine. + +config GHOSTIFICATION_DEVEL + bool "Ghostification, helping messages to trace ghost operations (devel)" + depends on GHOSTIFICATION_MESG + help + This option give more informations that the option above, it is use + by developer of the ghostification patch in order to control some + paths used in the kernel code and the datas which are manipulated. + This option is a little redundant with the debug option but allow + to have a better granularity, maybe it will be remove for the next + release of the ghostification patch. + endif # if NET diff -rNuad linux-2.6.29/net/core/dev.c linux-2.6.29-ghost/net/core/dev.c --- linux-2.6.29/net/core/dev.c 2009-03-23 23:12:14.000000000 +0000 +++ linux-2.6.29-ghost/net/core/dev.c 2009-11-26 22:38:27.000000000 +0000 @@ -18,6 +18,7 @@ * Alexey Kuznetsov * Adam Sulmicki * Pekka Riikonen + * Luca Saiu (ghostification support) * * Changes: * D.J. Barrow : Fixed bug where dev->refcnt gets set @@ -70,6 +71,8 @@ * indefinitely on dev->refcnt * J Hadi Salim : - Backlog queue sampling * - netif_rx() feedback + * Roudiere Jonathan : make some buxfix in ghostification engine + * verify CAP_NET_ADMIN before (un)ghost iface */ #include @@ -136,6 +139,230 @@ #define GRO_MAX_HEAD (MAX_HEADER + 128) /* + * (ghost support) Chunk of code which has in charge + * the ghostification of network interfaces. + */ +#ifdef CONFIG_GHOSTIFICATION +#include + +/* The maximum number of ghost interfaces allowed at any given time: */ +#define MAX_GHOST_INTERFACES_NO CONFIG_GHOSTIFICATION_NUM + +/* + * A crude unsorted array of unique names, where "" stands for an + * empty slot. Elements are so few that an hash table would be overkill, + * and possibly also less efficient than this solution: + */ +static char ghost_interface_names[MAX_GHOST_INTERFACES_NO][IFNAMSIZ]; + +/* A lock protecting the ghost interfaces' support structure: */ +/* static DEFINE_SPINLOCK(ghostification_spin_lock); */ +static rwlock_t ghostification_spin_lock = RW_LOCK_UNLOCKED; + +/* Lock disabling local interrupts and saving flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + unsigned long flags; write_lock_irqsave(&ghostification_spin_lock, flags) + +/* Unlock re-enabling interrupts and restoring flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + write_unlock_irqrestore(&ghostification_spin_lock, flags) + +/* Lock disabling local interrupts and saving flags. This is for + readers, which are allowed to execute concurrently: */ +#define LOCK_GHOSTIFICATION_FOR_READING \ + unsigned long flags; read_lock_irqsave(&ghostification_spin_lock, flags) + +/* Lock re-enabling interrupts and restoring flags. This is for + readers, which are allowed to execute concurrently: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING \ + read_unlock_irqrestore(&ghostification_spin_lock, flags) + +#ifdef CONFIG_IPV6 +/* Defined in net/ipv6/addrconf.c: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +#endif /* CONFIG_IPV6 */ + +/* Return the index of the given element (which may be "") within + ghost_interface_names, or -1 on failure. Note that this must be + executed in a critical section: */ +static int __lookup_ghost_interface_names(const char *interface_name) +{ + int i; + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(!strcmp(interface_name, ghost_interface_names[i])) + return i; /* we found the given name in the i-th element */ + return -1; /* we didn't find the given name in the array */ +} + +/* This is useful for debugging. It must be called in a critical section. */ +static void __dump_ghost_interfaces(void) +{ + int i; + int number_of_ghost_interfaces = 0; + + ghost_ptk("Ghost interfaces are now: "); + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(strcmp(ghost_interface_names[i], "")) { + number_of_ghost_interfaces++; + ghost_ptk("%i. %s", number_of_ghost_interfaces, + ghost_interface_names[i]); + } + + ghost_ptk("There are now %i ghost interfaces. " + "A maximum of %i can exist at any given time.", + number_of_ghost_interfaces, MAX_GHOST_INTERFACES_NO); +} + +/* Just check whether the given name belongs to a ghost interface. + This must be called in a critical section: */ +int __is_a_ghost_interface_name(const char *interface_name) +{ + /* Particular case: "" is *not* a ghost interface name, even + if it's in the ghost interfaces array (we use it just to mark + an empty slot): */ + if(interface_name[0] == '\0') + return 0; + /* Just check whether interface_name is an element of the array: */ + return __lookup_ghost_interface_names(interface_name) >= 0; +} + +/* Just check whether the given name belongs to a ghost interface: */ +int is_a_ghost_interface_name(const char *interface_name) +{ + int result; + LOCK_GHOSTIFICATION_FOR_READING; + /* Just check whether interface_name is an element of the array: */ + result = __is_a_ghost_interface_name(interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING; + return result; +} + +/* Make the given interface ghost. Return 0 on success, nonzero on + failure. Failure occours when the interface is already ghost or + does not exist: */ +static int ghostify_interface(char *interface_name) +{ + int a_free_element_index; + const size_t name_length = strlen(interface_name); + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + + /* Let's avoid buffer overflows... This could possibly be exploited: */ + if((name_length >= IFNAMSIZ) || (name_length == 0)) + { + ghost_ptk("The user asked to ghostify the interface %s, " + "which has a name of length %i. Failing.", + interface_name, name_length); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EINVAL; + } + + /* Fail if the interface is already ghostified. In particular we + want *no* duplicates in the array. Note that we're already in + a critical section here, so there's no need for locking: */ + if(__is_a_ghost_interface_name(interface_name)) + { + ghost_ptk("Could not ghostify the interface %s, " + "because it\'s already ghost.", interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EEXIST; /* File exists, seems to be more appropriate */ + /* return -EINVAL; */ + } + + /* Fail if the interface is not found. We don't want add a + no-existing interface in our array */ + struct net_device *device; + device = dev_get_by_name(&init_net, interface_name); + if (device == NULL) { + ghost_ptk("Could not ghostify the interface %s which " + "doesn't exist. Try again.", interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENODEV; + } + + /* Look for a free spot: */ + a_free_element_index = __lookup_ghost_interface_names(""); + if(a_free_element_index < 0) + { + ghost_ptk("Could not ghostify the interface %s, " + "because %i interfaces are already ghostified. Sorry.", + interface_name, MAX_GHOST_INTERFACES_NO); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENOMEM; + } + + /* Ok, we found a free spot; just copy the interface name: */ + strcpy(ghost_interface_names[a_free_element_index], interface_name); + +#ifdef CONFIG_IPV6 + /* Hide /proc/net/dev_snmp6/DEVICE for the new ghost DEVICE: */ + hide_proc_net_dev_snmp6_DEVICE_if_needed( + ghost_interface_names[a_free_element_index]); +#endif /* CONFIG_IPV6 */ + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} + +/* Make the given interface, which should be ghost, non-ghost. + Return 0 on success, nonzero on failure. Failure occours when + the given interface is non-ghost or does not exist: */ +static int unghostify_interface(char *ghost_interface_name) +{ + int the_interface_index; + struct net_device *device; + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + + /* Fail if the interface is not found. It is not necessary + to search in the array a no-existing interface and allow + to return a more appropriate error code to the userspace. */ + device = dev_get_by_name(&init_net, ghost_interface_name); + if (device == NULL) { + ghost_ptk("Could not unghostify the interface %s " + "which doesn't exist. Try again.\n", ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENODEV; + } + + /* Look for the given interface: */ + the_interface_index = + __lookup_ghost_interface_names(ghost_interface_name); + if(the_interface_index < 0) + { + ghost_ptk("Could not unghostify the interface %s, \ + because it's non-ghost or not existing.\n", + ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ESRCH; /* No such device or address, seems to be more appropriate */ + /* return -EINVAL; */ + } + + /* Ok, we found the interface: just "remove" its name from the array: */ + ghost_interface_names[the_interface_index][0] = '\0'; + +#ifdef CONFIG_IPV6 + /* Show again /proc/net/dev_snmp6/DEVICE for the now non-ghost DEVICE: */ + show_proc_net_dev_snmp6_DEVICE_if_needed(ghost_interface_name); +#endif /* CONFIG_IPV6 */ + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} +EXPORT_SYMBOL(is_a_ghost_interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + +/* + * (ghost support) End of ghostification support + */ + + +/* * The list of packet types we will receive (as opposed to discard) * and the routines to invoke. * @@ -536,6 +763,13 @@ { int ints[5]; struct ifmap map; + /* (ghost support) There are no ghost interfaces by default */ +#ifdef CONFIG_GHOSTIFICATION + int i; + + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + ghost_interface_names[i][0] = '\0'; +#endif /* CONFIG_GHOSTIFICATION */ str = get_options(str, ARRAY_SIZE(ints), ints); if (!str || !*str) @@ -2851,11 +3085,20 @@ len = ifc.ifc_len; /* - * Loop over the interfaces, and write an info block for each. + * Loop over the interfaces, and write an info block for each, + * (ghost support) unless they are ghostified. */ total = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* Don't tell the user about ghost interfaces: just skip them */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Skipping the ghost interface %s in SIOCGIFCONF", + dev->name); + continue; + } +#endif /* CONFIG_GHOSTIFICATION */ for (i = 0; i < NPROTO; i++) { if (gifconf_list[i]) { int done; @@ -2924,6 +3167,10 @@ { const struct net_device_stats *stats = dev_get_stats(dev); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't show anything in /proc if iface is ghostified */ + if(! is_a_ghost_interface_name(dev->name)) +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(seq, "%6s:%8lu %7lu %4lu %4lu %4lu %5lu %10lu %9lu " "%8lu %7lu %4lu %4lu %4lu %5lu %7lu %10lu\n", dev->name, stats->rx_bytes, stats->rx_packets, @@ -3803,6 +4050,16 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) skip if it is a ghostified interface */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("The user is performing a SIOCxIFxxx ioctl() " + "on the ghost interface %s, Failing.", dev->name); + ghost_debugmsg("we make the SIOCxIFxxx ioctl's call fail with -ENODEV"); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + switch (cmd) { case SIOCGIFFLAGS: /* Get interface flags */ ifr->ifr_flags = dev_get_flags(dev); @@ -3873,6 +4130,17 @@ ops = dev->netdev_ops; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) skip if it is a ghostified interface */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("The user is performing a SIOCxIFxxx ioctl() on " + "the ghost interface %s, Failing.", dev->name); + ghost_debugmsg("we make the SIOCxIFxxx ioctl's call fail " + "with -ENODEV"); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + switch (cmd) { case SIOCSIFFLAGS: /* Set interface flags */ return dev_change_flags(dev, ifr->ifr_flags); @@ -4015,6 +4283,57 @@ */ switch (cmd) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) catch ghostification's ioctl */ + case SIOKLOG: { + char text[1000]; + if(copy_from_user(text, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + text[IFNAMSIZ] = '\0'; + printk(KERN_DEBUG "%s\n", text); + return 0; + } + /* (un)ghostification ops require superuser power */ + case SIOCGIFGHOSTIFY: { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, + (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + ghost_ptk("The user asked to ghostify the interface %s.", + interface_name); + if((failure = ghostify_interface(interface_name)) == 0) + ghost_ptk("Ok, %s was ghostified.", + interface_name); + else + ghost_ptk("Failure in ghostification of %s.", + interface_name); + return failure; + } + case SIOCGIFUNGHOSTIFY: { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + ghost_ptk("The user asked to unghostify the interface %s.", + interface_name); + if((failure = unghostify_interface(interface_name)) == 0) + ghost_ptk("Ok, %s was unghostified.", + interface_name); + else + ghost_ptk("Failure in unghostification of %s.", + interface_name); + return failure; + } + /* end of ghostficiation ioctl */ +#endif /* CONFIG_GHOSTIFICATION */ + /* * These ioctl calls: * - can be done by all. diff -rNuad linux-2.6.29/net/core/dev_mcast.c linux-2.6.29-ghost/net/core/dev_mcast.c --- linux-2.6.29/net/core/dev_mcast.c 2009-03-23 23:12:14.000000000 +0000 +++ linux-2.6.29-ghost/net/core/dev_mcast.c 2009-11-26 22:38:27.000000000 +0000 @@ -14,6 +14,8 @@ * Alan Cox : IFF_ALLMULTI support. * Alan Cox : New format set_multicast_list() calls. * Gleb Natapov : Remove dev_mc_lock. + * Luca Saiu : trivial changes for + * ghostification support. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -48,6 +50,9 @@ #include #include +#ifdef CONFIG_GHOSTIFICATION +#include +#endif /* CONFIG_GHOSTIFICATION */ /* * Device multicast list maintenance. @@ -167,7 +172,15 @@ netif_addr_lock_bh(dev); for (m = dev->mc_list; m; m = m->next) { int i; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information + in /proc about ghost interfaces */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Don't show any information in /proc " + "about ghostified interface"); + continue; + } +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(seq, "%-4d %-15s %-5d %-5d ", dev->ifindex, dev->name, m->dmi_users, m->dmi_gusers); diff -rNuad linux-2.6.29/net/core/rtnetlink.c linux-2.6.29-ghost/net/core/rtnetlink.c --- linux-2.6.29/net/core/rtnetlink.c 2009-03-23 23:12:14.000000000 +0000 +++ linux-2.6.29-ghost/net/core/rtnetlink.c 2009-11-26 22:38:27.000000000 +0000 @@ -12,8 +12,12 @@ * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * - * Fixes: + * Fixes: * Vitaly E. Lavrov RTA_OK arithmetics was wrong. + * + * Changes: + * Roudiere Jonathan Some changes + * to ghost support, to allow to hide ghost net interfaces */ #include @@ -53,6 +57,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + struct rtnl_link { rtnl_doit_func doit; @@ -106,7 +115,10 @@ static rtnl_doit_func rtnl_get_doit(int protocol, int msgindex) { struct rtnl_link *tab; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("protocol = %i and msgindex %i ",protocol, msgindex); +#endif tab = rtnl_msg_handlers[protocol]; if (tab == NULL || tab[msgindex].doit == NULL) tab = rtnl_msg_handlers[PF_UNSPEC]; @@ -117,7 +129,10 @@ static rtnl_dumpit_func rtnl_get_dumpit(int protocol, int msgindex) { struct rtnl_link *tab; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("protocol = %i and msgindex %i ",protocol, msgindex); +#endif tab = rtnl_msg_handlers[protocol]; if (tab == NULL || tab[msgindex].dumpit == NULL) tab = rtnl_msg_handlers[PF_UNSPEC]; @@ -460,6 +475,12 @@ { struct sock *rtnl = net->rtnl; int report = 0; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add inforation to devel patch */ + ghost_develmsg("pid = %i, nlh->nlmsg_pid = %i, nlh->nlmsg_type %i " + "and nlh->nlmsg_seq = %i", pid, nlh->nlmsg_pid, + nlh->nlmsg_type, nlh->nlmsg_seq); +#endif if (nlh) report = nlmsg_report(nlh); @@ -616,6 +637,20 @@ if (nlh == NULL) return -EMSGSIZE; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("pid = %i, nlh->nlmsg_pid = %i, nlh->nlmsg_type " + "= %i, seq = %i and nlh->nlmsg_seq = %i", + pid, nlh->nlmsg_pid, nlh->nlmsg_type, + seq, nlh->nlmsg_seq); + ghost_develmsg("dev->name = %s and dev->ifindex = %i", + dev->name, + dev->ifindex); + /* function whose call rtnl_fill_ifinfo has been modified, except + rtmsg_ifinfo so if it will be necessary to skip ghost iface here then + keep in your mind to test pid because if it is eq. to 0 then it is a + kernel request (else user request) and we don't want disturbe its work. */ +#endif ifm = nlmsg_data(nlh); ifm->ifi_family = AF_UNSPEC; ifm->__ifi_pad = 0; @@ -690,6 +725,24 @@ idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) function which encapsulates calls to + * rtnl_fill_ifinfo and which is call after rtnl_get_doit/dumpit, + * use to dump list of network interfaces (as used by "ip link") + */ + ghost_develmsg("for_each_netdev, current net_device is %s", + dev->name); + ghost_develmsg("netlink cb pid = %i, cb nlh->nlmsg_type = %i, " + "cb familly/proto = %i, cb nlh->nlmsg_pid %i", + NETLINK_CB(cb->skb).pid, cb->nlh->nlmsg_type, + cb->family, cb->nlh->nlmsg_pid); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Hide ghotified interface (%s) in the dump", + dev->name); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if (rtnl_fill_ifinfo(skb, dev, RTM_NEWLINK, @@ -941,6 +994,18 @@ err = -ENODEV; goto errout; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it + with user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change state/parameters of a ghotified " + "interface (%s), skip", dev->name); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ if ((err = validate_linkmsg(dev, tb)) < 0) goto errout_dev; @@ -979,6 +1044,17 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it + with user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change dell a ghotified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ ops = dev->rtnl_link_ops; if (!ops) @@ -1181,6 +1257,17 @@ dev = dev_get_by_index(net, ifm->ifi_index); if (dev == NULL) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it with + user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get infos about a ghotified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ } else return -EINVAL; @@ -1235,6 +1322,8 @@ struct sk_buff *skb; int err = -ENOBUFS; + /* (ghost support) call rtnl_fill_ifinfo so maybe it + is need here to modify, in order to skip ghost iface */ skb = nlmsg_new(if_nlmsg_size(dev), GFP_KERNEL); if (skb == NULL) goto errout; @@ -1269,6 +1358,11 @@ int err; type = nlh->nlmsg_type; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("Enter, nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i and nlh->nlmsg_seq = %i ", + nlh->nlmsg_pid, nlh->nlmsg_seq, nlh->nlmsg_seq); +#endif /* CONFIG_GHOSTIFICATION */ + if (type > RTM_MAX) return -EOPNOTSUPP; @@ -1288,14 +1382,21 @@ if (kind != 2 && security_netlink_recv(skb, CAP_NET_ADMIN)) return -EPERM; + /* (ghost support) kind = 2 then imply RTM_GETLINK has been used */ if (kind == 2 && nlh->nlmsg_flags&NLM_F_DUMP) { struct sock *rtnl; rtnl_dumpit_func dumpit; + /* (ghost support) then rtnl_get_dumpit return pointer to the appropriate + function for this family and this type take in rtnl_msg_handler[] */ dumpit = rtnl_get_dumpit(family, type); if (dumpit == NULL) return -EOPNOTSUPP; - +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("Part 1: rtnl_get_dumpit(family %i, type %i) " + "is used before call to netlink_dump_start", + family,type); +#endif /* CONFIG_GHOSTIFICATION */ __rtnl_unlock(); rtnl = net->rtnl; err = netlink_dump_start(rtnl, skb, nlh, dumpit, NULL); @@ -1327,6 +1428,11 @@ doit = rtnl_get_doit(family, type); if (doit == NULL) return -EOPNOTSUPP; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) rtnl_get_doit return pointer to the appropriate + function for this family and this type take in rtnl_msg_handler[] */ + ghost_develmsg("Part 2: rtnl_get_doit(family %i, type %i)", family, type); +#endif /* CONFIG_GHOSTIFICATION */ return doit(skb, nlh, (void *)&rta_buf[0]); } @@ -1342,6 +1448,10 @@ { struct net_device *dev = ptr; + /* (ghost support) if we want provide a ghost's way to modify + the state of a ghost iface, it will be necessary to skip event + reports involing ghost iface (actually any changes are possible + if the iface is ghostified so there is nothing to report) */ switch (event) { case NETDEV_UNREGISTER: rtmsg_ifinfo(RTM_DELLINK, dev, ~0U); diff -rNuad linux-2.6.29/net/ipv4/arp.c linux-2.6.29-ghost/net/ipv4/arp.c --- linux-2.6.29/net/ipv4/arp.c 2009-03-23 23:12:14.000000000 +0000 +++ linux-2.6.29-ghost/net/ipv4/arp.c 2009-11-26 22:38:27.000000000 +0000 @@ -70,6 +70,8 @@ * bonding can change the skb before * sending (e.g. insert 8021q tag). * Harald Welte : convert to make use of jenkins hash + * Luca Saiu @@ -116,6 +118,11 @@ struct neigh_table *clip_tbl_hook; #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include #include @@ -1309,9 +1316,21 @@ } #endif sprintf(tbuf, "%pI4", n->primary_key); +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) Don't show anything in /proc if it involves +ghost interfaces: */ + if (! is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Don't show any arp information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", + tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); + read_unlock(&n->lock); + } +#else seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", - tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); + tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); read_unlock(&n->lock); +#endif /* CONFIG_GHOSTIFICATION */ } static void arp_format_pneigh_entry(struct seq_file *seq, @@ -1322,9 +1341,21 @@ char tbuf[16]; sprintf(tbuf, "%pI4", n->key); +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) Don't show anything in /proc if it involves + ghost interfaces */ + if (! is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Don't show any arp information in /proc " + "about ghostified interfaces (2)."); + seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", + tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", + dev ? dev->name : "*"); + } +#else seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", - tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", - dev ? dev->name : "*"); + tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", + dev ? dev->name : "*"); +#endif /* CONFIG_GHOSTIFICATION */ } static int arp_seq_show(struct seq_file *seq, void *v) diff -rNuad linux-2.6.29/net/ipv4/devinet.c linux-2.6.29-ghost/net/ipv4/devinet.c --- linux-2.6.29/net/ipv4/devinet.c 2009-03-23 23:12:14.000000000 +0000 +++ linux-2.6.29-ghost/net/ipv4/devinet.c 2009-11-26 22:38:27.000000000 +0000 @@ -23,6 +23,9 @@ * address (4.4BSD alias style support), * fall back to comparing just the label * if no match found. + * Roudiere Jonathan : + * some changes to ghost support, skip + * request involving a ghostified iface. */ @@ -62,6 +65,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + static struct ipv4_devconf ipv4_devconf = { .data = { [NET_IPV4_CONF_ACCEPT_REDIRECTS - 1] = 1, @@ -448,6 +456,16 @@ err = -ENODEV; goto errout; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("in_dev->dev->name = %s", in_dev->dev->name); + if (is_a_ghost_interface_name(in_dev->dev->name)) { + ghost_ptk("Try to delete address on a ghostified interface (%s), skip", + (in_dev->dev->name)); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ __in_dev_put(in_dev); @@ -497,6 +515,17 @@ if (dev == NULL) goto errout; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("(dev->name) = %s ", (dev->name)); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change/modfy address on a ghostified interface (%s), skip", + (dev->name)); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ + in_dev = __in_dev_get_rtnl(dev); err = -ENOBUFS; if (in_dev == NULL) @@ -546,6 +575,12 @@ ASSERT_RTNL(); + /* (ghost support) don't modify this funct but directly + rtm_to_ifaddr, as for others funct, with user-levels tools + (as iproute) we normaly never arrive here (because a dump + all ifaces is perform before and func which make the dump + has been modified (but we want prevent user tool request + the ghost iface directly */ ifa = rtm_to_ifaddr(net, nlh); if (IS_ERR(ifa)) return PTR_ERR(ifa); @@ -1161,6 +1196,15 @@ s_ip_idx = ip_idx = cb->args[1]; idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION /* _VERIFICATION_NEED_ */ + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("dev->name = %s", dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get address on a ghostified interface (%s), skip", + (dev->name)); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if (idx > s_idx) diff -rNuad linux-2.6.29/net/ipv4/fib_frontend.c linux-2.6.29-ghost/net/ipv4/fib_frontend.c --- linux-2.6.29/net/ipv4/fib_frontend.c 2009-03-23 23:12:14.000000000 +0000 +++ linux-2.6.29-ghost/net/ipv4/fib_frontend.c 2009-11-26 22:38:27.000000000 +0000 @@ -6,6 +6,10 @@ * IPv4 Forwarding Information Base: FIB frontend. * * Authors: Alexey Kuznetsov, + * Luca Saiu (simple changes for ghostification + * support). + * Roudiere Jonathan (some display + * and comment for ghostification in rtnetlink functions). * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -45,6 +49,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #ifndef CONFIG_IP_MULTIPLE_TABLES static int __net_init fib4_rules_init(struct net *net) @@ -451,6 +460,11 @@ * Handle IP routing ioctl calls. These are used to manipulate the routing tables */ +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) A function implemented in net/core/dev.c */ +int is_a_ghost_interface_name(const char *interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + int ip_rt_ioctl(struct net *net, unsigned int cmd, void __user *arg) { struct fib_config cfg; @@ -465,6 +479,22 @@ if (copy_from_user(&rt, arg, sizeof(rt))) return -EFAULT; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Forbid any action involving a ghost interface */ + if (rt.rt_dev != (char __user*)NULL) { + /* We need to have this name in kernel space to check + for ghostification: */ + char interface_name[1000]; /* [IFNAMSIZ+1] is certainly sufficient */ + if(copy_from_user(interface_name, rt.rt_dev, IFNAMSIZ + 1)) + return -EFAULT; + if(is_a_ghost_interface_name(interface_name)) { + ghost_ptk("The user aked to add a route involving the " + "ghost interface %s. We make this operation fail", + interface_name); + return -ENODEV; + } + } +#endif /* CONFIG_GHOSTIFICATION */ rtnl_lock(); err = rtentry_to_fib_config(net, cmd, &rt, &cfg); @@ -473,12 +503,18 @@ if (cmd == SIOCDELRT) { tb = fib_get_table(net, cfg.fc_table); + /* (ghost support) The function pointed by tb->tb_delete was + also modified to deal with ghost interfaces. Such function + may be either fn_hash_delete() or fn_trie_delete() */ if (tb) err = tb->tb_delete(tb, &cfg); else err = -ESRCH; } else { tb = fib_new_table(net, cfg.fc_table); + /* (ghost support) The function pointed by tb->tb_insert was + also modified to deal with ghost interfaces. Such function + may be either fn_hash_insert() or fn_trie_insert() */ if (tb) err = tb->tb_insert(tb, &cfg); else @@ -585,6 +621,16 @@ struct fib_table *tb; int err; + /* + * (ghost support) add infos for patch devel, we don't modify + * inet_rtm_newroute but instead functions pointed by tb->tb_delete, + * either fn_hash_delete() (in fib_hash.c) or fn_trie_delete() + * (in fib_trie.c) + */ + ghost_develmsg(" nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i " + "and nlh->nlmsg_type = %i", nlh->nlmsg_pid, + nlh->nlmsg_seq, nlh->nlmsg_type); + err = rtm_to_fib_config(net, skb, nlh, &cfg); if (err < 0) goto errout; @@ -607,6 +653,16 @@ struct fib_table *tb; int err; + /* + * (ghost support) add infos for patch devel, we don't modify + * inet_rtm_newroute but instead function pointed by tb->tb_insert, + * either fn_hash_insert() (in fib_hash.c) or fn_trie_insert() + * (in fib_trie.c) + */ + ghost_develmsg(" nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i " + "and nlh->nlmsg_type = %i", nlh->nlmsg_pid, + nlh->nlmsg_seq, nlh->nlmsg_type); + err = rtm_to_fib_config(net, skb, nlh, &cfg); if (err < 0) goto errout; @@ -622,6 +678,12 @@ return err; } +/* + * (ghost support) Fonction called through rtnetlink to dump + * all routes, we don't change anythings here, changes have + * been made in fib_semantics.c (in fib_dump_info which is + * called by fib_trie and fib_hash). + */ static int inet_dump_fib(struct sk_buff *skb, struct netlink_callback *cb) { struct net *net = sock_net(skb->sk); @@ -634,7 +696,7 @@ if (nlmsg_len(cb->nlh) >= sizeof(struct rtmsg) && ((struct rtmsg *) nlmsg_data(cb->nlh))->rtm_flags & RTM_F_CLONED) - return ip_rt_dump(skb, cb); + return ip_rt_dump(skb, cb); /* (ghost support) need modify this func */ s_h = cb->args[0]; s_e = cb->args[1]; @@ -659,6 +721,9 @@ cb->args[1] = e; cb->args[0] = h; + /* (ghost support) Length returned can be changed by + fib_dump_info when a route of a ghositifed iface is + lookup (skb length may be abnormal, diff of mod(240)) */ return skb->len; } diff -rNuad linux-2.6.29/net/ipv4/fib_hash.c linux-2.6.29-ghost/net/ipv4/fib_hash.c --- linux-2.6.29/net/ipv4/fib_hash.c 2009-03-23 23:12:14.000000000 +0000 +++ linux-2.6.29-ghost/net/ipv4/fib_hash.c 2009-11-26 22:38:27.000000000 +0000 @@ -6,6 +6,11 @@ * IPv4 FIB: lookup engine and maintenance routines. * * Authors: Alexey Kuznetsov, + * Luca Saiu (simple changes for ghostification + * support). + * Roudiere Jonathan (bugfixes, + * forgetting ghost support in the function fn_hash_insert, bad + * field check in fib_seq_show). * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -41,6 +46,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "fib_lookup.h" static struct kmem_cache *fn_hash_kmem __read_mostly; @@ -397,6 +407,18 @@ if (IS_ERR(fi)) return PTR_ERR(fi); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for route involving + ghostified interface, current funct is pointed by tb->tb_insert */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + if (fz->fz_nent > (fz->fz_divisor<<1) && fz->fz_divisor < FZ_MAX_DIVISOR && (cfg->fc_dst_len == 32 || @@ -580,7 +602,17 @@ fa = list_entry(fa->fa_list.prev, struct fib_alias, fa_list); list_for_each_entry_continue(fa, &f->fn_alias, fa_list) { struct fib_info *fi = fa->fa_info; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for route involving + ghostified interface, current funct is pointed by tb->tb_delete */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ if (fa->fa_tos != cfg->fc_tos) break; @@ -1022,19 +1054,39 @@ prefix = f->fn_key; mask = FZ_MASK(iter->zone); flags = fib_flag_trans(fa->fa_type, mask, fi); - if (fi) + if (fi) + { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't display any informations about + ghostified interfaces under /proc/net/route, bf */ + if (! is_a_ghost_interface_name((const char*)fi->fib_dev->name)) + { + ghost_ptk("Don't display routes for a ghostified " + "interface (%s) /proc/net/route", + (const char*)fi->fib_dev->name); + seq_printf(seq, + "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", prefix, + fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, + mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); + } +#else seq_printf(seq, - "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", - fi->fib_dev ? fi->fib_dev->name : "*", prefix, - fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, - mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), - fi->fib_window, - fi->fib_rtt >> 3, &len); - else + "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", prefix, + fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, + mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); +#endif /* CONFIG_GHOSTIFICATION */ + } + else { seq_printf(seq, - "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", - prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); - + "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); + } seq_printf(seq, "%*s\n", 127 - len, ""); out: return 0; diff -rNuad linux-2.6.29/net/ipv4/fib_semantics.c linux-2.6.29-ghost/net/ipv4/fib_semantics.c --- linux-2.6.29/net/ipv4/fib_semantics.c 2009-03-23 23:12:14.000000000 +0000 +++ linux-2.6.29-ghost/net/ipv4/fib_semantics.c 2009-11-26 22:38:27.000000000 +0000 @@ -11,6 +11,9 @@ * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. + * Changes: + * Roudiere Jonathan trivial + * change for ghostification. */ #include @@ -43,6 +46,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "fib_lookup.h" static DEFINE_SPINLOCK(fib_info_lock); @@ -953,6 +961,23 @@ if (nlh == NULL) return -EMSGSIZE; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) function call by fib_trie and fib_hash to dump route, + * in most case we won't arrive here with usertools (like iproute), because + * modification in rtnl_dump_ifinfo hide iface and modif here may be not really + * proper because put abnormal length in the skb->len return by inet_dump_fib + * (used without error..) if pid != 0 then user talks else that is the kernel; + */ + if (pid != 0) + if (is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Try to get route about ghost iface (%s), skip", + fi->fib_dev->name); + /* return -EMSGSIZE; don't use this because that stops evaluation */ + return nlmsg_end(skb, nlh); + } +#endif /* CONFIG_GHOSTIFICATION */ + rtm = nlmsg_data(nlh); rtm->rtm_family = AF_INET; rtm->rtm_dst_len = dst_len; diff -rNuad linux-2.6.29/net/ipv4/fib_trie.c linux-2.6.29-ghost/net/ipv4/fib_trie.c --- linux-2.6.29/net/ipv4/fib_trie.c 2009-03-23 23:12:14.000000000 +0000 +++ linux-2.6.29-ghost/net/ipv4/fib_trie.c 2009-11-26 22:38:27.000000000 +0000 @@ -12,6 +12,12 @@ * * Hans Liss Uppsala Universitet * + * Luca Saiu (simple changes for ghostification + * support) + * Roudiere Jonathan (bugfixes, + * forgetting ghost support in the function fn_trie_insert, bad + * field check in fib_route_seq_show). + * * This work is based on the LPC-trie which is originally descibed in: * * An experimental study of compression methods for dynamic tries @@ -80,6 +86,11 @@ #include #include "fib_lookup.h" +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define MAX_STAT_DEPTH 32 #define KEYLENGTH (8*sizeof(t_key)) @@ -1195,6 +1206,18 @@ goto err; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for + route involving ghostified interface */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + l = fib_find_node(t, key); fa = NULL; @@ -1623,7 +1646,17 @@ fa = list_entry(fa->fa_list.prev, struct fib_alias, fa_list); list_for_each_entry_continue(fa, fa_head, fa_list) { struct fib_info *fi = fa->fa_info; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for + route involving ghostified interface */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ if (fa->fa_tos != tos) break; @@ -2583,7 +2616,28 @@ || fa->fa_type == RTN_MULTICAST) continue; - if (fi) + if (fi) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't display any informations about + ghostified interfaces under /proc/net/route, bf */ + if (! is_a_ghost_interface_name((const char*)fi->fib_dev->name)) { + ghost_ptk("Don't display routes for a ghostified " + "interface (%s) in /proc/net/route", + (const char*)fi->fib_dev->name); + seq_printf(seq, + "%s\t%08X\t%08X\t%04X\t%d\t%u\t" + "%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", + prefix, + fi->fib_nh->nh_gw, flags, 0, 0, + fi->fib_priority, + mask, + (fi->fib_advmss ? + fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); + } +#else seq_printf(seq, "%s\t%08X\t%08X\t%04X\t%d\t%u\t" "%d\t%08X\t%d\t%u\t%u%n", @@ -2596,13 +2650,14 @@ fi->fib_advmss + 40 : 0), fi->fib_window, fi->fib_rtt >> 3, &len); - else +#endif /* CONFIG_GHOSTIFICATION */ + } else { seq_printf(seq, "*\t%08X\t%08X\t%04X\t%d\t%u\t" "%d\t%08X\t%d\t%u\t%u%n", prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); - + } seq_printf(seq, "%*s\n", 127 - len, ""); } } diff -rNuad linux-2.6.29/net/ipv4/igmp.c linux-2.6.29-ghost/net/ipv4/igmp.c --- linux-2.6.29/net/ipv4/igmp.c 2009-03-23 23:12:14.000000000 +0000 +++ linux-2.6.29-ghost/net/ipv4/igmp.c 2009-11-26 22:38:27.000000000 +0000 @@ -68,6 +68,8 @@ * Alexey Kuznetsov: Accordance to igmp-v2-06 draft. * David L Stevens: IGMPv3 support, with help from * Vinay Kulkarni + * Luca Saiu : trivial changes for ghostification + * support */ #include @@ -105,6 +107,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define IP_MAX_MEMBERSHIPS 20 #define IP_MAX_MSF 10 @@ -2387,8 +2394,18 @@ #endif if (state->in_dev->mc_list == im) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if(! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, "%d\t%-10s: %5d %7s\n", + state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier); + } +#else seq_printf(seq, "%d\t%-10s: %5d %7s\n", state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier); +#endif /* CONFIG_GHOSTIFICATION */ } seq_printf(seq, @@ -2550,14 +2567,30 @@ "Device", "MCA", "SRC", "INC", "EXC"); } else { - seq_printf(seq, - "%3d %6.6s 0x%08x " - "0x%08x %6lu %6lu\n", - state->dev->ifindex, state->dev->name, - ntohl(state->im->multiaddr), - ntohl(psf->sf_inaddr), - psf->sf_count[MCAST_INCLUDE], - psf->sf_count[MCAST_EXCLUDE]); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if (! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp information in /proc " + "about ghostified interfaces (2)."); + seq_printf(seq, + "%3d %6.6s 0x%08x " + "0x%08x %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + ntohl(state->im->multiaddr), + ntohl(psf->sf_inaddr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); + } +#else + seq_printf(seq, + "%3d %6.6s 0x%08x " + "0x%08x %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + ntohl(state->im->multiaddr), + ntohl(psf->sf_inaddr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; } diff -rNuad linux-2.6.29/net/ipv4/route.c linux-2.6.29-ghost/net/ipv4/route.c --- linux-2.6.29/net/ipv4/route.c 2009-03-23 23:12:14.000000000 +0000 +++ linux-2.6.29-ghost/net/ipv4/route.c 2009-11-26 22:38:27.000000000 +0000 @@ -55,6 +55,9 @@ * Eric Dumazet : hashed spinlocks and rt_check_expire() fixes. * Ilia Sotnikov : Ignore TOS on PMTUD and Redirect * Ilia Sotnikov : Removed TOS from hash calculations + * Luca Saiu : trivial changes for ghostification support + * Roudiere Jonathan : ghost support to rtnetlink + * function, ghost bugfix (field) in rt_cache_seq_show * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -108,6 +111,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define RT_FL_TOS(oldflp) \ ((u32)(oldflp->fl4_tos & (IPTOS_RT_MASK | RTO_ONLINK))) @@ -375,6 +383,14 @@ "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t" "HHUptod\tSpecDst"); else { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Dont't display informations about ghost ifaces, bf */ + if(is_a_ghost_interface_name((const char*)((struct rtable*)v)->u.dst.dev->name)) { + ghost_ptk("Don't display routing informations about ghost interface (%s)", + ((const char*)((struct rtable*)v)->u.dst.dev->name)); + return 0; + } +#endif /* CONFIG_GHOSTIFICATION */ struct rtable *r = v; int len; @@ -392,11 +408,11 @@ r->fl.fl4_tos, r->u.dst.hh ? atomic_read(&r->u.dst.hh->hh_refcnt) : -1, r->u.dst.hh ? (r->u.dst.hh->hh_output == - dev_queue_xmit) : 0, + dev_queue_xmit) : 0, r->rt_spec_dst, &len); seq_printf(seq, "%*s\n", 127 - len, ""); - } + } return 0; } @@ -2812,8 +2828,13 @@ r->rtm_src_len = 32; NLA_PUT_BE32(skb, RTA_SRC, rt->fl.fl4_src); } - if (rt->u.dst.dev) + if (rt->u.dst.dev) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) */ + ghost_develmsg("Net device is = %s ",rt->u.dst.dev->name); +#endif NLA_PUT_U32(skb, RTA_OIF, rt->u.dst.dev->ifindex); + } #ifdef CONFIG_NET_CLS_ROUTE if (rt->u.dst.tclassid) NLA_PUT_U32(skb, RTA_FLOW, rt->u.dst.tclassid); @@ -2896,7 +2917,7 @@ err = -ENOBUFS; goto errout; } - + /* Reserve room for dummy headers, this skb can pass through good chunk of routing engine. */ @@ -2918,6 +2939,17 @@ if (dev == NULL) { err = -ENODEV; goto errout_free; + +#ifdef CONFIG_GHOSTIFICATION + ghost_debugmsg("Net device is %s ", dev->name); + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get a route involving a ghostified " + "interface (%s), skip", dev->name); + err = -ENODEV; + goto errout_free; + } +#endif /* CONFIG_GHOSTIFICATION */ } skb->protocol = htons(ETH_P_IP); @@ -2943,13 +2975,31 @@ err = ip_route_output_key(net, &rt, &fl); } - if (err) + if (err) { goto errout_free; + } skb->rtable = rt; if (rtm->rtm_flags & RTM_F_NOTIFY) rt->rt_flags |= RTCF_NOTIFY; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't allow get ops for route + involving a ghostified interface, unnecessary test ..(rt) */ + if (rt) { + if (rt->u.dst.dev) { + ghost_debugmsg("Net device is %s ",rt->u.dst.dev->name); + if (is_a_ghost_interface_name(rt->u.dst.dev->name)) { + ghost_ptk("Try to get a route involving a ghostified " + "interface (%s), skip", + rt->u.dst.dev->name); + err = -ENETUNREACH; + goto errout_free; + } + } + } +#endif /* CONFIG_GHOSTIFICATION */ + err = rt_fill_info(skb, NETLINK_CB(in_skb).pid, nlh->nlmsg_seq, RTM_NEWROUTE, 0, 0); if (err <= 0) @@ -2964,6 +3014,8 @@ goto errout; } +/* (ghost support) maybe it will be necessary to modify +this func which is call in fib_frontend.c */ int ip_rt_dump(struct sk_buff *skb, struct netlink_callback *cb) { struct rtable *rt; diff -rNuad linux-2.6.29/net/ipv6/Kconfig linux-2.6.29-ghost/net/ipv6/Kconfig --- linux-2.6.29/net/ipv6/Kconfig 2009-03-23 23:12:14.000000000 +0000 +++ linux-2.6.29-ghost/net/ipv6/Kconfig 2009-11-26 22:38:27.000000000 +0000 @@ -4,8 +4,8 @@ # IPv6 as module will cause a CRASH if you try to unload it menuconfig IPV6 - tristate "The IPv6 protocol" - default m + bool "The IPv6 protocol" + default y ---help--- This is complemental support for the IP version 6. You will still be able to do traditional IPv4 networking as well. @@ -16,6 +16,10 @@ For specific information about IPv6 under Linux, read the HOWTO at . + Ghostification notes: + ===================== + IPV6 can not be built in module with ghost support. + To compile this protocol support as a module, choose M here: the module will be called ipv6. @@ -68,7 +72,7 @@ If unsure, say N. config INET6_AH - tristate "IPv6: AH transformation" + bool "IPv6: AH transformation" select XFRM select CRYPTO select CRYPTO_HMAC @@ -80,7 +84,7 @@ If unsure, say Y. config INET6_ESP - tristate "IPv6: ESP transformation" + bool "IPv6: ESP transformation" select XFRM select CRYPTO select CRYPTO_AUTHENC @@ -95,7 +99,7 @@ If unsure, say Y. config INET6_IPCOMP - tristate "IPv6: IPComp transformation" + bool "IPv6: IPComp transformation" select INET6_XFRM_TUNNEL select XFRM_IPCOMP ---help--- @@ -105,7 +109,7 @@ If unsure, say Y. config IPV6_MIP6 - tristate "IPv6: Mobility (EXPERIMENTAL)" + bool "IPv6: Mobility (EXPERIMENTAL)" depends on EXPERIMENTAL select XFRM ---help--- @@ -114,16 +118,16 @@ If unsure, say N. config INET6_XFRM_TUNNEL - tristate + bool select INET6_TUNNEL default n config INET6_TUNNEL - tristate + bool default n config INET6_XFRM_MODE_TRANSPORT - tristate "IPv6: IPsec transport mode" + bool "IPv6: IPsec transport mode" default IPV6 select XFRM ---help--- @@ -132,7 +136,7 @@ If unsure, say Y. config INET6_XFRM_MODE_TUNNEL - tristate "IPv6: IPsec tunnel mode" + bool "IPv6: IPsec tunnel mode" default IPV6 select XFRM ---help--- @@ -141,7 +145,7 @@ If unsure, say Y. config INET6_XFRM_MODE_BEET - tristate "IPv6: IPsec BEET mode" + bool "IPv6: IPsec BEET mode" default IPV6 select XFRM ---help--- @@ -150,14 +154,14 @@ If unsure, say Y. config INET6_XFRM_MODE_ROUTEOPTIMIZATION - tristate "IPv6: MIPv6 route optimization mode (EXPERIMENTAL)" + bool "IPv6: MIPv6 route optimization mode (EXPERIMENTAL)" depends on EXPERIMENTAL select XFRM ---help--- Support for MIPv6 route optimization mode. config IPV6_SIT - tristate "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" + bool "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" select INET_TUNNEL select IPV6_NDISC_NODETYPE default y @@ -174,7 +178,7 @@ bool config IPV6_TUNNEL - tristate "IPv6: IP-in-IPv6 tunnel (RFC2473)" + bool "IPv6: IP-in-IPv6 tunnel (RFC2473)" select INET6_TUNNEL ---help--- Support for IPv6-in-IPv6 and IPv4-in-IPv6 tunnels described in diff -rNuad linux-2.6.29/net/ipv6/addrconf.c linux-2.6.29-ghost/net/ipv6/addrconf.c --- linux-2.6.29/net/ipv6/addrconf.c 2009-03-23 23:12:14.000000000 +0000 +++ linux-2.6.29-ghost/net/ipv6/addrconf.c 2009-11-26 22:38:27.000000000 +0000 @@ -36,6 +36,9 @@ * YOSHIFUJI Hideaki @USAGI : improved source address * selection; consider scope, * status etc. + * Luca Saiu : ghostification support + * Roudiere Jonathan : ghost + * modify functions using (rt)netlink */ #include @@ -80,6 +83,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include #include @@ -445,6 +453,86 @@ return idev; } +/* + * (ghost support) Support to hide snmp6 proc infos. + */ +#ifdef CONFIG_GHOSTIFICATION +/* Utility procedure, needed for {show,hide}_proc_net_dev_snmp6_DEVICE_if_needed(). + Return a pointer to a valid inet6_dev structure on success, NULL on failure: */ +static struct inet6_dev* lookup_snmp6_device(const char *interface_name) +{ + struct net_device *device; + struct inet6_dev *idev; + + /* Lookup the device by name, obtaining an inet6_dev structure: */ + device = dev_get_by_name(&init_net, interface_name); + if(device == NULL) + return NULL; + rtnl_lock(); + idev = ipv6_find_idev(device); + rtnl_unlock(); + return idev; +} + +/* These are defined in net/ipv6/proc.c: */ +extern struct proc_dir_entry *proc_net_devsnmp6; +extern struct file_operations snmp6_seq_fops; + +/* Remove the virtual file /proc/net/dev_snmp6/DEVICE, unless + it's already hidden. Return 0 on success, nonzero on error: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name) +{ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + ghost_ptk("Hiding /proc/net/dev_snmp6/%s...", interface_name); + if(idev == NULL) /* lookup failed */ + return -EINVAL; + + /* Remove the proc/ entry, if any. If there was no entry + then remove_proc_entry() will fail, but it's ok for us: */ +#ifdef CONFIG_PROC_FS + if (!proc_net_devsnmp6) + return -ENOENT; + if (idev->stats.proc_dir_entry == NULL) + return -EINVAL; + remove_proc_entry(interface_name, proc_net_devsnmp6); +#endif /* CONFIG_PROC_FS */ + return 0; + //return snmp6_unregister_dev(idev); +} + +/* Create the virtual file /proc/net/dev_snmp6/DEVICE, unless + it's already shown. Return 0 on success, nonzero on error: */ +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name) +{ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + struct proc_dir_entry *proc_directory_entry; + ghost_ptk("Showing /proc/net/dev_snmp6/%s...", + interface_name); + if(idev == NULL) /* lookup failed */ + return -EINVAL; + if(idev->dev == NULL) /* I doubt this may happen... */ + return -EINVAL; +#ifdef CONFIG_PROC_FS + if(!proc_net_devsnmp6) /* there isn't any /proc/net/dev_snmp6 */ + return -ENOENT; + if((proc_directory_entry = create_proc_entry(interface_name, + S_IRUGO, proc_net_devsnmp6)) == NULL) + return -ENOMEM; + proc_directory_entry->data = idev; + proc_directory_entry->proc_fops = &snmp6_seq_fops; + idev->stats.proc_dir_entry = proc_directory_entry; +#endif /* CONFIG_PROC_FS */ + return 0; + /* return snmp6_register_dev(idev); */ +} +EXPORT_SYMBOL(show_proc_net_dev_snmp6_DEVICE_if_needed); +EXPORT_SYMBOL(hide_proc_net_dev_snmp6_DEVICE_if_needed); +#endif /* CONFIG_GHOSTIFICATION */ + +/* + * End of ghostification support + */ + #ifdef CONFIG_SYSCTL static void dev_forward_change(struct inet6_dev *idev) { @@ -2151,6 +2239,10 @@ return PTR_ERR(ifp); } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_addr_del(struct net *net, int ifindex, struct in6_addr *pfx, unsigned int plen) { @@ -2165,6 +2257,15 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to delete address on a ghostified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + if ((idev = __in6_dev_get(dev)) == NULL) return -ENXIO; @@ -2993,6 +3094,22 @@ static int if6_seq_show(struct seq_file *seq, void *v) { struct inet6_ifaddr *ifp = (struct inet6_ifaddr *)v; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information about ghost interfaces */ + if (is_a_ghost_interface_name(ifp->idev->dev->name)) { + ghost_ptk("Don't show informations about a ghostified " + "interface (%s) under /proc.", + ifp->idev->dev->name); + } else { + seq_printf(seq, "%pi6 %02x %02x %02x %02x %8s\n", + &ifp->addr, + ifp->idev->dev->ifindex, + ifp->prefix_len, + ifp->scope, + ifp->flags, + ifp->idev->dev->name); + } +#else seq_printf(seq, "%pi6 %02x %02x %02x %02x %8s\n", &ifp->addr, ifp->idev->dev->ifindex, @@ -3000,6 +3117,8 @@ ifp->scope, ifp->flags, ifp->idev->dev->name); +#endif /* CONFIG_GHOSTIFICATION */ + return 0; } @@ -3207,6 +3326,10 @@ [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) }, }; +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { @@ -3224,7 +3347,9 @@ pfx = extract_addr(tb[IFA_ADDRESS], tb[IFA_LOCAL]); if (pfx == NULL) return -EINVAL; - + /* (ghost support) we could/should stop here a request involving a + ghostified interface but inet6_addr_del already do a part of our work + (get dev etc ..) so instead we modify inet6_addr_del */ return inet6_addr_del(net, ifm->ifa_index, pfx, ifm->ifa_prefixlen); } @@ -3273,6 +3398,10 @@ return 0; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { @@ -3310,6 +3439,15 @@ if (dev == NULL) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to add a address to a ghostified interface (%s). Failing.", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + /* We ignore other flags so far. */ ifa_flags = ifm->ifa_flags & (IFA_F_NODAD | IFA_F_HOMEADDRESS); @@ -3475,6 +3613,12 @@ ANYCAST_ADDR, }; +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc; + * inet6_dump_addr is called by inet6_dump_{ifaddr,ifmcaddr,ifacaddr} + * and call the appropriate inet6_fill_* function. + */ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb, enum addr_type_t type) { @@ -3500,6 +3644,17 @@ ip_idx = 0; if ((idev = in6_dev_get(dev)) == NULL) goto cont; + +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get infos about addresses of a ghostified interface (%s), skip.", + dev->name); + goto cont; + /* return -ENODEV; don't use it */ + } +#endif /* CONFIG_GHOSTIFICATION */ + read_lock_bh(&idev->lock); switch (type) { case UNICAST_ADDR: @@ -3571,7 +3726,6 @@ return inet6_dump_addr(skb, cb, type); } - static int inet6_dump_ifacaddr(struct sk_buff *skb, struct netlink_callback *cb) { enum addr_type_t type = ANYCAST_ADDR; @@ -3579,6 +3733,10 @@ return inet6_dump_addr(skb, cb, type); } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_getaddr(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) { @@ -3605,6 +3763,17 @@ if (ifm->ifa_index) dev = __dev_get_by_index(net, ifm->ifa_index); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (dev) { + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get address of a ghostified interface (%s), skip.", + dev->name); + return -ENODEV; + } + } +#endif /* CONFIG_GHOSTIFICATION */ + if ((ifa = ipv6_get_ifaddr(net, addr, dev, 1)) == NULL) { err = -EADDRNOTAVAIL; goto errout; @@ -3812,6 +3981,10 @@ return -EMSGSIZE; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb) { struct net *net = sock_net(skb->sk); @@ -3823,6 +3996,14 @@ read_lock(&dev_base_lock); idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to dump address infos about a ghostified interface (%s), skip.", + dev->name); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if ((idev = in6_dev_get(dev)) == NULL) @@ -3850,7 +4031,6 @@ skb = nlmsg_new(inet6_if_nlmsg_size(), GFP_ATOMIC); if (skb == NULL) goto errout; - err = inet6_fill_ifinfo(skb, idev, 0, 0, event, 0); if (err < 0) { /* -EMSGSIZE implies BUG in inet6_if_nlmsg_size() */ diff -rNuad linux-2.6.29/net/ipv6/ip6_fib.c linux-2.6.29-ghost/net/ipv6/ip6_fib.c --- linux-2.6.29/net/ipv6/ip6_fib.c 2009-03-23 23:12:14.000000000 +0000 +++ linux-2.6.29-ghost/net/ipv6/ip6_fib.c 2009-11-26 22:38:27.000000000 +0000 @@ -275,6 +275,8 @@ #endif +/* (ghost support) iterate on net device, don't modify this function, +we can return ENODEV here, user-space tools (as ip) dump iface list before */ static int fib6_dump_node(struct fib6_walker_t *w) { int res; @@ -320,7 +322,6 @@ { struct fib6_walker_t *w; int res; - w = (void *)cb->args[2]; w->root = &table->tb6_root; diff -rNuad linux-2.6.29/net/ipv6/mcast.c linux-2.6.29-ghost/net/ipv6/mcast.c --- linux-2.6.29/net/ipv6/mcast.c 2009-11-26 20:48:39.000000000 +0000 +++ linux-2.6.29-ghost/net/ipv6/mcast.c 2009-11-26 22:42:51.000000000 +0000 @@ -24,6 +24,10 @@ * - MLD for link-local addresses. * David L Stevens : * - MLDv2 support + * Luca Saiu : + * - trivial changes for ghostification support + * Roudiere Jonathan + * - trivial changes to correct an forgetting */ #include @@ -61,6 +65,11 @@ #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Set to 3 to get tracing... */ #define MCAST_DEBUG 2 @@ -2432,6 +2441,20 @@ struct ifmcaddr6 *im = (struct ifmcaddr6 *)v; struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information about ghost interfaces */ + if(! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp6 information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, + "%-4d %-15s %pi6 %5d %08X %ld\n", + state->dev->ifindex, state->dev->name, + &im->mca_addr, + im->mca_users, im->mca_flags, + (im->mca_flags&MAF_TIMER_RUNNING) ? + jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); + } +#else seq_printf(seq, "%-4d %-15s %pi6 %5d %08X %ld\n", state->dev->ifindex, state->dev->name, @@ -2439,6 +2462,7 @@ im->mca_users, im->mca_flags, (im->mca_flags&MAF_TIMER_RUNNING) ? jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); +#endif /* CONFIG_GHOSTIFICATION */ return 0; } @@ -2593,6 +2617,20 @@ "Device", "Multicast Address", "Source Address", "INC", "EXC"); } else { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if (! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp6 information in /proc" + " about ghostified interfaces (2)."); + seq_printf(seq, + "%3d %6.6s %pi6 %pi6 %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + &state->im->mca_addr, + &psf->sf_addr, + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); + } +#else seq_printf(seq, "%3d %6.6s %pi6 %pi6 %6lu %6lu\n", state->dev->ifindex, state->dev->name, @@ -2600,6 +2638,7 @@ &psf->sf_addr, psf->sf_count[MCAST_INCLUDE], psf->sf_count[MCAST_EXCLUDE]); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; } diff -rNuad linux-2.6.29/net/ipv6/proc.c linux-2.6.29-ghost/net/ipv6/proc.c --- linux-2.6.29/net/ipv6/proc.c 2009-03-23 23:12:14.000000000 +0000 +++ linux-2.6.29-ghost/net/ipv6/proc.c 2009-11-26 22:41:05.000000000 +0000 @@ -9,6 +9,8 @@ * * Authors: David S. Miller (davem@caip.rutgers.edu) * YOSHIFUJI Hideaki + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -29,6 +31,16 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include + +/* (ghost support) We don't want this to be static, as it has to + be read at ghostifying and unghostifying time */ +struct proc_dir_entry *proc_net_devsnmp6; +EXPORT_SYMBOL(proc_net_devsnmp6); +#endif /* CONFIG_GHOSTIFICATION */ + static int sockstat6_seq_show(struct seq_file *seq, void *v) { struct net *net = seq->private; @@ -194,6 +206,18 @@ return single_open_net(inode, file, snmp6_seq_show); } +/* (ghost support) This was originally static, +but we need to make it visible */ +#ifdef CONFIG_GHOSTIFICATION +struct file_operations snmp6_seq_fops = { + .owner = THIS_MODULE, + .open = snmp6_seq_open, + .read = seq_read, + .llseek = seq_lseek, + .release = single_release, +}; +EXPORT_SYMBOL(snmp6_seq_fops); +#else static const struct file_operations snmp6_seq_fops = { .owner = THIS_MODULE, .open = snmp6_seq_open, @@ -201,6 +225,7 @@ .llseek = seq_lseek, .release = single_release_net, }; +#endif /* CONFIG_GHOSTIFICATION */ static int snmp6_dev_seq_show(struct seq_file *seq, void *v) { diff -rNuad linux-2.6.29/net/ipv6/route.c linux-2.6.29-ghost/net/ipv6/route.c --- linux-2.6.29/net/ipv6/route.c 2009-03-23 23:12:14.000000000 +0000 +++ linux-2.6.29-ghost/net/ipv6/route.c 2009-11-26 22:38:27.000000000 +0000 @@ -22,6 +22,10 @@ * reachable. otherwise, round-robin the list. * Ville Nuorvala * Fixed routing subtrees. + * Luca Saiu + * trivial changes for ghostification support + * Roudiere Jonathan + * ghostification support update, modify functions using netlink */ #include @@ -60,6 +64,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Set to 3 to get tracing. */ #define RT6_DEBUG 2 @@ -1112,10 +1121,6 @@ return hoplimit; } -/* - * - */ - int ip6_route_add(struct fib6_config *cfg) { int err; @@ -1827,6 +1832,8 @@ struct in6_rtmsg rtmsg; int err; + /* (ghost support) don't make any change, changes + have been made later for ioctl request */ switch(cmd) { case SIOCADDRT: /* Add a route */ case SIOCDELRT: /* Delete a route */ @@ -2130,26 +2137,84 @@ return err; } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc. + */ static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) { struct fib6_config cfg; int err; - err = rtm_to_fib6_config(skb, nlh, &cfg); - if (err < 0) - return err; +#ifdef CONFIG_GHOSTIFICATION + struct net *net = NULL; + struct net_device *dev = NULL; + + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; + + /* (ghost support) get the net struct through sock struct */ + net = sock_net(skb->sk); + if(!net) + return ip6_route_del(&cfg); /* do that or exit on error ... */ + /* (ghost support) get the net_device struct through fib6_config */ + dev = dev_get_by_index(net, cfg.fc_ifindex); + if(!dev) + return ip6_route_del(&cfg); /* do that or exit on error ... */ + /* (ghost support) ok we know the device name so if it + is a ghostified interface, return device not exist */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to del route involving a ghostified interface (%s). Failing", + dev->name); + return -ENODEV; + } +#else + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; +#endif /* CONFIG_GHOSTIFICATION */ return ip6_route_del(&cfg); } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc. + */ static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) { struct fib6_config cfg; int err; +#ifdef CONFIG_GHOSTIFICATION + struct net *net = NULL; + struct net_device *dev = NULL; + err = rtm_to_fib6_config(skb, nlh, &cfg); if (err < 0) return err; + + /* (ghost support) get the net struct through sock struct */ + net = sock_net(skb->sk); + if(!net) + return ip6_route_add(&cfg); /* do that or exit on error ... */ + /* (ghost support) get the net_device struct through fib6_config */ + dev = dev_get_by_index(net, cfg.fc_ifindex); + if(!dev) + return ip6_route_add(&cfg); /* do that or exit on error ... */ + /* (ghost support) ok we know the device name so if it is + a ghostified interface, return device not exist */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to add route involving a ghostified interface (%s). Failing.", + dev->name); + return -ENODEV; + } +#else + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; +#endif /* CONFIG_GHOSTIFICATION */ return ip6_route_add(&cfg); } @@ -2169,6 +2234,10 @@ + nla_total_size(sizeof(struct rta_cacheinfo)); } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc + */ static int rt6_fill_node(struct net *net, struct sk_buff *skb, struct rt6_info *rt, struct in6_addr *dst, struct in6_addr *src, @@ -2180,6 +2249,19 @@ long expires; u32 table; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("rtnetlink msg type %i, pid %i and seq %i", + type, pid, seq); + /* (ghost support) this function is called by by rt6_dump_route, and + inet6_rtm_get_route and inet6_rt_notify, test if it is a kernel request*/ + if (rt->rt6i_dev->name) + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Try to get/notify route infos about a " + "ghostified interface (%s), skip.", + rt->rt6i_dev->name); + return 1; + } +#endif /* CONFIG_GHOSTIFICATION */ if (prefix) { /* user wants prefix routes only */ if (!(rt->rt6i_flags & RTF_PREFIX_RT)) { /* success since this is not a prefix route */ @@ -2287,10 +2369,26 @@ return -EMSGSIZE; } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc, + */ int rt6_dump_route(struct rt6_info *rt, void *p_arg) { struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg; int prefix; + +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg(" rtnetlink mesg %i, pid %i and seq %i", + arg->cb->nlh->nlmsg_type, arg->cb->nlh->nlmsg_pid, arg->cb->nlh->nlmsg_seq); + /* if (rt->rt6i_dev) + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Try to dump route infos about a ghostified interface (%s), skip", + rt->rt6i_dev->name); + return -ENODEV; errro maybe come from here, modify instead + rt6_fill_node which has multiple callers + } */ +#endif /* CONFIG_GHOSTIFICATION */ if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) { struct rtmsg *rtm = nlmsg_data(arg->cb->nlh); @@ -2304,6 +2402,8 @@ prefix, 0, NLM_F_MULTI); } +/* (ghost support) Don't make changes here, function +rt6_fill_node has been modified instead */ static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) { struct net *net = sock_net(in_skb->sk); @@ -2448,6 +2548,17 @@ { struct seq_file *m = p_arg; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Do nothing if this route involves a + ghostified interface */ + if(rt->rt6i_dev != NULL) /* can't use &&: evaluation order is undefined */ + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Don't show any informations under /proc/net" + "involving a ghostified interface (%s)", + rt->rt6i_dev->name); + return 0; + } +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(m, "%pi6 %02x ", &rt->rt6i_dst.addr, rt->rt6i_dst.plen); #ifdef CONFIG_IPV6_SUBTREES diff -rNuad linux-2.6.29/net/netfilter/core.c linux-2.6.29-ghost/net/netfilter/core.c --- linux-2.6.29/net/netfilter/core.c 2009-03-23 23:12:14.000000000 +0000 +++ linux-2.6.29-ghost/net/netfilter/core.c 2009-11-26 22:38:27.000000000 +0000 @@ -5,6 +5,8 @@ * way. * * Rusty Russell (C)2000 -- This code is GPL. + * Little change by Jonathan Roudiere to add + * Ghostification support (bypass netfilter for ghost interface). */ #include #include @@ -22,6 +24,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "nf_internals.h" static DEFINE_MUTEX(afinfo_mutex); @@ -59,7 +66,6 @@ { struct nf_hook_ops *elem; int err; - err = mutex_lock_interruptible(&nf_hook_mutex); if (err < 0) return err; @@ -169,7 +175,158 @@ rcu_read_lock(); elem = &nf_hooks[pf][hook]; + next_hook: + /* + * (ghost support) Netfilter ghostification support. + * Perform too much tests here is not a good idea because all + * network packets pass through this section but we have + * not other choice to skip netfilter hooks (per hook). + */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER + /* + * Bypass all Netfilter hooks (for ipv4/6, arp, bridge) for any + * ghostified interface (eq. to return NF_ACCEPT for each packet which + * go through an interface which is ghostified (do that at hook level + * in order to skip all chains's rules hang on the hooks)) + */ + + /* don't use ghost_debugmsg macro in this section + because it may introduce too much delay */ + ghost_develmsg("Enter in hook (pf=%i) (hook=%i) from indev->name = " + "%s to outdev->name = %s", pf, hook, indev->name, outdev->name); + +/* If we wish to skip all netfilter hooks for all PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ALL + /* + * outdev->name field is defined in OUTPUT, FORWARD and POSTROUTING hooks, + * if it is a ghostified interface then we must bypass netfilter hooks + * (and all rules chains), we start here (with outdev) to bypass netfilter's + * hooks in the case where we are in FORWARD. + */ + if ((outdev->name) != NULL) { + if (!is_a_ghost_interface_name(outdev->name)) { + ghost_develmsg("(outdev->name) = %s is not a ghostfied interface", + (outdev->name)); + goto apply_hook; + } else { + ghost_develmsg("(outdev->name) = %s is a ghostfied interface", + (outdev->name)); + ret = 1; + goto unlock; + } + } + /* + * indev->name field is defined in PREROUTING, FORWARD and INPUT hooks, + * if it is a ghostified interface then we must bypass netfilter hooks + * (and all rules chains), if we are in FORWARD hook and outdev/indev->name + * is not a ghostified interface then we can go towards hooks. + */ + if ((indev->name) != NULL) { + if (!is_a_ghost_interface_name(indev->name)) { + ghost_develmsg("(indev->name) = %s is not a ghostfied interface", + (indev->name)); + goto apply_hook; + } else { + ghost_develmsg("(indev->name) = %s is a ghostfied interface", + (indev->name)); + ret = 1; + goto unlock; + } + } + +/* + * If GHOSTIFICATION_NETFILTER_ALL is not defined neither any + * GHOSTIFICATION_NETFILTER_PF then we 'll skip all this code chunk. + * (about performance, choose to skip netfilter just for certains PF + * is the most bad things we can do, but ...) + */ +#elif (defined(CONFIG_GHOSTIFICATION_NETFILTER_IPV4) || defined(CONFIG_GHOSTIFICATION_NETFILTER_IPV6) || \ + defined(CONFIG_GHOSTIFICATION_NETFILTER_ARP) || defined(CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE)) + /* Here we have the same logic as previously (in GHOSTIFICATION_NETFILTER_ALL) + but with the ability to choose what are the PFs that we want to skip */ + if ((outdev->name) != NULL) { + if (!is_a_ghost_interface_name(outdev->name)) { + ghost_develmsg("(outdev->name) = %s is not a ghostfied interface", + (outdev->name)); + goto apply_hook; + } else { + ghost_develmsg("(outdev->name) = %s is a ghostfied interface", + (outdev->name)); + /* start with IPv4, IPv6 because they are the most current PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV4 + if (pf == PF_INET) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV4 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV6 + if (pf == PF_INET6) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV6 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ARP + if (pf == NF_ARP) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_ARP */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE + if (pf == PF_BRIDGE) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE */ + /* We arrive here that is because we are not in a PF + that we wish skip so we apply rules chain (for decnet) */ + goto apply_hook; + } + } + if ((indev->name) != NULL) { + if (!is_a_ghost_interface_name(indev->name)) { + ghost_develmsg("(indev->name) = %s is not a ghostfied interface", + (indev->name)); + goto apply_hook; + } else { + ghost_develmsg("(indev->name) = %s is a ghostfied interface", + (indev->name)); + /* start with IPv4, IPv6 because they are the most current PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV4 + if (pf == PF_INET) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV4 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV6 + if (pf == PF_INET6) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV6 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ARP + if (pf == NF_ARP) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_ARP */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE + if (pf == PF_BRIDGE) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE */ + /* We arrive here that is because we are not in a PF + that we wish skip so we apply rules chain (for decnet) */ + goto apply_hook; + } + } + +#endif /* CONFIG_GHOSTIFICATION_ALL */ +apply_hook: +#endif /* CONFIG_GHOSTIFICATION_NETFILTER */ +/* (ghost support) End of ghostification support */ + verdict = nf_iterate(&nf_hooks[pf][hook], skb, hook, indev, outdev, &elem, okfn, hook_thresh); if (verdict == NF_ACCEPT || verdict == NF_STOP) { diff -rNuad linux-2.6.29/net/packet/af_packet.c linux-2.6.29-ghost/net/packet/af_packet.c --- linux-2.6.29/net/packet/af_packet.c 2009-03-23 23:12:14.000000000 +0000 +++ linux-2.6.29-ghost/net/packet/af_packet.c 2009-11-26 22:38:27.000000000 +0000 @@ -39,6 +39,7 @@ * will simply extend the hardware address * byte arrays at the end of sockaddr_ll * and packet_mreq. + * Luca Saiu : Trivial changes for ghostification * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -83,6 +84,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Assumptions: - if device has no dev->hard_header routine, it adds and removes ll header @@ -489,6 +495,18 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Drop packets involving ghost interfaces: + * we don't want the user to be able to sniff them + */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Drop a packet which is going through a ghostified interface (rcv)"); + goto drop; + } +#endif /* CONFIG_GHOSTIFICATION */ + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -611,6 +629,18 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Drop packets involving ghost interfaces: + * we don't want the user to be able to sniff them. + */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Drop a packet which is going through a ghostified interface (trcv)"); + goto drop; + } +#endif /* CONFIG_GHOSTIFICATION */ + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -2049,17 +2079,38 @@ struct sock *s = v; const struct packet_sock *po = pkt_sk(s); +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Don't show packets involving ghost devices + */ + struct net_device *net_device = dev_get_by_index(sock_net(s), po->ifindex); + if(! is_a_ghost_interface_name(net_device->name)) { + ghost_debugmsg("Don't show packets involving ghostified interface"); + seq_printf(seq, + "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", + s, + atomic_read(&s->sk_refcnt), + s->sk_type, + ntohs(po->num), + po->ifindex, + po->running, + atomic_read(&s->sk_rmem_alloc), + sock_i_uid(s), + sock_i_ino(s) ); + } +#else seq_printf(seq, - "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", - s, - atomic_read(&s->sk_refcnt), - s->sk_type, - ntohs(po->num), - po->ifindex, - po->running, - atomic_read(&s->sk_rmem_alloc), - sock_i_uid(s), - sock_i_ino(s) ); + "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", + s, + atomic_read(&s->sk_refcnt), + s->sk_type, + ntohs(po->num), + po->ifindex, + po->running, + atomic_read(&s->sk_rmem_alloc), + sock_i_uid(s), + sock_i_ino(s) ); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/linux-2.6.26-ghost_debian.patch0000644000175000017500000030411313175722671027171 0ustar lucaslucasdiff -rNuad linux-source-2.6.26/arch/um/drivers/vde_user.c linux-source-2.6.26-ghost/arch/um/drivers/vde_user.c --- linux-source-2.6.26/arch/um/drivers/vde_user.c 2008-07-13 21:51:29.000000000 +0000 +++ linux-source-2.6.26-ghost/arch/um/drivers/vde_user.c 2009-11-29 18:44:01.000000000 +0000 @@ -77,8 +77,8 @@ void vde_init_libstuff(struct vde_data *vpri, struct vde_init *init) { struct vde_open_args *args; - - vpri->args = kmalloc(sizeof(struct vde_open_args), UM_GFP_KERNEL); + /* (ghost support) kmalloc is used instead of uml_kmalloc */ + vpri->args = uml_kmalloc(sizeof(struct vde_open_args), UM_GFP_KERNEL); if (vpri->args == NULL) { printk(UM_KERN_ERR "vde_init_libstuff - vde_open_args " "allocation failed"); diff -rNuad linux-source-2.6.26/include/linux/netdevice.h linux-source-2.6.26-ghost/include/linux/netdevice.h --- linux-source-2.6.26/include/linux/netdevice.h 2009-08-19 05:15:08.000000000 +0000 +++ linux-source-2.6.26-ghost/include/linux/netdevice.h 2009-11-29 18:44:01.000000000 +0000 @@ -14,6 +14,8 @@ * Alan Cox, * Bjorn Ekwall. * Pekka Riikonen + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -1571,4 +1573,12 @@ #endif /* __KERNEL__ */ +/* + * (ghost support) Just check whether the given name + * belongs to the ghost interface + */ +#ifdef CONFIG_GHOSTIFICATION +int is_a_ghost_interface_name(const char *interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + #endif /* _LINUX_DEV_H */ diff -rNuad linux-source-2.6.26/include/linux/sockios.h linux-source-2.6.26-ghost/include/linux/sockios.h --- linux-source-2.6.26/include/linux/sockios.h 2008-07-13 21:51:29.000000000 +0000 +++ linux-source-2.6.26-ghost/include/linux/sockios.h 2009-11-29 18:44:01.000000000 +0000 @@ -9,6 +9,8 @@ * * Authors: Ross Biro * Fred N. van Kempen, + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -83,6 +85,13 @@ #define SIOCWANDEV 0x894A /* get/set netdev parameters */ +/* (ghost support) ghostification's ioctl */ +#ifdef CONFIG_GHOSTIFICATION +#define SIOKLOG 0x894D /* Write a string to the log */ +#define SIOCGIFGHOSTIFY 0x894E /* Make a network device 'ghost' */ +#define SIOCGIFUNGHOSTIFY 0x894F /* Make a network device 'ghost' */ +#endif /* CONFIG_GHOSTIFICATION */ + /* ARP cache control calls. */ /* 0x8950 - 0x8952 * obsolete calls, don't re-use */ #define SIOCDARP 0x8953 /* delete ARP table entry */ diff -rNuad linux-source-2.6.26/include/net/ghostdebug.h linux-source-2.6.26-ghost/include/net/ghostdebug.h --- linux-source-2.6.26/include/net/ghostdebug.h 1970-01-01 00:00:00.000000000 +0000 +++ linux-source-2.6.26-ghost/include/net/ghostdebug.h 2009-11-29 18:44:01.000000000 +0000 @@ -0,0 +1,91 @@ +/* + * Ghost support: + * Some trivials macros for display messages, trace ghost ops, + * debug and devel the ghostification kernel patch. + * + * Authors: Roudiere Jonathan, + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version + * 2 of the License, or (at your option) any later version. + */ + +#ifndef __GHOSTDEBUG__ +#define __GHOSTDEBUG__ + +#ifdef CONFIG_GHOSTIFICATION + +/* + * Ghost macros: there are three type of macros for three kind of + * information level : + * + * - the first one is ghost_ptk, that is a simple printk with the + * KERN_INFO log level, it is the standard type of display used + * by the ghostification kernel code to allow user to monitor + * ghost operations, if GHOSTIFICATION_PRINTK is not defined then + * user will not any information about the ghostified interfaces + * and the ghost engine (almost any infos ;-)), + * + * - ghost_debug and ghost_debugmsg are respectively used to show a + * calling card in a part of the code (function, files) and to show + * in plus informations additional (variable, etc ..), these two macros + * display messages with the level KERNEL_DEBUG, + * + * - ghost_devel and ghost_develmsg are very similar (redundant) + * in both previous ones, they are mainly used for the development + * of the patch to follow the stream of execution, activate + * GHOSTIFICATION_DEVEL has interest only for developers. + * +*/ + +/* + * Macro usable to debug during normal usage of the kernel. +*/ +#ifdef CONFIG_GHOSTIFICATION_DEBUG +#define ghost_debug \ + printk(KERN_DEBUG \ + "(ghost_debug): file(%s): funct(%s): line(%04d): -- info debug -- \n", \ + __FILE__, __FUNCTION__, __LINE__) +#define ghost_debugmsg(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost_debug): file(%s): funct(%s): line(%04d): " msg "\n", \ + __FILE__, __FUNCTION__, __LINE__, ##args) +#else +#define ghost_debug +#define ghost_debugmsg +#endif + +/* + * A little bit redundant with the macro ghost_debug/debugmsg + * but allows a difference in the use, they are not used for the + * debugging, but to verify roads borrowed during the development. + * (note: certainly remove at next release of the patch) +*/ +#ifdef CONFIG_GHOSTIFICATION_DEVEL +#define ghost_devel \ + printk(KERN_DEBUG \ + "(ghost_devel): file(%s): funct(%s): line(%04d): -- info devel -- \n", \ + __FILE__, __FUNCTION__, __LINE__) +#define ghost_develmsg(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost_devel): file(%s): funct(%s): line(%04d): " msg "\n", \ + __FILE__, __FUNCTION__, __LINE__, ##args) +#else +#define ghost_devel +#define ghost_develmsg(msg,args...) +#endif + +/* + * Macro to display all message from chunk of code which has + * ghostification in charge (use macro to add debug level later). +*/ +#ifdef CONFIG_GHOSTIFICATION_PRINTK +#define ghost_ptk(msg,args...) \ + printk(KERN_INFO \ + "(ghost) " msg "\n", ##args) +#endif + +#endif /* CONFIG_GHOSTIFICATION */ + +#endif /* __GHOSTDEBUG__ */ diff -rNuad linux-source-2.6.26/net/Kconfig linux-source-2.6.26-ghost/net/Kconfig --- linux-source-2.6.26/net/Kconfig 2008-07-13 21:51:29.000000000 +0000 +++ linux-source-2.6.26-ghost/net/Kconfig 2009-11-29 18:44:01.000000000 +0000 @@ -175,6 +175,105 @@ source "net/decnet/netfilter/Kconfig" source "net/bridge/netfilter/Kconfig" +config GHOSTIFICATION_NETFILTER + bool "Ghostification support to netfilter" + depends on GHOSTIFICATION && NETFILTER_ADVANCED + default y + help + Ghostification support to Netfilter. Allow to bypass all + Netfilter's hooks (INPUT, OUTPUT, FORWARD, POSTROUTING and + PREROUTING (when available)) and that for all layer or protocol: + ARP, Bridge, IPv4, IPv6 (and Decnet) or just for one protocol + or layer. + If you choose to activate the Ghostification of Netfilter then + all the network packets which come from, or go to an ghostified + interface will not get through the hooks of Netfilter; so rules + which have been created with Iptables, Ip6tables, Arptables or + Ebtables will have no effect on these packets. + Note: This option allows you to have access to the options of + configuration of the Ghostification of Netfilter but it activates + no section of code; you will thus need to select one or some + among those this below. + +config GHOSTIFICATION_NETFILTER_ALL + bool "Ghostification support to netfilter, skip all hooks" + depends on GHOSTIFICATION_NETFILTER + default y + help + Netfiter Ghostification support for all protocols/layers. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass + Netfilter's hooks; thus any actions or rules which have been + created through Iptables, Ip6tables, Arptables or Ebtables + will not have any effect on this packets. + +config GHOSTIFICATION_NETFILTER_ARP + bool "Ghostification support to netfilter, skip ARP hooks" + depends on GHOSTIFICATION_NETFILTER && IP_NF_ARPTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the ARP protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass Arp + hooks of Netfilter; thus the rules which have been created + with the Arptables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_BRIDGE + bool "Ghostification support to netfilter, skip Bridge hooks" + depends on GHOSTIFICATION_NETFILTER && BRIDGE_NF_EBTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the Bridge protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass Bridge + hooks of Netfilter; thus the rules which have been created + with the Ebtables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_IPV4 + bool "Ghostification support to netfilter, skip IPv4 hooks" + depends on GHOSTIFICATION_NETFILTER && !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the IPv4 protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass IPv4 + hooks of Netfilter; thus the rules which have been created + with the Iptables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_IPV6 + bool "Ghostification support to netfilter, skip IPv6 hooks" + depends on GHOSTIFICATION_NETFILTER && IP6_NF_IPTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the IPv6 protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass IPv6 + hooks of Netfilter; thus the rules which have been created + with the Ip6tables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + endif source "net/dccp/Kconfig" @@ -250,6 +349,95 @@ source "net/rfkill/Kconfig" source "net/9p/Kconfig" +config GHOSTIFICATION + bool "Ghostification support" + depends on INET + default y + help + Ghostification support allow you to hide network interfaces + on your system. Ghostify and Unghostify are the actions which + make dynamically invisible and visible a network interface/cards + (eth0, lo, tun, ...) for the userspace. + When a network interface is ghostified, users of your system + can not see it with userspace tools like ifconfig, route, iproute, + netstat and/or have statistics about it. However even if a network + interface is ghostified it is always possible to open a socket + using the Ip address of this interface, ping this interface or + any host connected to the same network remains possible; has the + opposite, it is not possible to sniff packets on a ghostified + interface with userspace tools like tcpdump, wireshark, ... + Informations about a ghostified interface are hidden under /proc + but they can be find under /sys, it is a limit of the ghostification + patch. + For more informations about Ghostification patch and engine see + the README of the tarball that you have used or go to website of + the Marionnet project at . + + +config GHOSTIFICATION_NUM + int "Ghostification support : max number of possible ghostified interface" + depends on GHOSTIFICATION + range 4 32 + default 8 + help + Here you can choose the number of network interfaces that + you will be allowed to ghostify. This number must be between + 4 and 32. + +config GHOSTIFICATION_MESG + bool "Ghostification messages, display, debug and devel" + depends on GHOSTIFICATION + default y + help + Ghostification messages configuration. This option allow + you to have acces to the options which configure and control + the type of messages that you want the ghostification engine + diplay (visible through syslogd). + There are three options which make more or less verbose the + ghostification engine. You can choose to not select any + options below if you want to try to hide the ghostification + operations for the users of your system. + Note: This option allows you to have access to the options + which control the number of messages and the verbosity of + the Ghostification engine but it activates no section of + code; you will thus need to select one or some among those + this below. + +config GHOSTIFICATION_PRINTK + bool "Ghostification, messages to monitor ghost operations" + depends on GHOSTIFICATION_MESG + default y + help + This option allow you to activate normal messsages from the + ghostification engine, those messages are display through a + simple printk (visible through syslogd), this messages allow + to have informations about the ghost operations (like "the + interface ethX has been ghostified", "unghostified", "is already + ghostified", etc ...). If you really wish to hide ghostified + interfaces and ghost operations for the users of your system + don't select this option. + +config GHOSTIFICATION_DEBUG + bool "Ghostification, debugging messages to monitor ghost operations" + depends on GHOSTIFICATION_MESG + help + This option increase the verbosity of the ghostification engine, + allow to get more informations in order to debug the ghost ops. + This option is in general used to verify the result of a test or + to display the datas (interface name, pid of a calling process, ...) + which are treated by the ghost engine. + +config GHOSTIFICATION_DEVEL + bool "Ghostification, helping messages to trace ghost operations (devel)" + depends on GHOSTIFICATION_MESG + help + This option give more informations that the option above, it is use + by developer of the ghostification patch in order to control some + paths used in the kernel code and the datas which are manipulated. + This option is a little redundant with the debug option but allow + to have a better granularity, maybe it will be remove for the next + release of the ghostification patch. + endif # if NET endmenu # Networking diff -rNuad linux-source-2.6.26/net/core/dev.c linux-source-2.6.26-ghost/net/core/dev.c --- linux-source-2.6.26/net/core/dev.c 2009-08-19 05:15:10.000000000 +0000 +++ linux-source-2.6.26-ghost/net/core/dev.c 2009-11-29 18:44:01.000000000 +0000 @@ -18,6 +18,7 @@ * Alexey Kuznetsov * Adam Sulmicki * Pekka Riikonen + * Luca Saiu (ghostification support) * * Changes: * D.J. Barrow : Fixed bug where dev->refcnt gets set @@ -70,6 +71,8 @@ * indefinitely on dev->refcnt * J Hadi Salim : - Backlog queue sampling * - netif_rx() feedback + * Roudiere Jonathan : make some buxfix in ghostification engine + * verify CAP_NET_ADMIN before (un)ghost iface */ #include @@ -124,6 +127,230 @@ #include "net-sysfs.h" /* + * (ghost support) Chunk of code which has in charge + * the ghostification of network interfaces. + */ +#ifdef CONFIG_GHOSTIFICATION +#include + +/* The maximum number of ghost interfaces allowed at any given time: */ +#define MAX_GHOST_INTERFACES_NO CONFIG_GHOSTIFICATION_NUM + +/* + * A crude unsorted array of unique names, where "" stands for an + * empty slot. Elements are so few that an hash table would be overkill, + * and possibly also less efficient than this solution: + */ +static char ghost_interface_names[MAX_GHOST_INTERFACES_NO][IFNAMSIZ]; + +/* A lock protecting the ghost interfaces' support structure: */ +/* static DEFINE_SPINLOCK(ghostification_spin_lock); */ +static rwlock_t ghostification_spin_lock = RW_LOCK_UNLOCKED; + +/* Lock disabling local interrupts and saving flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + unsigned long flags; write_lock_irqsave(&ghostification_spin_lock, flags) + +/* Unlock re-enabling interrupts and restoring flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + write_unlock_irqrestore(&ghostification_spin_lock, flags) + +/* Lock disabling local interrupts and saving flags. This is for + readers, which are allowed to execute concurrently: */ +#define LOCK_GHOSTIFICATION_FOR_READING \ + unsigned long flags; read_lock_irqsave(&ghostification_spin_lock, flags) + +/* Lock re-enabling interrupts and restoring flags. This is for + readers, which are allowed to execute concurrently: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING \ + read_unlock_irqrestore(&ghostification_spin_lock, flags) + +#ifdef CONFIG_IPV6 +/* Defined in net/ipv6/addrconf.c: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +#endif /* CONFIG_IPV6 */ + +/* Return the index of the given element (which may be "") within + ghost_interface_names, or -1 on failure. Note that this must be + executed in a critical section: */ +static int __lookup_ghost_interface_names(const char *interface_name) +{ + int i; + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(!strcmp(interface_name, ghost_interface_names[i])) + return i; /* we found the given name in the i-th element */ + return -1; /* we didn't find the given name in the array */ +} + +/* This is useful for debugging. It must be called in a critical section. */ +static void __dump_ghost_interfaces(void) +{ + int i; + int number_of_ghost_interfaces = 0; + + ghost_ptk("Ghost interfaces are now: "); + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(strcmp(ghost_interface_names[i], "")) { + number_of_ghost_interfaces++; + ghost_ptk("%i. %s", number_of_ghost_interfaces, + ghost_interface_names[i]); + } + + ghost_ptk("There are now %i ghost interfaces. " + "A maximum of %i can exist at any given time.", + number_of_ghost_interfaces, MAX_GHOST_INTERFACES_NO); +} + +/* Just check whether the given name belongs to a ghost interface. + This must be called in a critical section: */ +int __is_a_ghost_interface_name(const char *interface_name) +{ + /* Particular case: "" is *not* a ghost interface name, even + if it's in the ghost interfaces array (we use it just to mark + an empty slot): */ + if(interface_name[0] == '\0') + return 0; + /* Just check whether interface_name is an element of the array: */ + return __lookup_ghost_interface_names(interface_name) >= 0; +} + +/* Just check whether the given name belongs to a ghost interface: */ +int is_a_ghost_interface_name(const char *interface_name) +{ + int result; + LOCK_GHOSTIFICATION_FOR_READING; + /* Just check whether interface_name is an element of the array: */ + result = __is_a_ghost_interface_name(interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING; + return result; +} + +/* Make the given interface ghost. Return 0 on success, nonzero on + failure. Failure occours when the interface is already ghost or + does not exist: */ +static int ghostify_interface(char *interface_name) +{ + int a_free_element_index; + const size_t name_length = strlen(interface_name); + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + + /* Let's avoid buffer overflows... This could possibly be exploited: */ + if((name_length >= IFNAMSIZ) || (name_length == 0)) + { + ghost_ptk("The user asked to ghostify the interface %s, " + "which has a name of length %i. Failing.", + interface_name, name_length); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EINVAL; + } + + /* Fail if the interface is already ghostified. In particular we + want *no* duplicates in the array. Note that we're already in + a critical section here, so there's no need for locking: */ + if(__is_a_ghost_interface_name(interface_name)) + { + ghost_ptk("Could not ghostify the interface %s, " + "because it\'s already ghost.", interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EEXIST; /* File exists, seems to be more appropriate */ + /* return -EINVAL; */ + } + + /* Fail if the interface is not found. We don't want add a + no-existing interface in our array */ + struct net_device *device; + device = dev_get_by_name(&init_net, interface_name); + if (device == NULL) { + ghost_ptk("Could not ghostify the interface %s which " + "doesn't exist. Try again.", interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENODEV; + } + + /* Look for a free spot: */ + a_free_element_index = __lookup_ghost_interface_names(""); + if(a_free_element_index < 0) + { + ghost_ptk("Could not ghostify the interface %s, " + "because %i interfaces are already ghostified. Sorry.", + interface_name, MAX_GHOST_INTERFACES_NO); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENOMEM; + } + + /* Ok, we found a free spot; just copy the interface name: */ + strcpy(ghost_interface_names[a_free_element_index], interface_name); + +#ifdef CONFIG_IPV6 + /* Hide /proc/net/dev_snmp6/DEVICE for the new ghost DEVICE: */ + hide_proc_net_dev_snmp6_DEVICE_if_needed( + ghost_interface_names[a_free_element_index]); +#endif /* CONFIG_IPV6 */ + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} + +/* Make the given interface, which should be ghost, non-ghost. + Return 0 on success, nonzero on failure. Failure occours when + the given interface is non-ghost or does not exist: */ +static int unghostify_interface(char *ghost_interface_name) +{ + int the_interface_index; + struct net_device *device; + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + + /* Fail if the interface is not found. It is not necessary + to search in the array a no-existing interface and allow + to return a more appropriate error code to the userspace. */ + device = dev_get_by_name(&init_net, ghost_interface_name); + if (device == NULL) { + ghost_ptk("Could not unghostify the interface %s " + "which doesn't exist. Try again.\n", ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENODEV; + } + + /* Look for the given interface: */ + the_interface_index = + __lookup_ghost_interface_names(ghost_interface_name); + if(the_interface_index < 0) + { + ghost_ptk("Could not unghostify the interface %s, \ + because it's non-ghost or not existing.\n", + ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ESRCH; /* No such device or address, seems to be more appropriate */ + /* return -EINVAL; */ + } + + /* Ok, we found the interface: just "remove" its name from the array: */ + ghost_interface_names[the_interface_index][0] = '\0'; + +#ifdef CONFIG_IPV6 + /* Show again /proc/net/dev_snmp6/DEVICE for the now non-ghost DEVICE: */ + show_proc_net_dev_snmp6_DEVICE_if_needed(ghost_interface_name); +#endif /* CONFIG_IPV6 */ + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} +EXPORT_SYMBOL(is_a_ghost_interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + +/* + * (ghost support) End of ghostification support + */ + + +/* * The list of packet types we will receive (as opposed to discard) * and the routines to invoke. * @@ -529,6 +756,13 @@ { int ints[5]; struct ifmap map; + /* (ghost support) There are no ghost interfaces by default */ +#ifdef CONFIG_GHOSTIFICATION + int i; + + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + ghost_interface_names[i][0] = '\0'; +#endif /* CONFIG_GHOSTIFICATION */ str = get_options(str, ARRAY_SIZE(ints), ints); if (!str || !*str) @@ -2361,11 +2595,20 @@ len = ifc.ifc_len; /* - * Loop over the interfaces, and write an info block for each. + * Loop over the interfaces, and write an info block for each, + * (ghost support) unless they are ghostified. */ total = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* Don't tell the user about ghost interfaces: just skip them */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Skipping the ghost interface %s in SIOCGIFCONF", + dev->name); + continue; + } +#endif /* CONFIG_GHOSTIFICATION */ for (i = 0; i < NPROTO; i++) { if (gifconf_list[i]) { int done; @@ -2433,24 +2676,27 @@ static void dev_seq_printf_stats(struct seq_file *seq, struct net_device *dev) { struct net_device_stats *stats = dev->get_stats(dev); - - seq_printf(seq, "%6s:%8lu %7lu %4lu %4lu %4lu %5lu %10lu %9lu " - "%8lu %7lu %4lu %4lu %4lu %5lu %7lu %10lu\n", - dev->name, stats->rx_bytes, stats->rx_packets, - stats->rx_errors, - stats->rx_dropped + stats->rx_missed_errors, - stats->rx_fifo_errors, - stats->rx_length_errors + stats->rx_over_errors + - stats->rx_crc_errors + stats->rx_frame_errors, - stats->rx_compressed, stats->multicast, - stats->tx_bytes, stats->tx_packets, - stats->tx_errors, stats->tx_dropped, - stats->tx_fifo_errors, stats->collisions, - stats->tx_carrier_errors + - stats->tx_aborted_errors + - stats->tx_window_errors + - stats->tx_heartbeat_errors, - stats->tx_compressed); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't show anything in /proc if iface is ghostified */ + if(! is_a_ghost_interface_name(dev->name)) +#endif /* CONFIG_GHOSTIFICATION */ + seq_printf(seq, "%6s:%8lu %7lu %4lu %4lu %4lu %5lu %10lu %9lu " + "%8lu %7lu %4lu %4lu %4lu %5lu %7lu %10lu\n", + dev->name, stats->rx_bytes, stats->rx_packets, + stats->rx_errors, + stats->rx_dropped + stats->rx_missed_errors, + stats->rx_fifo_errors, + stats->rx_length_errors + stats->rx_over_errors + + stats->rx_crc_errors + stats->rx_frame_errors, + stats->rx_compressed, stats->multicast, + stats->tx_bytes, stats->tx_packets, + stats->tx_errors, stats->tx_dropped, + stats->tx_fifo_errors, stats->collisions, + stats->tx_carrier_errors + + stats->tx_aborted_errors + + stats->tx_window_errors + + stats->tx_heartbeat_errors, + stats->tx_compressed); } /* @@ -3262,6 +3508,16 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) skip if it is a ghostified interface */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("The user is performing a SIOCxIFxxx ioctl() " + "on the ghost interface %s, Failing.", dev->name); + ghost_debugmsg("we make the SIOCxIFxxx ioctl's call fail with -ENODEV"); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + switch (cmd) { case SIOCGIFFLAGS: /* Get interface flags */ ifr->ifr_flags = dev_get_flags(dev); @@ -3329,6 +3585,17 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) skip if it is a ghostified interface */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("The user is performing a SIOCxIFxxx ioctl() on " + "the ghost interface %s, Failing.", dev->name); + ghost_debugmsg("we make the SIOCxIFxxx ioctl's call fail " + "with -ENODEV"); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + switch (cmd) { case SIOCSIFFLAGS: /* Set interface flags */ return dev_change_flags(dev, ifr->ifr_flags); @@ -3472,6 +3739,57 @@ */ switch (cmd) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) catch ghostification's ioctl */ + case SIOKLOG: { + char text[1000]; + if(copy_from_user(text, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + text[IFNAMSIZ] = '\0'; + printk(KERN_DEBUG "%s\n", text); + return 0; + } + /* (un)ghostification ops require superuser power */ + case SIOCGIFGHOSTIFY: { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, + (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + ghost_ptk("The user asked to ghostify the interface %s.", + interface_name); + if((failure = ghostify_interface(interface_name)) == 0) + ghost_ptk("Ok, %s was ghostified.", + interface_name); + else + ghost_ptk("Failure in ghostification of %s.", + interface_name); + return failure; + } + case SIOCGIFUNGHOSTIFY: { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + ghost_ptk("The user asked to unghostify the interface %s.", + interface_name); + if((failure = unghostify_interface(interface_name)) == 0) + ghost_ptk("Ok, %s was unghostified.", + interface_name); + else + ghost_ptk("Failure in unghostification of %s.", + interface_name); + return failure; + } + /* end of ghostficiation ioctl */ +#endif /* CONFIG_GHOSTIFICATION */ + /* * These ioctl calls: * - can be done by all. diff -rNuad linux-source-2.6.26/net/core/dev_mcast.c linux-source-2.6.26-ghost/net/core/dev_mcast.c --- linux-source-2.6.26/net/core/dev_mcast.c 2008-07-13 21:51:29.000000000 +0000 +++ linux-source-2.6.26-ghost/net/core/dev_mcast.c 2009-11-29 18:44:01.000000000 +0000 @@ -14,6 +14,8 @@ * Alan Cox : IFF_ALLMULTI support. * Alan Cox : New format set_multicast_list() calls. * Gleb Natapov : Remove dev_mc_lock. + * Luca Saiu : trivial changes for + * ghostification support. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -48,6 +50,9 @@ #include #include +#ifdef CONFIG_GHOSTIFICATION +#include +#endif /* CONFIG_GHOSTIFICATION */ /* * Device multicast list maintenance. @@ -167,7 +172,15 @@ netif_tx_lock_bh(dev); for (m = dev->mc_list; m; m = m->next) { int i; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information + in /proc about ghost interfaces */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Don't show any information in /proc " + "about ghostified interface"); + continue; + } +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(seq, "%-4d %-15s %-5d %-5d ", dev->ifindex, dev->name, m->dmi_users, m->dmi_gusers); diff -rNuad linux-source-2.6.26/net/core/rtnetlink.c linux-source-2.6.26-ghost/net/core/rtnetlink.c --- linux-source-2.6.26/net/core/rtnetlink.c 2009-08-19 05:15:10.000000000 +0000 +++ linux-source-2.6.26-ghost/net/core/rtnetlink.c 2009-11-29 18:44:01.000000000 +0000 @@ -12,8 +12,12 @@ * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * - * Fixes: + * Fixes: * Vitaly E. Lavrov RTA_OK arithmetics was wrong. + * + * Changes: + * Roudiere Jonathan Some changes + * to ghost support, to allow to hide ghost net interfaces */ #include @@ -53,6 +57,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + struct rtnl_link { rtnl_doit_func doit; @@ -106,7 +115,10 @@ static rtnl_doit_func rtnl_get_doit(int protocol, int msgindex) { struct rtnl_link *tab; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("protocol = %i and msgindex %i ",protocol, msgindex); +#endif tab = rtnl_msg_handlers[protocol]; if (tab == NULL || tab[msgindex].doit == NULL) tab = rtnl_msg_handlers[PF_UNSPEC]; @@ -117,7 +129,10 @@ static rtnl_dumpit_func rtnl_get_dumpit(int protocol, int msgindex) { struct rtnl_link *tab; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("protocol = %i and msgindex %i ",protocol, msgindex); +#endif tab = rtnl_msg_handlers[protocol]; if (tab == NULL || tab[msgindex].dumpit == NULL) tab = rtnl_msg_handlers[PF_UNSPEC]; @@ -460,6 +475,12 @@ { struct sock *rtnl = net->rtnl; int report = 0; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add inforation to devel patch */ + ghost_develmsg("pid = %i, nlh->nlmsg_pid = %i, nlh->nlmsg_type %i " + "and nlh->nlmsg_seq = %i", pid, nlh->nlmsg_pid, + nlh->nlmsg_type, nlh->nlmsg_seq); +#endif if (nlh) report = nlmsg_report(nlh); @@ -612,6 +633,20 @@ if (nlh == NULL) return -EMSGSIZE; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("pid = %i, nlh->nlmsg_pid = %i, nlh->nlmsg_type " + "= %i, seq = %i and nlh->nlmsg_seq = %i", + pid, nlh->nlmsg_pid, nlh->nlmsg_type, + seq, nlh->nlmsg_seq); + ghost_develmsg("dev->name = %s and dev->ifindex = %i", + dev->name, + dev->ifindex); + /* function whose call rtnl_fill_ifinfo has been modified, except + rtmsg_ifinfo so if it will be necessary to skip ghost iface here then + keep in your mind to test pid because if it is eq. to 0 then it is a + kernel request (else user request) and we don't want disturbe its work. */ +#endif ifm = nlmsg_data(nlh); ifm->ifi_family = AF_UNSPEC; ifm->__ifi_pad = 0; @@ -688,6 +723,24 @@ idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) function which encapsulates calls to + * rtnl_fill_ifinfo and which is call after rtnl_get_doit/dumpit, + * use to dump list of network interfaces (as used by "ip link") + */ + ghost_develmsg("for_each_netdev, current net_device is %s", + dev->name); + ghost_develmsg("netlink cb pid = %i, cb nlh->nlmsg_type = %i, " + "cb familly/proto = %i, cb nlh->nlmsg_pid %i", + NETLINK_CB(cb->skb).pid, cb->nlh->nlmsg_type, + cb->family, cb->nlh->nlmsg_pid); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Hide ghotified interface (%s) in the dump", + dev->name); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if (rtnl_fill_ifinfo(skb, dev, RTM_NEWLINK, @@ -927,6 +980,18 @@ err = -ENODEV; goto errout; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it + with user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change state/parameters of a ghotified " + "interface (%s), skip", dev->name); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ if ((err = validate_linkmsg(dev, tb)) < 0) goto errout_dev; @@ -965,6 +1030,17 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it + with user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change dell a ghotified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ ops = dev->rtnl_link_ops; if (!ops) @@ -1167,6 +1243,17 @@ dev = dev_get_by_index(net, ifm->ifi_index); if (dev == NULL) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it with + user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get infos about a ghotified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ } else return -EINVAL; @@ -1221,6 +1308,8 @@ struct sk_buff *skb; int err = -ENOBUFS; + /* (ghost support) call rtnl_fill_ifinfo so maybe it + is need here to modify, in order to skip ghost iface */ skb = nlmsg_new(if_nlmsg_size(dev), GFP_KERNEL); if (skb == NULL) goto errout; @@ -1255,6 +1344,11 @@ int err; type = nlh->nlmsg_type; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("Enter, nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i and nlh->nlmsg_seq = %i ", + nlh->nlmsg_pid, nlh->nlmsg_seq, nlh->nlmsg_seq); +#endif /* CONFIG_GHOSTIFICATION */ + if (type > RTM_MAX) return -EOPNOTSUPP; @@ -1274,14 +1368,21 @@ if (kind != 2 && security_netlink_recv(skb, CAP_NET_ADMIN)) return -EPERM; + /* (ghost support) kind = 2 then imply RTM_GETLINK has been used */ if (kind == 2 && nlh->nlmsg_flags&NLM_F_DUMP) { struct sock *rtnl; rtnl_dumpit_func dumpit; + /* (ghost support) then rtnl_get_dumpit return pointer to the appropriate + function for this family and this type take in rtnl_msg_handler[] */ dumpit = rtnl_get_dumpit(family, type); if (dumpit == NULL) return -EOPNOTSUPP; - +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("Part 1: rtnl_get_dumpit(family %i, type %i) " + "is used before call to netlink_dump_start", + family,type); +#endif /* CONFIG_GHOSTIFICATION */ __rtnl_unlock(); rtnl = net->rtnl; err = netlink_dump_start(rtnl, skb, nlh, dumpit, NULL); @@ -1313,6 +1414,11 @@ doit = rtnl_get_doit(family, type); if (doit == NULL) return -EOPNOTSUPP; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) rtnl_get_doit return pointer to the appropriate + function for this family and this type take in rtnl_msg_handler[] */ + ghost_develmsg("Part 2: rtnl_get_doit(family %i, type %i)", family, type); +#endif /* CONFIG_GHOSTIFICATION */ return doit(skb, nlh, (void *)&rta_buf[0]); } @@ -1328,6 +1434,10 @@ { struct net_device *dev = ptr; + /* (ghost support) if we want provide a ghost's way to modify + the state of a ghost iface, it will be necessary to skip event + reports involing ghost iface (actually any changes are possible + if the iface is ghostified so there is nothing to report) */ switch (event) { case NETDEV_UNREGISTER: rtmsg_ifinfo(RTM_DELLINK, dev, ~0U); diff -rNuad linux-source-2.6.26/net/ipv4/arp.c linux-source-2.6.26-ghost/net/ipv4/arp.c --- linux-source-2.6.26/net/ipv4/arp.c 2008-07-13 21:51:29.000000000 +0000 +++ linux-source-2.6.26-ghost/net/ipv4/arp.c 2009-11-29 18:44:01.000000000 +0000 @@ -72,6 +72,8 @@ * bonding can change the skb before * sending (e.g. insert 8021q tag). * Harald Welte : convert to make use of jenkins hash + * Luca Saiu @@ -118,6 +120,11 @@ struct neigh_table *clip_tbl_hook; #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include #include @@ -1310,9 +1317,21 @@ } #endif sprintf(tbuf, NIPQUAD_FMT, NIPQUAD(*(u32*)n->primary_key)); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show anything in /proc if it involves + ghost interfaces: */ + if (! is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Don't show any arp information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", + tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); + read_unlock(&n->lock); + } +#else seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", - tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); + tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); read_unlock(&n->lock); +#endif /* CONFIG_GHOSTIFICATION */ } static void arp_format_pneigh_entry(struct seq_file *seq, @@ -1323,9 +1342,21 @@ char tbuf[16]; sprintf(tbuf, NIPQUAD_FMT, NIPQUAD(*(u32*)n->key)); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show anything in /proc if it involves + ghost interfaces */ + if (! is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Don't show any arp information in /proc " + "about ghostified interfaces (2)."); + seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", + tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", + dev ? dev->name : "*"); + } +#else seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", - tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", - dev ? dev->name : "*"); + tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", + dev ? dev->name : "*"); +#endif /* CONFIG_GHOSTIFICATION */ } static int arp_seq_show(struct seq_file *seq, void *v) diff -rNuad linux-source-2.6.26/net/ipv4/devinet.c linux-source-2.6.26-ghost/net/ipv4/devinet.c --- linux-source-2.6.26/net/ipv4/devinet.c 2008-07-13 21:51:29.000000000 +0000 +++ linux-source-2.6.26-ghost/net/ipv4/devinet.c 2009-11-29 18:44:01.000000000 +0000 @@ -25,6 +25,9 @@ * address (4.4BSD alias style support), * fall back to comparing just the label * if no match found. + * Roudiere Jonathan : + * some changes to ghost support, skip + * request involving a ghostified iface. */ @@ -64,6 +67,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + static struct ipv4_devconf ipv4_devconf = { .data = { [NET_IPV4_CONF_ACCEPT_REDIRECTS - 1] = 1, @@ -455,6 +463,16 @@ err = -ENODEV; goto errout; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("in_dev->dev->name = %s", in_dev->dev->name); + if (is_a_ghost_interface_name(in_dev->dev->name)) { + ghost_ptk("Try to delete address on a ghostified interface (%s), skip", + (in_dev->dev->name)); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ __in_dev_put(in_dev); @@ -504,6 +522,17 @@ if (dev == NULL) goto errout; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("(dev->name) = %s ", (dev->name)); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change/modfy address on a ghostified interface (%s), skip", + (dev->name)); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ + in_dev = __in_dev_get_rtnl(dev); err = -ENOBUFS; if (in_dev == NULL) @@ -553,6 +582,12 @@ ASSERT_RTNL(); + /* (ghost support) don't modify this funct but directly + rtm_to_ifaddr, as for others funct, with user-levels tools + (as iproute) we normaly never arrive here (because a dump + all ifaces is perform before and func which make the dump + has been modified (but we want prevent user tool request + the ghost iface directly */ ifa = rtm_to_ifaddr(net, nlh); if (IS_ERR(ifa)) return PTR_ERR(ifa); @@ -1159,6 +1194,15 @@ s_ip_idx = ip_idx = cb->args[1]; idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION /* _VERIFICATION_NEED_ */ + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("dev->name = %s", dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get address on a ghostified interface (%s), skip", + (dev->name)); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if (idx > s_idx) diff -rNuad linux-source-2.6.26/net/ipv4/fib_frontend.c linux-source-2.6.26-ghost/net/ipv4/fib_frontend.c --- linux-source-2.6.26/net/ipv4/fib_frontend.c 2008-07-13 21:51:29.000000000 +0000 +++ linux-source-2.6.26-ghost/net/ipv4/fib_frontend.c 2009-11-29 18:44:01.000000000 +0000 @@ -8,6 +8,10 @@ * Version: $Id: fib_frontend.c,v 1.26 2001/10/31 21:55:54 davem Exp $ * * Authors: Alexey Kuznetsov, + * Luca Saiu (simple changes for ghostification + * support). + * Roudiere Jonathan (some display + * and comment for ghostification in rtnetlink functions). * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -47,6 +51,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #ifndef CONFIG_IP_MULTIPLE_TABLES static int __net_init fib4_rules_init(struct net *net) @@ -453,6 +462,11 @@ * Handle IP routing ioctl calls. These are used to manipulate the routing tables */ +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) A function implemented in net/core/dev.c */ +int is_a_ghost_interface_name(const char *interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + int ip_rt_ioctl(struct net *net, unsigned int cmd, void __user *arg) { struct fib_config cfg; @@ -467,6 +481,22 @@ if (copy_from_user(&rt, arg, sizeof(rt))) return -EFAULT; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Forbid any action involving a ghost interface */ + if (rt.rt_dev != (char __user*)NULL) { + /* We need to have this name in kernel space to check + for ghostification: */ + char interface_name[1000]; /* [IFNAMSIZ+1] is certainly sufficient */ + if(copy_from_user(interface_name, rt.rt_dev, IFNAMSIZ + 1)) + return -EFAULT; + if(is_a_ghost_interface_name(interface_name)) { + ghost_ptk("The user aked to add a route involving the " + "ghost interface %s. We make this operation fail", + interface_name); + return -ENODEV; + } + } +#endif /* CONFIG_GHOSTIFICATION */ rtnl_lock(); err = rtentry_to_fib_config(net, cmd, &rt, &cfg); @@ -475,12 +505,18 @@ if (cmd == SIOCDELRT) { tb = fib_get_table(net, cfg.fc_table); + /* (ghost support) The function pointed by tb->tb_delete was + also modified to deal with ghost interfaces. Such function + may be either fn_hash_delete() or fn_trie_delete() */ if (tb) err = tb->tb_delete(tb, &cfg); else err = -ESRCH; } else { tb = fib_new_table(net, cfg.fc_table); + /* (ghost support) The function pointed by tb->tb_insert was + also modified to deal with ghost interfaces. Such function + may be either fn_hash_insert() or fn_trie_insert() */ if (tb) err = tb->tb_insert(tb, &cfg); else @@ -587,6 +623,16 @@ struct fib_table *tb; int err; + /* + * (ghost support) add infos for patch devel, we don't modify + * inet_rtm_newroute but instead functions pointed by tb->tb_delete, + * either fn_hash_delete() (in fib_hash.c) or fn_trie_delete() + * (in fib_trie.c) + */ + ghost_develmsg(" nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i " + "and nlh->nlmsg_type = %i", nlh->nlmsg_pid, + nlh->nlmsg_seq, nlh->nlmsg_type); + err = rtm_to_fib_config(net, skb, nlh, &cfg); if (err < 0) goto errout; @@ -609,6 +655,16 @@ struct fib_table *tb; int err; + /* + * (ghost support) add infos for patch devel, we don't modify + * inet_rtm_newroute but instead function pointed by tb->tb_insert, + * either fn_hash_insert() (in fib_hash.c) or fn_trie_insert() + * (in fib_trie.c) + */ + ghost_develmsg(" nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i " + "and nlh->nlmsg_type = %i", nlh->nlmsg_pid, + nlh->nlmsg_seq, nlh->nlmsg_type); + err = rtm_to_fib_config(net, skb, nlh, &cfg); if (err < 0) goto errout; @@ -624,6 +680,12 @@ return err; } +/* + * (ghost support) Fonction called through rtnetlink to dump + * all routes, we don't change anythings here, changes have + * been made in fib_semantics.c (in fib_dump_info which is + * called by fib_trie and fib_hash). + */ static int inet_dump_fib(struct sk_buff *skb, struct netlink_callback *cb) { struct net *net = sock_net(skb->sk); @@ -636,7 +698,7 @@ if (nlmsg_len(cb->nlh) >= sizeof(struct rtmsg) && ((struct rtmsg *) nlmsg_data(cb->nlh))->rtm_flags & RTM_F_CLONED) - return ip_rt_dump(skb, cb); + return ip_rt_dump(skb, cb); /* (ghost support) need modify this func */ s_h = cb->args[0]; s_e = cb->args[1]; @@ -661,6 +723,9 @@ cb->args[1] = e; cb->args[0] = h; + /* (ghost support) Length returned can be changed by + fib_dump_info when a route of a ghositifed iface is + lookup (skb length may be abnormal, diff of mod(240)) */ return skb->len; } diff -rNuad linux-source-2.6.26/net/ipv4/fib_hash.c linux-source-2.6.26-ghost/net/ipv4/fib_hash.c --- linux-source-2.6.26/net/ipv4/fib_hash.c 2008-07-13 21:51:29.000000000 +0000 +++ linux-source-2.6.26-ghost/net/ipv4/fib_hash.c 2009-11-29 18:44:01.000000000 +0000 @@ -8,6 +8,11 @@ * Version: $Id: fib_hash.c,v 1.13 2001/10/31 21:55:54 davem Exp $ * * Authors: Alexey Kuznetsov, + * Luca Saiu (simple changes for ghostification + * support). + * Roudiere Jonathan (bugfixes, + * forgetting ghost support in the function fn_hash_insert, bad + * field check in fib_seq_show). * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -43,6 +48,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "fib_lookup.h" static struct kmem_cache *fn_hash_kmem __read_mostly; @@ -399,6 +409,18 @@ if (IS_ERR(fi)) return PTR_ERR(fi); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for route involving + ghostified interface, current funct is pointed by tb->tb_insert */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + if (fz->fz_nent > (fz->fz_divisor<<1) && fz->fz_divisor < FZ_MAX_DIVISOR && (cfg->fc_dst_len == 32 || @@ -582,7 +604,17 @@ fa = list_entry(fa->fa_list.prev, struct fib_alias, fa_list); list_for_each_entry_continue(fa, &f->fn_alias, fa_list) { struct fib_info *fi = fa->fa_info; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for route involving + ghostified interface, current funct is pointed by tb->tb_delete */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ if (fa->fa_tos != cfg->fc_tos) break; @@ -1024,19 +1056,39 @@ prefix = f->fn_key; mask = FZ_MASK(iter->zone); flags = fib_flag_trans(fa->fa_type, mask, fi); - if (fi) + if (fi) + { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't display any informations about + ghostified interfaces under /proc/net/route, bf */ + if (! is_a_ghost_interface_name((const char*)fi->fib_dev->name)) + { + ghost_ptk("Don't display routes for a ghostified " + "interface (%s) /proc/net/route", + (const char*)fi->fib_dev->name); + seq_printf(seq, + "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", prefix, + fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, + mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); + } +#else seq_printf(seq, - "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", - fi->fib_dev ? fi->fib_dev->name : "*", prefix, - fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, - mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), - fi->fib_window, - fi->fib_rtt >> 3, &len); - else + "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", prefix, + fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, + mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); +#endif /* CONFIG_GHOSTIFICATION */ + } + else { seq_printf(seq, - "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", - prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); - + "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); + } seq_printf(seq, "%*s\n", 127 - len, ""); out: return 0; diff -rNuad linux-source-2.6.26/net/ipv4/fib_semantics.c linux-source-2.6.26-ghost/net/ipv4/fib_semantics.c --- linux-source-2.6.26/net/ipv4/fib_semantics.c 2008-07-13 21:51:29.000000000 +0000 +++ linux-source-2.6.26-ghost/net/ipv4/fib_semantics.c 2009-11-29 18:44:01.000000000 +0000 @@ -13,6 +13,9 @@ * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. + * Changes: + * Roudiere Jonathan trivial + * change for ghostification. */ #include @@ -45,6 +48,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "fib_lookup.h" static DEFINE_SPINLOCK(fib_info_lock); @@ -955,6 +963,23 @@ if (nlh == NULL) return -EMSGSIZE; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) function call by fib_trie and fib_hash to dump route, + * in most case we won't arrive here with usertools (like iproute), because + * modification in rtnl_dump_ifinfo hide iface and modif here may be not really + * proper because put abnormal length in the skb->len return by inet_dump_fib + * (used without error..) if pid != 0 then user talks else that is the kernel; + */ + if (pid != 0) + if (is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Try to get route about ghost iface (%s), skip", + fi->fib_dev->name); + /* return -EMSGSIZE; don't use this because that stops evaluation */ + return nlmsg_end(skb, nlh); + } +#endif /* CONFIG_GHOSTIFICATION */ + rtm = nlmsg_data(nlh); rtm->rtm_family = AF_INET; rtm->rtm_dst_len = dst_len; diff -rNuad linux-source-2.6.26/net/ipv4/fib_trie.c linux-source-2.6.26-ghost/net/ipv4/fib_trie.c --- linux-source-2.6.26/net/ipv4/fib_trie.c 2008-07-13 21:51:29.000000000 +0000 +++ linux-source-2.6.26-ghost/net/ipv4/fib_trie.c 2009-11-29 18:44:01.000000000 +0000 @@ -12,6 +12,12 @@ * * Hans Liss Uppsala Universitet * + * Luca Saiu (simple changes for ghostification + * support) + * Roudiere Jonathan (bugfixes, + * forgetting ghost support in the function fn_trie_insert, bad + * field check in fib_route_seq_show). + * * This work is based on the LPC-trie which is originally descibed in: * * An experimental study of compression methods for dynamic tries @@ -82,6 +88,11 @@ #include #include "fib_lookup.h" +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define MAX_STAT_DEPTH 32 #define KEYLENGTH (8*sizeof(t_key)) @@ -1197,6 +1208,18 @@ goto err; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for + route involving ghostified interface */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + l = fib_find_node(t, key); fa = NULL; @@ -1625,7 +1648,17 @@ fa = list_entry(fa->fa_list.prev, struct fib_alias, fa_list); list_for_each_entry_continue(fa, fa_head, fa_list) { struct fib_info *fi = fa->fa_info; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for + route involving ghostified interface */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ if (fa->fa_tos != tos) break; @@ -2603,7 +2636,28 @@ || fa->fa_type == RTN_MULTICAST) continue; - if (fi) + if (fi) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't display any informations about + ghostified interfaces under /proc/net/route, bf */ + if (! is_a_ghost_interface_name((const char*)fi->fib_dev->name)) { + ghost_ptk("Don't display routes for a ghostified " + "interface (%s) in /proc/net/route", + (const char*)fi->fib_dev->name); + seq_printf(seq, + "%s\t%08X\t%08X\t%04X\t%d\t%u\t" + "%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", + prefix, + fi->fib_nh->nh_gw, flags, 0, 0, + fi->fib_priority, + mask, + (fi->fib_advmss ? + fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); + } +#else seq_printf(seq, "%s\t%08X\t%08X\t%04X\t%d\t%u\t" "%d\t%08X\t%d\t%u\t%u%n", @@ -2616,13 +2670,14 @@ fi->fib_advmss + 40 : 0), fi->fib_window, fi->fib_rtt >> 3, &len); - else +#endif /* CONFIG_GHOSTIFICATION */ + } else { seq_printf(seq, "*\t%08X\t%08X\t%04X\t%d\t%u\t" "%d\t%08X\t%d\t%u\t%u%n", prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); - + } seq_printf(seq, "%*s\n", 127 - len, ""); } } diff -rNuad linux-source-2.6.26/net/ipv4/igmp.c linux-source-2.6.26-ghost/net/ipv4/igmp.c --- linux-source-2.6.26/net/ipv4/igmp.c 2008-07-13 21:51:29.000000000 +0000 +++ linux-source-2.6.26-ghost/net/ipv4/igmp.c 2009-11-29 18:44:01.000000000 +0000 @@ -70,6 +70,8 @@ * Alexey Kuznetsov: Accordance to igmp-v2-06 draft. * David L Stevens: IGMPv3 support, with help from * Vinay Kulkarni + * Luca Saiu : trivial changes for ghostification + * support */ #include @@ -107,6 +109,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define IP_MAX_MEMBERSHIPS 20 #define IP_MAX_MSF 10 @@ -2415,8 +2422,18 @@ #endif if (state->in_dev->mc_list == im) { - seq_printf(seq, "%d\t%-10s: %5d %7s\n", - state->dev->ifindex, state->dev->name, state->dev->mc_count, querier); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if(! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, "%d\t%-10s: %5d %7s\n", state->dev->ifindex, + state->dev->name, state->dev->mc_count, querier); + } +#else + seq_printf(seq, "%d\t%-10s: %5d %7s\n", state->dev->ifindex, + state->dev->name, state->dev->mc_count, querier); +#endif /* CONFIG_GHOSTIFICATION */ } seq_printf(seq, @@ -2576,14 +2593,30 @@ "Device", "MCA", "SRC", "INC", "EXC"); } else { - seq_printf(seq, - "%3d %6.6s 0x%08x " - "0x%08x %6lu %6lu\n", - state->dev->ifindex, state->dev->name, - ntohl(state->im->multiaddr), - ntohl(psf->sf_inaddr), - psf->sf_count[MCAST_INCLUDE], - psf->sf_count[MCAST_EXCLUDE]); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if (! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp information in /proc " + "about ghostified interfaces (2)."); + seq_printf(seq, + "%3d %6.6s 0x%08x " + "0x%08x %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + ntohl(state->im->multiaddr), + ntohl(psf->sf_inaddr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); + } +#else + seq_printf(seq, + "%3d %6.6s 0x%08x " + "0x%08x %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + ntohl(state->im->multiaddr), + ntohl(psf->sf_inaddr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; } diff -rNuad linux-source-2.6.26/net/ipv4/route.c linux-source-2.6.26-ghost/net/ipv4/route.c --- linux-source-2.6.26/net/ipv4/route.c 2008-07-13 21:51:29.000000000 +0000 +++ linux-source-2.6.26-ghost/net/ipv4/route.c 2009-11-29 18:44:01.000000000 +0000 @@ -57,6 +57,9 @@ * Eric Dumazet : hashed spinlocks and rt_check_expire() fixes. * Ilia Sotnikov : Ignore TOS on PMTUD and Redirect * Ilia Sotnikov : Removed TOS from hash calculations + * Luca Saiu : trivial changes for ghostification support + * Roudiere Jonathan : ghost support to rtnetlink + * function, ghost bugfix (field) in rt_cache_seq_show * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -110,6 +113,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define RT_FL_TOS(oldflp) \ ((u32)(oldflp->fl4_tos & (IPTOS_RT_MASK | RTO_ONLINK))) @@ -366,6 +374,14 @@ "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t" "HHUptod\tSpecDst"); else { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Dont't display informations about ghost ifaces, bf */ + if(is_a_ghost_interface_name((const char*)((struct rtable*)v)->u.dst.dev->name)) { + ghost_ptk("Don't display routing informations about ghost interface (%s)", + ((const char*)((struct rtable*)v)->u.dst.dev->name)); + return 0; + } +#endif /* CONFIG_GHOSTIFICATION */ struct rtable *r = v; int len; @@ -383,11 +399,11 @@ r->fl.fl4_tos, r->u.dst.hh ? atomic_read(&r->u.dst.hh->hh_refcnt) : -1, r->u.dst.hh ? (r->u.dst.hh->hh_output == - dev_queue_xmit) : 0, + dev_queue_xmit) : 0, r->rt_spec_dst, &len); seq_printf(seq, "%*s\n", 127 - len, ""); - } + } return 0; } @@ -2632,8 +2648,13 @@ r->rtm_src_len = 32; NLA_PUT_BE32(skb, RTA_SRC, rt->fl.fl4_src); } - if (rt->u.dst.dev) + if (rt->u.dst.dev) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) */ + ghost_develmsg("Net device is = %s ",rt->u.dst.dev->name); +#endif NLA_PUT_U32(skb, RTA_OIF, rt->u.dst.dev->ifindex); + } #ifdef CONFIG_NET_CLS_ROUTE if (rt->u.dst.tclassid) NLA_PUT_U32(skb, RTA_FLOW, rt->u.dst.tclassid); @@ -2716,7 +2737,7 @@ err = -ENOBUFS; goto errout; } - + /* Reserve room for dummy headers, this skb can pass through good chunk of routing engine. */ @@ -2738,6 +2759,17 @@ if (dev == NULL) { err = -ENODEV; goto errout_free; + +#ifdef CONFIG_GHOSTIFICATION + ghost_debugmsg("Net device is %s ", dev->name); + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get a route involving a ghostified " + "interface (%s), skip", dev->name); + err = -ENODEV; + goto errout_free; + } +#endif /* CONFIG_GHOSTIFICATION */ } skb->protocol = htons(ETH_P_IP); @@ -2763,13 +2795,31 @@ err = ip_route_output_key(net, &rt, &fl); } - if (err) + if (err) { goto errout_free; + } skb->rtable = rt; if (rtm->rtm_flags & RTM_F_NOTIFY) rt->rt_flags |= RTCF_NOTIFY; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't allow get ops for route + involving a ghostified interface, unnecessary test ..(rt) */ + if (rt) { + if (rt->u.dst.dev) { + ghost_debugmsg("Net device is %s ",rt->u.dst.dev->name); + if (is_a_ghost_interface_name(rt->u.dst.dev->name)) { + ghost_ptk("Try to get a route involving a ghostified " + "interface (%s), skip", + rt->u.dst.dev->name); + err = -ENETUNREACH; + goto errout_free; + } + } + } +#endif /* CONFIG_GHOSTIFICATION */ + err = rt_fill_info(skb, NETLINK_CB(in_skb).pid, nlh->nlmsg_seq, RTM_NEWROUTE, 0, 0); if (err <= 0) @@ -2784,6 +2834,8 @@ goto errout; } +/* (ghost support) maybe it will be necessary to modify +this func which is call in fib_frontend.c */ int ip_rt_dump(struct sk_buff *skb, struct netlink_callback *cb) { struct rtable *rt; diff -rNuad linux-source-2.6.26/net/ipv6/Kconfig linux-source-2.6.26-ghost/net/ipv6/Kconfig --- linux-source-2.6.26/net/ipv6/Kconfig 2008-07-13 21:51:29.000000000 +0000 +++ linux-source-2.6.26-ghost/net/ipv6/Kconfig 2009-11-29 18:44:01.000000000 +0000 @@ -4,8 +4,8 @@ # IPv6 as module will cause a CRASH if you try to unload it menuconfig IPV6 - tristate "The IPv6 protocol" - default m + bool "The IPv6 protocol" + default y ---help--- This is complemental support for the IP version 6. You will still be able to do traditional IPv4 networking as well. @@ -16,6 +16,10 @@ For specific information about IPv6 under Linux, read the HOWTO at . + Ghostification notes: + ===================== + IPV6 can not be built in module with ghost support. + To compile this protocol support as a module, choose M here: the module will be called ipv6. @@ -68,7 +72,7 @@ If unsure, say N. config INET6_AH - tristate "IPv6: AH transformation" + bool "IPv6: AH transformation" select XFRM select CRYPTO select CRYPTO_HMAC @@ -80,7 +84,7 @@ If unsure, say Y. config INET6_ESP - tristate "IPv6: ESP transformation" + bool "IPv6: ESP transformation" select XFRM select CRYPTO select CRYPTO_AUTHENC @@ -95,7 +99,7 @@ If unsure, say Y. config INET6_IPCOMP - tristate "IPv6: IPComp transformation" + bool "IPv6: IPComp transformation" select XFRM select INET6_XFRM_TUNNEL select CRYPTO @@ -107,7 +111,7 @@ If unsure, say Y. config IPV6_MIP6 - tristate "IPv6: Mobility (EXPERIMENTAL)" + bool "IPv6: Mobility (EXPERIMENTAL)" depends on EXPERIMENTAL select XFRM ---help--- @@ -116,16 +120,16 @@ If unsure, say N. config INET6_XFRM_TUNNEL - tristate + bool select INET6_TUNNEL default n config INET6_TUNNEL - tristate + bool default n config INET6_XFRM_MODE_TRANSPORT - tristate "IPv6: IPsec transport mode" + bool "IPv6: IPsec transport mode" default IPV6 select XFRM ---help--- @@ -134,7 +138,7 @@ If unsure, say Y. config INET6_XFRM_MODE_TUNNEL - tristate "IPv6: IPsec tunnel mode" + bool "IPv6: IPsec tunnel mode" default IPV6 select XFRM ---help--- @@ -143,7 +147,7 @@ If unsure, say Y. config INET6_XFRM_MODE_BEET - tristate "IPv6: IPsec BEET mode" + bool "IPv6: IPsec BEET mode" default IPV6 select XFRM ---help--- @@ -152,14 +156,14 @@ If unsure, say Y. config INET6_XFRM_MODE_ROUTEOPTIMIZATION - tristate "IPv6: MIPv6 route optimization mode (EXPERIMENTAL)" + bool "IPv6: MIPv6 route optimization mode (EXPERIMENTAL)" depends on EXPERIMENTAL select XFRM ---help--- Support for MIPv6 route optimization mode. config IPV6_SIT - tristate "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" + bool "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" select INET_TUNNEL select IPV6_NDISC_NODETYPE default y @@ -176,7 +180,7 @@ bool config IPV6_TUNNEL - tristate "IPv6: IP-in-IPv6 tunnel (RFC2473)" + bool "IPv6: IP-in-IPv6 tunnel (RFC2473)" select INET6_TUNNEL ---help--- Support for IPv6-in-IPv6 and IPv4-in-IPv6 tunnels described in diff -rNuad linux-source-2.6.26/net/ipv6/addrconf.c linux-source-2.6.26-ghost/net/ipv6/addrconf.c --- linux-source-2.6.26/net/ipv6/addrconf.c 2009-08-19 05:15:09.000000000 +0000 +++ linux-source-2.6.26-ghost/net/ipv6/addrconf.c 2009-11-29 18:44:01.000000000 +0000 @@ -38,6 +38,9 @@ * YOSHIFUJI Hideaki @USAGI : improved source address * selection; consider scope, * status etc. + * Luca Saiu : ghostification support + * Roudiere Jonathan : ghost + * modify functions using (rt)netlink */ #include @@ -82,6 +85,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include #include @@ -429,6 +437,86 @@ return idev; } +/* + * (ghost support) Support to hide snmp6 proc infos. + */ +#ifdef CONFIG_GHOSTIFICATION +/* Utility procedure, needed for {show,hide}_proc_net_dev_snmp6_DEVICE_if_needed(). + Return a pointer to a valid inet6_dev structure on success, NULL on failure: */ +static struct inet6_dev* lookup_snmp6_device(const char *interface_name) +{ + struct net_device *device; + struct inet6_dev *idev; + + /* Lookup the device by name, obtaining an inet6_dev structure: */ + device = dev_get_by_name(&init_net, interface_name); + if(device == NULL) + return NULL; + rtnl_lock(); + idev = ipv6_find_idev(device); + rtnl_unlock(); + return idev; +} + +/* These are defined in net/ipv6/proc.c: */ +extern struct proc_dir_entry *proc_net_devsnmp6; +extern struct file_operations snmp6_seq_fops; + +/* Remove the virtual file /proc/net/dev_snmp6/DEVICE, unless + it's already hidden. Return 0 on success, nonzero on error: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name) +{ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + ghost_ptk("Hiding /proc/net/dev_snmp6/%s...", interface_name); + if(idev == NULL) /* lookup failed */ + return -EINVAL; + + /* Remove the proc/ entry, if any. If there was no entry + then remove_proc_entry() will fail, but it's ok for us: */ +#ifdef CONFIG_PROC_FS + if (!proc_net_devsnmp6) + return -ENOENT; + if (idev->stats.proc_dir_entry == NULL) + return -EINVAL; + remove_proc_entry(interface_name, proc_net_devsnmp6); +#endif /* CONFIG_PROC_FS */ + return 0; + //return snmp6_unregister_dev(idev); +} + +/* Create the virtual file /proc/net/dev_snmp6/DEVICE, unless + it's already shown. Return 0 on success, nonzero on error: */ +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name) +{ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + struct proc_dir_entry *proc_directory_entry; + ghost_ptk("Showing /proc/net/dev_snmp6/%s...", + interface_name); + if(idev == NULL) /* lookup failed */ + return -EINVAL; + if(idev->dev == NULL) /* I doubt this may happen... */ + return -EINVAL; +#ifdef CONFIG_PROC_FS + if(!proc_net_devsnmp6) /* there isn't any /proc/net/dev_snmp6 */ + return -ENOENT; + if((proc_directory_entry = create_proc_entry(interface_name, + S_IRUGO, proc_net_devsnmp6)) == NULL) + return -ENOMEM; + proc_directory_entry->data = idev; + proc_directory_entry->proc_fops = &snmp6_seq_fops; + idev->stats.proc_dir_entry = proc_directory_entry; +#endif /* CONFIG_PROC_FS */ + return 0; + /* return snmp6_register_dev(idev); */ +} +EXPORT_SYMBOL(show_proc_net_dev_snmp6_DEVICE_if_needed); +EXPORT_SYMBOL(hide_proc_net_dev_snmp6_DEVICE_if_needed); +#endif /* CONFIG_GHOSTIFICATION */ + +/* + * End of ghostification support + */ + #ifdef CONFIG_SYSCTL static void dev_forward_change(struct inet6_dev *idev) { @@ -2097,6 +2185,10 @@ return PTR_ERR(ifp); } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_addr_del(struct net *net, int ifindex, struct in6_addr *pfx, unsigned int plen) { @@ -2111,6 +2203,15 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to delete address on a ghostified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + if ((idev = __in6_dev_get(dev)) == NULL) return -ENXIO; @@ -2934,6 +3035,23 @@ static int if6_seq_show(struct seq_file *seq, void *v) { struct inet6_ifaddr *ifp = (struct inet6_ifaddr *)v; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information about ghost interfaces */ + if (is_a_ghost_interface_name(ifp->idev->dev->name)) { + ghost_ptk("Don't show informations about a ghostified " + "interface (%s) under /proc.", + ifp->idev->dev->name); + } else { + seq_printf(seq, + NIP6_SEQFMT " %02x %02x %02x %02x %8s\n", + NIP6(ifp->addr), + ifp->idev->dev->ifindex, + ifp->prefix_len, + ifp->scope, + ifp->flags, + ifp->idev->dev->name); + } +#else seq_printf(seq, NIP6_SEQFMT " %02x %02x %02x %02x %8s\n", NIP6(ifp->addr), @@ -2942,6 +3060,8 @@ ifp->scope, ifp->flags, ifp->idev->dev->name); +#endif /* CONFIG_GHOSTIFICATION */ + return 0; } @@ -3149,6 +3269,10 @@ [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) }, }; +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { @@ -3166,7 +3290,9 @@ pfx = extract_addr(tb[IFA_ADDRESS], tb[IFA_LOCAL]); if (pfx == NULL) return -EINVAL; - + /* (ghost support) we could/should stop here a request involving a + ghostified interface but inet6_addr_del already do a part of our work + (get dev etc ..) so instead we modify inet6_addr_del */ return inet6_addr_del(net, ifm->ifa_index, pfx, ifm->ifa_prefixlen); } @@ -3215,6 +3341,10 @@ return 0; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { @@ -3252,6 +3382,15 @@ if (dev == NULL) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to add a address to a ghostified interface (%s). Failing.", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + /* We ignore other flags so far. */ ifa_flags = ifm->ifa_flags & (IFA_F_NODAD | IFA_F_HOMEADDRESS); @@ -3417,6 +3556,12 @@ ANYCAST_ADDR, }; +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc; + * inet6_dump_addr is called by inet6_dump_{ifaddr,ifmcaddr,ifacaddr} + * and call the appropriate inet6_fill_* function. + */ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb, enum addr_type_t type) { @@ -3442,6 +3587,17 @@ ip_idx = 0; if ((idev = in6_dev_get(dev)) == NULL) goto cont; + +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get infos about addresses of a ghostified interface (%s), skip.", + dev->name); + goto cont; + /* return -ENODEV; don't use it */ + } +#endif /* CONFIG_GHOSTIFICATION */ + read_lock_bh(&idev->lock); switch (type) { case UNICAST_ADDR: @@ -3513,7 +3669,6 @@ return inet6_dump_addr(skb, cb, type); } - static int inet6_dump_ifacaddr(struct sk_buff *skb, struct netlink_callback *cb) { enum addr_type_t type = ANYCAST_ADDR; @@ -3521,6 +3676,10 @@ return inet6_dump_addr(skb, cb, type); } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_getaddr(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) { @@ -3547,6 +3706,17 @@ if (ifm->ifa_index) dev = __dev_get_by_index(net, ifm->ifa_index); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (dev) { + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get address of a ghostified interface (%s), skip.", + dev->name); + return -ENODEV; + } + } +#endif /* CONFIG_GHOSTIFICATION */ + if ((ifa = ipv6_get_ifaddr(net, addr, dev, 1)) == NULL) { err = -EADDRNOTAVAIL; goto errout; @@ -3752,6 +3922,10 @@ return -EMSGSIZE; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb) { struct net *net = sock_net(skb->sk); @@ -3763,6 +3937,14 @@ read_lock(&dev_base_lock); idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to dump address infos about a ghostified interface (%s), skip.", + dev->name); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if ((idev = in6_dev_get(dev)) == NULL) @@ -3790,7 +3972,6 @@ skb = nlmsg_new(inet6_if_nlmsg_size(), GFP_ATOMIC); if (skb == NULL) goto errout; - err = inet6_fill_ifinfo(skb, idev, 0, 0, event, 0); if (err < 0) { /* -EMSGSIZE implies BUG in inet6_if_nlmsg_size() */ diff -rNuad linux-source-2.6.26/net/ipv6/ip6_fib.c linux-source-2.6.26-ghost/net/ipv6/ip6_fib.c --- linux-source-2.6.26/net/ipv6/ip6_fib.c 2009-08-19 05:15:09.000000000 +0000 +++ linux-source-2.6.26-ghost/net/ipv6/ip6_fib.c 2009-11-29 18:44:01.000000000 +0000 @@ -277,6 +277,8 @@ #endif +/* (ghost support) iterate on net device, don't modify this function, +we can return ENODEV here, user-space tools (as ip) dump iface list before */ static int fib6_dump_node(struct fib6_walker_t *w) { int res; @@ -318,7 +320,6 @@ { struct fib6_walker_t *w; int res; - w = (void *)cb->args[2]; w->root = &table->tb6_root; diff -rNuad linux-source-2.6.26/net/ipv6/mcast.c linux-source-2.6.26-ghost/net/ipv6/mcast.c --- linux-source-2.6.26/net/ipv6/mcast.c 2008-07-13 21:51:29.000000000 +0000 +++ linux-source-2.6.26-ghost/net/ipv6/mcast.c 2009-11-29 18:44:01.000000000 +0000 @@ -26,6 +26,10 @@ * - MLD for link-local addresses. * David L Stevens : * - MLDv2 support + * Luca Saiu : + * - trivial changes for ghostification support + * Roudiere Jonathan + * - trivial changes to correct an forgetting */ #include @@ -63,6 +67,11 @@ #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Set to 3 to get tracing... */ #define MCAST_DEBUG 2 @@ -2436,6 +2445,20 @@ struct ifmcaddr6 *im = (struct ifmcaddr6 *)v; struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information about ghost interfaces */ + if(! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp6 information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, + "%-4d %-15s " NIP6_SEQFMT " %5d %08X %ld\n", + state->dev->ifindex, state->dev->name, + NIP6(im->mca_addr), + im->mca_users, im->mca_flags, + (im->mca_flags&MAF_TIMER_RUNNING) ? + jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); + } +#else seq_printf(seq, "%-4d %-15s " NIP6_SEQFMT " %5d %08X %ld\n", state->dev->ifindex, state->dev->name, @@ -2443,6 +2466,7 @@ im->mca_users, im->mca_flags, (im->mca_flags&MAF_TIMER_RUNNING) ? jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); +#endif /* CONFIG_GHOSTIFICATION */ return 0; } @@ -2597,6 +2621,20 @@ "Device", "Multicast Address", "Source Address", "INC", "EXC"); } else { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if (! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp6 information in /proc" + " about ghostified interfaces (2)."); + seq_printf(seq, + "%3d %6.6s " NIP6_SEQFMT " " NIP6_SEQFMT " %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + NIP6(state->im->mca_addr), + NIP6(psf->sf_addr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); + } +#else seq_printf(seq, "%3d %6.6s " NIP6_SEQFMT " " NIP6_SEQFMT " %6lu %6lu\n", state->dev->ifindex, state->dev->name, @@ -2604,6 +2642,7 @@ NIP6(psf->sf_addr), psf->sf_count[MCAST_INCLUDE], psf->sf_count[MCAST_EXCLUDE]); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; } diff -rNuad linux-source-2.6.26/net/ipv6/proc.c linux-source-2.6.26-ghost/net/ipv6/proc.c --- linux-source-2.6.26/net/ipv6/proc.c 2008-07-13 21:51:29.000000000 +0000 +++ linux-source-2.6.26-ghost/net/ipv6/proc.c 2009-11-29 18:44:01.000000000 +0000 @@ -11,6 +11,8 @@ * * Authors: David S. Miller (davem@caip.rutgers.edu) * YOSHIFUJI Hideaki + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -31,7 +33,19 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + +/* (ghost support) We don't want this to be static, as it has to + be read at ghostifying and unghostifying time */ +#ifdef CONFIG_GHOSTIFICATION +struct proc_dir_entry *proc_net_devsnmp6; +EXPORT_SYMBOL(proc_net_devsnmp6); +#else static struct proc_dir_entry *proc_net_devsnmp6; +#endif /* CONFIG_GHOSTIFICATION */ static int sockstat6_seq_show(struct seq_file *seq, void *v) { @@ -226,6 +240,18 @@ return single_open(file, snmp6_seq_show, PDE(inode)->data); } +/* (ghost support) This was originally static, +but we need to make it visible */ +#ifdef CONFIG_GHOSTIFICATION +struct file_operations snmp6_seq_fops = { + .owner = THIS_MODULE, + .open = snmp6_seq_open, + .read = seq_read, + .llseek = seq_lseek, + .release = single_release, +}; +EXPORT_SYMBOL(snmp6_seq_fops); +#else static const struct file_operations snmp6_seq_fops = { .owner = THIS_MODULE, .open = snmp6_seq_open, @@ -233,6 +259,7 @@ .llseek = seq_lseek, .release = single_release, }; +#endif /* CONFIG_GHOSTIFICATION */ int snmp6_register_dev(struct inet6_dev *idev) { diff -rNuad linux-source-2.6.26/net/ipv6/route.c linux-source-2.6.26-ghost/net/ipv6/route.c --- linux-source-2.6.26/net/ipv6/route.c 2009-08-19 05:15:10.000000000 +0000 +++ linux-source-2.6.26-ghost/net/ipv6/route.c 2009-11-29 18:44:01.000000000 +0000 @@ -24,6 +24,10 @@ * reachable. otherwise, round-robin the list. * Ville Nuorvala * Fixed routing subtrees. + * Luca Saiu + * trivial changes for ghostification support + * Roudiere Jonathan + * ghostification support update, modify functions using netlink */ #include @@ -62,6 +66,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Set to 3 to get tracing. */ #define RT6_DEBUG 2 @@ -1053,10 +1062,6 @@ return hoplimit; } -/* - * - */ - int ip6_route_add(struct fib6_config *cfg) { int err; @@ -1768,6 +1773,8 @@ struct in6_rtmsg rtmsg; int err; + /* (ghost support) don't make any change, changes + have been made later for ioctl request */ switch(cmd) { case SIOCADDRT: /* Add a route */ case SIOCDELRT: /* Delete a route */ @@ -2064,9 +2071,34 @@ struct fib6_config cfg; int err; - err = rtm_to_fib6_config(skb, nlh, &cfg); - if (err < 0) - return err; +#ifdef CONFIG_GHOSTIFICATION + struct net *net = NULL; + struct net_device *dev = NULL; + + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; + + /* (ghost support) get the net struct through sock struct */ + net = sock_net(skb->sk); + if(!net) + return ip6_route_del(&cfg); /* do that or exit on error ... */ + /* (ghost support) get the net_device struct through fib6_config */ + dev = dev_get_by_index(net, cfg.fc_ifindex); + if(!dev) + return ip6_route_del(&cfg); /* do that or exit on error ... */ + /* (ghost support) ok we know the device name so if it + is a ghostified interface, return device not exist */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to del route involving a ghostified interface (%s). Failing", + dev->name); + return -ENODEV; + } +#else + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; +#endif /* CONFIG_GHOSTIFICATION */ return ip6_route_del(&cfg); } @@ -2076,9 +2108,34 @@ struct fib6_config cfg; int err; +#ifdef CONFIG_GHOSTIFICATION + struct net *net = NULL; + struct net_device *dev = NULL; + err = rtm_to_fib6_config(skb, nlh, &cfg); if (err < 0) return err; + + /* (ghost support) get the net struct through sock struct */ + net = sock_net(skb->sk); + if(!net) + return ip6_route_add(&cfg); /* do that or exit on error ... */ + /* (ghost support) get the net_device struct through fib6_config */ + dev = dev_get_by_index(net, cfg.fc_ifindex); + if(!dev) + return ip6_route_add(&cfg); /* do that or exit on error ... */ + /* (ghost support) ok we know the device name so if it is + a ghostified interface, return device not exist */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to add route involving a ghostified interface (%s). Failing.", + dev->name); + return -ENODEV; + } +#else + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; +#endif /* CONFIG_GHOSTIFICATION */ return ip6_route_add(&cfg); } @@ -2109,6 +2166,19 @@ long expires; u32 table; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("rtnetlink msg type %i, pid %i and seq %i", + type, pid, seq); + /* (ghost support) this function is called by by rt6_dump_route, and + inet6_rtm_get_route and inet6_rt_notify, test if it is a kernel request*/ + if (rt->rt6i_dev->name) + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Try to get/notify route infos about a " + "ghostified interface (%s), skip.", + rt->rt6i_dev->name); + return 1; + } +#endif /* CONFIG_GHOSTIFICATION */ if (prefix) { /* user wants prefix routes only */ if (!(rt->rt6i_flags & RTF_PREFIX_RT)) { /* success since this is not a prefix route */ @@ -2216,10 +2286,26 @@ return -EMSGSIZE; } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc, + */ int rt6_dump_route(struct rt6_info *rt, void *p_arg) { struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg; int prefix; + +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg(" rtnetlink mesg %i, pid %i and seq %i", + arg->cb->nlh->nlmsg_type, arg->cb->nlh->nlmsg_pid, arg->cb->nlh->nlmsg_seq); + /* if (rt->rt6i_dev) + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Try to dump route infos about a ghostified interface (%s), skip", + rt->rt6i_dev->name); + return -ENODEV; errro maybe come from here, modify instead + rt6_fill_node which has multiple callers + } */ +#endif /* CONFIG_GHOSTIFICATION */ if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) { struct rtmsg *rtm = nlmsg_data(arg->cb->nlh); @@ -2233,6 +2319,8 @@ prefix, 0, NLM_F_MULTI); } +/* (ghost support) Don't make changes here, function +rt6_fill_node has been modified instead */ static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) { struct net *net = sock_net(in_skb->sk); @@ -2377,6 +2465,18 @@ { struct seq_file *m = p_arg; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Do nothing if this route involves a + ghostified interface */ + if(rt->rt6i_dev != NULL) /* can't use &&: evaluation order is undefined */ + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Don't show any informations under /proc/net" + "involving a ghostified interface (%s)", + rt->rt6i_dev->name); + return 0; + } +#endif /* CONFIG_GHOSTIFICATION */ + seq_printf(m, NIP6_SEQFMT " %02x ", NIP6(rt->rt6i_dst.addr), rt->rt6i_dst.plen); diff -rNuad linux-source-2.6.26/net/netfilter/core.c linux-source-2.6.26-ghost/net/netfilter/core.c --- linux-source-2.6.26/net/netfilter/core.c 2008-07-13 21:51:29.000000000 +0000 +++ linux-source-2.6.26-ghost/net/netfilter/core.c 2009-11-29 18:44:01.000000000 +0000 @@ -5,6 +5,8 @@ * way. * * Rusty Russell (C)2000 -- This code is GPL. + * Little change by Jonathan Roudiere to add + * Ghostification support (bypass netfilter for ghost interface). */ #include #include @@ -22,6 +24,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "nf_internals.h" static DEFINE_MUTEX(afinfo_mutex); @@ -59,7 +66,6 @@ { struct nf_hook_ops *elem; int err; - err = mutex_lock_interruptible(&nf_hook_mutex); if (err < 0) return err; @@ -177,7 +183,158 @@ rcu_read_lock(); elem = &nf_hooks[pf][hook]; + next_hook: + /* + * (ghost support) Netfilter ghostification support. + * Perform too much tests here is not a good idea because all + * network packets pass through this section but we have + * not other choice to skip netfilter hooks (per hook). + */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER + /* + * Bypass all Netfilter hooks (for ipv4/6, arp, bridge) for any + * ghostified interface (eq. to return NF_ACCEPT for each packet which + * go through an interface which is ghostified (do that at hook level + * in order to skip all chains's rules hang on the hooks)) + */ + + /* don't use ghost_debugmsg macro in this section + because it may introduce too much delay */ + ghost_develmsg("Enter in hook (pf=%i) (hook=%i) from indev->name = " + "%s to outdev->name = %s", pf, hook, indev->name, outdev->name); + +/* If we wish to skip all netfilter hooks for all PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ALL + /* + * outdev->name field is defined in OUTPUT, FORWARD and POSTROUTING hooks, + * if it is a ghostified interface then we must bypass netfilter hooks + * (and all rules chains), we start here (with outdev) to bypass netfilter's + * hooks in the case where we are in FORWARD. + */ + if ((outdev->name) != NULL) { + if (!is_a_ghost_interface_name(outdev->name)) { + ghost_develmsg("(outdev->name) = %s is not a ghostfied interface", + (outdev->name)); + goto apply_hook; + } else { + ghost_develmsg("(outdev->name) = %s is a ghostfied interface", + (outdev->name)); + ret = 1; + goto unlock; + } + } + /* + * indev->name field is defined in PREROUTING, FORWARD and INPUT hooks, + * if it is a ghostified interface then we must bypass netfilter hooks + * (and all rules chains), if we are in FORWARD hook and outdev/indev->name + * is not a ghostified interface then we can go towards hooks. + */ + if ((indev->name) != NULL) { + if (!is_a_ghost_interface_name(indev->name)) { + ghost_develmsg("(indev->name) = %s is not a ghostfied interface", + (indev->name)); + goto apply_hook; + } else { + ghost_develmsg("(indev->name) = %s is a ghostfied interface", + (indev->name)); + ret = 1; + goto unlock; + } + } + +/* + * If GHOSTIFICATION_NETFILTER_ALL is not defined neither any + * GHOSTIFICATION_NETFILTER_PF then we 'll skip all this code chunk. + * (about performance, choose to skip netfilter just for certains PF + * is the most bad things we can do, but ...) + */ +#elif (defined(CONFIG_GHOSTIFICATION_NETFILTER_IPV4) || defined(CONFIG_GHOSTIFICATION_NETFILTER_IPV6) || \ + defined(CONFIG_GHOSTIFICATION_NETFILTER_ARP) || defined(CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE)) + /* Here we have the same logic as previously (in GHOSTIFICATION_NETFILTER_ALL) + but with the ability to choose what are the PFs that we want to skip */ + if ((outdev->name) != NULL) { + if (!is_a_ghost_interface_name(outdev->name)) { + ghost_develmsg("(outdev->name) = %s is not a ghostfied interface", + (outdev->name)); + goto apply_hook; + } else { + ghost_develmsg("(outdev->name) = %s is a ghostfied interface", + (outdev->name)); + /* start with IPv4, IPv6 because they are the most current PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV4 + if (pf == PF_INET) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV4 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV6 + if (pf == PF_INET6) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV6 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ARP + if (pf == NF_ARP) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_ARP */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE + if (pf == PF_BRIDGE) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE */ + /* We arrive here that is because we are not in a PF + that we wish skip so we apply rules chain (for decnet) */ + goto apply_hook; + } + } + if ((indev->name) != NULL) { + if (!is_a_ghost_interface_name(indev->name)) { + ghost_develmsg("(indev->name) = %s is not a ghostfied interface", + (indev->name)); + goto apply_hook; + } else { + ghost_develmsg("(indev->name) = %s is a ghostfied interface", + (indev->name)); + /* start with IPv4, IPv6 because they are the most current PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV4 + if (pf == PF_INET) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV4 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV6 + if (pf == PF_INET6) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV6 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ARP + if (pf == NF_ARP) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_ARP */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE + if (pf == PF_BRIDGE) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE */ + /* We arrive here that is because we are not in a PF + that we wish skip so we apply rules chain (for decnet) */ + goto apply_hook; + } + } + +#endif /* CONFIG_GHOSTIFICATION_ALL */ +apply_hook: +#endif /* CONFIG_GHOSTIFICATION_NETFILTER */ +/* (ghost support) End of ghostification support */ + verdict = nf_iterate(&nf_hooks[pf][hook], skb, hook, indev, outdev, &elem, okfn, hook_thresh); if (verdict == NF_ACCEPT || verdict == NF_STOP) { diff -rNuad linux-source-2.6.26/net/packet/af_packet.c linux-source-2.6.26-ghost/net/packet/af_packet.c --- linux-source-2.6.26/net/packet/af_packet.c 2008-07-13 21:51:29.000000000 +0000 +++ linux-source-2.6.26-ghost/net/packet/af_packet.c 2009-11-29 18:44:01.000000000 +0000 @@ -41,6 +41,7 @@ * will simply extend the hardware address * byte arrays at the end of sockaddr_ll * and packet_mreq. + * Luca Saiu : Trivial changes for ghostification * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -84,6 +85,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Assumptions: - if device has no dev->hard_header routine, it adds and removes ll header @@ -448,6 +454,18 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Drop packets involving ghost interfaces: + * we don't want the user to be able to sniff them + */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Drop a packet which is going through a ghostified interface (rcv)"); + goto drop; + } +#endif /* CONFIG_GHOSTIFICATION */ + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -565,6 +583,18 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Drop packets involving ghost interfaces: + * we don't want the user to be able to sniff them. + */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Drop a packet which is going through a ghostified interface (trcv)"); + goto drop; + } +#endif /* CONFIG_GHOSTIFICATION */ + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -1900,17 +1930,38 @@ struct sock *s = v; const struct packet_sock *po = pkt_sk(s); +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Don't show packets involving ghost devices + */ + struct net_device *net_device = dev_get_by_index(sock_net(s), po->ifindex); + if(! is_a_ghost_interface_name(net_device->name)) { + ghost_debugmsg("Don't show packets involving ghostified interface"); + seq_printf(seq, + "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", + s, + atomic_read(&s->sk_refcnt), + s->sk_type, + ntohs(po->num), + po->ifindex, + po->running, + atomic_read(&s->sk_rmem_alloc), + sock_i_uid(s), + sock_i_ino(s) ); + } +#else seq_printf(seq, - "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", - s, - atomic_read(&s->sk_refcnt), - s->sk_type, - ntohs(po->num), - po->ifindex, - po->running, - atomic_read(&s->sk_rmem_alloc), - sock_i_uid(s), - sock_i_ino(s) ); + "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", + s, + atomic_read(&s->sk_refcnt), + s->sk_type, + ntohs(po->num), + po->ifindex, + po->running, + atomic_read(&s->sk_rmem_alloc), + sock_i_uid(s), + sock_i_ino(s) ); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/CONFIG-2.6.28_x86_640000644000175000017500000005473513175722671024311 0ustar lucaslucas# # Automatically generated make config: don't edit # Linux kernel version: 2.6.28 # Fri Nov 27 09:58:17 2009 # CONFIG_DEFCONFIG_LIST="arch/$ARCH/defconfig" CONFIG_GENERIC_HARDIRQS=y CONFIG_UML=y CONFIG_MMU=y CONFIG_NO_IOMEM=y # CONFIG_TRACE_IRQFLAGS_SUPPORT is not set CONFIG_LOCKDEP_SUPPORT=y # CONFIG_STACKTRACE_SUPPORT is not set CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_TIME=y CONFIG_GENERIC_CLOCKEVENTS=y CONFIG_IRQ_RELEASE_METHOD=y CONFIG_HZ=100 # # UML-specific options # # # Host processor type and features # # CONFIG_M386 is not set # CONFIG_M486 is not set # CONFIG_M586 is not set # CONFIG_M586TSC is not set # CONFIG_M586MMX is not set # CONFIG_M686 is not set # CONFIG_MPENTIUMII is not set # CONFIG_MPENTIUMIII is not set # CONFIG_MPENTIUMM is not set # CONFIG_MPENTIUM4 is not set # CONFIG_MK6 is not set # CONFIG_MK7 is not set CONFIG_MK8=y # CONFIG_MCRUSOE is not set # CONFIG_MEFFICEON is not set # CONFIG_MWINCHIPC6 is not set # CONFIG_MWINCHIP3D is not set # CONFIG_MGEODEGX1 is not set # CONFIG_MGEODE_LX is not set # CONFIG_MCYRIXIII is not set # CONFIG_MVIAC3_2 is not set # CONFIG_MVIAC7 is not set # CONFIG_MPSC is not set # CONFIG_MCORE2 is not set # CONFIG_GENERIC_CPU is not set CONFIG_X86_CPU=y # CONFIG_X86_CMPXCHG is not set CONFIG_X86_L1_CACHE_SHIFT=6 CONFIG_X86_WP_WORKS_OK=y CONFIG_X86_INTEL_USERCOPY=y CONFIG_X86_USE_PPRO_CHECKSUM=y CONFIG_X86_TSC=y CONFIG_X86_CMOV=y CONFIG_X86_MINIMUM_CPU_FAMILY=3 CONFIG_X86_DEBUGCTLMSR=y CONFIG_CPU_SUP_INTEL=y CONFIG_CPU_SUP_AMD=y CONFIG_CPU_SUP_CENTAUR_64=y # CONFIG_X86_DS is not set CONFIG_UML_X86=y CONFIG_64BIT=y # CONFIG_X86_32 is not set # CONFIG_RWSEM_XCHGADD_ALGORITHM is not set CONFIG_RWSEM_GENERIC_SPINLOCK=y CONFIG_3_LEVEL_PGTABLES=y # CONFIG_ARCH_HAS_SC_SIGNALS is not set # CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA is not set CONFIG_SMP_BROKEN=y CONFIG_GENERIC_HWEIGHT=y # CONFIG_STATIC_LINK is not set CONFIG_SELECT_MEMORY_MODEL=y CONFIG_FLATMEM_MANUAL=y # CONFIG_DISCONTIGMEM_MANUAL is not set # CONFIG_SPARSEMEM_MANUAL is not set CONFIG_FLATMEM=y CONFIG_FLAT_NODE_MEM_MAP=y CONFIG_PAGEFLAGS_EXTENDED=y CONFIG_SPLIT_PTLOCK_CPUS=4 CONFIG_RESOURCES_64BIT=y CONFIG_PHYS_ADDR_T_64BIT=y CONFIG_ZONE_DMA_FLAG=0 CONFIG_VIRT_TO_BUS=y CONFIG_UNEVICTABLE_LRU=y CONFIG_TICK_ONESHOT=y CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y CONFIG_GENERIC_CLOCKEVENTS_BUILD=y CONFIG_LD_SCRIPT_DYN=y CONFIG_BINFMT_ELF=y # CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS is not set # CONFIG_HAVE_AOUT is not set CONFIG_BINFMT_MISC=y CONFIG_HOSTFS=y # CONFIG_HPPFS is not set CONFIG_MCONSOLE=y CONFIG_MAGIC_SYSRQ=y CONFIG_KERNEL_STACK_ORDER=1 # # General setup # CONFIG_EXPERIMENTAL=y CONFIG_BROKEN_ON_SMP=y CONFIG_INIT_ENV_ARG_LIMIT=128 CONFIG_LOCALVERSION="-marionnet-ghost" CONFIG_LOCALVERSION_AUTO=y CONFIG_SWAP=y CONFIG_SYSVIPC=y CONFIG_SYSVIPC_SYSCTL=y CONFIG_POSIX_MQUEUE=y CONFIG_BSD_PROCESS_ACCT=y # CONFIG_BSD_PROCESS_ACCT_V3 is not set # CONFIG_TASKSTATS is not set # CONFIG_AUDIT is not set CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y CONFIG_LOG_BUF_SHIFT=14 # CONFIG_CGROUPS is not set # CONFIG_GROUP_SCHED is not set CONFIG_SYSFS_DEPRECATED=y CONFIG_SYSFS_DEPRECATED_V2=y # CONFIG_RELAY is not set CONFIG_NAMESPACES=y # CONFIG_UTS_NS is not set # CONFIG_IPC_NS is not set # CONFIG_USER_NS is not set # CONFIG_PID_NS is not set # CONFIG_BLK_DEV_INITRD is not set CONFIG_CC_OPTIMIZE_FOR_SIZE=y CONFIG_SYSCTL=y # CONFIG_EMBEDDED is not set CONFIG_UID16=y CONFIG_SYSCTL_SYSCALL=y CONFIG_KALLSYMS=y CONFIG_KALLSYMS_EXTRA_PASS=y CONFIG_HOTPLUG=y CONFIG_PRINTK=y CONFIG_BUG=y CONFIG_ELF_CORE=y CONFIG_COMPAT_BRK=y CONFIG_BASE_FULL=y CONFIG_FUTEX=y CONFIG_ANON_INODES=y CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_SHMEM=y CONFIG_AIO=y CONFIG_VM_EVENT_COUNTERS=y CONFIG_SLAB=y # CONFIG_SLUB is not set # CONFIG_SLOB is not set # CONFIG_PROFILING is not set # CONFIG_MARKERS is not set # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set CONFIG_SLABINFO=y CONFIG_RT_MUTEXES=y # CONFIG_TINY_SHMEM is not set CONFIG_BASE_SMALL=0 # CONFIG_MODULES is not set CONFIG_BLOCK=y # CONFIG_BLK_DEV_IO_TRACE is not set # CONFIG_BLK_DEV_BSG is not set # CONFIG_BLK_DEV_INTEGRITY is not set # # IO Schedulers # CONFIG_IOSCHED_NOOP=y CONFIG_IOSCHED_AS=y CONFIG_IOSCHED_DEADLINE=y CONFIG_IOSCHED_CFQ=y CONFIG_DEFAULT_AS=y # CONFIG_DEFAULT_DEADLINE is not set # CONFIG_DEFAULT_CFQ is not set # CONFIG_DEFAULT_NOOP is not set CONFIG_DEFAULT_IOSCHED="anticipatory" CONFIG_CLASSIC_RCU=y # CONFIG_FREEZER is not set CONFIG_BLK_DEV=y CONFIG_BLK_DEV_UBD=y # CONFIG_BLK_DEV_UBD_SYNC is not set CONFIG_BLK_DEV_COW_COMMON=y CONFIG_BLK_DEV_LOOP=y CONFIG_BLK_DEV_CRYPTOLOOP=y CONFIG_BLK_DEV_NBD=y # CONFIG_BLK_DEV_RAM is not set # CONFIG_ATA_OVER_ETH is not set # # Character Devices # CONFIG_STDERR_CONSOLE=y CONFIG_STDIO_CONSOLE=y CONFIG_SSL=y CONFIG_NULL_CHAN=y CONFIG_PORT_CHAN=y CONFIG_PTY_CHAN=y CONFIG_TTY_CHAN=y CONFIG_XTERM_CHAN=y # CONFIG_NOCONFIG_CHAN is not set CONFIG_CON_ZERO_CHAN="fd:0,fd:1" CONFIG_CON_CHAN="xterm" CONFIG_SSL_CHAN="pts" CONFIG_UNIX98_PTYS=y CONFIG_LEGACY_PTYS=y # CONFIG_RAW_DRIVER is not set CONFIG_LEGACY_PTY_COUNT=32 # CONFIG_WATCHDOG is not set CONFIG_UML_SOUND=y CONFIG_SOUND=y CONFIG_SOUND_OSS_CORE=y CONFIG_HOSTAUDIO=y # CONFIG_HW_RANDOM is not set CONFIG_UML_RANDOM=y # CONFIG_MMAPPER is not set # # Generic Driver Options # CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y CONFIG_FW_LOADER=y CONFIG_FIRMWARE_IN_KERNEL=y CONFIG_EXTRA_FIRMWARE="" # CONFIG_SYS_HYPERVISOR is not set CONFIG_NET=y # # Networking options # CONFIG_PACKET=y CONFIG_PACKET_MMAP=y CONFIG_UNIX=y CONFIG_XFRM=y CONFIG_XFRM_USER=y # CONFIG_XFRM_SUB_POLICY is not set # CONFIG_XFRM_MIGRATE is not set # CONFIG_XFRM_STATISTICS is not set CONFIG_XFRM_IPCOMP=y CONFIG_NET_KEY=y # CONFIG_NET_KEY_MIGRATE is not set CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_ASK_IP_FIB_HASH=y # CONFIG_IP_FIB_TRIE is not set CONFIG_IP_FIB_HASH=y CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_VERBOSE=y # CONFIG_IP_PNP is not set CONFIG_NET_IPIP=y CONFIG_NET_IPGRE=y CONFIG_NET_IPGRE_BROADCAST=y CONFIG_IP_MROUTE=y # CONFIG_IP_PIMSM_V1 is not set CONFIG_IP_PIMSM_V2=y CONFIG_ARPD=y CONFIG_SYN_COOKIES=y CONFIG_INET_AH=y CONFIG_INET_ESP=y CONFIG_INET_IPCOMP=y CONFIG_INET_XFRM_TUNNEL=y CONFIG_INET_TUNNEL=y CONFIG_INET_XFRM_MODE_TRANSPORT=y CONFIG_INET_XFRM_MODE_TUNNEL=y CONFIG_INET_XFRM_MODE_BEET=y # CONFIG_INET_LRO is not set CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y # CONFIG_TCP_CONG_ADVANCED is not set CONFIG_TCP_CONG_CUBIC=y CONFIG_DEFAULT_TCP_CONG="cubic" # CONFIG_TCP_MD5SIG is not set CONFIG_IPV6=y # CONFIG_IPV6_PRIVACY is not set # CONFIG_IPV6_ROUTER_PREF is not set # CONFIG_IPV6_OPTIMISTIC_DAD is not set # CONFIG_INET6_AH is not set # CONFIG_INET6_ESP is not set # CONFIG_INET6_IPCOMP is not set # CONFIG_IPV6_MIP6 is not set # CONFIG_INET6_XFRM_TUNNEL is not set # CONFIG_INET6_TUNNEL is not set CONFIG_INET6_XFRM_MODE_TRANSPORT=y CONFIG_INET6_XFRM_MODE_TUNNEL=y CONFIG_INET6_XFRM_MODE_BEET=y # CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set CONFIG_IPV6_SIT=y CONFIG_IPV6_NDISC_NODETYPE=y # CONFIG_IPV6_TUNNEL is not set # CONFIG_IPV6_MULTIPLE_TABLES is not set # CONFIG_IPV6_MROUTE is not set # CONFIG_NETWORK_SECMARK is not set CONFIG_NETFILTER=y # CONFIG_NETFILTER_DEBUG is not set CONFIG_NETFILTER_ADVANCED=y CONFIG_BRIDGE_NETFILTER=y # # Core Netfilter Configuration # CONFIG_NETFILTER_NETLINK=y CONFIG_NETFILTER_NETLINK_QUEUE=y CONFIG_NETFILTER_NETLINK_LOG=y CONFIG_NF_CONNTRACK=y CONFIG_NF_CT_ACCT=y CONFIG_NF_CONNTRACK_MARK=y CONFIG_NF_CONNTRACK_EVENTS=y CONFIG_NF_CT_PROTO_DCCP=y CONFIG_NF_CT_PROTO_GRE=y CONFIG_NF_CT_PROTO_SCTP=y CONFIG_NF_CT_PROTO_UDPLITE=y CONFIG_NF_CONNTRACK_AMANDA=y CONFIG_NF_CONNTRACK_FTP=y CONFIG_NF_CONNTRACK_H323=y CONFIG_NF_CONNTRACK_IRC=y CONFIG_NF_CONNTRACK_NETBIOS_NS=y CONFIG_NF_CONNTRACK_PPTP=y CONFIG_NF_CONNTRACK_SANE=y CONFIG_NF_CONNTRACK_SIP=y CONFIG_NF_CONNTRACK_TFTP=y CONFIG_NF_CT_NETLINK=y # CONFIG_NETFILTER_TPROXY is not set CONFIG_NETFILTER_XTABLES=y CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y CONFIG_NETFILTER_XT_TARGET_CONNMARK=y CONFIG_NETFILTER_XT_TARGET_DSCP=y CONFIG_NETFILTER_XT_TARGET_MARK=y CONFIG_NETFILTER_XT_TARGET_NFLOG=y CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y CONFIG_NETFILTER_XT_TARGET_NOTRACK=y CONFIG_NETFILTER_XT_TARGET_RATEEST=y CONFIG_NETFILTER_XT_TARGET_TRACE=y CONFIG_NETFILTER_XT_TARGET_TCPMSS=y CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=y CONFIG_NETFILTER_XT_MATCH_COMMENT=y CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y CONFIG_NETFILTER_XT_MATCH_CONNMARK=y CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y CONFIG_NETFILTER_XT_MATCH_DCCP=y CONFIG_NETFILTER_XT_MATCH_DSCP=y CONFIG_NETFILTER_XT_MATCH_ESP=y CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y CONFIG_NETFILTER_XT_MATCH_HELPER=y CONFIG_NETFILTER_XT_MATCH_IPRANGE=y CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y CONFIG_NETFILTER_XT_MATCH_MAC=y CONFIG_NETFILTER_XT_MATCH_MARK=y CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y CONFIG_NETFILTER_XT_MATCH_OWNER=y CONFIG_NETFILTER_XT_MATCH_POLICY=y CONFIG_NETFILTER_XT_MATCH_PHYSDEV=y CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y CONFIG_NETFILTER_XT_MATCH_QUOTA=y CONFIG_NETFILTER_XT_MATCH_RATEEST=y CONFIG_NETFILTER_XT_MATCH_REALM=y # CONFIG_NETFILTER_XT_MATCH_RECENT is not set CONFIG_NETFILTER_XT_MATCH_SCTP=y CONFIG_NETFILTER_XT_MATCH_STATE=y CONFIG_NETFILTER_XT_MATCH_STATISTIC=y CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y CONFIG_NETFILTER_XT_MATCH_TIME=y CONFIG_NETFILTER_XT_MATCH_U32=y # CONFIG_IP_VS is not set # # IP: Netfilter Configuration # CONFIG_NF_DEFRAG_IPV4=y CONFIG_NF_CONNTRACK_IPV4=y CONFIG_NF_CONNTRACK_PROC_COMPAT=y CONFIG_IP_NF_QUEUE=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_ADDRTYPE=y CONFIG_IP_NF_MATCH_AH=y CONFIG_IP_NF_MATCH_ECN=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_TARGET_LOG=y CONFIG_IP_NF_TARGET_ULOG=y CONFIG_NF_NAT=y CONFIG_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=y CONFIG_IP_NF_TARGET_NETMAP=y CONFIG_IP_NF_TARGET_REDIRECT=y CONFIG_NF_NAT_SNMP_BASIC=y CONFIG_NF_NAT_PROTO_DCCP=y CONFIG_NF_NAT_PROTO_GRE=y CONFIG_NF_NAT_PROTO_UDPLITE=y CONFIG_NF_NAT_PROTO_SCTP=y CONFIG_NF_NAT_FTP=y CONFIG_NF_NAT_IRC=y CONFIG_NF_NAT_TFTP=y CONFIG_NF_NAT_AMANDA=y CONFIG_NF_NAT_PPTP=y CONFIG_NF_NAT_H323=y CONFIG_NF_NAT_SIP=y CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_TARGET_CLUSTERIP=y CONFIG_IP_NF_TARGET_ECN=y CONFIG_IP_NF_TARGET_TTL=y CONFIG_IP_NF_RAW=y CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_ARPFILTER=y CONFIG_IP_NF_ARP_MANGLE=y # # IPv6: Netfilter Configuration # CONFIG_NF_CONNTRACK_IPV6=y CONFIG_IP6_NF_QUEUE=y CONFIG_IP6_NF_IPTABLES=y CONFIG_IP6_NF_MATCH_AH=y CONFIG_IP6_NF_MATCH_EUI64=y CONFIG_IP6_NF_MATCH_FRAG=y CONFIG_IP6_NF_MATCH_OPTS=y CONFIG_IP6_NF_MATCH_HL=y CONFIG_IP6_NF_MATCH_IPV6HEADER=y CONFIG_IP6_NF_MATCH_MH=y CONFIG_IP6_NF_MATCH_RT=y CONFIG_IP6_NF_TARGET_LOG=y CONFIG_IP6_NF_FILTER=y CONFIG_IP6_NF_TARGET_REJECT=y CONFIG_IP6_NF_MANGLE=y CONFIG_IP6_NF_TARGET_HL=y CONFIG_IP6_NF_RAW=y CONFIG_BRIDGE_NF_EBTABLES=y CONFIG_BRIDGE_EBT_BROUTE=y CONFIG_BRIDGE_EBT_T_FILTER=y CONFIG_BRIDGE_EBT_T_NAT=y CONFIG_BRIDGE_EBT_802_3=y CONFIG_BRIDGE_EBT_AMONG=y CONFIG_BRIDGE_EBT_ARP=y CONFIG_BRIDGE_EBT_IP=y CONFIG_BRIDGE_EBT_IP6=y CONFIG_BRIDGE_EBT_LIMIT=y CONFIG_BRIDGE_EBT_MARK=y CONFIG_BRIDGE_EBT_PKTTYPE=y CONFIG_BRIDGE_EBT_STP=y CONFIG_BRIDGE_EBT_VLAN=y CONFIG_BRIDGE_EBT_ARPREPLY=y CONFIG_BRIDGE_EBT_DNAT=y CONFIG_BRIDGE_EBT_MARK_T=y CONFIG_BRIDGE_EBT_REDIRECT=y CONFIG_BRIDGE_EBT_SNAT=y CONFIG_BRIDGE_EBT_LOG=y CONFIG_BRIDGE_EBT_ULOG=y CONFIG_BRIDGE_EBT_NFLOG=y CONFIG_GHOSTIFICATION_NETFILTER=y CONFIG_GHOSTIFICATION_NETFILTER_ALL=y # CONFIG_IP_DCCP is not set # CONFIG_IP_SCTP is not set # CONFIG_TIPC is not set # CONFIG_ATM is not set CONFIG_STP=y CONFIG_GARP=y CONFIG_BRIDGE=y # CONFIG_NET_DSA is not set CONFIG_VLAN_8021Q=y CONFIG_VLAN_8021Q_GVRP=y # CONFIG_DECNET is not set CONFIG_LLC=y CONFIG_LLC2=y # CONFIG_IPX is not set # CONFIG_ATALK is not set # CONFIG_X25 is not set # CONFIG_LAPB is not set # CONFIG_ECONET is not set # CONFIG_WAN_ROUTER is not set CONFIG_NET_SCHED=y # # Queueing/Scheduling # CONFIG_NET_SCH_CBQ=y CONFIG_NET_SCH_HTB=y CONFIG_NET_SCH_HFSC=y CONFIG_NET_SCH_PRIO=y # CONFIG_NET_SCH_MULTIQ is not set CONFIG_NET_SCH_RED=y CONFIG_NET_SCH_SFQ=y CONFIG_NET_SCH_TEQL=y CONFIG_NET_SCH_TBF=y CONFIG_NET_SCH_GRED=y CONFIG_NET_SCH_DSMARK=y CONFIG_NET_SCH_NETEM=y # CONFIG_NET_SCH_INGRESS is not set # # Classification # CONFIG_NET_CLS=y CONFIG_NET_CLS_BASIC=y CONFIG_NET_CLS_TCINDEX=y CONFIG_NET_CLS_ROUTE4=y CONFIG_NET_CLS_ROUTE=y CONFIG_NET_CLS_FW=y CONFIG_NET_CLS_U32=y CONFIG_CLS_U32_PERF=y CONFIG_CLS_U32_MARK=y CONFIG_NET_CLS_RSVP=y CONFIG_NET_CLS_RSVP6=y CONFIG_NET_CLS_FLOW=y CONFIG_NET_EMATCH=y CONFIG_NET_EMATCH_STACK=32 CONFIG_NET_EMATCH_CMP=y CONFIG_NET_EMATCH_NBYTE=y CONFIG_NET_EMATCH_U32=y CONFIG_NET_EMATCH_META=y CONFIG_NET_EMATCH_TEXT=y CONFIG_NET_CLS_ACT=y CONFIG_NET_ACT_POLICE=y CONFIG_NET_ACT_GACT=y CONFIG_GACT_PROB=y CONFIG_NET_ACT_MIRRED=y CONFIG_NET_ACT_IPT=y CONFIG_NET_ACT_NAT=y CONFIG_NET_ACT_PEDIT=y # CONFIG_NET_ACT_SIMP is not set # CONFIG_NET_ACT_SKBEDIT is not set CONFIG_NET_CLS_IND=y CONFIG_NET_SCH_FIFO=y # # Network testing # # CONFIG_NET_PKTGEN is not set # CONFIG_HAMRADIO is not set # CONFIG_CAN is not set # CONFIG_IRDA is not set # CONFIG_BT is not set # CONFIG_AF_RXRPC is not set # CONFIG_PHONET is not set CONFIG_FIB_RULES=y # CONFIG_WIRELESS is not set # CONFIG_RFKILL is not set # CONFIG_NET_9P is not set CONFIG_GHOSTIFICATION=y CONFIG_GHOSTIFICATION_NUM=9 CONFIG_GHOSTIFICATION_MESG=y CONFIG_GHOSTIFICATION_PRINTK=y # CONFIG_GHOSTIFICATION_DEBUG is not set # CONFIG_GHOSTIFICATION_DEVEL is not set # # UML Network Devices # CONFIG_UML_NET=y CONFIG_UML_NET_ETHERTAP=y CONFIG_UML_NET_TUNTAP=y CONFIG_UML_NET_SLIP=y CONFIG_UML_NET_DAEMON=y CONFIG_UML_NET_VDE=y CONFIG_UML_NET_MCAST=y CONFIG_UML_NET_PCAP=y CONFIG_UML_NET_SLIRP=y CONFIG_NETDEVICES=y # CONFIG_IFB is not set CONFIG_DUMMY=y CONFIG_BONDING=y CONFIG_MACVLAN=y # CONFIG_EQUALIZER is not set CONFIG_TUN=y # CONFIG_VETH is not set # # Wireless LAN # # CONFIG_WLAN_PRE80211 is not set # CONFIG_WLAN_80211 is not set # CONFIG_IWLWIFI_LEDS is not set # CONFIG_WAN is not set CONFIG_PPP=y # CONFIG_PPP_MULTILINK is not set # CONFIG_PPP_FILTER is not set # CONFIG_PPP_ASYNC is not set # CONFIG_PPP_SYNC_TTY is not set # CONFIG_PPP_DEFLATE is not set # CONFIG_PPP_BSDCOMP is not set # CONFIG_PPP_MPPE is not set # CONFIG_PPPOE is not set # CONFIG_PPPOL2TP is not set CONFIG_SLIP=y # CONFIG_SLIP_COMPRESSED is not set CONFIG_SLHC=y # CONFIG_SLIP_SMART is not set # CONFIG_SLIP_MODE_SLIP6 is not set # CONFIG_NETCONSOLE is not set # CONFIG_NETPOLL is not set # CONFIG_NET_POLL_CONTROLLER is not set # CONFIG_CONNECTOR is not set # # File systems # CONFIG_EXT2_FS=y CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_POSIX_ACL=y # CONFIG_EXT2_FS_SECURITY is not set # CONFIG_EXT2_FS_XIP is not set CONFIG_EXT3_FS=y CONFIG_EXT3_FS_XATTR=y CONFIG_EXT3_FS_POSIX_ACL=y CONFIG_EXT3_FS_SECURITY=y # CONFIG_EXT4_FS is not set CONFIG_JBD=y CONFIG_FS_MBCACHE=y # CONFIG_REISERFS_FS is not set # CONFIG_JFS_FS is not set CONFIG_FS_POSIX_ACL=y CONFIG_FILE_LOCKING=y # CONFIG_XFS_FS is not set # CONFIG_GFS2_FS is not set # CONFIG_OCFS2_FS is not set CONFIG_DNOTIFY=y CONFIG_INOTIFY=y CONFIG_INOTIFY_USER=y CONFIG_QUOTA=y # CONFIG_QUOTA_NETLINK_INTERFACE is not set CONFIG_PRINT_QUOTA_WARNING=y # CONFIG_QFMT_V1 is not set # CONFIG_QFMT_V2 is not set CONFIG_QUOTACTL=y CONFIG_AUTOFS_FS=y CONFIG_AUTOFS4_FS=y # CONFIG_FUSE_FS is not set # # CD-ROM/DVD Filesystems # # CONFIG_ISO9660_FS is not set # CONFIG_UDF_FS is not set # # DOS/FAT/NT Filesystems # # CONFIG_MSDOS_FS is not set # CONFIG_VFAT_FS is not set # CONFIG_NTFS_FS is not set # # Pseudo filesystems # CONFIG_PROC_FS=y CONFIG_PROC_KCORE=y CONFIG_PROC_SYSCTL=y CONFIG_PROC_PAGE_MONITOR=y CONFIG_SYSFS=y CONFIG_TMPFS=y # CONFIG_TMPFS_POSIX_ACL is not set # CONFIG_HUGETLB_PAGE is not set # CONFIG_CONFIGFS_FS is not set # # Miscellaneous filesystems # # CONFIG_ADFS_FS is not set # CONFIG_AFFS_FS is not set # CONFIG_HFS_FS is not set # CONFIG_HFSPLUS_FS is not set # CONFIG_BEFS_FS is not set # CONFIG_BFS_FS is not set # CONFIG_EFS_FS is not set # CONFIG_CRAMFS is not set # CONFIG_VXFS_FS is not set # CONFIG_MINIX_FS is not set # CONFIG_OMFS_FS is not set # CONFIG_HPFS_FS is not set # CONFIG_QNX4FS_FS is not set # CONFIG_ROMFS_FS is not set # CONFIG_SYSV_FS is not set # CONFIG_UFS_FS is not set CONFIG_NETWORK_FILESYSTEMS=y CONFIG_NFS_FS=y CONFIG_NFS_V3=y CONFIG_NFS_V3_ACL=y CONFIG_NFS_V4=y CONFIG_NFSD=y CONFIG_NFSD_V2_ACL=y CONFIG_NFSD_V3=y CONFIG_NFSD_V3_ACL=y CONFIG_NFSD_V4=y CONFIG_LOCKD=y CONFIG_LOCKD_V4=y CONFIG_EXPORTFS=y CONFIG_NFS_ACL_SUPPORT=y CONFIG_NFS_COMMON=y CONFIG_SUNRPC=y CONFIG_SUNRPC_GSS=y # CONFIG_SUNRPC_REGISTER_V4 is not set CONFIG_RPCSEC_GSS_KRB5=y # CONFIG_RPCSEC_GSS_SPKM3 is not set # CONFIG_SMB_FS is not set CONFIG_CIFS=y # CONFIG_CIFS_STATS is not set # CONFIG_CIFS_WEAK_PW_HASH is not set CONFIG_CIFS_XATTR=y CONFIG_CIFS_POSIX=y CONFIG_CIFS_DEBUG2=y # CONFIG_CIFS_EXPERIMENTAL is not set # CONFIG_NCP_FS is not set # CONFIG_CODA_FS is not set # CONFIG_AFS_FS is not set # # Partition Types # CONFIG_PARTITION_ADVANCED=y # CONFIG_ACORN_PARTITION is not set # CONFIG_OSF_PARTITION is not set # CONFIG_AMIGA_PARTITION is not set # CONFIG_ATARI_PARTITION is not set # CONFIG_MAC_PARTITION is not set CONFIG_MSDOS_PARTITION=y # CONFIG_BSD_DISKLABEL is not set # CONFIG_MINIX_SUBPARTITION is not set # CONFIG_SOLARIS_X86_PARTITION is not set # CONFIG_UNIXWARE_DISKLABEL is not set # CONFIG_LDM_PARTITION is not set # CONFIG_SGI_PARTITION is not set # CONFIG_ULTRIX_PARTITION is not set # CONFIG_SUN_PARTITION is not set # CONFIG_KARMA_PARTITION is not set # CONFIG_EFI_PARTITION is not set # CONFIG_SYSV68_PARTITION is not set CONFIG_NLS=y CONFIG_NLS_DEFAULT="iso8859-1" # CONFIG_NLS_CODEPAGE_437 is not set # CONFIG_NLS_CODEPAGE_737 is not set # CONFIG_NLS_CODEPAGE_775 is not set # CONFIG_NLS_CODEPAGE_850 is not set # CONFIG_NLS_CODEPAGE_852 is not set # CONFIG_NLS_CODEPAGE_855 is not set # CONFIG_NLS_CODEPAGE_857 is not set # CONFIG_NLS_CODEPAGE_860 is not set # CONFIG_NLS_CODEPAGE_861 is not set # CONFIG_NLS_CODEPAGE_862 is not set # CONFIG_NLS_CODEPAGE_863 is not set # CONFIG_NLS_CODEPAGE_864 is not set # CONFIG_NLS_CODEPAGE_865 is not set # CONFIG_NLS_CODEPAGE_866 is not set # CONFIG_NLS_CODEPAGE_869 is not set # CONFIG_NLS_CODEPAGE_936 is not set # CONFIG_NLS_CODEPAGE_950 is not set # CONFIG_NLS_CODEPAGE_932 is not set # CONFIG_NLS_CODEPAGE_949 is not set # CONFIG_NLS_CODEPAGE_874 is not set # CONFIG_NLS_ISO8859_8 is not set # CONFIG_NLS_CODEPAGE_1250 is not set # CONFIG_NLS_CODEPAGE_1251 is not set # CONFIG_NLS_ASCII is not set # CONFIG_NLS_ISO8859_1 is not set # CONFIG_NLS_ISO8859_2 is not set # CONFIG_NLS_ISO8859_3 is not set # CONFIG_NLS_ISO8859_4 is not set # CONFIG_NLS_ISO8859_5 is not set # CONFIG_NLS_ISO8859_6 is not set # CONFIG_NLS_ISO8859_7 is not set # CONFIG_NLS_ISO8859_9 is not set # CONFIG_NLS_ISO8859_13 is not set # CONFIG_NLS_ISO8859_14 is not set # CONFIG_NLS_ISO8859_15 is not set # CONFIG_NLS_KOI8_R is not set # CONFIG_NLS_KOI8_U is not set # CONFIG_NLS_UTF8 is not set # CONFIG_DLM is not set # # Security options # # CONFIG_KEYS is not set # CONFIG_SECURITY is not set # CONFIG_SECURITYFS is not set # CONFIG_SECURITY_FILE_CAPABILITIES is not set CONFIG_CRYPTO=y # # Crypto core or helper # # CONFIG_CRYPTO_FIPS is not set CONFIG_CRYPTO_ALGAPI=y CONFIG_CRYPTO_ALGAPI2=y CONFIG_CRYPTO_AEAD=y CONFIG_CRYPTO_AEAD2=y CONFIG_CRYPTO_BLKCIPHER=y CONFIG_CRYPTO_BLKCIPHER2=y CONFIG_CRYPTO_HASH=y CONFIG_CRYPTO_HASH2=y CONFIG_CRYPTO_RNG2=y CONFIG_CRYPTO_MANAGER=y CONFIG_CRYPTO_MANAGER2=y # CONFIG_CRYPTO_GF128MUL is not set # CONFIG_CRYPTO_NULL is not set # CONFIG_CRYPTO_CRYPTD is not set CONFIG_CRYPTO_AUTHENC=y # # Authenticated Encryption with Associated Data # # CONFIG_CRYPTO_CCM is not set # CONFIG_CRYPTO_GCM is not set # CONFIG_CRYPTO_SEQIV is not set # # Block modes # CONFIG_CRYPTO_CBC=y # CONFIG_CRYPTO_CTR is not set # CONFIG_CRYPTO_CTS is not set # CONFIG_CRYPTO_ECB is not set # CONFIG_CRYPTO_LRW is not set # CONFIG_CRYPTO_PCBC is not set # CONFIG_CRYPTO_XTS is not set # # Hash modes # CONFIG_CRYPTO_HMAC=y # CONFIG_CRYPTO_XCBC is not set # # Digest # # CONFIG_CRYPTO_CRC32C is not set # CONFIG_CRYPTO_MD4 is not set CONFIG_CRYPTO_MD5=y # CONFIG_CRYPTO_MICHAEL_MIC is not set # CONFIG_CRYPTO_RMD128 is not set # CONFIG_CRYPTO_RMD160 is not set # CONFIG_CRYPTO_RMD256 is not set # CONFIG_CRYPTO_RMD320 is not set CONFIG_CRYPTO_SHA1=y # CONFIG_CRYPTO_SHA256 is not set # CONFIG_CRYPTO_SHA512 is not set # CONFIG_CRYPTO_TGR192 is not set # CONFIG_CRYPTO_WP512 is not set # # Ciphers # CONFIG_CRYPTO_AES=y CONFIG_CRYPTO_AES_X86_64=y # CONFIG_CRYPTO_ANUBIS is not set # CONFIG_CRYPTO_ARC4 is not set # CONFIG_CRYPTO_BLOWFISH is not set # CONFIG_CRYPTO_CAMELLIA is not set # CONFIG_CRYPTO_CAST5 is not set # CONFIG_CRYPTO_CAST6 is not set CONFIG_CRYPTO_DES=y # CONFIG_CRYPTO_FCRYPT is not set # CONFIG_CRYPTO_KHAZAD is not set # CONFIG_CRYPTO_SALSA20 is not set CONFIG_CRYPTO_SALSA20_X86_64=y # CONFIG_CRYPTO_SEED is not set # CONFIG_CRYPTO_SERPENT is not set # CONFIG_CRYPTO_TEA is not set # CONFIG_CRYPTO_TWOFISH is not set CONFIG_CRYPTO_TWOFISH_COMMON=y CONFIG_CRYPTO_TWOFISH_X86_64=y # # Compression # CONFIG_CRYPTO_DEFLATE=y # CONFIG_CRYPTO_LZO is not set # # Random Number Generation # # CONFIG_CRYPTO_ANSI_CPRNG is not set CONFIG_CRYPTO_HW=y # # Library routines # CONFIG_BITREVERSE=y CONFIG_GENERIC_FIND_FIRST_BIT=y CONFIG_GENERIC_FIND_NEXT_BIT=y # CONFIG_CRC_CCITT is not set CONFIG_CRC16=y # CONFIG_CRC_T10DIF is not set # CONFIG_CRC_ITU_T is not set CONFIG_CRC32=y # CONFIG_CRC7 is not set CONFIG_LIBCRC32C=y CONFIG_ZLIB_INFLATE=y CONFIG_ZLIB_DEFLATE=y CONFIG_TEXTSEARCH=y CONFIG_TEXTSEARCH_KMP=y CONFIG_TEXTSEARCH_BM=y CONFIG_TEXTSEARCH_FSM=y CONFIG_PLIST=y CONFIG_HAS_DMA=y # # SCSI device support # # CONFIG_RAID_ATTRS is not set # CONFIG_SCSI is not set # CONFIG_SCSI_DMA is not set # CONFIG_SCSI_NETLINK is not set CONFIG_MD=y # CONFIG_BLK_DEV_MD is not set CONFIG_BLK_DEV_DM=y # CONFIG_DM_DEBUG is not set CONFIG_DM_CRYPT=y CONFIG_DM_SNAPSHOT=y CONFIG_DM_MIRROR=y # CONFIG_DM_ZERO is not set # CONFIG_DM_MULTIPATH is not set # CONFIG_DM_DELAY is not set # CONFIG_DM_UEVENT is not set # CONFIG_NEW_LEDS is not set # CONFIG_INPUT is not set # # Kernel hacking # # CONFIG_PRINTK_TIME is not set # CONFIG_ENABLE_WARN_DEPRECATED is not set CONFIG_ENABLE_MUST_CHECK=y CONFIG_FRAME_WARN=1024 # CONFIG_UNUSED_SYMBOLS is not set # CONFIG_DEBUG_FS is not set # CONFIG_DEBUG_KERNEL is not set CONFIG_DEBUG_BUGVERBOSE=y CONFIG_DEBUG_MEMORY_INIT=y # CONFIG_RCU_CPU_STALL_DETECTOR is not set CONFIG_SYSCTL_SYSCALL_CHECK=y # # Tracers # # CONFIG_DYNAMIC_PRINTK_DEBUG is not set # CONFIG_SAMPLES is not set # CONFIG_DEBUG_STACK_USAGE is not set marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/CONFIG-2.6.270000644000175000017500000005445013175722671023264 0ustar lucaslucas# # Automatically generated make config: don't edit # Linux kernel version: 2.6.27 # Fri Nov 27 12:24:52 2009 # CONFIG_DEFCONFIG_LIST="arch/$ARCH/defconfig" CONFIG_GENERIC_HARDIRQS=y CONFIG_UML=y CONFIG_MMU=y CONFIG_NO_IOMEM=y # CONFIG_TRACE_IRQFLAGS_SUPPORT is not set CONFIG_LOCKDEP_SUPPORT=y # CONFIG_STACKTRACE_SUPPORT is not set CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_TIME=y CONFIG_GENERIC_CLOCKEVENTS=y CONFIG_IRQ_RELEASE_METHOD=y CONFIG_HZ=100 # # UML-specific options # # CONFIG_STATIC_LINK is not set # # Host processor type and features # # CONFIG_M386 is not set # CONFIG_M486 is not set # CONFIG_M586 is not set # CONFIG_M586TSC is not set # CONFIG_M586MMX is not set CONFIG_M686=y # CONFIG_MPENTIUMII is not set # CONFIG_MPENTIUMIII is not set # CONFIG_MPENTIUMM is not set # CONFIG_MPENTIUM4 is not set # CONFIG_MK6 is not set # CONFIG_MK7 is not set # CONFIG_MK8 is not set # CONFIG_MCRUSOE is not set # CONFIG_MEFFICEON is not set # CONFIG_MWINCHIPC6 is not set # CONFIG_MWINCHIP2 is not set # CONFIG_MWINCHIP3D is not set # CONFIG_MGEODEGX1 is not set # CONFIG_MGEODE_LX is not set # CONFIG_MCYRIXIII is not set # CONFIG_MVIAC3_2 is not set # CONFIG_MVIAC7 is not set # CONFIG_MPSC is not set # CONFIG_MCORE2 is not set # CONFIG_GENERIC_CPU is not set CONFIG_X86_GENERIC=y CONFIG_X86_CPU=y CONFIG_X86_CMPXCHG=y CONFIG_X86_L1_CACHE_SHIFT=7 CONFIG_X86_XADD=y CONFIG_X86_PPRO_FENCE=y CONFIG_X86_WP_WORKS_OK=y CONFIG_X86_INVLPG=y CONFIG_X86_BSWAP=y CONFIG_X86_POPAD_OK=y CONFIG_X86_INTEL_USERCOPY=y CONFIG_X86_USE_PPRO_CHECKSUM=y CONFIG_X86_TSC=y CONFIG_X86_CMOV=y CONFIG_X86_MINIMUM_CPU_FAMILY=4 CONFIG_X86_DEBUGCTLMSR=y CONFIG_UML_X86=y CONFIG_X86_32=y CONFIG_RWSEM_XCHGADD_ALGORITHM=y # CONFIG_64BIT is not set # CONFIG_3_LEVEL_PGTABLES is not set CONFIG_ARCH_HAS_SC_SIGNALS=y CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA=y CONFIG_GENERIC_HWEIGHT=y CONFIG_ARCH_SUPPORTS_AOUT=y CONFIG_SELECT_MEMORY_MODEL=y CONFIG_FLATMEM_MANUAL=y # CONFIG_DISCONTIGMEM_MANUAL is not set # CONFIG_SPARSEMEM_MANUAL is not set CONFIG_FLATMEM=y CONFIG_FLAT_NODE_MEM_MAP=y # CONFIG_SPARSEMEM_STATIC is not set # CONFIG_SPARSEMEM_VMEMMAP_ENABLE is not set CONFIG_PAGEFLAGS_EXTENDED=y CONFIG_SPLIT_PTLOCK_CPUS=4 # CONFIG_RESOURCES_64BIT is not set CONFIG_ZONE_DMA_FLAG=0 CONFIG_VIRT_TO_BUS=y CONFIG_TICK_ONESHOT=y CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y CONFIG_GENERIC_CLOCKEVENTS_BUILD=y CONFIG_LD_SCRIPT_DYN=y CONFIG_BINFMT_ELF=y # CONFIG_BINFMT_AOUT is not set CONFIG_BINFMT_MISC=y CONFIG_HOSTFS=y # CONFIG_HPPFS is not set CONFIG_MCONSOLE=y CONFIG_MAGIC_SYSRQ=y # CONFIG_HIGHMEM is not set CONFIG_KERNEL_STACK_ORDER=0 # # General setup # CONFIG_EXPERIMENTAL=y CONFIG_BROKEN_ON_SMP=y CONFIG_INIT_ENV_ARG_LIMIT=128 CONFIG_LOCALVERSION="-marionnet-ghost" CONFIG_LOCALVERSION_AUTO=y CONFIG_SWAP=y CONFIG_SYSVIPC=y CONFIG_SYSVIPC_SYSCTL=y CONFIG_POSIX_MQUEUE=y CONFIG_BSD_PROCESS_ACCT=y # CONFIG_BSD_PROCESS_ACCT_V3 is not set # CONFIG_TASKSTATS is not set # CONFIG_AUDIT is not set CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y CONFIG_LOG_BUF_SHIFT=14 # CONFIG_CGROUPS is not set # CONFIG_GROUP_SCHED is not set CONFIG_SYSFS_DEPRECATED=y CONFIG_SYSFS_DEPRECATED_V2=y # CONFIG_RELAY is not set CONFIG_NAMESPACES=y # CONFIG_UTS_NS is not set # CONFIG_IPC_NS is not set # CONFIG_USER_NS is not set # CONFIG_PID_NS is not set # CONFIG_BLK_DEV_INITRD is not set CONFIG_CC_OPTIMIZE_FOR_SIZE=y CONFIG_SYSCTL=y # CONFIG_EMBEDDED is not set CONFIG_UID16=y CONFIG_SYSCTL_SYSCALL=y CONFIG_KALLSYMS=y CONFIG_KALLSYMS_EXTRA_PASS=y CONFIG_HOTPLUG=y CONFIG_PRINTK=y CONFIG_BUG=y CONFIG_ELF_CORE=y CONFIG_COMPAT_BRK=y CONFIG_BASE_FULL=y CONFIG_FUTEX=y CONFIG_ANON_INODES=y CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_SHMEM=y CONFIG_VM_EVENT_COUNTERS=y CONFIG_SLAB=y # CONFIG_SLUB is not set # CONFIG_SLOB is not set # CONFIG_PROFILING is not set # CONFIG_MARKERS is not set # CONFIG_HAVE_OPROFILE is not set # CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS is not set # CONFIG_HAVE_IOREMAP_PROT is not set # CONFIG_HAVE_KPROBES is not set # CONFIG_HAVE_KRETPROBES is not set # CONFIG_HAVE_ARCH_TRACEHOOK is not set # CONFIG_HAVE_DMA_ATTRS is not set # CONFIG_USE_GENERIC_SMP_HELPERS is not set # CONFIG_HAVE_CLK is not set CONFIG_PROC_PAGE_MONITOR=y # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set CONFIG_SLABINFO=y CONFIG_RT_MUTEXES=y # CONFIG_TINY_SHMEM is not set CONFIG_BASE_SMALL=0 # CONFIG_MODULES is not set CONFIG_BLOCK=y # CONFIG_LBD is not set # CONFIG_BLK_DEV_IO_TRACE is not set # CONFIG_LSF is not set # CONFIG_BLK_DEV_BSG is not set # CONFIG_BLK_DEV_INTEGRITY is not set # # IO Schedulers # CONFIG_IOSCHED_NOOP=y CONFIG_IOSCHED_AS=y CONFIG_IOSCHED_DEADLINE=y CONFIG_IOSCHED_CFQ=y CONFIG_DEFAULT_AS=y # CONFIG_DEFAULT_DEADLINE is not set # CONFIG_DEFAULT_CFQ is not set # CONFIG_DEFAULT_NOOP is not set CONFIG_DEFAULT_IOSCHED="anticipatory" CONFIG_CLASSIC_RCU=y CONFIG_BLK_DEV=y CONFIG_BLK_DEV_UBD=y # CONFIG_BLK_DEV_UBD_SYNC is not set CONFIG_BLK_DEV_COW_COMMON=y CONFIG_BLK_DEV_LOOP=y # CONFIG_BLK_DEV_CRYPTOLOOP is not set CONFIG_BLK_DEV_NBD=y # CONFIG_BLK_DEV_RAM is not set # CONFIG_ATA_OVER_ETH is not set # # Character Devices # CONFIG_STDERR_CONSOLE=y CONFIG_STDIO_CONSOLE=y CONFIG_SSL=y CONFIG_NULL_CHAN=y CONFIG_PORT_CHAN=y CONFIG_PTY_CHAN=y CONFIG_TTY_CHAN=y CONFIG_XTERM_CHAN=y # CONFIG_NOCONFIG_CHAN is not set CONFIG_CON_ZERO_CHAN="fd:0,fd:1" CONFIG_CON_CHAN="xterm" CONFIG_SSL_CHAN="pts" CONFIG_UNIX98_PTYS=y CONFIG_LEGACY_PTYS=y # CONFIG_RAW_DRIVER is not set CONFIG_LEGACY_PTY_COUNT=32 # CONFIG_WATCHDOG is not set CONFIG_UML_SOUND=y CONFIG_SOUND=y CONFIG_HOSTAUDIO=y # CONFIG_HW_RANDOM is not set CONFIG_UML_RANDOM=y # CONFIG_MMAPPER is not set # # Generic Driver Options # CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y CONFIG_FW_LOADER=y CONFIG_FIRMWARE_IN_KERNEL=y CONFIG_EXTRA_FIRMWARE="" # CONFIG_SYS_HYPERVISOR is not set CONFIG_NET=y # # Networking options # CONFIG_PACKET=y CONFIG_PACKET_MMAP=y CONFIG_UNIX=y CONFIG_XFRM=y CONFIG_XFRM_USER=y # CONFIG_XFRM_SUB_POLICY is not set # CONFIG_XFRM_MIGRATE is not set # CONFIG_XFRM_STATISTICS is not set CONFIG_XFRM_IPCOMP=y CONFIG_NET_KEY=y # CONFIG_NET_KEY_MIGRATE is not set CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_ASK_IP_FIB_HASH=y # CONFIG_IP_FIB_TRIE is not set CONFIG_IP_FIB_HASH=y CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_VERBOSE=y # CONFIG_IP_PNP is not set CONFIG_NET_IPIP=y CONFIG_NET_IPGRE=y CONFIG_NET_IPGRE_BROADCAST=y CONFIG_IP_MROUTE=y # CONFIG_IP_PIMSM_V1 is not set CONFIG_IP_PIMSM_V2=y CONFIG_ARPD=y CONFIG_SYN_COOKIES=y CONFIG_INET_AH=y CONFIG_INET_ESP=y CONFIG_INET_IPCOMP=y CONFIG_INET_XFRM_TUNNEL=y CONFIG_INET_TUNNEL=y CONFIG_INET_XFRM_MODE_TRANSPORT=y CONFIG_INET_XFRM_MODE_TUNNEL=y CONFIG_INET_XFRM_MODE_BEET=y # CONFIG_INET_LRO is not set CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y # CONFIG_TCP_CONG_ADVANCED is not set CONFIG_TCP_CONG_CUBIC=y CONFIG_DEFAULT_TCP_CONG="cubic" # CONFIG_TCP_MD5SIG is not set # CONFIG_IP_VS is not set CONFIG_IPV6=y # CONFIG_IPV6_PRIVACY is not set # CONFIG_IPV6_ROUTER_PREF is not set # CONFIG_IPV6_OPTIMISTIC_DAD is not set # CONFIG_INET6_AH is not set # CONFIG_INET6_ESP is not set # CONFIG_INET6_IPCOMP is not set # CONFIG_IPV6_MIP6 is not set # CONFIG_INET6_XFRM_TUNNEL is not set # CONFIG_INET6_TUNNEL is not set CONFIG_INET6_XFRM_MODE_TRANSPORT=y CONFIG_INET6_XFRM_MODE_TUNNEL=y CONFIG_INET6_XFRM_MODE_BEET=y # CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set CONFIG_IPV6_SIT=y CONFIG_IPV6_NDISC_NODETYPE=y # CONFIG_IPV6_TUNNEL is not set # CONFIG_IPV6_MULTIPLE_TABLES is not set # CONFIG_IPV6_MROUTE is not set # CONFIG_NETWORK_SECMARK is not set CONFIG_NETFILTER=y # CONFIG_NETFILTER_DEBUG is not set CONFIG_NETFILTER_ADVANCED=y CONFIG_BRIDGE_NETFILTER=y # # Core Netfilter Configuration # CONFIG_NETFILTER_NETLINK=y CONFIG_NETFILTER_NETLINK_QUEUE=y CONFIG_NETFILTER_NETLINK_LOG=y CONFIG_NF_CONNTRACK=y CONFIG_NF_CT_ACCT=y CONFIG_NF_CONNTRACK_MARK=y CONFIG_NF_CONNTRACK_EVENTS=y CONFIG_NF_CT_PROTO_DCCP=y CONFIG_NF_CT_PROTO_GRE=y CONFIG_NF_CT_PROTO_SCTP=y CONFIG_NF_CT_PROTO_UDPLITE=y CONFIG_NF_CONNTRACK_AMANDA=y CONFIG_NF_CONNTRACK_FTP=y CONFIG_NF_CONNTRACK_H323=y CONFIG_NF_CONNTRACK_IRC=y CONFIG_NF_CONNTRACK_NETBIOS_NS=y CONFIG_NF_CONNTRACK_PPTP=y CONFIG_NF_CONNTRACK_SANE=y CONFIG_NF_CONNTRACK_SIP=y CONFIG_NF_CONNTRACK_TFTP=y CONFIG_NF_CT_NETLINK=y CONFIG_NETFILTER_XTABLES=y CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y CONFIG_NETFILTER_XT_TARGET_CONNMARK=y CONFIG_NETFILTER_XT_TARGET_DSCP=y CONFIG_NETFILTER_XT_TARGET_MARK=y CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y CONFIG_NETFILTER_XT_TARGET_NFLOG=y CONFIG_NETFILTER_XT_TARGET_NOTRACK=y CONFIG_NETFILTER_XT_TARGET_RATEEST=y CONFIG_NETFILTER_XT_TARGET_TRACE=y CONFIG_NETFILTER_XT_TARGET_TCPMSS=y CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=y CONFIG_NETFILTER_XT_MATCH_COMMENT=y CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y CONFIG_NETFILTER_XT_MATCH_CONNMARK=y CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y CONFIG_NETFILTER_XT_MATCH_DCCP=y CONFIG_NETFILTER_XT_MATCH_DSCP=y CONFIG_NETFILTER_XT_MATCH_ESP=y CONFIG_NETFILTER_XT_MATCH_HELPER=y CONFIG_NETFILTER_XT_MATCH_IPRANGE=y CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y CONFIG_NETFILTER_XT_MATCH_MAC=y CONFIG_NETFILTER_XT_MATCH_MARK=y CONFIG_NETFILTER_XT_MATCH_OWNER=y CONFIG_NETFILTER_XT_MATCH_POLICY=y CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y CONFIG_NETFILTER_XT_MATCH_PHYSDEV=y CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y CONFIG_NETFILTER_XT_MATCH_QUOTA=y CONFIG_NETFILTER_XT_MATCH_RATEEST=y CONFIG_NETFILTER_XT_MATCH_REALM=y CONFIG_NETFILTER_XT_MATCH_SCTP=y CONFIG_NETFILTER_XT_MATCH_STATE=y CONFIG_NETFILTER_XT_MATCH_STATISTIC=y CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y CONFIG_NETFILTER_XT_MATCH_TIME=y CONFIG_NETFILTER_XT_MATCH_U32=y CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y # # IP: Netfilter Configuration # CONFIG_NF_CONNTRACK_IPV4=y CONFIG_NF_CONNTRACK_PROC_COMPAT=y CONFIG_IP_NF_QUEUE=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_RECENT=y CONFIG_IP_NF_MATCH_ECN=y CONFIG_IP_NF_MATCH_AH=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_MATCH_ADDRTYPE=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_TARGET_LOG=y CONFIG_IP_NF_TARGET_ULOG=y CONFIG_NF_NAT=y CONFIG_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=y CONFIG_IP_NF_TARGET_REDIRECT=y CONFIG_IP_NF_TARGET_NETMAP=y CONFIG_NF_NAT_SNMP_BASIC=y CONFIG_NF_NAT_PROTO_DCCP=y CONFIG_NF_NAT_PROTO_GRE=y CONFIG_NF_NAT_PROTO_UDPLITE=y CONFIG_NF_NAT_PROTO_SCTP=y CONFIG_NF_NAT_FTP=y CONFIG_NF_NAT_IRC=y CONFIG_NF_NAT_TFTP=y CONFIG_NF_NAT_AMANDA=y CONFIG_NF_NAT_PPTP=y CONFIG_NF_NAT_H323=y CONFIG_NF_NAT_SIP=y CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_TARGET_ECN=y CONFIG_IP_NF_TARGET_TTL=y CONFIG_IP_NF_TARGET_CLUSTERIP=y CONFIG_IP_NF_RAW=y CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_ARPFILTER=y CONFIG_IP_NF_ARP_MANGLE=y # # IPv6: Netfilter Configuration # CONFIG_NF_CONNTRACK_IPV6=y CONFIG_IP6_NF_QUEUE=y CONFIG_IP6_NF_IPTABLES=y CONFIG_IP6_NF_MATCH_RT=y CONFIG_IP6_NF_MATCH_OPTS=y CONFIG_IP6_NF_MATCH_FRAG=y CONFIG_IP6_NF_MATCH_HL=y CONFIG_IP6_NF_MATCH_IPV6HEADER=y CONFIG_IP6_NF_MATCH_AH=y CONFIG_IP6_NF_MATCH_MH=y CONFIG_IP6_NF_MATCH_EUI64=y CONFIG_IP6_NF_FILTER=y CONFIG_IP6_NF_TARGET_LOG=y CONFIG_IP6_NF_TARGET_REJECT=y CONFIG_IP6_NF_MANGLE=y CONFIG_IP6_NF_TARGET_HL=y CONFIG_IP6_NF_RAW=y # # Bridge: Netfilter Configuration # CONFIG_BRIDGE_NF_EBTABLES=y CONFIG_BRIDGE_EBT_BROUTE=y CONFIG_BRIDGE_EBT_T_FILTER=y CONFIG_BRIDGE_EBT_T_NAT=y CONFIG_BRIDGE_EBT_802_3=y CONFIG_BRIDGE_EBT_AMONG=y CONFIG_BRIDGE_EBT_ARP=y CONFIG_BRIDGE_EBT_IP=y CONFIG_BRIDGE_EBT_IP6=y CONFIG_BRIDGE_EBT_LIMIT=y CONFIG_BRIDGE_EBT_MARK=y CONFIG_BRIDGE_EBT_PKTTYPE=y CONFIG_BRIDGE_EBT_STP=y CONFIG_BRIDGE_EBT_VLAN=y CONFIG_BRIDGE_EBT_ARPREPLY=y CONFIG_BRIDGE_EBT_DNAT=y CONFIG_BRIDGE_EBT_MARK_T=y CONFIG_BRIDGE_EBT_REDIRECT=y CONFIG_BRIDGE_EBT_SNAT=y CONFIG_BRIDGE_EBT_LOG=y CONFIG_BRIDGE_EBT_ULOG=y CONFIG_BRIDGE_EBT_NFLOG=y CONFIG_GHOSTIFICATION_NETFILTER=y CONFIG_GHOSTIFICATION_NETFILTER_ALL=y # CONFIG_IP_DCCP is not set # CONFIG_IP_SCTP is not set # CONFIG_TIPC is not set # CONFIG_ATM is not set CONFIG_STP=y CONFIG_GARP=y CONFIG_BRIDGE=y CONFIG_VLAN_8021Q=y CONFIG_VLAN_8021Q_GVRP=y # CONFIG_DECNET is not set CONFIG_LLC=y CONFIG_LLC2=y # CONFIG_IPX is not set # CONFIG_ATALK is not set # CONFIG_X25 is not set # CONFIG_LAPB is not set # CONFIG_ECONET is not set # CONFIG_WAN_ROUTER is not set CONFIG_NET_SCHED=y # # Queueing/Scheduling # CONFIG_NET_SCH_CBQ=y CONFIG_NET_SCH_HTB=y CONFIG_NET_SCH_HFSC=y CONFIG_NET_SCH_PRIO=y CONFIG_NET_SCH_RED=y CONFIG_NET_SCH_SFQ=y CONFIG_NET_SCH_TEQL=y CONFIG_NET_SCH_TBF=y CONFIG_NET_SCH_GRED=y CONFIG_NET_SCH_DSMARK=y CONFIG_NET_SCH_NETEM=y # CONFIG_NET_SCH_INGRESS is not set # # Classification # CONFIG_NET_CLS=y CONFIG_NET_CLS_BASIC=y CONFIG_NET_CLS_TCINDEX=y CONFIG_NET_CLS_ROUTE4=y CONFIG_NET_CLS_ROUTE=y CONFIG_NET_CLS_FW=y CONFIG_NET_CLS_U32=y CONFIG_CLS_U32_PERF=y CONFIG_CLS_U32_MARK=y CONFIG_NET_CLS_RSVP=y CONFIG_NET_CLS_RSVP6=y CONFIG_NET_CLS_FLOW=y CONFIG_NET_EMATCH=y CONFIG_NET_EMATCH_STACK=32 CONFIG_NET_EMATCH_CMP=y CONFIG_NET_EMATCH_NBYTE=y CONFIG_NET_EMATCH_U32=y CONFIG_NET_EMATCH_META=y CONFIG_NET_EMATCH_TEXT=y CONFIG_NET_CLS_ACT=y CONFIG_NET_ACT_POLICE=y CONFIG_NET_ACT_GACT=y CONFIG_GACT_PROB=y CONFIG_NET_ACT_MIRRED=y CONFIG_NET_ACT_IPT=y CONFIG_NET_ACT_NAT=y CONFIG_NET_ACT_PEDIT=y # CONFIG_NET_ACT_SIMP is not set CONFIG_NET_CLS_IND=y CONFIG_NET_SCH_FIFO=y # # Network testing # # CONFIG_NET_PKTGEN is not set # CONFIG_HAMRADIO is not set # CONFIG_CAN is not set # CONFIG_IRDA is not set # CONFIG_BT is not set # CONFIG_AF_RXRPC is not set CONFIG_FIB_RULES=y # # Wireless # # CONFIG_CFG80211 is not set # CONFIG_WIRELESS_EXT is not set # CONFIG_MAC80211 is not set # CONFIG_IEEE80211 is not set # CONFIG_RFKILL is not set # CONFIG_NET_9P is not set CONFIG_GHOSTIFICATION=y CONFIG_GHOSTIFICATION_NUM=9 CONFIG_GHOSTIFICATION_MESG=y CONFIG_GHOSTIFICATION_PRINTK=y # CONFIG_GHOSTIFICATION_DEBUG is not set # CONFIG_GHOSTIFICATION_DEVEL is not set # # UML Network Devices # CONFIG_UML_NET=y CONFIG_UML_NET_ETHERTAP=y CONFIG_UML_NET_TUNTAP=y CONFIG_UML_NET_SLIP=y CONFIG_UML_NET_DAEMON=y CONFIG_UML_NET_VDE=y CONFIG_UML_NET_MCAST=y CONFIG_UML_NET_PCAP=y CONFIG_UML_NET_SLIRP=y CONFIG_NETDEVICES=y # CONFIG_IFB is not set CONFIG_DUMMY=y CONFIG_BONDING=y CONFIG_MACVLAN=y # CONFIG_EQUALIZER is not set CONFIG_TUN=y # CONFIG_VETH is not set # # Wireless LAN # # CONFIG_WLAN_PRE80211 is not set # CONFIG_WLAN_80211 is not set # CONFIG_IWLWIFI_LEDS is not set # CONFIG_WAN is not set CONFIG_PPP=y # CONFIG_PPP_MULTILINK is not set # CONFIG_PPP_FILTER is not set # CONFIG_PPP_ASYNC is not set # CONFIG_PPP_SYNC_TTY is not set # CONFIG_PPP_DEFLATE is not set # CONFIG_PPP_BSDCOMP is not set # CONFIG_PPP_MPPE is not set # CONFIG_PPPOE is not set # CONFIG_PPPOL2TP is not set CONFIG_SLIP=y # CONFIG_SLIP_COMPRESSED is not set CONFIG_SLHC=y # CONFIG_SLIP_SMART is not set # CONFIG_SLIP_MODE_SLIP6 is not set # CONFIG_NETCONSOLE is not set # CONFIG_NETPOLL is not set # CONFIG_NET_POLL_CONTROLLER is not set # CONFIG_CONNECTOR is not set # # File systems # CONFIG_EXT2_FS=y CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_POSIX_ACL=y # CONFIG_EXT2_FS_SECURITY is not set # CONFIG_EXT2_FS_XIP is not set CONFIG_EXT3_FS=y CONFIG_EXT3_FS_XATTR=y CONFIG_EXT3_FS_POSIX_ACL=y CONFIG_EXT3_FS_SECURITY=y # CONFIG_EXT4DEV_FS is not set CONFIG_JBD=y CONFIG_FS_MBCACHE=y # CONFIG_REISERFS_FS is not set # CONFIG_JFS_FS is not set CONFIG_FS_POSIX_ACL=y # CONFIG_XFS_FS is not set # CONFIG_OCFS2_FS is not set CONFIG_DNOTIFY=y CONFIG_INOTIFY=y CONFIG_INOTIFY_USER=y CONFIG_QUOTA=y # CONFIG_QUOTA_NETLINK_INTERFACE is not set CONFIG_PRINT_QUOTA_WARNING=y # CONFIG_QFMT_V1 is not set # CONFIG_QFMT_V2 is not set CONFIG_QUOTACTL=y CONFIG_AUTOFS_FS=y CONFIG_AUTOFS4_FS=y # CONFIG_FUSE_FS is not set # # CD-ROM/DVD Filesystems # # CONFIG_ISO9660_FS is not set # CONFIG_UDF_FS is not set # # DOS/FAT/NT Filesystems # # CONFIG_MSDOS_FS is not set # CONFIG_VFAT_FS is not set # CONFIG_NTFS_FS is not set # # Pseudo filesystems # CONFIG_PROC_FS=y CONFIG_PROC_KCORE=y CONFIG_PROC_SYSCTL=y CONFIG_SYSFS=y CONFIG_TMPFS=y # CONFIG_TMPFS_POSIX_ACL is not set # CONFIG_HUGETLB_PAGE is not set # CONFIG_CONFIGFS_FS is not set # # Miscellaneous filesystems # # CONFIG_ADFS_FS is not set # CONFIG_AFFS_FS is not set # CONFIG_HFS_FS is not set # CONFIG_HFSPLUS_FS is not set # CONFIG_BEFS_FS is not set # CONFIG_BFS_FS is not set # CONFIG_EFS_FS is not set # CONFIG_CRAMFS is not set # CONFIG_VXFS_FS is not set # CONFIG_MINIX_FS is not set # CONFIG_OMFS_FS is not set # CONFIG_HPFS_FS is not set # CONFIG_QNX4FS_FS is not set # CONFIG_ROMFS_FS is not set # CONFIG_SYSV_FS is not set # CONFIG_UFS_FS is not set CONFIG_NETWORK_FILESYSTEMS=y CONFIG_NFS_FS=y CONFIG_NFS_V3=y CONFIG_NFS_V3_ACL=y CONFIG_NFS_V4=y CONFIG_NFSD=y CONFIG_NFSD_V2_ACL=y CONFIG_NFSD_V3=y CONFIG_NFSD_V3_ACL=y CONFIG_NFSD_V4=y CONFIG_LOCKD=y CONFIG_LOCKD_V4=y CONFIG_EXPORTFS=y CONFIG_NFS_ACL_SUPPORT=y CONFIG_NFS_COMMON=y CONFIG_SUNRPC=y CONFIG_SUNRPC_GSS=y CONFIG_RPCSEC_GSS_KRB5=y CONFIG_RPCSEC_GSS_SPKM3=y # CONFIG_SMB_FS is not set CONFIG_CIFS=y # CONFIG_CIFS_STATS is not set # CONFIG_CIFS_WEAK_PW_HASH is not set CONFIG_CIFS_XATTR=y CONFIG_CIFS_POSIX=y CONFIG_CIFS_DEBUG2=y # CONFIG_CIFS_EXPERIMENTAL is not set # CONFIG_NCP_FS is not set # CONFIG_CODA_FS is not set # CONFIG_AFS_FS is not set # # Partition Types # CONFIG_PARTITION_ADVANCED=y # CONFIG_ACORN_PARTITION is not set # CONFIG_OSF_PARTITION is not set # CONFIG_AMIGA_PARTITION is not set # CONFIG_ATARI_PARTITION is not set # CONFIG_MAC_PARTITION is not set CONFIG_MSDOS_PARTITION=y # CONFIG_BSD_DISKLABEL is not set # CONFIG_MINIX_SUBPARTITION is not set # CONFIG_SOLARIS_X86_PARTITION is not set # CONFIG_UNIXWARE_DISKLABEL is not set # CONFIG_LDM_PARTITION is not set # CONFIG_SGI_PARTITION is not set # CONFIG_ULTRIX_PARTITION is not set # CONFIG_SUN_PARTITION is not set # CONFIG_KARMA_PARTITION is not set # CONFIG_EFI_PARTITION is not set # CONFIG_SYSV68_PARTITION is not set CONFIG_NLS=y CONFIG_NLS_DEFAULT="iso8859-1" # CONFIG_NLS_CODEPAGE_437 is not set # CONFIG_NLS_CODEPAGE_737 is not set # CONFIG_NLS_CODEPAGE_775 is not set # CONFIG_NLS_CODEPAGE_850 is not set # CONFIG_NLS_CODEPAGE_852 is not set # CONFIG_NLS_CODEPAGE_855 is not set # CONFIG_NLS_CODEPAGE_857 is not set # CONFIG_NLS_CODEPAGE_860 is not set # CONFIG_NLS_CODEPAGE_861 is not set # CONFIG_NLS_CODEPAGE_862 is not set # CONFIG_NLS_CODEPAGE_863 is not set # CONFIG_NLS_CODEPAGE_864 is not set # CONFIG_NLS_CODEPAGE_865 is not set # CONFIG_NLS_CODEPAGE_866 is not set # CONFIG_NLS_CODEPAGE_869 is not set # CONFIG_NLS_CODEPAGE_936 is not set # CONFIG_NLS_CODEPAGE_950 is not set # CONFIG_NLS_CODEPAGE_932 is not set # CONFIG_NLS_CODEPAGE_949 is not set # CONFIG_NLS_CODEPAGE_874 is not set # CONFIG_NLS_ISO8859_8 is not set # CONFIG_NLS_CODEPAGE_1250 is not set # CONFIG_NLS_CODEPAGE_1251 is not set # CONFIG_NLS_ASCII is not set # CONFIG_NLS_ISO8859_1 is not set # CONFIG_NLS_ISO8859_2 is not set # CONFIG_NLS_ISO8859_3 is not set # CONFIG_NLS_ISO8859_4 is not set # CONFIG_NLS_ISO8859_5 is not set # CONFIG_NLS_ISO8859_6 is not set # CONFIG_NLS_ISO8859_7 is not set # CONFIG_NLS_ISO8859_9 is not set # CONFIG_NLS_ISO8859_13 is not set # CONFIG_NLS_ISO8859_14 is not set # CONFIG_NLS_ISO8859_15 is not set # CONFIG_NLS_KOI8_R is not set # CONFIG_NLS_KOI8_U is not set # CONFIG_NLS_UTF8 is not set # CONFIG_DLM is not set # # Security options # # CONFIG_KEYS is not set # CONFIG_SECURITY is not set # CONFIG_SECURITY_FILE_CAPABILITIES is not set CONFIG_CRYPTO=y # # Crypto core or helper # CONFIG_CRYPTO_ALGAPI=y CONFIG_CRYPTO_AEAD=y CONFIG_CRYPTO_BLKCIPHER=y CONFIG_CRYPTO_HASH=y CONFIG_CRYPTO_MANAGER=y # CONFIG_CRYPTO_GF128MUL is not set # CONFIG_CRYPTO_NULL is not set # CONFIG_CRYPTO_CRYPTD is not set CONFIG_CRYPTO_AUTHENC=y # # Authenticated Encryption with Associated Data # # CONFIG_CRYPTO_CCM is not set # CONFIG_CRYPTO_GCM is not set # CONFIG_CRYPTO_SEQIV is not set # # Block modes # CONFIG_CRYPTO_CBC=y # CONFIG_CRYPTO_CTR is not set # CONFIG_CRYPTO_CTS is not set # CONFIG_CRYPTO_ECB is not set # CONFIG_CRYPTO_LRW is not set # CONFIG_CRYPTO_PCBC is not set # CONFIG_CRYPTO_XTS is not set # # Hash modes # CONFIG_CRYPTO_HMAC=y # CONFIG_CRYPTO_XCBC is not set # # Digest # # CONFIG_CRYPTO_CRC32C is not set # CONFIG_CRYPTO_MD4 is not set CONFIG_CRYPTO_MD5=y # CONFIG_CRYPTO_MICHAEL_MIC is not set # CONFIG_CRYPTO_RMD128 is not set # CONFIG_CRYPTO_RMD160 is not set # CONFIG_CRYPTO_RMD256 is not set # CONFIG_CRYPTO_RMD320 is not set CONFIG_CRYPTO_SHA1=y # CONFIG_CRYPTO_SHA256 is not set # CONFIG_CRYPTO_SHA512 is not set # CONFIG_CRYPTO_TGR192 is not set # CONFIG_CRYPTO_WP512 is not set # # Ciphers # # CONFIG_CRYPTO_AES is not set # CONFIG_CRYPTO_AES_586 is not set # CONFIG_CRYPTO_ANUBIS is not set # CONFIG_CRYPTO_ARC4 is not set # CONFIG_CRYPTO_BLOWFISH is not set # CONFIG_CRYPTO_CAMELLIA is not set CONFIG_CRYPTO_CAST5=y # CONFIG_CRYPTO_CAST6 is not set CONFIG_CRYPTO_DES=y # CONFIG_CRYPTO_FCRYPT is not set # CONFIG_CRYPTO_KHAZAD is not set # CONFIG_CRYPTO_SALSA20 is not set # CONFIG_CRYPTO_SALSA20_586 is not set # CONFIG_CRYPTO_SEED is not set # CONFIG_CRYPTO_SERPENT is not set # CONFIG_CRYPTO_TEA is not set # CONFIG_CRYPTO_TWOFISH is not set # CONFIG_CRYPTO_TWOFISH_586 is not set # # Compression # CONFIG_CRYPTO_DEFLATE=y # CONFIG_CRYPTO_LZO is not set CONFIG_CRYPTO_HW=y # # Library routines # CONFIG_BITREVERSE=y CONFIG_GENERIC_FIND_FIRST_BIT=y CONFIG_GENERIC_FIND_NEXT_BIT=y # CONFIG_CRC_CCITT is not set CONFIG_CRC16=y # CONFIG_CRC_T10DIF is not set # CONFIG_CRC_ITU_T is not set CONFIG_CRC32=y # CONFIG_CRC7 is not set CONFIG_LIBCRC32C=y CONFIG_ZLIB_INFLATE=y CONFIG_ZLIB_DEFLATE=y CONFIG_TEXTSEARCH=y CONFIG_TEXTSEARCH_KMP=y CONFIG_TEXTSEARCH_BM=y CONFIG_TEXTSEARCH_FSM=y CONFIG_PLIST=y CONFIG_HAS_DMA=y # # SCSI device support # # CONFIG_RAID_ATTRS is not set # CONFIG_SCSI is not set # CONFIG_SCSI_DMA is not set # CONFIG_SCSI_NETLINK is not set CONFIG_MD=y # CONFIG_BLK_DEV_MD is not set CONFIG_BLK_DEV_DM=y # CONFIG_DM_DEBUG is not set CONFIG_DM_CRYPT=y CONFIG_DM_SNAPSHOT=y CONFIG_DM_MIRROR=y # CONFIG_DM_ZERO is not set # CONFIG_DM_MULTIPATH is not set # CONFIG_DM_DELAY is not set # CONFIG_DM_UEVENT is not set # CONFIG_NEW_LEDS is not set # CONFIG_INPUT is not set # # Kernel hacking # # CONFIG_PRINTK_TIME is not set # CONFIG_ENABLE_WARN_DEPRECATED is not set CONFIG_ENABLE_MUST_CHECK=y CONFIG_FRAME_WARN=1024 # CONFIG_UNUSED_SYMBOLS is not set # CONFIG_DEBUG_FS is not set # CONFIG_DEBUG_KERNEL is not set CONFIG_DEBUG_BUGVERBOSE=y CONFIG_DEBUG_MEMORY_INIT=y CONFIG_SYSCTL_SYSCALL_CHECK=y # CONFIG_SAMPLES is not set # CONFIG_DEBUG_STACK_USAGE is not set marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/CONFIG-2.6.32_x86_640000644000175000017500000005675413175722671024307 0ustar lucaslucas# # Automatically generated make config: don't edit # Linux kernel version: 2.6.32 # Sat Dec 5 12:29:27 2009 # CONFIG_DEFCONFIG_LIST="arch/$ARCH/defconfig" CONFIG_GENERIC_HARDIRQS=y CONFIG_UML=y CONFIG_MMU=y CONFIG_NO_IOMEM=y # CONFIG_TRACE_IRQFLAGS_SUPPORT is not set CONFIG_LOCKDEP_SUPPORT=y # CONFIG_STACKTRACE_SUPPORT is not set CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_TIME=y CONFIG_GENERIC_CLOCKEVENTS=y CONFIG_IRQ_RELEASE_METHOD=y CONFIG_HZ=100 # # UML-specific options # # # Host processor type and features # # CONFIG_M386 is not set # CONFIG_M486 is not set # CONFIG_M586 is not set # CONFIG_M586TSC is not set # CONFIG_M586MMX is not set # CONFIG_M686 is not set # CONFIG_MPENTIUMII is not set # CONFIG_MPENTIUMIII is not set # CONFIG_MPENTIUMM is not set # CONFIG_MPENTIUM4 is not set # CONFIG_MK6 is not set # CONFIG_MK7 is not set CONFIG_MK8=y # CONFIG_MCRUSOE is not set # CONFIG_MEFFICEON is not set # CONFIG_MWINCHIPC6 is not set # CONFIG_MWINCHIP3D is not set # CONFIG_MGEODEGX1 is not set # CONFIG_MGEODE_LX is not set # CONFIG_MCYRIXIII is not set # CONFIG_MVIAC3_2 is not set # CONFIG_MVIAC7 is not set # CONFIG_MPSC is not set # CONFIG_MCORE2 is not set # CONFIG_MATOM is not set # CONFIG_GENERIC_CPU is not set CONFIG_X86_CPU=y CONFIG_X86_L1_CACHE_BYTES=64 CONFIG_X86_INTERNODE_CACHE_BYTES=64 # CONFIG_X86_CMPXCHG is not set CONFIG_X86_L1_CACHE_SHIFT=6 CONFIG_X86_WP_WORKS_OK=y CONFIG_X86_INTEL_USERCOPY=y CONFIG_X86_USE_PPRO_CHECKSUM=y CONFIG_X86_TSC=y CONFIG_X86_CMPXCHG64=y CONFIG_X86_CMOV=y CONFIG_X86_MINIMUM_CPU_FAMILY=3 CONFIG_CPU_SUP_INTEL=y CONFIG_CPU_SUP_AMD=y CONFIG_CPU_SUP_CENTAUR=y CONFIG_UML_X86=y CONFIG_64BIT=y # CONFIG_X86_32 is not set # CONFIG_RWSEM_XCHGADD_ALGORITHM is not set CONFIG_RWSEM_GENERIC_SPINLOCK=y CONFIG_3_LEVEL_PGTABLES=y # CONFIG_ARCH_HAS_SC_SIGNALS is not set # CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA is not set CONFIG_SMP_BROKEN=y CONFIG_GENERIC_HWEIGHT=y # CONFIG_STATIC_LINK is not set CONFIG_SELECT_MEMORY_MODEL=y CONFIG_FLATMEM_MANUAL=y # CONFIG_DISCONTIGMEM_MANUAL is not set # CONFIG_SPARSEMEM_MANUAL is not set CONFIG_FLATMEM=y CONFIG_FLAT_NODE_MEM_MAP=y CONFIG_PAGEFLAGS_EXTENDED=y CONFIG_SPLIT_PTLOCK_CPUS=4 CONFIG_PHYS_ADDR_T_64BIT=y CONFIG_ZONE_DMA_FLAG=0 CONFIG_VIRT_TO_BUS=y CONFIG_HAVE_MLOCK=y CONFIG_HAVE_MLOCKED_PAGE_BIT=y # CONFIG_KSM is not set CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 CONFIG_TICK_ONESHOT=y CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y CONFIG_GENERIC_CLOCKEVENTS_BUILD=y CONFIG_LD_SCRIPT_DYN=y CONFIG_BINFMT_ELF=y # CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS is not set # CONFIG_HAVE_AOUT is not set CONFIG_BINFMT_MISC=y CONFIG_HOSTFS=y # CONFIG_HPPFS is not set CONFIG_MCONSOLE=y CONFIG_MAGIC_SYSRQ=y CONFIG_KERNEL_STACK_ORDER=1 # # General setup # CONFIG_EXPERIMENTAL=y CONFIG_BROKEN_ON_SMP=y CONFIG_INIT_ENV_ARG_LIMIT=128 CONFIG_LOCALVERSION="-marionnet-ghost" CONFIG_LOCALVERSION_AUTO=y CONFIG_SWAP=y CONFIG_SYSVIPC=y CONFIG_SYSVIPC_SYSCTL=y CONFIG_POSIX_MQUEUE=y CONFIG_POSIX_MQUEUE_SYSCTL=y CONFIG_BSD_PROCESS_ACCT=y # CONFIG_BSD_PROCESS_ACCT_V3 is not set # CONFIG_TASKSTATS is not set # CONFIG_AUDIT is not set # # RCU Subsystem # CONFIG_TREE_RCU=y # CONFIG_TREE_PREEMPT_RCU is not set # CONFIG_RCU_TRACE is not set CONFIG_RCU_FANOUT=32 # CONFIG_RCU_FANOUT_EXACT is not set # CONFIG_TREE_RCU_TRACE is not set CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y CONFIG_LOG_BUF_SHIFT=14 # CONFIG_GROUP_SCHED is not set # CONFIG_CGROUPS is not set CONFIG_SYSFS_DEPRECATED=y CONFIG_SYSFS_DEPRECATED_V2=y # CONFIG_RELAY is not set CONFIG_NAMESPACES=y # CONFIG_UTS_NS is not set # CONFIG_IPC_NS is not set # CONFIG_USER_NS is not set # CONFIG_PID_NS is not set # CONFIG_NET_NS is not set # CONFIG_BLK_DEV_INITRD is not set CONFIG_CC_OPTIMIZE_FOR_SIZE=y CONFIG_SYSCTL=y CONFIG_ANON_INODES=y # CONFIG_EMBEDDED is not set CONFIG_UID16=y CONFIG_SYSCTL_SYSCALL=y CONFIG_KALLSYMS=y CONFIG_KALLSYMS_EXTRA_PASS=y CONFIG_HOTPLUG=y CONFIG_PRINTK=y CONFIG_BUG=y CONFIG_ELF_CORE=y CONFIG_BASE_FULL=y CONFIG_FUTEX=y CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_SHMEM=y CONFIG_AIO=y # # Kernel Performance Events And Counters # CONFIG_VM_EVENT_COUNTERS=y CONFIG_COMPAT_BRK=y CONFIG_SLAB=y # CONFIG_SLUB is not set # CONFIG_SLOB is not set # CONFIG_PROFILING is not set # # GCOV-based kernel profiling # CONFIG_SLOW_WORK=y # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set CONFIG_SLABINFO=y CONFIG_RT_MUTEXES=y CONFIG_BASE_SMALL=0 # CONFIG_MODULES is not set CONFIG_BLOCK=y # CONFIG_BLK_DEV_BSG is not set # CONFIG_BLK_DEV_INTEGRITY is not set # # IO Schedulers # CONFIG_IOSCHED_NOOP=y CONFIG_IOSCHED_AS=y CONFIG_IOSCHED_DEADLINE=y CONFIG_IOSCHED_CFQ=y CONFIG_DEFAULT_AS=y # CONFIG_DEFAULT_DEADLINE is not set # CONFIG_DEFAULT_CFQ is not set # CONFIG_DEFAULT_NOOP is not set CONFIG_DEFAULT_IOSCHED="anticipatory" # CONFIG_FREEZER is not set CONFIG_BLK_DEV=y CONFIG_BLK_DEV_UBD=y # CONFIG_BLK_DEV_UBD_SYNC is not set CONFIG_BLK_DEV_COW_COMMON=y CONFIG_BLK_DEV_LOOP=y # CONFIG_BLK_DEV_CRYPTOLOOP is not set CONFIG_BLK_DEV_NBD=y # CONFIG_BLK_DEV_RAM is not set # CONFIG_ATA_OVER_ETH is not set # # Character Devices # CONFIG_STDERR_CONSOLE=y CONFIG_STDIO_CONSOLE=y CONFIG_SSL=y CONFIG_NULL_CHAN=y CONFIG_PORT_CHAN=y CONFIG_PTY_CHAN=y CONFIG_TTY_CHAN=y CONFIG_XTERM_CHAN=y # CONFIG_NOCONFIG_CHAN is not set CONFIG_CON_ZERO_CHAN="fd:0,fd:1" CONFIG_CON_CHAN="xterm" CONFIG_SSL_CHAN="pts" CONFIG_UNIX98_PTYS=y CONFIG_LEGACY_PTYS=y # CONFIG_RAW_DRIVER is not set CONFIG_LEGACY_PTY_COUNT=32 # CONFIG_WATCHDOG is not set CONFIG_UML_SOUND=y CONFIG_SOUND=y CONFIG_SOUND_OSS_CORE=y CONFIG_HOSTAUDIO=y # CONFIG_HW_RANDOM is not set CONFIG_UML_RANDOM=y # CONFIG_MMAPPER is not set # # Generic Driver Options # CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" # CONFIG_DEVTMPFS is not set CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y CONFIG_FW_LOADER=y CONFIG_FIRMWARE_IN_KERNEL=y CONFIG_EXTRA_FIRMWARE="" # CONFIG_SYS_HYPERVISOR is not set CONFIG_NET=y # # Networking options # CONFIG_PACKET=y CONFIG_PACKET_MMAP=y CONFIG_UNIX=y CONFIG_XFRM=y CONFIG_XFRM_USER=y # CONFIG_XFRM_SUB_POLICY is not set # CONFIG_XFRM_MIGRATE is not set # CONFIG_XFRM_STATISTICS is not set CONFIG_XFRM_IPCOMP=y CONFIG_NET_KEY=y # CONFIG_NET_KEY_MIGRATE is not set CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_ASK_IP_FIB_HASH=y # CONFIG_IP_FIB_TRIE is not set CONFIG_IP_FIB_HASH=y CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_VERBOSE=y # CONFIG_IP_PNP is not set CONFIG_NET_IPIP=y CONFIG_NET_IPGRE=y CONFIG_NET_IPGRE_BROADCAST=y CONFIG_IP_MROUTE=y # CONFIG_IP_PIMSM_V1 is not set CONFIG_IP_PIMSM_V2=y CONFIG_ARPD=y CONFIG_SYN_COOKIES=y CONFIG_INET_AH=y CONFIG_INET_ESP=y CONFIG_INET_IPCOMP=y CONFIG_INET_XFRM_TUNNEL=y CONFIG_INET_TUNNEL=y CONFIG_INET_XFRM_MODE_TRANSPORT=y CONFIG_INET_XFRM_MODE_TUNNEL=y CONFIG_INET_XFRM_MODE_BEET=y # CONFIG_INET_LRO is not set CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y # CONFIG_TCP_CONG_ADVANCED is not set CONFIG_TCP_CONG_CUBIC=y CONFIG_DEFAULT_TCP_CONG="cubic" # CONFIG_TCP_MD5SIG is not set CONFIG_IPV6=y # CONFIG_IPV6_PRIVACY is not set # CONFIG_IPV6_ROUTER_PREF is not set # CONFIG_IPV6_OPTIMISTIC_DAD is not set # CONFIG_INET6_AH is not set # CONFIG_INET6_ESP is not set # CONFIG_INET6_IPCOMP is not set # CONFIG_IPV6_MIP6 is not set # CONFIG_INET6_XFRM_TUNNEL is not set # CONFIG_INET6_TUNNEL is not set CONFIG_INET6_XFRM_MODE_TRANSPORT=y CONFIG_INET6_XFRM_MODE_TUNNEL=y CONFIG_INET6_XFRM_MODE_BEET=y # CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set CONFIG_IPV6_SIT=y CONFIG_IPV6_NDISC_NODETYPE=y # CONFIG_IPV6_TUNNEL is not set # CONFIG_IPV6_MULTIPLE_TABLES is not set # CONFIG_IPV6_MROUTE is not set # CONFIG_NETWORK_SECMARK is not set CONFIG_NETFILTER=y # CONFIG_NETFILTER_DEBUG is not set CONFIG_NETFILTER_ADVANCED=y CONFIG_BRIDGE_NETFILTER=y # # Core Netfilter Configuration # CONFIG_NETFILTER_NETLINK=y CONFIG_NETFILTER_NETLINK_QUEUE=y CONFIG_NETFILTER_NETLINK_LOG=y CONFIG_NF_CONNTRACK=y CONFIG_NF_CT_ACCT=y CONFIG_NF_CONNTRACK_MARK=y CONFIG_NF_CONNTRACK_EVENTS=y CONFIG_NF_CT_PROTO_DCCP=y CONFIG_NF_CT_PROTO_GRE=y CONFIG_NF_CT_PROTO_SCTP=y CONFIG_NF_CT_PROTO_UDPLITE=y CONFIG_NF_CONNTRACK_AMANDA=y CONFIG_NF_CONNTRACK_FTP=y CONFIG_NF_CONNTRACK_H323=y CONFIG_NF_CONNTRACK_IRC=y CONFIG_NF_CONNTRACK_NETBIOS_NS=y CONFIG_NF_CONNTRACK_PPTP=y CONFIG_NF_CONNTRACK_SANE=y CONFIG_NF_CONNTRACK_SIP=y CONFIG_NF_CONNTRACK_TFTP=y CONFIG_NF_CT_NETLINK=y # CONFIG_NETFILTER_TPROXY is not set CONFIG_NETFILTER_XTABLES=y CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y CONFIG_NETFILTER_XT_TARGET_CONNMARK=y CONFIG_NETFILTER_XT_TARGET_DSCP=y CONFIG_NETFILTER_XT_TARGET_HL=y CONFIG_NETFILTER_XT_TARGET_MARK=y CONFIG_NETFILTER_XT_TARGET_NFLOG=y CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y CONFIG_NETFILTER_XT_TARGET_NOTRACK=y CONFIG_NETFILTER_XT_TARGET_RATEEST=y CONFIG_NETFILTER_XT_TARGET_TRACE=y CONFIG_NETFILTER_XT_TARGET_TCPMSS=y CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=y # CONFIG_NETFILTER_XT_MATCH_CLUSTER is not set CONFIG_NETFILTER_XT_MATCH_COMMENT=y CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y CONFIG_NETFILTER_XT_MATCH_CONNMARK=y CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y CONFIG_NETFILTER_XT_MATCH_DCCP=y CONFIG_NETFILTER_XT_MATCH_DSCP=y CONFIG_NETFILTER_XT_MATCH_ESP=y CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y CONFIG_NETFILTER_XT_MATCH_HELPER=y CONFIG_NETFILTER_XT_MATCH_HL=y CONFIG_NETFILTER_XT_MATCH_IPRANGE=y CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y CONFIG_NETFILTER_XT_MATCH_MAC=y CONFIG_NETFILTER_XT_MATCH_MARK=y CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y CONFIG_NETFILTER_XT_MATCH_OWNER=y CONFIG_NETFILTER_XT_MATCH_POLICY=y CONFIG_NETFILTER_XT_MATCH_PHYSDEV=y CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y CONFIG_NETFILTER_XT_MATCH_QUOTA=y CONFIG_NETFILTER_XT_MATCH_RATEEST=y CONFIG_NETFILTER_XT_MATCH_REALM=y # CONFIG_NETFILTER_XT_MATCH_RECENT is not set CONFIG_NETFILTER_XT_MATCH_SCTP=y CONFIG_NETFILTER_XT_MATCH_STATE=y CONFIG_NETFILTER_XT_MATCH_STATISTIC=y CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y CONFIG_NETFILTER_XT_MATCH_TIME=y CONFIG_NETFILTER_XT_MATCH_U32=y # CONFIG_NETFILTER_XT_MATCH_OSF is not set # CONFIG_IP_VS is not set # # IP: Netfilter Configuration # CONFIG_NF_DEFRAG_IPV4=y CONFIG_NF_CONNTRACK_IPV4=y CONFIG_NF_CONNTRACK_PROC_COMPAT=y CONFIG_IP_NF_QUEUE=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_ADDRTYPE=y CONFIG_IP_NF_MATCH_AH=y CONFIG_IP_NF_MATCH_ECN=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_TARGET_LOG=y CONFIG_IP_NF_TARGET_ULOG=y CONFIG_NF_NAT=y CONFIG_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=y CONFIG_IP_NF_TARGET_NETMAP=y CONFIG_IP_NF_TARGET_REDIRECT=y CONFIG_NF_NAT_SNMP_BASIC=y CONFIG_NF_NAT_PROTO_DCCP=y CONFIG_NF_NAT_PROTO_GRE=y CONFIG_NF_NAT_PROTO_UDPLITE=y CONFIG_NF_NAT_PROTO_SCTP=y CONFIG_NF_NAT_FTP=y CONFIG_NF_NAT_IRC=y CONFIG_NF_NAT_TFTP=y CONFIG_NF_NAT_AMANDA=y CONFIG_NF_NAT_PPTP=y CONFIG_NF_NAT_H323=y CONFIG_NF_NAT_SIP=y CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_TARGET_CLUSTERIP=y CONFIG_IP_NF_TARGET_ECN=y CONFIG_IP_NF_TARGET_TTL=y CONFIG_IP_NF_RAW=y CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_ARPFILTER=y CONFIG_IP_NF_ARP_MANGLE=y # # IPv6: Netfilter Configuration # CONFIG_NF_CONNTRACK_IPV6=y CONFIG_IP6_NF_QUEUE=y CONFIG_IP6_NF_IPTABLES=y CONFIG_IP6_NF_MATCH_AH=y CONFIG_IP6_NF_MATCH_EUI64=y CONFIG_IP6_NF_MATCH_FRAG=y CONFIG_IP6_NF_MATCH_OPTS=y CONFIG_IP6_NF_MATCH_HL=y CONFIG_IP6_NF_MATCH_IPV6HEADER=y CONFIG_IP6_NF_MATCH_MH=y CONFIG_IP6_NF_MATCH_RT=y CONFIG_IP6_NF_TARGET_HL=y CONFIG_IP6_NF_TARGET_LOG=y CONFIG_IP6_NF_FILTER=y CONFIG_IP6_NF_TARGET_REJECT=y CONFIG_IP6_NF_MANGLE=y CONFIG_IP6_NF_RAW=y CONFIG_BRIDGE_NF_EBTABLES=y CONFIG_BRIDGE_EBT_BROUTE=y CONFIG_BRIDGE_EBT_T_FILTER=y CONFIG_BRIDGE_EBT_T_NAT=y CONFIG_BRIDGE_EBT_802_3=y CONFIG_BRIDGE_EBT_AMONG=y CONFIG_BRIDGE_EBT_ARP=y CONFIG_BRIDGE_EBT_IP=y CONFIG_BRIDGE_EBT_IP6=y CONFIG_BRIDGE_EBT_LIMIT=y CONFIG_BRIDGE_EBT_MARK=y CONFIG_BRIDGE_EBT_PKTTYPE=y CONFIG_BRIDGE_EBT_STP=y CONFIG_BRIDGE_EBT_VLAN=y CONFIG_BRIDGE_EBT_ARPREPLY=y CONFIG_BRIDGE_EBT_DNAT=y CONFIG_BRIDGE_EBT_MARK_T=y CONFIG_BRIDGE_EBT_REDIRECT=y CONFIG_BRIDGE_EBT_SNAT=y CONFIG_BRIDGE_EBT_LOG=y CONFIG_BRIDGE_EBT_ULOG=y CONFIG_BRIDGE_EBT_NFLOG=y CONFIG_GHOSTIFICATION_NETFILTER=y CONFIG_GHOSTIFICATION_NETFILTER_ALL=y # CONFIG_IP_DCCP is not set # CONFIG_IP_SCTP is not set # CONFIG_RDS is not set # CONFIG_TIPC is not set # CONFIG_ATM is not set CONFIG_STP=y CONFIG_GARP=y CONFIG_BRIDGE=y # CONFIG_NET_DSA is not set CONFIG_VLAN_8021Q=y CONFIG_VLAN_8021Q_GVRP=y # CONFIG_DECNET is not set CONFIG_LLC=y CONFIG_LLC2=y # CONFIG_IPX is not set # CONFIG_ATALK is not set # CONFIG_X25 is not set # CONFIG_LAPB is not set # CONFIG_ECONET is not set # CONFIG_WAN_ROUTER is not set # CONFIG_PHONET is not set # CONFIG_IEEE802154 is not set CONFIG_NET_SCHED=y # # Queueing/Scheduling # CONFIG_NET_SCH_CBQ=y CONFIG_NET_SCH_HTB=y CONFIG_NET_SCH_HFSC=y CONFIG_NET_SCH_PRIO=y # CONFIG_NET_SCH_MULTIQ is not set CONFIG_NET_SCH_RED=y CONFIG_NET_SCH_SFQ=y CONFIG_NET_SCH_TEQL=y CONFIG_NET_SCH_TBF=y CONFIG_NET_SCH_GRED=y CONFIG_NET_SCH_DSMARK=y CONFIG_NET_SCH_NETEM=y # CONFIG_NET_SCH_DRR is not set # CONFIG_NET_SCH_INGRESS is not set # # Classification # CONFIG_NET_CLS=y CONFIG_NET_CLS_BASIC=y CONFIG_NET_CLS_TCINDEX=y CONFIG_NET_CLS_ROUTE4=y CONFIG_NET_CLS_ROUTE=y CONFIG_NET_CLS_FW=y CONFIG_NET_CLS_U32=y CONFIG_CLS_U32_PERF=y CONFIG_CLS_U32_MARK=y CONFIG_NET_CLS_RSVP=y CONFIG_NET_CLS_RSVP6=y CONFIG_NET_CLS_FLOW=y CONFIG_NET_EMATCH=y CONFIG_NET_EMATCH_STACK=32 CONFIG_NET_EMATCH_CMP=y CONFIG_NET_EMATCH_NBYTE=y CONFIG_NET_EMATCH_U32=y CONFIG_NET_EMATCH_META=y CONFIG_NET_EMATCH_TEXT=y CONFIG_NET_CLS_ACT=y CONFIG_NET_ACT_POLICE=y CONFIG_NET_ACT_GACT=y CONFIG_GACT_PROB=y CONFIG_NET_ACT_MIRRED=y CONFIG_NET_ACT_IPT=y CONFIG_NET_ACT_NAT=y CONFIG_NET_ACT_PEDIT=y # CONFIG_NET_ACT_SIMP is not set # CONFIG_NET_ACT_SKBEDIT is not set CONFIG_NET_CLS_IND=y CONFIG_NET_SCH_FIFO=y # CONFIG_DCB is not set # # Network testing # # CONFIG_NET_PKTGEN is not set # CONFIG_HAMRADIO is not set # CONFIG_CAN is not set # CONFIG_IRDA is not set # CONFIG_BT is not set # CONFIG_AF_RXRPC is not set CONFIG_FIB_RULES=y # CONFIG_WIRELESS is not set # CONFIG_WIMAX is not set # CONFIG_RFKILL is not set # CONFIG_NET_9P is not set CONFIG_GHOSTIFICATION=y CONFIG_GHOSTIFICATION_NUM=9 CONFIG_GHOSTIFICATION_MESG=y CONFIG_GHOSTIFICATION_PRINTK=y # CONFIG_GHOSTIFICATION_DEBUG is not set # CONFIG_GHOSTIFICATION_DEVEL is not set # # UML Network Devices # CONFIG_UML_NET=y CONFIG_UML_NET_ETHERTAP=y CONFIG_UML_NET_TUNTAP=y CONFIG_UML_NET_SLIP=y CONFIG_UML_NET_DAEMON=y CONFIG_UML_NET_VDE=y CONFIG_UML_NET_MCAST=y CONFIG_UML_NET_PCAP=y CONFIG_UML_NET_SLIRP=y CONFIG_NETDEVICES=y # CONFIG_IFB is not set CONFIG_DUMMY=y CONFIG_BONDING=y CONFIG_MACVLAN=y # CONFIG_EQUALIZER is not set CONFIG_TUN=y # CONFIG_VETH is not set # CONFIG_WLAN is not set # # Enable WiMAX (Networking options) to see the WiMAX drivers # # CONFIG_WAN is not set CONFIG_PPP=y # CONFIG_PPP_MULTILINK is not set # CONFIG_PPP_FILTER is not set # CONFIG_PPP_ASYNC is not set # CONFIG_PPP_SYNC_TTY is not set # CONFIG_PPP_DEFLATE is not set # CONFIG_PPP_BSDCOMP is not set # CONFIG_PPP_MPPE is not set # CONFIG_PPPOE is not set # CONFIG_PPPOL2TP is not set CONFIG_SLIP=y # CONFIG_SLIP_COMPRESSED is not set CONFIG_SLHC=y # CONFIG_SLIP_SMART is not set # CONFIG_SLIP_MODE_SLIP6 is not set # CONFIG_NETCONSOLE is not set # CONFIG_NETPOLL is not set # CONFIG_NET_POLL_CONTROLLER is not set # CONFIG_CONNECTOR is not set # # File systems # CONFIG_EXT2_FS=y CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_POSIX_ACL=y # CONFIG_EXT2_FS_SECURITY is not set # CONFIG_EXT2_FS_XIP is not set CONFIG_EXT3_FS=y CONFIG_EXT3_DEFAULTS_TO_ORDERED=y CONFIG_EXT3_FS_XATTR=y CONFIG_EXT3_FS_POSIX_ACL=y CONFIG_EXT3_FS_SECURITY=y # CONFIG_EXT4_FS is not set CONFIG_JBD=y CONFIG_FS_MBCACHE=y # CONFIG_REISERFS_FS is not set # CONFIG_JFS_FS is not set CONFIG_FS_POSIX_ACL=y # CONFIG_XFS_FS is not set # CONFIG_GFS2_FS is not set # CONFIG_OCFS2_FS is not set # CONFIG_BTRFS_FS is not set # CONFIG_NILFS2_FS is not set CONFIG_FILE_LOCKING=y CONFIG_FSNOTIFY=y CONFIG_DNOTIFY=y CONFIG_INOTIFY=y CONFIG_INOTIFY_USER=y CONFIG_QUOTA=y # CONFIG_QUOTA_NETLINK_INTERFACE is not set CONFIG_PRINT_QUOTA_WARNING=y # CONFIG_QFMT_V1 is not set # CONFIG_QFMT_V2 is not set CONFIG_QUOTACTL=y CONFIG_AUTOFS_FS=y CONFIG_AUTOFS4_FS=y # CONFIG_FUSE_FS is not set # # Caches # # CONFIG_FSCACHE is not set # # CD-ROM/DVD Filesystems # # CONFIG_ISO9660_FS is not set # CONFIG_UDF_FS is not set # # DOS/FAT/NT Filesystems # # CONFIG_MSDOS_FS is not set # CONFIG_VFAT_FS is not set # CONFIG_NTFS_FS is not set # # Pseudo filesystems # CONFIG_PROC_FS=y CONFIG_PROC_KCORE=y CONFIG_PROC_SYSCTL=y CONFIG_PROC_PAGE_MONITOR=y CONFIG_SYSFS=y CONFIG_TMPFS=y # CONFIG_TMPFS_POSIX_ACL is not set # CONFIG_HUGETLB_PAGE is not set # CONFIG_CONFIGFS_FS is not set CONFIG_MISC_FILESYSTEMS=y # CONFIG_ADFS_FS is not set # CONFIG_AFFS_FS is not set # CONFIG_HFS_FS is not set # CONFIG_HFSPLUS_FS is not set # CONFIG_BEFS_FS is not set # CONFIG_BFS_FS is not set # CONFIG_EFS_FS is not set # CONFIG_CRAMFS is not set # CONFIG_SQUASHFS is not set # CONFIG_VXFS_FS is not set # CONFIG_MINIX_FS is not set # CONFIG_OMFS_FS is not set # CONFIG_HPFS_FS is not set # CONFIG_QNX4FS_FS is not set # CONFIG_ROMFS_FS is not set # CONFIG_SYSV_FS is not set # CONFIG_UFS_FS is not set CONFIG_NETWORK_FILESYSTEMS=y CONFIG_NFS_FS=y CONFIG_NFS_V3=y CONFIG_NFS_V3_ACL=y CONFIG_NFS_V4=y # CONFIG_NFS_V4_1 is not set CONFIG_NFSD=y CONFIG_NFSD_V2_ACL=y CONFIG_NFSD_V3=y CONFIG_NFSD_V3_ACL=y CONFIG_NFSD_V4=y CONFIG_LOCKD=y CONFIG_LOCKD_V4=y CONFIG_EXPORTFS=y CONFIG_NFS_ACL_SUPPORT=y CONFIG_NFS_COMMON=y CONFIG_SUNRPC=y CONFIG_SUNRPC_GSS=y CONFIG_RPCSEC_GSS_KRB5=y CONFIG_RPCSEC_GSS_SPKM3=y # CONFIG_SMB_FS is not set CONFIG_CIFS=y # CONFIG_CIFS_STATS is not set # CONFIG_CIFS_WEAK_PW_HASH is not set CONFIG_CIFS_XATTR=y CONFIG_CIFS_POSIX=y CONFIG_CIFS_DEBUG2=y # CONFIG_CIFS_EXPERIMENTAL is not set # CONFIG_NCP_FS is not set # CONFIG_CODA_FS is not set # CONFIG_AFS_FS is not set # # Partition Types # CONFIG_PARTITION_ADVANCED=y # CONFIG_ACORN_PARTITION is not set # CONFIG_OSF_PARTITION is not set # CONFIG_AMIGA_PARTITION is not set # CONFIG_ATARI_PARTITION is not set # CONFIG_MAC_PARTITION is not set CONFIG_MSDOS_PARTITION=y # CONFIG_BSD_DISKLABEL is not set # CONFIG_MINIX_SUBPARTITION is not set # CONFIG_SOLARIS_X86_PARTITION is not set # CONFIG_UNIXWARE_DISKLABEL is not set # CONFIG_LDM_PARTITION is not set # CONFIG_SGI_PARTITION is not set # CONFIG_ULTRIX_PARTITION is not set # CONFIG_SUN_PARTITION is not set # CONFIG_KARMA_PARTITION is not set # CONFIG_EFI_PARTITION is not set # CONFIG_SYSV68_PARTITION is not set CONFIG_NLS=y CONFIG_NLS_DEFAULT="iso8859-1" # CONFIG_NLS_CODEPAGE_437 is not set # CONFIG_NLS_CODEPAGE_737 is not set # CONFIG_NLS_CODEPAGE_775 is not set # CONFIG_NLS_CODEPAGE_850 is not set # CONFIG_NLS_CODEPAGE_852 is not set # CONFIG_NLS_CODEPAGE_855 is not set # CONFIG_NLS_CODEPAGE_857 is not set # CONFIG_NLS_CODEPAGE_860 is not set # CONFIG_NLS_CODEPAGE_861 is not set # CONFIG_NLS_CODEPAGE_862 is not set # CONFIG_NLS_CODEPAGE_863 is not set # CONFIG_NLS_CODEPAGE_864 is not set # CONFIG_NLS_CODEPAGE_865 is not set # CONFIG_NLS_CODEPAGE_866 is not set # CONFIG_NLS_CODEPAGE_869 is not set # CONFIG_NLS_CODEPAGE_936 is not set # CONFIG_NLS_CODEPAGE_950 is not set # CONFIG_NLS_CODEPAGE_932 is not set # CONFIG_NLS_CODEPAGE_949 is not set # CONFIG_NLS_CODEPAGE_874 is not set # CONFIG_NLS_ISO8859_8 is not set # CONFIG_NLS_CODEPAGE_1250 is not set # CONFIG_NLS_CODEPAGE_1251 is not set # CONFIG_NLS_ASCII is not set # CONFIG_NLS_ISO8859_1 is not set # CONFIG_NLS_ISO8859_2 is not set # CONFIG_NLS_ISO8859_3 is not set # CONFIG_NLS_ISO8859_4 is not set # CONFIG_NLS_ISO8859_5 is not set # CONFIG_NLS_ISO8859_6 is not set # CONFIG_NLS_ISO8859_7 is not set # CONFIG_NLS_ISO8859_9 is not set # CONFIG_NLS_ISO8859_13 is not set # CONFIG_NLS_ISO8859_14 is not set # CONFIG_NLS_ISO8859_15 is not set # CONFIG_NLS_KOI8_R is not set # CONFIG_NLS_KOI8_U is not set # CONFIG_NLS_UTF8 is not set # CONFIG_DLM is not set # # Security options # # CONFIG_KEYS is not set # CONFIG_SECURITY is not set # CONFIG_SECURITYFS is not set # CONFIG_SECURITY_FILE_CAPABILITIES is not set CONFIG_CRYPTO=y # # Crypto core or helper # CONFIG_CRYPTO_ALGAPI=y CONFIG_CRYPTO_ALGAPI2=y CONFIG_CRYPTO_AEAD=y CONFIG_CRYPTO_AEAD2=y CONFIG_CRYPTO_BLKCIPHER=y CONFIG_CRYPTO_BLKCIPHER2=y CONFIG_CRYPTO_HASH=y CONFIG_CRYPTO_HASH2=y CONFIG_CRYPTO_RNG2=y CONFIG_CRYPTO_PCOMP=y CONFIG_CRYPTO_MANAGER=y CONFIG_CRYPTO_MANAGER2=y # CONFIG_CRYPTO_GF128MUL is not set # CONFIG_CRYPTO_NULL is not set CONFIG_CRYPTO_WORKQUEUE=y # CONFIG_CRYPTO_CRYPTD is not set CONFIG_CRYPTO_AUTHENC=y # # Authenticated Encryption with Associated Data # # CONFIG_CRYPTO_CCM is not set # CONFIG_CRYPTO_GCM is not set # CONFIG_CRYPTO_SEQIV is not set # # Block modes # CONFIG_CRYPTO_CBC=y # CONFIG_CRYPTO_CTR is not set # CONFIG_CRYPTO_CTS is not set # CONFIG_CRYPTO_ECB is not set # CONFIG_CRYPTO_LRW is not set # CONFIG_CRYPTO_PCBC is not set # CONFIG_CRYPTO_XTS is not set # # Hash modes # CONFIG_CRYPTO_HMAC=y # CONFIG_CRYPTO_XCBC is not set # CONFIG_CRYPTO_VMAC is not set # # Digest # CONFIG_CRYPTO_CRC32C=y # CONFIG_CRYPTO_GHASH is not set # CONFIG_CRYPTO_MD4 is not set CONFIG_CRYPTO_MD5=y # CONFIG_CRYPTO_MICHAEL_MIC is not set # CONFIG_CRYPTO_RMD128 is not set # CONFIG_CRYPTO_RMD160 is not set # CONFIG_CRYPTO_RMD256 is not set # CONFIG_CRYPTO_RMD320 is not set CONFIG_CRYPTO_SHA1=y # CONFIG_CRYPTO_SHA256 is not set # CONFIG_CRYPTO_SHA512 is not set # CONFIG_CRYPTO_TGR192 is not set # CONFIG_CRYPTO_WP512 is not set # # Ciphers # # CONFIG_CRYPTO_AES is not set # CONFIG_CRYPTO_AES_X86_64 is not set # CONFIG_CRYPTO_AES_NI_INTEL is not set # CONFIG_CRYPTO_ANUBIS is not set # CONFIG_CRYPTO_ARC4 is not set # CONFIG_CRYPTO_BLOWFISH is not set # CONFIG_CRYPTO_CAMELLIA is not set CONFIG_CRYPTO_CAST5=y # CONFIG_CRYPTO_CAST6 is not set CONFIG_CRYPTO_DES=y # CONFIG_CRYPTO_FCRYPT is not set # CONFIG_CRYPTO_KHAZAD is not set # CONFIG_CRYPTO_SALSA20 is not set # CONFIG_CRYPTO_SALSA20_X86_64 is not set # CONFIG_CRYPTO_SEED is not set # CONFIG_CRYPTO_SERPENT is not set # CONFIG_CRYPTO_TEA is not set # CONFIG_CRYPTO_TWOFISH is not set # CONFIG_CRYPTO_TWOFISH_X86_64 is not set # # Compression # CONFIG_CRYPTO_DEFLATE=y # CONFIG_CRYPTO_ZLIB is not set # CONFIG_CRYPTO_LZO is not set # # Random Number Generation # # CONFIG_CRYPTO_ANSI_CPRNG is not set CONFIG_CRYPTO_HW=y # CONFIG_BINARY_PRINTF is not set # # Library routines # CONFIG_BITREVERSE=y CONFIG_GENERIC_FIND_FIRST_BIT=y CONFIG_GENERIC_FIND_NEXT_BIT=y CONFIG_GENERIC_FIND_LAST_BIT=y # CONFIG_CRC_CCITT is not set CONFIG_CRC16=y # CONFIG_CRC_T10DIF is not set # CONFIG_CRC_ITU_T is not set CONFIG_CRC32=y # CONFIG_CRC7 is not set CONFIG_LIBCRC32C=y CONFIG_ZLIB_INFLATE=y CONFIG_ZLIB_DEFLATE=y CONFIG_TEXTSEARCH=y CONFIG_TEXTSEARCH_KMP=y CONFIG_TEXTSEARCH_BM=y CONFIG_TEXTSEARCH_FSM=y CONFIG_HAS_DMA=y CONFIG_NLATTR=y # # SCSI device support # # CONFIG_RAID_ATTRS is not set # CONFIG_SCSI is not set # CONFIG_SCSI_DMA is not set # CONFIG_SCSI_NETLINK is not set CONFIG_MD=y # CONFIG_BLK_DEV_MD is not set CONFIG_BLK_DEV_DM=y # CONFIG_DM_DEBUG is not set CONFIG_DM_CRYPT=y CONFIG_DM_SNAPSHOT=y CONFIG_DM_MIRROR=y # CONFIG_DM_LOG_USERSPACE is not set # CONFIG_DM_ZERO is not set # CONFIG_DM_MULTIPATH is not set # CONFIG_DM_DELAY is not set # CONFIG_DM_UEVENT is not set # CONFIG_NEW_LEDS is not set # CONFIG_INPUT is not set # # Kernel hacking # # CONFIG_PRINTK_TIME is not set # CONFIG_ENABLE_WARN_DEPRECATED is not set CONFIG_ENABLE_MUST_CHECK=y CONFIG_FRAME_WARN=1024 # CONFIG_STRIP_ASM_SYMS is not set # CONFIG_UNUSED_SYMBOLS is not set # CONFIG_DEBUG_FS is not set # CONFIG_DEBUG_KERNEL is not set CONFIG_DEBUG_BUGVERBOSE=y CONFIG_DEBUG_MEMORY_INIT=y # CONFIG_RCU_CPU_STALL_DETECTOR is not set CONFIG_SYSCTL_SYSCALL_CHECK=y # CONFIG_SAMPLES is not set # CONFIG_DEBUG_STACK_USAGE is not set marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/linux-2.6.26-ghost.patch0000644000175000017500000030670513175722671025700 0ustar lucaslucasdiff -rNuad linux-2.6.26/arch/um/drivers/vde_user.c linux-2.6.26-ghost/arch/um/drivers/vde_user.c --- linux-2.6.26/arch/um/drivers/vde_user.c 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/arch/um/drivers/vde_user.c 2009-11-24 22:38:54.000000000 +0100 @@ -77,8 +77,8 @@ void vde_init_libstuff(struct vde_data *vpri, struct vde_init *init) { struct vde_open_args *args; - - vpri->args = kmalloc(sizeof(struct vde_open_args), UM_GFP_KERNEL); + /* (ghost support) kmalloc is used instead of uml_kmalloc */ + vpri->args = uml_kmalloc(sizeof(struct vde_open_args), UM_GFP_KERNEL); if (vpri->args == NULL) { printk(UM_KERN_ERR "vde_init_libstuff - vde_open_args " "allocation failed"); diff -rNuad linux-2.6.26/include/linux/netdevice.h linux-2.6.26-ghost/include/linux/netdevice.h --- linux-2.6.26/include/linux/netdevice.h 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/include/linux/netdevice.h 2009-11-24 22:38:54.000000000 +0100 @@ -14,6 +14,8 @@ * Alan Cox, * Bjorn Ekwall. * Pekka Riikonen + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -1568,4 +1570,12 @@ #endif /* __KERNEL__ */ +/* + * (ghost support) Just check whether the given name + * belongs to the ghost interface + */ +#ifdef CONFIG_GHOSTIFICATION +int is_a_ghost_interface_name(const char *interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + #endif /* _LINUX_DEV_H */ diff -rNuad linux-2.6.26/include/linux/sockios.h linux-2.6.26-ghost/include/linux/sockios.h --- linux-2.6.26/include/linux/sockios.h 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/include/linux/sockios.h 2009-11-24 22:38:54.000000000 +0100 @@ -9,6 +9,8 @@ * * Authors: Ross Biro * Fred N. van Kempen, + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -83,6 +85,13 @@ #define SIOCWANDEV 0x894A /* get/set netdev parameters */ +/* (ghost support) ghostification's ioctl */ +#ifdef CONFIG_GHOSTIFICATION +#define SIOKLOG 0x894D /* Write a string to the log */ +#define SIOCGIFGHOSTIFY 0x894E /* Make a network device 'ghost' */ +#define SIOCGIFUNGHOSTIFY 0x894F /* Make a network device 'ghost' */ +#endif /* CONFIG_GHOSTIFICATION */ + /* ARP cache control calls. */ /* 0x8950 - 0x8952 * obsolete calls, don't re-use */ #define SIOCDARP 0x8953 /* delete ARP table entry */ diff -rNuad linux-2.6.26/include/net/ghostdebug.h linux-2.6.26-ghost/include/net/ghostdebug.h --- linux-2.6.26/include/net/ghostdebug.h 1970-01-01 01:00:00.000000000 +0100 +++ linux-2.6.26-ghost/include/net/ghostdebug.h 2009-11-24 22:38:54.000000000 +0100 @@ -0,0 +1,93 @@ +/* + * Ghost support: + * Some trivials macros for display messages, trace ghost ops, + * debug and devel the ghostification kernel patch. + * + * Authors: Roudiere Jonathan, + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version + * 2 of the License, or (at your option) any later version. + */ + +#ifndef __GHOSTDEBUG__ +#define __GHOSTDEBUG__ + +#ifdef CONFIG_GHOSTIFICATION + +/* + * Ghost macros: there are three type of macros for three kind of + * information level : + * + * - the first one is ghost_ptk, that is a simple printk with the + * KERN_INFO log level, it is the standard type of display used + * by the ghostification kernel code to allow user to monitor + * ghost operations, if GHOSTIFICATION_PRINTK is not defined then + * user will not any information about the ghostified interfaces + * and the ghost engine (almost any infos ;-)), + * + * - ghost_debug and ghost_debugmsg are respectively used to show a + * calling card in a part of the code (function, files) and to show + * in plus informations additional (variable, etc ..), these two macros + * display messages with the level KERNEL_DEBUG, + * + * - ghost_devel and ghost_develmsg are very similar (redundant) + * in both previous ones, they are mainly used for the development + * of the patch to follow the stream of execution, activate + * GHOSTIFICATION_DEVEL has interest only for developers. + * +*/ + +/* + * Macro usable to debug during normal usage of the kernel. +*/ +#ifdef CONFIG_GHOSTIFICATION_DEBUG +#define ghost_debug \ + printk(KERN_DEBUG \ + "(ghost_debug): file(%s): funct(%s): line(%04d): -- info debug -- \n", \ + __FILE__, __FUNCTION__, __LINE__) +#define ghost_debugmsg(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost_debug): file(%s): funct(%s): line(%04d): " msg "\n", \ + __FILE__, __FUNCTION__, __LINE__, ##args) +#else +#define ghost_debug +#define ghost_debugmsg(msg,args...) +#endif + +/* + * A little bit redundant with the macro ghost_debug/debugmsg + * but allows a difference in the use, they are not used for the + * debugging, but to verify roads borrowed during the development. + * (note: certainly remove at next release of the patch) +*/ +#ifdef CONFIG_GHOSTIFICATION_DEVEL +#define ghost_devel \ + printk(KERN_DEBUG \ + "(ghost_devel): file(%s): funct(%s): line(%04d): -- info devel -- \n", \ + __FILE__, __FUNCTION__, __LINE__) +#define ghost_develmsg(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost_devel): file(%s): funct(%s): line(%04d): " msg "\n", \ + __FILE__, __FUNCTION__, __LINE__, ##args) +#else +#define ghost_devel +#define ghost_develmsg(msg,args...) +#endif + +/* + * Macro to display all message from chunk of code which has + * ghostification in charge (use macro to add debug level later). +*/ +#ifdef CONFIG_GHOSTIFICATION_PRINTK +#define ghost_ptk(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost) " msg "\n", ##args) +#else +#define ghost_ptk(msg,args...) +#endif + +#endif /* CONFIG_GHOSTIFICATION */ + +#endif /* __GHOSTDEBUG__ */ diff -rNuad linux-2.6.26/kernel/softirq.c linux-2.6.26-ghost/kernel/softirq.c --- linux-2.6.26/kernel/softirq.c 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/kernel/softirq.c 2009-11-24 22:43:02.000000000 +0100 @@ -6,6 +6,7 @@ * Distribute under GPLv2. * * Rewritten. Old one was good in 2.2, but in 2.3 it was immoral. --ANK (990903) + * Roudiere ghostification, little modif : disable console infos (irqs) */ #include @@ -121,8 +122,11 @@ */ void _local_bh_enable(void) { +/* (ghost support) we don't want disturbe user's console */ +#ifndef CONFIG_GHOSTIFICATION WARN_ON_ONCE(in_irq()); WARN_ON_ONCE(!irqs_disabled()); +#endif if (softirq_count() == SOFTIRQ_OFFSET) trace_softirqs_on((unsigned long)__builtin_return_address(0)); @@ -135,10 +139,16 @@ { #ifdef CONFIG_TRACE_IRQFLAGS unsigned long flags; - +/* (ghost support) we don't want disturbe user's console */ +#ifndef CONFIG_GHOSTIFICATION WARN_ON_ONCE(in_irq()); #endif +#endif + +/* (ghost support) we don't want disturbe user's console */ +#ifndef CONFIG_GHOSTIFICATION WARN_ON_ONCE(irqs_disabled()); +#endif #ifdef CONFIG_TRACE_IRQFLAGS local_irq_save(flags); diff -rNuad linux-2.6.26/net/core/dev.c linux-2.6.26-ghost/net/core/dev.c --- linux-2.6.26/net/core/dev.c 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/net/core/dev.c 2009-11-24 22:38:54.000000000 +0100 @@ -18,6 +18,7 @@ * Alexey Kuznetsov * Adam Sulmicki * Pekka Riikonen + * Luca Saiu (ghostification support) * * Changes: * D.J. Barrow : Fixed bug where dev->refcnt gets set @@ -70,6 +71,8 @@ * indefinitely on dev->refcnt * J Hadi Salim : - Backlog queue sampling * - netif_rx() feedback + * Roudiere Jonathan : make some buxfix in ghostification engine + * verify CAP_NET_ADMIN before (un)ghost iface */ #include @@ -124,6 +127,230 @@ #include "net-sysfs.h" /* + * (ghost support) Chunk of code which has in charge + * the ghostification of network interfaces. + */ +#ifdef CONFIG_GHOSTIFICATION +#include + +/* The maximum number of ghost interfaces allowed at any given time: */ +#define MAX_GHOST_INTERFACES_NO CONFIG_GHOSTIFICATION_NUM + +/* + * A crude unsorted array of unique names, where "" stands for an + * empty slot. Elements are so few that an hash table would be overkill, + * and possibly also less efficient than this solution: + */ +static char ghost_interface_names[MAX_GHOST_INTERFACES_NO][IFNAMSIZ]; + +/* A lock protecting the ghost interfaces' support structure: */ +/* static DEFINE_SPINLOCK(ghostification_spin_lock); */ +static rwlock_t ghostification_spin_lock = RW_LOCK_UNLOCKED; + +/* Lock disabling local interrupts and saving flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + unsigned long flags; write_lock_irqsave(&ghostification_spin_lock, flags) + +/* Unlock re-enabling interrupts and restoring flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + write_unlock_irqrestore(&ghostification_spin_lock, flags) + +/* Lock disabling local interrupts and saving flags. This is for + readers, which are allowed to execute concurrently: */ +#define LOCK_GHOSTIFICATION_FOR_READING \ + unsigned long flags; read_lock_irqsave(&ghostification_spin_lock, flags) + +/* Lock re-enabling interrupts and restoring flags. This is for + readers, which are allowed to execute concurrently: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING \ + read_unlock_irqrestore(&ghostification_spin_lock, flags) + +#ifdef CONFIG_IPV6 +/* Defined in net/ipv6/addrconf.c: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +#endif /* CONFIG_IPV6 */ + +/* Return the index of the given element (which may be "") within + ghost_interface_names, or -1 on failure. Note that this must be + executed in a critical section: */ +static int __lookup_ghost_interface_names(const char *interface_name) +{ + int i; + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(!strcmp(interface_name, ghost_interface_names[i])) + return i; /* we found the given name in the i-th element */ + return -1; /* we didn't find the given name in the array */ +} + +/* This is useful for debugging. It must be called in a critical section. */ +static void __dump_ghost_interfaces(void) +{ + int i; + int number_of_ghost_interfaces = 0; + + ghost_ptk("Ghost interfaces are now: "); + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(strcmp(ghost_interface_names[i], "")) { + number_of_ghost_interfaces++; + ghost_ptk("%i. %s", number_of_ghost_interfaces, + ghost_interface_names[i]); + } + + ghost_ptk("There are now %i ghost interfaces. " + "A maximum of %i can exist at any given time.", + number_of_ghost_interfaces, MAX_GHOST_INTERFACES_NO); +} + +/* Just check whether the given name belongs to a ghost interface. + This must be called in a critical section: */ +int __is_a_ghost_interface_name(const char *interface_name) +{ + /* Particular case: "" is *not* a ghost interface name, even + if it's in the ghost interfaces array (we use it just to mark + an empty slot): */ + if(interface_name[0] == '\0') + return 0; + /* Just check whether interface_name is an element of the array: */ + return __lookup_ghost_interface_names(interface_name) >= 0; +} + +/* Just check whether the given name belongs to a ghost interface: */ +int is_a_ghost_interface_name(const char *interface_name) +{ + int result; + LOCK_GHOSTIFICATION_FOR_READING; + /* Just check whether interface_name is an element of the array: */ + result = __is_a_ghost_interface_name(interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING; + return result; +} + +/* Make the given interface ghost. Return 0 on success, nonzero on + failure. Failure occours when the interface is already ghost or + does not exist: */ +static int ghostify_interface(char *interface_name) +{ + int a_free_element_index; + const size_t name_length = strlen(interface_name); + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + + /* Let's avoid buffer overflows... This could possibly be exploited: */ + if((name_length >= IFNAMSIZ) || (name_length == 0)) + { + ghost_ptk("The user asked to ghostify the interface %s, " + "which has a name of length %i. Failing.", + interface_name, name_length); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EINVAL; + } + + /* Fail if the interface is already ghostified. In particular we + want *no* duplicates in the array. Note that we're already in + a critical section here, so there's no need for locking: */ + if(__is_a_ghost_interface_name(interface_name)) + { + ghost_ptk("Could not ghostify the interface %s, " + "because it\'s already ghost.", interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EEXIST; /* File exists, seems to be more appropriate */ + /* return -EINVAL; */ + } + + /* Fail if the interface is not found. We don't want add a + no-existing interface in our array */ + struct net_device *device; + device = dev_get_by_name(&init_net, interface_name); + if (device == NULL) { + ghost_ptk("Could not ghostify the interface %s which " + "doesn't exist. Try again.", interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENODEV; + } + + /* Look for a free spot: */ + a_free_element_index = __lookup_ghost_interface_names(""); + if(a_free_element_index < 0) + { + ghost_ptk("Could not ghostify the interface %s, " + "because %i interfaces are already ghostified. Sorry.", + interface_name, MAX_GHOST_INTERFACES_NO); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENOMEM; + } + + /* Ok, we found a free spot; just copy the interface name: */ + strcpy(ghost_interface_names[a_free_element_index], interface_name); + +#ifdef CONFIG_IPV6 + /* Hide /proc/net/dev_snmp6/DEVICE for the new ghost DEVICE: */ + hide_proc_net_dev_snmp6_DEVICE_if_needed( + ghost_interface_names[a_free_element_index]); +#endif /* CONFIG_IPV6 */ + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} + +/* Make the given interface, which should be ghost, non-ghost. + Return 0 on success, nonzero on failure. Failure occours when + the given interface is non-ghost or does not exist: */ +static int unghostify_interface(char *ghost_interface_name) +{ + int the_interface_index; + struct net_device *device; + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + + /* Fail if the interface is not found. It is not necessary + to search in the array a no-existing interface and allow + to return a more appropriate error code to the userspace. */ + device = dev_get_by_name(&init_net, ghost_interface_name); + if (device == NULL) { + ghost_ptk("Could not unghostify the interface %s " + "which doesn't exist. Try again.\n", ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENODEV; + } + + /* Look for the given interface: */ + the_interface_index = + __lookup_ghost_interface_names(ghost_interface_name); + if(the_interface_index < 0) + { + ghost_ptk("Could not unghostify the interface %s, \ + because it's non-ghost or not existing.\n", + ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ESRCH; /* No such device or address, seems to be more appropriate */ + /* return -EINVAL; */ + } + + /* Ok, we found the interface: just "remove" its name from the array: */ + ghost_interface_names[the_interface_index][0] = '\0'; + +#ifdef CONFIG_IPV6 + /* Show again /proc/net/dev_snmp6/DEVICE for the now non-ghost DEVICE: */ + show_proc_net_dev_snmp6_DEVICE_if_needed(ghost_interface_name); +#endif /* CONFIG_IPV6 */ + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} +EXPORT_SYMBOL(is_a_ghost_interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + +/* + * (ghost support) End of ghostification support + */ + + +/* * The list of packet types we will receive (as opposed to discard) * and the routines to invoke. * @@ -529,6 +756,13 @@ { int ints[5]; struct ifmap map; + /* (ghost support) There are no ghost interfaces by default */ +#ifdef CONFIG_GHOSTIFICATION + int i; + + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + ghost_interface_names[i][0] = '\0'; +#endif /* CONFIG_GHOSTIFICATION */ str = get_options(str, ARRAY_SIZE(ints), ints); if (!str || !*str) @@ -2361,11 +2595,20 @@ len = ifc.ifc_len; /* - * Loop over the interfaces, and write an info block for each. + * Loop over the interfaces, and write an info block for each, + * (ghost support) unless they are ghostified. */ total = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* Don't tell the user about ghost interfaces: just skip them */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Skipping the ghost interface %s in SIOCGIFCONF", + dev->name); + continue; + } +#endif /* CONFIG_GHOSTIFICATION */ for (i = 0; i < NPROTO; i++) { if (gifconf_list[i]) { int done; @@ -2433,24 +2676,27 @@ static void dev_seq_printf_stats(struct seq_file *seq, struct net_device *dev) { struct net_device_stats *stats = dev->get_stats(dev); - - seq_printf(seq, "%6s:%8lu %7lu %4lu %4lu %4lu %5lu %10lu %9lu " - "%8lu %7lu %4lu %4lu %4lu %5lu %7lu %10lu\n", - dev->name, stats->rx_bytes, stats->rx_packets, - stats->rx_errors, - stats->rx_dropped + stats->rx_missed_errors, - stats->rx_fifo_errors, - stats->rx_length_errors + stats->rx_over_errors + - stats->rx_crc_errors + stats->rx_frame_errors, - stats->rx_compressed, stats->multicast, - stats->tx_bytes, stats->tx_packets, - stats->tx_errors, stats->tx_dropped, - stats->tx_fifo_errors, stats->collisions, - stats->tx_carrier_errors + - stats->tx_aborted_errors + - stats->tx_window_errors + - stats->tx_heartbeat_errors, - stats->tx_compressed); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't show anything in /proc if iface is ghostified */ + if(! is_a_ghost_interface_name(dev->name)) +#endif /* CONFIG_GHOSTIFICATION */ + seq_printf(seq, "%6s:%8lu %7lu %4lu %4lu %4lu %5lu %10lu %9lu " + "%8lu %7lu %4lu %4lu %4lu %5lu %7lu %10lu\n", + dev->name, stats->rx_bytes, stats->rx_packets, + stats->rx_errors, + stats->rx_dropped + stats->rx_missed_errors, + stats->rx_fifo_errors, + stats->rx_length_errors + stats->rx_over_errors + + stats->rx_crc_errors + stats->rx_frame_errors, + stats->rx_compressed, stats->multicast, + stats->tx_bytes, stats->tx_packets, + stats->tx_errors, stats->tx_dropped, + stats->tx_fifo_errors, stats->collisions, + stats->tx_carrier_errors + + stats->tx_aborted_errors + + stats->tx_window_errors + + stats->tx_heartbeat_errors, + stats->tx_compressed); } /* @@ -3262,6 +3508,16 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) skip if it is a ghostified interface */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("The user is performing a SIOCxIFxxx ioctl() " + "on the ghost interface %s, Failing.", dev->name); + ghost_debugmsg("we make the SIOCxIFxxx ioctl's call fail with -ENODEV"); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + switch (cmd) { case SIOCGIFFLAGS: /* Get interface flags */ ifr->ifr_flags = dev_get_flags(dev); @@ -3329,6 +3585,17 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) skip if it is a ghostified interface */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("The user is performing a SIOCxIFxxx ioctl() on " + "the ghost interface %s, Failing.", dev->name); + ghost_debugmsg("we make the SIOCxIFxxx ioctl's call fail " + "with -ENODEV"); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + switch (cmd) { case SIOCSIFFLAGS: /* Set interface flags */ return dev_change_flags(dev, ifr->ifr_flags); @@ -3472,6 +3739,57 @@ */ switch (cmd) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) catch ghostification's ioctl */ + case SIOKLOG: { + char text[1000]; + if(copy_from_user(text, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + text[IFNAMSIZ] = '\0'; + printk(KERN_DEBUG "%s\n", text); + return 0; + } + /* (un)ghostification ops require superuser power */ + case SIOCGIFGHOSTIFY: { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, + (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + ghost_ptk("The user asked to ghostify the interface %s.", + interface_name); + if((failure = ghostify_interface(interface_name)) == 0) + ghost_ptk("Ok, %s was ghostified.", + interface_name); + else + ghost_ptk("Failure in ghostification of %s.", + interface_name); + return failure; + } + case SIOCGIFUNGHOSTIFY: { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + ghost_ptk("The user asked to unghostify the interface %s.", + interface_name); + if((failure = unghostify_interface(interface_name)) == 0) + ghost_ptk("Ok, %s was unghostified.", + interface_name); + else + ghost_ptk("Failure in unghostification of %s.", + interface_name); + return failure; + } + /* end of ghostficiation ioctl */ +#endif /* CONFIG_GHOSTIFICATION */ + /* * These ioctl calls: * - can be done by all. diff -rNuad linux-2.6.26/net/core/dev_mcast.c linux-2.6.26-ghost/net/core/dev_mcast.c --- linux-2.6.26/net/core/dev_mcast.c 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/net/core/dev_mcast.c 2009-11-24 22:38:54.000000000 +0100 @@ -14,6 +14,8 @@ * Alan Cox : IFF_ALLMULTI support. * Alan Cox : New format set_multicast_list() calls. * Gleb Natapov : Remove dev_mc_lock. + * Luca Saiu : trivial changes for + * ghostification support. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -48,6 +50,9 @@ #include #include +#ifdef CONFIG_GHOSTIFICATION +#include +#endif /* CONFIG_GHOSTIFICATION */ /* * Device multicast list maintenance. @@ -167,7 +172,15 @@ netif_tx_lock_bh(dev); for (m = dev->mc_list; m; m = m->next) { int i; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information + in /proc about ghost interfaces */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Don't show any information in /proc " + "about ghostified interface"); + continue; + } +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(seq, "%-4d %-15s %-5d %-5d ", dev->ifindex, dev->name, m->dmi_users, m->dmi_gusers); diff -rNuad linux-2.6.26/net/core/rtnetlink.c linux-2.6.26-ghost/net/core/rtnetlink.c --- linux-2.6.26/net/core/rtnetlink.c 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/net/core/rtnetlink.c 2009-11-24 22:38:54.000000000 +0100 @@ -12,8 +12,12 @@ * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * - * Fixes: + * Fixes: * Vitaly E. Lavrov RTA_OK arithmetics was wrong. + * + * Changes: + * Roudiere Jonathan Some changes + * to ghost support, to allow to hide ghost net interfaces */ #include @@ -53,6 +57,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + struct rtnl_link { rtnl_doit_func doit; @@ -106,7 +115,10 @@ static rtnl_doit_func rtnl_get_doit(int protocol, int msgindex) { struct rtnl_link *tab; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("protocol = %i and msgindex %i ",protocol, msgindex); +#endif tab = rtnl_msg_handlers[protocol]; if (tab == NULL || tab[msgindex].doit == NULL) tab = rtnl_msg_handlers[PF_UNSPEC]; @@ -117,7 +129,10 @@ static rtnl_dumpit_func rtnl_get_dumpit(int protocol, int msgindex) { struct rtnl_link *tab; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("protocol = %i and msgindex %i ",protocol, msgindex); +#endif tab = rtnl_msg_handlers[protocol]; if (tab == NULL || tab[msgindex].dumpit == NULL) tab = rtnl_msg_handlers[PF_UNSPEC]; @@ -460,6 +475,12 @@ { struct sock *rtnl = net->rtnl; int report = 0; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add inforation to devel patch */ + ghost_develmsg("pid = %i, nlh->nlmsg_pid = %i, nlh->nlmsg_type %i " + "and nlh->nlmsg_seq = %i", pid, nlh->nlmsg_pid, + nlh->nlmsg_type, nlh->nlmsg_seq); +#endif if (nlh) report = nlmsg_report(nlh); @@ -612,6 +633,20 @@ if (nlh == NULL) return -EMSGSIZE; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("pid = %i, nlh->nlmsg_pid = %i, nlh->nlmsg_type " + "= %i, seq = %i and nlh->nlmsg_seq = %i", + pid, nlh->nlmsg_pid, nlh->nlmsg_type, + seq, nlh->nlmsg_seq); + ghost_develmsg("dev->name = %s and dev->ifindex = %i", + dev->name, + dev->ifindex); + /* function whose call rtnl_fill_ifinfo has been modified, except + rtmsg_ifinfo so if it will be necessary to skip ghost iface here then + keep in your mind to test pid because if it is eq. to 0 then it is a + kernel request (else user request) and we don't want disturbe its work. */ +#endif ifm = nlmsg_data(nlh); ifm->ifi_family = AF_UNSPEC; ifm->__ifi_pad = 0; @@ -688,6 +723,24 @@ idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) function which encapsulates calls to + * rtnl_fill_ifinfo and which is call after rtnl_get_doit/dumpit, + * use to dump list of network interfaces (as used by "ip link") + */ + ghost_develmsg("for_each_netdev, current net_device is %s", + dev->name); + ghost_develmsg("netlink cb pid = %i, cb nlh->nlmsg_type = %i, " + "cb familly/proto = %i, cb nlh->nlmsg_pid %i", + NETLINK_CB(cb->skb).pid, cb->nlh->nlmsg_type, + cb->family, cb->nlh->nlmsg_pid); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Hide ghotified interface (%s) in the dump", + dev->name); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if (rtnl_fill_ifinfo(skb, dev, RTM_NEWLINK, @@ -927,6 +980,18 @@ err = -ENODEV; goto errout; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it + with user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change state/parameters of a ghotified " + "interface (%s), skip", dev->name); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ if ((err = validate_linkmsg(dev, tb)) < 0) goto errout_dev; @@ -965,6 +1030,17 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it + with user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change dell a ghotified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ ops = dev->rtnl_link_ops; if (!ops) @@ -1167,6 +1243,17 @@ dev = dev_get_by_index(net, ifm->ifi_index); if (dev == NULL) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it with + user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get infos about a ghotified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ } else return -EINVAL; @@ -1221,6 +1308,8 @@ struct sk_buff *skb; int err = -ENOBUFS; + /* (ghost support) call rtnl_fill_ifinfo so maybe it + is need here to modify, in order to skip ghost iface */ skb = nlmsg_new(if_nlmsg_size(dev), GFP_KERNEL); if (skb == NULL) goto errout; @@ -1255,6 +1344,11 @@ int err; type = nlh->nlmsg_type; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("Enter, nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i and nlh->nlmsg_seq = %i ", + nlh->nlmsg_pid, nlh->nlmsg_seq, nlh->nlmsg_seq); +#endif /* CONFIG_GHOSTIFICATION */ + if (type > RTM_MAX) return -EOPNOTSUPP; @@ -1274,14 +1368,21 @@ if (kind != 2 && security_netlink_recv(skb, CAP_NET_ADMIN)) return -EPERM; + /* (ghost support) kind = 2 then imply RTM_GETLINK has been used */ if (kind == 2 && nlh->nlmsg_flags&NLM_F_DUMP) { struct sock *rtnl; rtnl_dumpit_func dumpit; + /* (ghost support) then rtnl_get_dumpit return pointer to the appropriate + function for this family and this type take in rtnl_msg_handler[] */ dumpit = rtnl_get_dumpit(family, type); if (dumpit == NULL) return -EOPNOTSUPP; - +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("Part 1: rtnl_get_dumpit(family %i, type %i) " + "is used before call to netlink_dump_start", + family,type); +#endif /* CONFIG_GHOSTIFICATION */ __rtnl_unlock(); rtnl = net->rtnl; err = netlink_dump_start(rtnl, skb, nlh, dumpit, NULL); @@ -1313,6 +1414,11 @@ doit = rtnl_get_doit(family, type); if (doit == NULL) return -EOPNOTSUPP; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) rtnl_get_doit return pointer to the appropriate + function for this family and this type take in rtnl_msg_handler[] */ + ghost_develmsg("Part 2: rtnl_get_doit(family %i, type %i)", family, type); +#endif /* CONFIG_GHOSTIFICATION */ return doit(skb, nlh, (void *)&rta_buf[0]); } @@ -1328,6 +1434,10 @@ { struct net_device *dev = ptr; + /* (ghost support) if we want provide a ghost's way to modify + the state of a ghost iface, it will be necessary to skip event + reports involing ghost iface (actually any changes are possible + if the iface is ghostified so there is nothing to report) */ switch (event) { case NETDEV_UNREGISTER: rtmsg_ifinfo(RTM_DELLINK, dev, ~0U); diff -rNuad linux-2.6.26/net/ipv4/arp.c linux-2.6.26-ghost/net/ipv4/arp.c --- linux-2.6.26/net/ipv4/arp.c 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/net/ipv4/arp.c 2009-11-24 22:38:54.000000000 +0100 @@ -72,6 +72,8 @@ * bonding can change the skb before * sending (e.g. insert 8021q tag). * Harald Welte : convert to make use of jenkins hash + * Luca Saiu @@ -118,6 +120,11 @@ struct neigh_table *clip_tbl_hook; #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include #include @@ -1310,9 +1317,21 @@ } #endif sprintf(tbuf, NIPQUAD_FMT, NIPQUAD(*(u32*)n->primary_key)); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show anything in /proc if it involves + ghost interfaces: */ + if (! is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Don't show any arp information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", + tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); + read_unlock(&n->lock); + } +#else seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", - tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); + tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); read_unlock(&n->lock); +#endif /* CONFIG_GHOSTIFICATION */ } static void arp_format_pneigh_entry(struct seq_file *seq, @@ -1323,9 +1342,21 @@ char tbuf[16]; sprintf(tbuf, NIPQUAD_FMT, NIPQUAD(*(u32*)n->key)); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show anything in /proc if it involves + ghost interfaces */ + if (! is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Don't show any arp information in /proc " + "about ghostified interfaces (2)."); + seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", + tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", + dev ? dev->name : "*"); + } +#else seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", - tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", - dev ? dev->name : "*"); + tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", + dev ? dev->name : "*"); +#endif /* CONFIG_GHOSTIFICATION */ } static int arp_seq_show(struct seq_file *seq, void *v) diff -rNuad linux-2.6.26/net/ipv4/devinet.c linux-2.6.26-ghost/net/ipv4/devinet.c --- linux-2.6.26/net/ipv4/devinet.c 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/net/ipv4/devinet.c 2009-11-24 22:38:54.000000000 +0100 @@ -25,6 +25,9 @@ * address (4.4BSD alias style support), * fall back to comparing just the label * if no match found. + * Roudiere Jonathan : + * some changes to ghost support, skip + * request involving a ghostified iface. */ @@ -64,6 +67,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + static struct ipv4_devconf ipv4_devconf = { .data = { [NET_IPV4_CONF_ACCEPT_REDIRECTS - 1] = 1, @@ -455,6 +463,16 @@ err = -ENODEV; goto errout; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("in_dev->dev->name = %s", in_dev->dev->name); + if (is_a_ghost_interface_name(in_dev->dev->name)) { + ghost_ptk("Try to delete address on a ghostified interface (%s), skip", + (in_dev->dev->name)); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ __in_dev_put(in_dev); @@ -504,6 +522,17 @@ if (dev == NULL) goto errout; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("(dev->name) = %s ", (dev->name)); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change/modfy address on a ghostified interface (%s), skip", + (dev->name)); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ + in_dev = __in_dev_get_rtnl(dev); err = -ENOBUFS; if (in_dev == NULL) @@ -553,6 +582,12 @@ ASSERT_RTNL(); + /* (ghost support) don't modify this funct but directly + rtm_to_ifaddr, as for others funct, with user-levels tools + (as iproute) we normaly never arrive here (because a dump + all ifaces is perform before and func which make the dump + has been modified (but we want prevent user tool request + the ghost iface directly */ ifa = rtm_to_ifaddr(net, nlh); if (IS_ERR(ifa)) return PTR_ERR(ifa); @@ -1159,6 +1194,15 @@ s_ip_idx = ip_idx = cb->args[1]; idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION /* _VERIFICATION_NEED_ */ + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("dev->name = %s", dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get address on a ghostified interface (%s), skip", + (dev->name)); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if (idx > s_idx) diff -rNuad linux-2.6.26/net/ipv4/fib_frontend.c linux-2.6.26-ghost/net/ipv4/fib_frontend.c --- linux-2.6.26/net/ipv4/fib_frontend.c 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/net/ipv4/fib_frontend.c 2009-11-24 22:38:54.000000000 +0100 @@ -8,6 +8,10 @@ * Version: $Id: fib_frontend.c,v 1.26 2001/10/31 21:55:54 davem Exp $ * * Authors: Alexey Kuznetsov, + * Luca Saiu (simple changes for ghostification + * support). + * Roudiere Jonathan (some display + * and comment for ghostification in rtnetlink functions). * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -47,6 +51,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #ifndef CONFIG_IP_MULTIPLE_TABLES static int __net_init fib4_rules_init(struct net *net) @@ -453,6 +462,11 @@ * Handle IP routing ioctl calls. These are used to manipulate the routing tables */ +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) A function implemented in net/core/dev.c */ +int is_a_ghost_interface_name(const char *interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + int ip_rt_ioctl(struct net *net, unsigned int cmd, void __user *arg) { struct fib_config cfg; @@ -467,6 +481,22 @@ if (copy_from_user(&rt, arg, sizeof(rt))) return -EFAULT; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Forbid any action involving a ghost interface */ + if (rt.rt_dev != (char __user*)NULL) { + /* We need to have this name in kernel space to check + for ghostification: */ + char interface_name[1000]; /* [IFNAMSIZ+1] is certainly sufficient */ + if(copy_from_user(interface_name, rt.rt_dev, IFNAMSIZ + 1)) + return -EFAULT; + if(is_a_ghost_interface_name(interface_name)) { + ghost_ptk("The user aked to add a route involving the " + "ghost interface %s. We make this operation fail", + interface_name); + return -ENODEV; + } + } +#endif /* CONFIG_GHOSTIFICATION */ rtnl_lock(); err = rtentry_to_fib_config(net, cmd, &rt, &cfg); @@ -475,12 +505,18 @@ if (cmd == SIOCDELRT) { tb = fib_get_table(net, cfg.fc_table); + /* (ghost support) The function pointed by tb->tb_delete was + also modified to deal with ghost interfaces. Such function + may be either fn_hash_delete() or fn_trie_delete() */ if (tb) err = tb->tb_delete(tb, &cfg); else err = -ESRCH; } else { tb = fib_new_table(net, cfg.fc_table); + /* (ghost support) The function pointed by tb->tb_insert was + also modified to deal with ghost interfaces. Such function + may be either fn_hash_insert() or fn_trie_insert() */ if (tb) err = tb->tb_insert(tb, &cfg); else @@ -587,6 +623,16 @@ struct fib_table *tb; int err; + /* + * (ghost support) add infos for patch devel, we don't modify + * inet_rtm_newroute but instead functions pointed by tb->tb_delete, + * either fn_hash_delete() (in fib_hash.c) or fn_trie_delete() + * (in fib_trie.c) + */ + ghost_develmsg(" nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i " + "and nlh->nlmsg_type = %i", nlh->nlmsg_pid, + nlh->nlmsg_seq, nlh->nlmsg_type); + err = rtm_to_fib_config(net, skb, nlh, &cfg); if (err < 0) goto errout; @@ -609,6 +655,16 @@ struct fib_table *tb; int err; + /* + * (ghost support) add infos for patch devel, we don't modify + * inet_rtm_newroute but instead function pointed by tb->tb_insert, + * either fn_hash_insert() (in fib_hash.c) or fn_trie_insert() + * (in fib_trie.c) + */ + ghost_develmsg(" nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i " + "and nlh->nlmsg_type = %i", nlh->nlmsg_pid, + nlh->nlmsg_seq, nlh->nlmsg_type); + err = rtm_to_fib_config(net, skb, nlh, &cfg); if (err < 0) goto errout; @@ -624,6 +680,12 @@ return err; } +/* + * (ghost support) Fonction called through rtnetlink to dump + * all routes, we don't change anythings here, changes have + * been made in fib_semantics.c (in fib_dump_info which is + * called by fib_trie and fib_hash). + */ static int inet_dump_fib(struct sk_buff *skb, struct netlink_callback *cb) { struct net *net = sock_net(skb->sk); @@ -636,7 +698,7 @@ if (nlmsg_len(cb->nlh) >= sizeof(struct rtmsg) && ((struct rtmsg *) nlmsg_data(cb->nlh))->rtm_flags & RTM_F_CLONED) - return ip_rt_dump(skb, cb); + return ip_rt_dump(skb, cb); /* (ghost support) need modify this func */ s_h = cb->args[0]; s_e = cb->args[1]; @@ -661,6 +723,9 @@ cb->args[1] = e; cb->args[0] = h; + /* (ghost support) Length returned can be changed by + fib_dump_info when a route of a ghositifed iface is + lookup (skb length may be abnormal, diff of mod(240)) */ return skb->len; } diff -rNuad linux-2.6.26/net/ipv4/fib_hash.c linux-2.6.26-ghost/net/ipv4/fib_hash.c --- linux-2.6.26/net/ipv4/fib_hash.c 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/net/ipv4/fib_hash.c 2009-11-24 22:38:54.000000000 +0100 @@ -8,6 +8,11 @@ * Version: $Id: fib_hash.c,v 1.13 2001/10/31 21:55:54 davem Exp $ * * Authors: Alexey Kuznetsov, + * Luca Saiu (simple changes for ghostification + * support). + * Roudiere Jonathan (bugfixes, + * forgetting ghost support in the function fn_hash_insert, bad + * field check in fib_seq_show). * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -43,6 +48,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "fib_lookup.h" static struct kmem_cache *fn_hash_kmem __read_mostly; @@ -399,6 +409,18 @@ if (IS_ERR(fi)) return PTR_ERR(fi); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for route involving + ghostified interface, current funct is pointed by tb->tb_insert */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + if (fz->fz_nent > (fz->fz_divisor<<1) && fz->fz_divisor < FZ_MAX_DIVISOR && (cfg->fc_dst_len == 32 || @@ -582,7 +604,17 @@ fa = list_entry(fa->fa_list.prev, struct fib_alias, fa_list); list_for_each_entry_continue(fa, &f->fn_alias, fa_list) { struct fib_info *fi = fa->fa_info; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for route involving + ghostified interface, current funct is pointed by tb->tb_delete */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ if (fa->fa_tos != cfg->fc_tos) break; @@ -1024,19 +1056,39 @@ prefix = f->fn_key; mask = FZ_MASK(iter->zone); flags = fib_flag_trans(fa->fa_type, mask, fi); - if (fi) + if (fi) + { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't display any informations about + ghostified interfaces under /proc/net/route, bf */ + if (! is_a_ghost_interface_name((const char*)fi->fib_dev->name)) + { + ghost_ptk("Don't display routes for a ghostified " + "interface (%s) /proc/net/route", + (const char*)fi->fib_dev->name); + seq_printf(seq, + "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", prefix, + fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, + mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); + } +#else seq_printf(seq, - "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", - fi->fib_dev ? fi->fib_dev->name : "*", prefix, - fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, - mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), - fi->fib_window, - fi->fib_rtt >> 3, &len); - else + "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", prefix, + fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, + mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); +#endif /* CONFIG_GHOSTIFICATION */ + } + else { seq_printf(seq, - "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", - prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); - + "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); + } seq_printf(seq, "%*s\n", 127 - len, ""); out: return 0; diff -rNuad linux-2.6.26/net/ipv4/fib_semantics.c linux-2.6.26-ghost/net/ipv4/fib_semantics.c --- linux-2.6.26/net/ipv4/fib_semantics.c 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/net/ipv4/fib_semantics.c 2009-11-24 22:38:54.000000000 +0100 @@ -13,6 +13,9 @@ * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. + * Changes: + * Roudiere Jonathan trivial + * change for ghostification. */ #include @@ -45,6 +48,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "fib_lookup.h" static DEFINE_SPINLOCK(fib_info_lock); @@ -955,6 +963,23 @@ if (nlh == NULL) return -EMSGSIZE; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) function call by fib_trie and fib_hash to dump route, + * in most case we won't arrive here with usertools (like iproute), because + * modification in rtnl_dump_ifinfo hide iface and modif here may be not really + * proper because put abnormal length in the skb->len return by inet_dump_fib + * (used without error..) if pid != 0 then user talks else that is the kernel; + */ + if (pid != 0) + if (is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Try to get route about ghost iface (%s), skip", + fi->fib_dev->name); + /* return -EMSGSIZE; don't use this because that stops evaluation */ + return nlmsg_end(skb, nlh); + } +#endif /* CONFIG_GHOSTIFICATION */ + rtm = nlmsg_data(nlh); rtm->rtm_family = AF_INET; rtm->rtm_dst_len = dst_len; diff -rNuad linux-2.6.26/net/ipv4/fib_trie.c linux-2.6.26-ghost/net/ipv4/fib_trie.c --- linux-2.6.26/net/ipv4/fib_trie.c 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/net/ipv4/fib_trie.c 2009-11-24 22:38:54.000000000 +0100 @@ -12,6 +12,12 @@ * * Hans Liss Uppsala Universitet * + * Luca Saiu (simple changes for ghostification + * support) + * Roudiere Jonathan (bugfixes, + * forgetting ghost support in the function fn_trie_insert, bad + * field check in fib_route_seq_show). + * * This work is based on the LPC-trie which is originally descibed in: * * An experimental study of compression methods for dynamic tries @@ -82,6 +88,11 @@ #include #include "fib_lookup.h" +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define MAX_STAT_DEPTH 32 #define KEYLENGTH (8*sizeof(t_key)) @@ -1197,6 +1208,18 @@ goto err; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for + route involving ghostified interface */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + l = fib_find_node(t, key); fa = NULL; @@ -1625,7 +1648,17 @@ fa = list_entry(fa->fa_list.prev, struct fib_alias, fa_list); list_for_each_entry_continue(fa, fa_head, fa_list) { struct fib_info *fi = fa->fa_info; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for + route involving ghostified interface */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ if (fa->fa_tos != tos) break; @@ -2603,7 +2636,28 @@ || fa->fa_type == RTN_MULTICAST) continue; - if (fi) + if (fi) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't display any informations about + ghostified interfaces under /proc/net/route, bf */ + if (! is_a_ghost_interface_name((const char*)fi->fib_dev->name)) { + ghost_ptk("Don't display routes for a ghostified " + "interface (%s) in /proc/net/route", + (const char*)fi->fib_dev->name); + seq_printf(seq, + "%s\t%08X\t%08X\t%04X\t%d\t%u\t" + "%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", + prefix, + fi->fib_nh->nh_gw, flags, 0, 0, + fi->fib_priority, + mask, + (fi->fib_advmss ? + fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); + } +#else seq_printf(seq, "%s\t%08X\t%08X\t%04X\t%d\t%u\t" "%d\t%08X\t%d\t%u\t%u%n", @@ -2616,13 +2670,14 @@ fi->fib_advmss + 40 : 0), fi->fib_window, fi->fib_rtt >> 3, &len); - else +#endif /* CONFIG_GHOSTIFICATION */ + } else { seq_printf(seq, "*\t%08X\t%08X\t%04X\t%d\t%u\t" "%d\t%08X\t%d\t%u\t%u%n", prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); - + } seq_printf(seq, "%*s\n", 127 - len, ""); } } diff -rNuad linux-2.6.26/net/ipv4/igmp.c linux-2.6.26-ghost/net/ipv4/igmp.c --- linux-2.6.26/net/ipv4/igmp.c 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/net/ipv4/igmp.c 2009-11-24 22:38:54.000000000 +0100 @@ -70,6 +70,8 @@ * Alexey Kuznetsov: Accordance to igmp-v2-06 draft. * David L Stevens: IGMPv3 support, with help from * Vinay Kulkarni + * Luca Saiu : trivial changes for ghostification + * support */ #include @@ -107,6 +109,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define IP_MAX_MEMBERSHIPS 20 #define IP_MAX_MSF 10 @@ -2415,8 +2422,18 @@ #endif if (state->in_dev->mc_list == im) { - seq_printf(seq, "%d\t%-10s: %5d %7s\n", - state->dev->ifindex, state->dev->name, state->dev->mc_count, querier); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if(! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, "%d\t%-10s: %5d %7s\n", state->dev->ifindex, + state->dev->name, state->dev->mc_count, querier); + } +#else + seq_printf(seq, "%d\t%-10s: %5d %7s\n", state->dev->ifindex, + state->dev->name, state->dev->mc_count, querier); +#endif /* CONFIG_GHOSTIFICATION */ } seq_printf(seq, @@ -2576,14 +2593,30 @@ "Device", "MCA", "SRC", "INC", "EXC"); } else { - seq_printf(seq, - "%3d %6.6s 0x%08x " - "0x%08x %6lu %6lu\n", - state->dev->ifindex, state->dev->name, - ntohl(state->im->multiaddr), - ntohl(psf->sf_inaddr), - psf->sf_count[MCAST_INCLUDE], - psf->sf_count[MCAST_EXCLUDE]); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if (! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp information in /proc " + "about ghostified interfaces (2)."); + seq_printf(seq, + "%3d %6.6s 0x%08x " + "0x%08x %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + ntohl(state->im->multiaddr), + ntohl(psf->sf_inaddr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); + } +#else + seq_printf(seq, + "%3d %6.6s 0x%08x " + "0x%08x %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + ntohl(state->im->multiaddr), + ntohl(psf->sf_inaddr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; } diff -rNuad linux-2.6.26/net/ipv4/route.c linux-2.6.26-ghost/net/ipv4/route.c --- linux-2.6.26/net/ipv4/route.c 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/net/ipv4/route.c 2009-11-24 22:38:54.000000000 +0100 @@ -57,6 +57,9 @@ * Eric Dumazet : hashed spinlocks and rt_check_expire() fixes. * Ilia Sotnikov : Ignore TOS on PMTUD and Redirect * Ilia Sotnikov : Removed TOS from hash calculations + * Luca Saiu : trivial changes for ghostification support + * Roudiere Jonathan : ghost support to rtnetlink + * function, ghost bugfix (field) in rt_cache_seq_show * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -110,6 +113,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define RT_FL_TOS(oldflp) \ ((u32)(oldflp->fl4_tos & (IPTOS_RT_MASK | RTO_ONLINK))) @@ -366,6 +374,14 @@ "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t" "HHUptod\tSpecDst"); else { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Dont't display informations about ghost ifaces, bf */ + if(is_a_ghost_interface_name((const char*)((struct rtable*)v)->u.dst.dev->name)) { + ghost_ptk("Don't display routing informations about ghost interface (%s)", + ((const char*)((struct rtable*)v)->u.dst.dev->name)); + return 0; + } +#endif /* CONFIG_GHOSTIFICATION */ struct rtable *r = v; int len; @@ -383,11 +399,11 @@ r->fl.fl4_tos, r->u.dst.hh ? atomic_read(&r->u.dst.hh->hh_refcnt) : -1, r->u.dst.hh ? (r->u.dst.hh->hh_output == - dev_queue_xmit) : 0, + dev_queue_xmit) : 0, r->rt_spec_dst, &len); seq_printf(seq, "%*s\n", 127 - len, ""); - } + } return 0; } @@ -2632,8 +2648,13 @@ r->rtm_src_len = 32; NLA_PUT_BE32(skb, RTA_SRC, rt->fl.fl4_src); } - if (rt->u.dst.dev) + if (rt->u.dst.dev) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) */ + ghost_develmsg("Net device is = %s ",rt->u.dst.dev->name); +#endif NLA_PUT_U32(skb, RTA_OIF, rt->u.dst.dev->ifindex); + } #ifdef CONFIG_NET_CLS_ROUTE if (rt->u.dst.tclassid) NLA_PUT_U32(skb, RTA_FLOW, rt->u.dst.tclassid); @@ -2716,7 +2737,7 @@ err = -ENOBUFS; goto errout; } - + /* Reserve room for dummy headers, this skb can pass through good chunk of routing engine. */ @@ -2738,6 +2759,17 @@ if (dev == NULL) { err = -ENODEV; goto errout_free; + +#ifdef CONFIG_GHOSTIFICATION + ghost_debugmsg("Net device is %s ", dev->name); + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get a route involving a ghostified " + "interface (%s), skip", dev->name); + err = -ENODEV; + goto errout_free; + } +#endif /* CONFIG_GHOSTIFICATION */ } skb->protocol = htons(ETH_P_IP); @@ -2763,13 +2795,31 @@ err = ip_route_output_key(net, &rt, &fl); } - if (err) + if (err) { goto errout_free; + } skb->rtable = rt; if (rtm->rtm_flags & RTM_F_NOTIFY) rt->rt_flags |= RTCF_NOTIFY; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't allow get ops for route + involving a ghostified interface, unnecessary test ..(rt) */ + if (rt) { + if (rt->u.dst.dev) { + ghost_debugmsg("Net device is %s ",rt->u.dst.dev->name); + if (is_a_ghost_interface_name(rt->u.dst.dev->name)) { + ghost_ptk("Try to get a route involving a ghostified " + "interface (%s), skip", + rt->u.dst.dev->name); + err = -ENETUNREACH; + goto errout_free; + } + } + } +#endif /* CONFIG_GHOSTIFICATION */ + err = rt_fill_info(skb, NETLINK_CB(in_skb).pid, nlh->nlmsg_seq, RTM_NEWROUTE, 0, 0); if (err <= 0) @@ -2784,6 +2834,8 @@ goto errout; } +/* (ghost support) maybe it will be necessary to modify +this func which is call in fib_frontend.c */ int ip_rt_dump(struct sk_buff *skb, struct netlink_callback *cb) { struct rtable *rt; diff -rNuad linux-2.6.26/net/ipv6/addrconf.c linux-2.6.26-ghost/net/ipv6/addrconf.c --- linux-2.6.26/net/ipv6/addrconf.c 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/net/ipv6/addrconf.c 2009-11-24 22:38:54.000000000 +0100 @@ -38,6 +38,9 @@ * YOSHIFUJI Hideaki @USAGI : improved source address * selection; consider scope, * status etc. + * Luca Saiu : ghostification support + * Roudiere Jonathan : ghost + * modify functions using (rt)netlink */ #include @@ -82,6 +85,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include #include @@ -429,6 +437,86 @@ return idev; } +/* + * (ghost support) Support to hide snmp6 proc infos. + */ +#ifdef CONFIG_GHOSTIFICATION +/* Utility procedure, needed for {show,hide}_proc_net_dev_snmp6_DEVICE_if_needed(). + Return a pointer to a valid inet6_dev structure on success, NULL on failure: */ +static struct inet6_dev* lookup_snmp6_device(const char *interface_name) +{ + struct net_device *device; + struct inet6_dev *idev; + + /* Lookup the device by name, obtaining an inet6_dev structure: */ + device = dev_get_by_name(&init_net, interface_name); + if(device == NULL) + return NULL; + rtnl_lock(); + idev = ipv6_find_idev(device); + rtnl_unlock(); + return idev; +} + +/* These are defined in net/ipv6/proc.c: */ +extern struct proc_dir_entry *proc_net_devsnmp6; +extern struct file_operations snmp6_seq_fops; + +/* Remove the virtual file /proc/net/dev_snmp6/DEVICE, unless + it's already hidden. Return 0 on success, nonzero on error: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name) +{ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + ghost_ptk("Hiding /proc/net/dev_snmp6/%s...", interface_name); + if(idev == NULL) /* lookup failed */ + return -EINVAL; + + /* Remove the proc/ entry, if any. If there was no entry + then remove_proc_entry() will fail, but it's ok for us: */ +#ifdef CONFIG_PROC_FS + if (!proc_net_devsnmp6) + return -ENOENT; + if (idev->stats.proc_dir_entry == NULL) + return -EINVAL; + remove_proc_entry(interface_name, proc_net_devsnmp6); +#endif /* CONFIG_PROC_FS */ + return 0; + //return snmp6_unregister_dev(idev); +} + +/* Create the virtual file /proc/net/dev_snmp6/DEVICE, unless + it's already shown. Return 0 on success, nonzero on error: */ +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name) +{ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + struct proc_dir_entry *proc_directory_entry; + ghost_ptk("Showing /proc/net/dev_snmp6/%s...", + interface_name); + if(idev == NULL) /* lookup failed */ + return -EINVAL; + if(idev->dev == NULL) /* I doubt this may happen... */ + return -EINVAL; +#ifdef CONFIG_PROC_FS + if(!proc_net_devsnmp6) /* there isn't any /proc/net/dev_snmp6 */ + return -ENOENT; + if((proc_directory_entry = create_proc_entry(interface_name, + S_IRUGO, proc_net_devsnmp6)) == NULL) + return -ENOMEM; + proc_directory_entry->data = idev; + proc_directory_entry->proc_fops = &snmp6_seq_fops; + idev->stats.proc_dir_entry = proc_directory_entry; +#endif /* CONFIG_PROC_FS */ + return 0; + /* return snmp6_register_dev(idev); */ +} +EXPORT_SYMBOL(show_proc_net_dev_snmp6_DEVICE_if_needed); +EXPORT_SYMBOL(hide_proc_net_dev_snmp6_DEVICE_if_needed); +#endif /* CONFIG_GHOSTIFICATION */ + +/* + * End of ghostification support + */ + #ifdef CONFIG_SYSCTL static void dev_forward_change(struct inet6_dev *idev) { @@ -2098,6 +2186,10 @@ return PTR_ERR(ifp); } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_addr_del(struct net *net, int ifindex, struct in6_addr *pfx, unsigned int plen) { @@ -2112,6 +2204,15 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to delete address on a ghostified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + if ((idev = __in6_dev_get(dev)) == NULL) return -ENXIO; @@ -2935,6 +3036,23 @@ static int if6_seq_show(struct seq_file *seq, void *v) { struct inet6_ifaddr *ifp = (struct inet6_ifaddr *)v; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information about ghost interfaces */ + if (is_a_ghost_interface_name(ifp->idev->dev->name)) { + ghost_ptk("Don't show informations about a ghostified " + "interface (%s) under /proc.", + ifp->idev->dev->name); + } else { + seq_printf(seq, + NIP6_SEQFMT " %02x %02x %02x %02x %8s\n", + NIP6(ifp->addr), + ifp->idev->dev->ifindex, + ifp->prefix_len, + ifp->scope, + ifp->flags, + ifp->idev->dev->name); + } +#else seq_printf(seq, NIP6_SEQFMT " %02x %02x %02x %02x %8s\n", NIP6(ifp->addr), @@ -2943,6 +3061,8 @@ ifp->scope, ifp->flags, ifp->idev->dev->name); +#endif /* CONFIG_GHOSTIFICATION */ + return 0; } @@ -3150,6 +3270,10 @@ [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) }, }; +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { @@ -3167,7 +3291,9 @@ pfx = extract_addr(tb[IFA_ADDRESS], tb[IFA_LOCAL]); if (pfx == NULL) return -EINVAL; - + /* (ghost support) we could/should stop here a request involving a + ghostified interface but inet6_addr_del already do a part of our work + (get dev etc ..) so instead we modify inet6_addr_del */ return inet6_addr_del(net, ifm->ifa_index, pfx, ifm->ifa_prefixlen); } @@ -3216,6 +3342,10 @@ return 0; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { @@ -3253,6 +3383,15 @@ if (dev == NULL) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to add a address to a ghostified interface (%s). Failing.", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + /* We ignore other flags so far. */ ifa_flags = ifm->ifa_flags & (IFA_F_NODAD | IFA_F_HOMEADDRESS); @@ -3418,6 +3557,12 @@ ANYCAST_ADDR, }; +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc; + * inet6_dump_addr is called by inet6_dump_{ifaddr,ifmcaddr,ifacaddr} + * and call the appropriate inet6_fill_* function. + */ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb, enum addr_type_t type) { @@ -3443,6 +3588,17 @@ ip_idx = 0; if ((idev = in6_dev_get(dev)) == NULL) goto cont; + +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get infos about addresses of a ghostified interface (%s), skip.", + dev->name); + goto cont; + /* return -ENODEV; don't use it */ + } +#endif /* CONFIG_GHOSTIFICATION */ + read_lock_bh(&idev->lock); switch (type) { case UNICAST_ADDR: @@ -3514,7 +3670,6 @@ return inet6_dump_addr(skb, cb, type); } - static int inet6_dump_ifacaddr(struct sk_buff *skb, struct netlink_callback *cb) { enum addr_type_t type = ANYCAST_ADDR; @@ -3522,6 +3677,10 @@ return inet6_dump_addr(skb, cb, type); } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_getaddr(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) { @@ -3548,6 +3707,17 @@ if (ifm->ifa_index) dev = __dev_get_by_index(net, ifm->ifa_index); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (dev) { + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get address of a ghostified interface (%s), skip.", + dev->name); + return -ENODEV; + } + } +#endif /* CONFIG_GHOSTIFICATION */ + if ((ifa = ipv6_get_ifaddr(net, addr, dev, 1)) == NULL) { err = -EADDRNOTAVAIL; goto errout; @@ -3753,6 +3923,10 @@ return -EMSGSIZE; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb) { struct net *net = sock_net(skb->sk); @@ -3764,6 +3938,14 @@ read_lock(&dev_base_lock); idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to dump address infos about a ghostified interface (%s), skip.", + dev->name); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if ((idev = in6_dev_get(dev)) == NULL) @@ -3791,7 +3973,6 @@ skb = nlmsg_new(inet6_if_nlmsg_size(), GFP_ATOMIC); if (skb == NULL) goto errout; - err = inet6_fill_ifinfo(skb, idev, 0, 0, event, 0); if (err < 0) { /* -EMSGSIZE implies BUG in inet6_if_nlmsg_size() */ diff -rNuad linux-2.6.26/net/ipv6/ip6_fib.c linux-2.6.26-ghost/net/ipv6/ip6_fib.c --- linux-2.6.26/net/ipv6/ip6_fib.c 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/net/ipv6/ip6_fib.c 2009-11-24 22:38:54.000000000 +0100 @@ -277,6 +277,8 @@ #endif +/* (ghost support) iterate on net device, don't modify this function, +we can return ENODEV here, user-space tools (as ip) dump iface list before */ static int fib6_dump_node(struct fib6_walker_t *w) { int res; @@ -318,7 +320,6 @@ { struct fib6_walker_t *w; int res; - w = (void *)cb->args[2]; w->root = &table->tb6_root; diff -rNuad linux-2.6.26/net/ipv6/Kconfig linux-2.6.26-ghost/net/ipv6/Kconfig --- linux-2.6.26/net/ipv6/Kconfig 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/net/ipv6/Kconfig 2009-11-24 22:38:54.000000000 +0100 @@ -4,8 +4,8 @@ # IPv6 as module will cause a CRASH if you try to unload it menuconfig IPV6 - tristate "The IPv6 protocol" - default m + bool "The IPv6 protocol" + default y ---help--- This is complemental support for the IP version 6. You will still be able to do traditional IPv4 networking as well. @@ -16,6 +16,10 @@ For specific information about IPv6 under Linux, read the HOWTO at . + Ghostification notes: + ===================== + IPV6 can not be built in module with ghost support. + To compile this protocol support as a module, choose M here: the module will be called ipv6. @@ -68,7 +72,7 @@ If unsure, say N. config INET6_AH - tristate "IPv6: AH transformation" + bool "IPv6: AH transformation" select XFRM select CRYPTO select CRYPTO_HMAC @@ -80,7 +84,7 @@ If unsure, say Y. config INET6_ESP - tristate "IPv6: ESP transformation" + bool "IPv6: ESP transformation" select XFRM select CRYPTO select CRYPTO_AUTHENC @@ -95,7 +99,7 @@ If unsure, say Y. config INET6_IPCOMP - tristate "IPv6: IPComp transformation" + bool "IPv6: IPComp transformation" select XFRM select INET6_XFRM_TUNNEL select CRYPTO @@ -107,7 +111,7 @@ If unsure, say Y. config IPV6_MIP6 - tristate "IPv6: Mobility (EXPERIMENTAL)" + bool "IPv6: Mobility (EXPERIMENTAL)" depends on EXPERIMENTAL select XFRM ---help--- @@ -116,16 +120,16 @@ If unsure, say N. config INET6_XFRM_TUNNEL - tristate + bool select INET6_TUNNEL default n config INET6_TUNNEL - tristate + bool default n config INET6_XFRM_MODE_TRANSPORT - tristate "IPv6: IPsec transport mode" + bool "IPv6: IPsec transport mode" default IPV6 select XFRM ---help--- @@ -134,7 +138,7 @@ If unsure, say Y. config INET6_XFRM_MODE_TUNNEL - tristate "IPv6: IPsec tunnel mode" + bool "IPv6: IPsec tunnel mode" default IPV6 select XFRM ---help--- @@ -143,7 +147,7 @@ If unsure, say Y. config INET6_XFRM_MODE_BEET - tristate "IPv6: IPsec BEET mode" + bool "IPv6: IPsec BEET mode" default IPV6 select XFRM ---help--- @@ -152,14 +156,14 @@ If unsure, say Y. config INET6_XFRM_MODE_ROUTEOPTIMIZATION - tristate "IPv6: MIPv6 route optimization mode (EXPERIMENTAL)" + bool "IPv6: MIPv6 route optimization mode (EXPERIMENTAL)" depends on EXPERIMENTAL select XFRM ---help--- Support for MIPv6 route optimization mode. config IPV6_SIT - tristate "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" + bool "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" select INET_TUNNEL select IPV6_NDISC_NODETYPE default y @@ -176,7 +180,7 @@ bool config IPV6_TUNNEL - tristate "IPv6: IP-in-IPv6 tunnel (RFC2473)" + bool "IPv6: IP-in-IPv6 tunnel (RFC2473)" select INET6_TUNNEL ---help--- Support for IPv6-in-IPv6 and IPv4-in-IPv6 tunnels described in diff -rNuad linux-2.6.26/net/ipv6/mcast.c linux-2.6.26-ghost/net/ipv6/mcast.c --- linux-2.6.26/net/ipv6/mcast.c 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/net/ipv6/mcast.c 2009-11-24 22:38:54.000000000 +0100 @@ -26,6 +26,10 @@ * - MLD for link-local addresses. * David L Stevens : * - MLDv2 support + * Luca Saiu : + * - trivial changes for ghostification support + * Roudiere Jonathan + * - trivial changes to correct an forgetting */ #include @@ -63,6 +67,11 @@ #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Set to 3 to get tracing... */ #define MCAST_DEBUG 2 @@ -2436,6 +2445,20 @@ struct ifmcaddr6 *im = (struct ifmcaddr6 *)v; struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information about ghost interfaces */ + if(! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp6 information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, + "%-4d %-15s " NIP6_SEQFMT " %5d %08X %ld\n", + state->dev->ifindex, state->dev->name, + NIP6(im->mca_addr), + im->mca_users, im->mca_flags, + (im->mca_flags&MAF_TIMER_RUNNING) ? + jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); + } +#else seq_printf(seq, "%-4d %-15s " NIP6_SEQFMT " %5d %08X %ld\n", state->dev->ifindex, state->dev->name, @@ -2443,6 +2466,7 @@ im->mca_users, im->mca_flags, (im->mca_flags&MAF_TIMER_RUNNING) ? jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); +#endif /* CONFIG_GHOSTIFICATION */ return 0; } @@ -2597,6 +2621,20 @@ "Device", "Multicast Address", "Source Address", "INC", "EXC"); } else { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if (! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp6 information in /proc" + " about ghostified interfaces (2)."); + seq_printf(seq, + "%3d %6.6s " NIP6_SEQFMT " " NIP6_SEQFMT " %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + NIP6(state->im->mca_addr), + NIP6(psf->sf_addr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); + } +#else seq_printf(seq, "%3d %6.6s " NIP6_SEQFMT " " NIP6_SEQFMT " %6lu %6lu\n", state->dev->ifindex, state->dev->name, @@ -2604,6 +2642,7 @@ NIP6(psf->sf_addr), psf->sf_count[MCAST_INCLUDE], psf->sf_count[MCAST_EXCLUDE]); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; } diff -rNuad linux-2.6.26/net/ipv6/proc.c linux-2.6.26-ghost/net/ipv6/proc.c --- linux-2.6.26/net/ipv6/proc.c 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/net/ipv6/proc.c 2009-11-24 22:38:54.000000000 +0100 @@ -11,6 +11,8 @@ * * Authors: David S. Miller (davem@caip.rutgers.edu) * YOSHIFUJI Hideaki + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -31,7 +33,19 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + +/* (ghost support) We don't want this to be static, as it has to + be read at ghostifying and unghostifying time */ +#ifdef CONFIG_GHOSTIFICATION +struct proc_dir_entry *proc_net_devsnmp6; +EXPORT_SYMBOL(proc_net_devsnmp6); +#else static struct proc_dir_entry *proc_net_devsnmp6; +#endif /* CONFIG_GHOSTIFICATION */ static int sockstat6_seq_show(struct seq_file *seq, void *v) { @@ -226,6 +240,18 @@ return single_open(file, snmp6_seq_show, PDE(inode)->data); } +/* (ghost support) This was originally static, +but we need to make it visible */ +#ifdef CONFIG_GHOSTIFICATION +struct file_operations snmp6_seq_fops = { + .owner = THIS_MODULE, + .open = snmp6_seq_open, + .read = seq_read, + .llseek = seq_lseek, + .release = single_release, +}; +EXPORT_SYMBOL(snmp6_seq_fops); +#else static const struct file_operations snmp6_seq_fops = { .owner = THIS_MODULE, .open = snmp6_seq_open, @@ -233,6 +259,7 @@ .llseek = seq_lseek, .release = single_release, }; +#endif /* CONFIG_GHOSTIFICATION */ int snmp6_register_dev(struct inet6_dev *idev) { diff -rNuad linux-2.6.26/net/ipv6/route.c linux-2.6.26-ghost/net/ipv6/route.c --- linux-2.6.26/net/ipv6/route.c 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/net/ipv6/route.c 2009-11-24 22:38:54.000000000 +0100 @@ -24,6 +24,10 @@ * reachable. otherwise, round-robin the list. * Ville Nuorvala * Fixed routing subtrees. + * Luca Saiu + * trivial changes for ghostification support + * Roudiere Jonathan + * ghostification support update, modify functions using netlink */ #include @@ -62,6 +66,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Set to 3 to get tracing. */ #define RT6_DEBUG 2 @@ -1053,10 +1062,6 @@ return hoplimit; } -/* - * - */ - int ip6_route_add(struct fib6_config *cfg) { int err; @@ -1768,6 +1773,8 @@ struct in6_rtmsg rtmsg; int err; + /* (ghost support) don't make any change, changes + have been made later for ioctl request */ switch(cmd) { case SIOCADDRT: /* Add a route */ case SIOCDELRT: /* Delete a route */ @@ -2059,26 +2066,84 @@ return err; } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc. + */ static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) { struct fib6_config cfg; int err; - err = rtm_to_fib6_config(skb, nlh, &cfg); - if (err < 0) - return err; +#ifdef CONFIG_GHOSTIFICATION + struct net *net = NULL; + struct net_device *dev = NULL; + + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; + + /* (ghost support) get the net struct through sock struct */ + net = sock_net(skb->sk); + if(!net) + return ip6_route_del(&cfg); /* do that or exit on error ... */ + /* (ghost support) get the net_device struct through fib6_config */ + dev = dev_get_by_index(net, cfg.fc_ifindex); + if(!dev) + return ip6_route_del(&cfg); /* do that or exit on error ... */ + /* (ghost support) ok we know the device name so if it + is a ghostified interface, return device not exist */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to del route involving a ghostified interface (%s). Failing", + dev->name); + return -ENODEV; + } +#else + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; +#endif /* CONFIG_GHOSTIFICATION */ return ip6_route_del(&cfg); } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc. + */ static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) { struct fib6_config cfg; int err; +#ifdef CONFIG_GHOSTIFICATION + struct net *net = NULL; + struct net_device *dev = NULL; + err = rtm_to_fib6_config(skb, nlh, &cfg); if (err < 0) return err; + + /* (ghost support) get the net struct through sock struct */ + net = sock_net(skb->sk); + if(!net) + return ip6_route_add(&cfg); /* do that or exit on error ... */ + /* (ghost support) get the net_device struct through fib6_config */ + dev = dev_get_by_index(net, cfg.fc_ifindex); + if(!dev) + return ip6_route_add(&cfg); /* do that or exit on error ... */ + /* (ghost support) ok we know the device name so if it is + a ghostified interface, return device not exist */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to add route involving a ghostified interface (%s). Failing.", + dev->name); + return -ENODEV; + } +#else + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; +#endif /* CONFIG_GHOSTIFICATION */ return ip6_route_add(&cfg); } @@ -2098,6 +2163,10 @@ + nla_total_size(sizeof(struct rta_cacheinfo)); } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc + */ static int rt6_fill_node(struct sk_buff *skb, struct rt6_info *rt, struct in6_addr *dst, struct in6_addr *src, int iif, int type, u32 pid, u32 seq, @@ -2108,6 +2177,19 @@ long expires; u32 table; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("rtnetlink msg type %i, pid %i and seq %i", + type, pid, seq); + /* (ghost support) this function is called by by rt6_dump_route, and + inet6_rtm_get_route and inet6_rt_notify, test if it is a kernel request*/ + if (rt->rt6i_dev->name) + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Try to get/notify route infos about a " + "ghostified interface (%s), skip.", + rt->rt6i_dev->name); + return 1; + } +#endif /* CONFIG_GHOSTIFICATION */ if (prefix) { /* user wants prefix routes only */ if (!(rt->rt6i_flags & RTF_PREFIX_RT)) { /* success since this is not a prefix route */ @@ -2214,10 +2296,26 @@ return -EMSGSIZE; } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc, + */ int rt6_dump_route(struct rt6_info *rt, void *p_arg) { struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg; int prefix; + +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg(" rtnetlink mesg %i, pid %i and seq %i", + arg->cb->nlh->nlmsg_type, arg->cb->nlh->nlmsg_pid, arg->cb->nlh->nlmsg_seq); + /* if (rt->rt6i_dev) + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Try to dump route infos about a ghostified interface (%s), skip", + rt->rt6i_dev->name); + return -ENODEV; errro maybe come from here, modify instead + rt6_fill_node which has multiple callers + } */ +#endif /* CONFIG_GHOSTIFICATION */ if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) { struct rtmsg *rtm = nlmsg_data(arg->cb->nlh); @@ -2230,6 +2328,8 @@ prefix, 0, NLM_F_MULTI); } +/* (ghost support) Don't make changes here, function +rt6_fill_node has been modified instead */ static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) { struct net *net = sock_net(in_skb->sk); @@ -2374,6 +2474,18 @@ { struct seq_file *m = p_arg; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Do nothing if this route involves a + ghostified interface */ + if(rt->rt6i_dev != NULL) /* can't use &&: evaluation order is undefined */ + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Don't show any informations under /proc/net" + "involving a ghostified interface (%s)", + rt->rt6i_dev->name); + return 0; + } +#endif /* CONFIG_GHOSTIFICATION */ + seq_printf(m, NIP6_SEQFMT " %02x ", NIP6(rt->rt6i_dst.addr), rt->rt6i_dst.plen); diff -rNuad linux-2.6.26/net/Kconfig linux-2.6.26-ghost/net/Kconfig --- linux-2.6.26/net/Kconfig 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/net/Kconfig 2009-11-24 22:38:54.000000000 +0100 @@ -175,6 +175,105 @@ source "net/decnet/netfilter/Kconfig" source "net/bridge/netfilter/Kconfig" +config GHOSTIFICATION_NETFILTER + bool "Ghostification support to netfilter" + depends on GHOSTIFICATION && NETFILTER_ADVANCED + default y + help + Ghostification support to Netfilter. Allow to bypass all + Netfilter's hooks (INPUT, OUTPUT, FORWARD, POSTROUTING and + PREROUTING (when available)) and that for all layer or protocol: + ARP, Bridge, IPv4, IPv6 (and Decnet) or just for one protocol + or layer. + If you choose to activate the Ghostification of Netfilter then + all the network packets which come from, or go to an ghostified + interface will not get through the hooks of Netfilter; so rules + which have been created with Iptables, Ip6tables, Arptables or + Ebtables will have no effect on these packets. + Note: This option allows you to have access to the options of + configuration of the Ghostification of Netfilter but it activates + no section of code; you will thus need to select one or some + among those this below. + +config GHOSTIFICATION_NETFILTER_ALL + bool "Ghostification support to netfilter, skip all hooks" + depends on GHOSTIFICATION_NETFILTER + default y + help + Netfiter Ghostification support for all protocols/layers. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass + Netfilter's hooks; thus any actions or rules which have been + created through Iptables, Ip6tables, Arptables or Ebtables + will not have any effect on this packets. + +config GHOSTIFICATION_NETFILTER_ARP + bool "Ghostification support to netfilter, skip ARP hooks" + depends on GHOSTIFICATION_NETFILTER && IP_NF_ARPTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the ARP protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass Arp + hooks of Netfilter; thus the rules which have been created + with the Arptables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_BRIDGE + bool "Ghostification support to netfilter, skip Bridge hooks" + depends on GHOSTIFICATION_NETFILTER && BRIDGE_NF_EBTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the Bridge protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass Bridge + hooks of Netfilter; thus the rules which have been created + with the Ebtables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_IPV4 + bool "Ghostification support to netfilter, skip IPv4 hooks" + depends on GHOSTIFICATION_NETFILTER && !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the IPv4 protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass IPv4 + hooks of Netfilter; thus the rules which have been created + with the Iptables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_IPV6 + bool "Ghostification support to netfilter, skip IPv6 hooks" + depends on GHOSTIFICATION_NETFILTER && IP6_NF_IPTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the IPv6 protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass IPv6 + hooks of Netfilter; thus the rules which have been created + with the Ip6tables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + endif source "net/dccp/Kconfig" @@ -250,6 +349,95 @@ source "net/rfkill/Kconfig" source "net/9p/Kconfig" +config GHOSTIFICATION + bool "Ghostification support" + depends on INET + default y + help + Ghostification support allow you to hide network interfaces + on your system. Ghostify and Unghostify are the actions which + make dynamically invisible and visible a network interface/cards + (eth0, lo, tun, ...) for the userspace. + When a network interface is ghostified, users of your system + can not see it with userspace tools like ifconfig, route, iproute, + netstat and/or have statistics about it. However even if a network + interface is ghostified it is always possible to open a socket + using the Ip address of this interface, ping this interface or + any host connected to the same network remains possible; has the + opposite, it is not possible to sniff packets on a ghostified + interface with userspace tools like tcpdump, wireshark, ... + Informations about a ghostified interface are hidden under /proc + but they can be find under /sys, it is a limit of the ghostification + patch. + For more informations about Ghostification patch and engine see + the README of the tarball that you have used or go to website of + the Marionnet project at . + + +config GHOSTIFICATION_NUM + int "Ghostification support : max number of possible ghostified interface" + depends on GHOSTIFICATION + range 4 32 + default 8 + help + Here you can choose the number of network interfaces that + you will be allowed to ghostify. This number must be between + 4 and 32. + +config GHOSTIFICATION_MESG + bool "Ghostification messages, display, debug and devel" + depends on GHOSTIFICATION + default y + help + Ghostification messages configuration. This option allow + you to have acces to the options which configure and control + the type of messages that you want the ghostification engine + diplay (visible through syslogd). + There are three options which make more or less verbose the + ghostification engine. You can choose to not select any + options below if you want to try to hide the ghostification + operations for the users of your system. + Note: This option allows you to have access to the options + which control the number of messages and the verbosity of + the Ghostification engine but it activates no section of + code; you will thus need to select one or some among those + this below. + +config GHOSTIFICATION_PRINTK + bool "Ghostification, messages to monitor ghost operations" + depends on GHOSTIFICATION_MESG + default y + help + This option allow you to activate normal messsages from the + ghostification engine, those messages are display through a + simple printk (visible through syslogd), this messages allow + to have informations about the ghost operations (like "the + interface ethX has been ghostified", "unghostified", "is already + ghostified", etc ...). If you really wish to hide ghostified + interfaces and ghost operations for the users of your system + don't select this option. + +config GHOSTIFICATION_DEBUG + bool "Ghostification, debugging messages to monitor ghost operations" + depends on GHOSTIFICATION_MESG + help + This option increase the verbosity of the ghostification engine, + allow to get more informations in order to debug the ghost ops. + This option is in general used to verify the result of a test or + to display the datas (interface name, pid of a calling process, ...) + which are treated by the ghost engine. + +config GHOSTIFICATION_DEVEL + bool "Ghostification, helping messages to trace ghost operations (devel)" + depends on GHOSTIFICATION_MESG + help + This option give more informations that the option above, it is use + by developer of the ghostification patch in order to control some + paths used in the kernel code and the datas which are manipulated. + This option is a little redundant with the debug option but allow + to have a better granularity, maybe it will be remove for the next + release of the ghostification patch. + endif # if NET endmenu # Networking diff -rNuad linux-2.6.26/net/netfilter/core.c linux-2.6.26-ghost/net/netfilter/core.c --- linux-2.6.26/net/netfilter/core.c 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/net/netfilter/core.c 2009-11-24 22:38:54.000000000 +0100 @@ -5,6 +5,8 @@ * way. * * Rusty Russell (C)2000 -- This code is GPL. + * Little change by Jonathan Roudiere to add + * Ghostification support (bypass netfilter for ghost interface). */ #include #include @@ -22,6 +24,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "nf_internals.h" static DEFINE_MUTEX(afinfo_mutex); @@ -59,7 +66,6 @@ { struct nf_hook_ops *elem; int err; - err = mutex_lock_interruptible(&nf_hook_mutex); if (err < 0) return err; @@ -177,7 +183,158 @@ rcu_read_lock(); elem = &nf_hooks[pf][hook]; + next_hook: + /* + * (ghost support) Netfilter ghostification support. + * Perform too much tests here is not a good idea because all + * network packets pass through this section but we have + * not other choice to skip netfilter hooks (per hook). + */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER + /* + * Bypass all Netfilter hooks (for ipv4/6, arp, bridge) for any + * ghostified interface (eq. to return NF_ACCEPT for each packet which + * go through an interface which is ghostified (do that at hook level + * in order to skip all chains's rules hang on the hooks)) + */ + + /* don't use ghost_debugmsg macro in this section + because it may introduce too much delay */ + ghost_develmsg("Enter in hook (pf=%i) (hook=%i) from indev->name = " + "%s to outdev->name = %s", pf, hook, indev->name, outdev->name); + +/* If we wish to skip all netfilter hooks for all PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ALL + /* + * outdev->name field is defined in OUTPUT, FORWARD and POSTROUTING hooks, + * if it is a ghostified interface then we must bypass netfilter hooks + * (and all rules chains), we start here (with outdev) to bypass netfilter's + * hooks in the case where we are in FORWARD. + */ + if ((outdev->name) != NULL) { + if (!is_a_ghost_interface_name(outdev->name)) { + ghost_develmsg("(outdev->name) = %s is not a ghostfied interface", + (outdev->name)); + goto apply_hook; + } else { + ghost_develmsg("(outdev->name) = %s is a ghostfied interface", + (outdev->name)); + ret = 1; + goto unlock; + } + } + /* + * indev->name field is defined in PREROUTING, FORWARD and INPUT hooks, + * if it is a ghostified interface then we must bypass netfilter hooks + * (and all rules chains), if we are in FORWARD hook and outdev/indev->name + * is not a ghostified interface then we can go towards hooks. + */ + if ((indev->name) != NULL) { + if (!is_a_ghost_interface_name(indev->name)) { + ghost_develmsg("(indev->name) = %s is not a ghostfied interface", + (indev->name)); + goto apply_hook; + } else { + ghost_develmsg("(indev->name) = %s is a ghostfied interface", + (indev->name)); + ret = 1; + goto unlock; + } + } + +/* + * If GHOSTIFICATION_NETFILTER_ALL is not defined neither any + * GHOSTIFICATION_NETFILTER_PF then we 'll skip all this code chunk. + * (about performance, choose to skip netfilter just for certains PF + * is the most bad things we can do, but ...) + */ +#elif (defined(CONFIG_GHOSTIFICATION_NETFILTER_IPV4) || defined(CONFIG_GHOSTIFICATION_NETFILTER_IPV6) || \ + defined(CONFIG_GHOSTIFICATION_NETFILTER_ARP) || defined(CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE)) + /* Here we have the same logic as previously (in GHOSTIFICATION_NETFILTER_ALL) + but with the ability to choose what are the PFs that we want to skip */ + if ((outdev->name) != NULL) { + if (!is_a_ghost_interface_name(outdev->name)) { + ghost_develmsg("(outdev->name) = %s is not a ghostfied interface", + (outdev->name)); + goto apply_hook; + } else { + ghost_develmsg("(outdev->name) = %s is a ghostfied interface", + (outdev->name)); + /* start with IPv4, IPv6 because they are the most current PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV4 + if (pf == PF_INET) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV4 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV6 + if (pf == PF_INET6) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV6 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ARP + if (pf == NF_ARP) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_ARP */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE + if (pf == PF_BRIDGE) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE */ + /* We arrive here that is because we are not in a PF + that we wish skip so we apply rules chain (for decnet) */ + goto apply_hook; + } + } + if ((indev->name) != NULL) { + if (!is_a_ghost_interface_name(indev->name)) { + ghost_develmsg("(indev->name) = %s is not a ghostfied interface", + (indev->name)); + goto apply_hook; + } else { + ghost_develmsg("(indev->name) = %s is a ghostfied interface", + (indev->name)); + /* start with IPv4, IPv6 because they are the most current PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV4 + if (pf == PF_INET) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV4 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV6 + if (pf == PF_INET6) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV6 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ARP + if (pf == NF_ARP) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_ARP */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE + if (pf == PF_BRIDGE) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE */ + /* We arrive here that is because we are not in a PF + that we wish skip so we apply rules chain (for decnet) */ + goto apply_hook; + } + } + +#endif /* CONFIG_GHOSTIFICATION_ALL */ +apply_hook: +#endif /* CONFIG_GHOSTIFICATION_NETFILTER */ +/* (ghost support) End of ghostification support */ + verdict = nf_iterate(&nf_hooks[pf][hook], skb, hook, indev, outdev, &elem, okfn, hook_thresh); if (verdict == NF_ACCEPT || verdict == NF_STOP) { diff -rNuad linux-2.6.26/net/packet/af_packet.c linux-2.6.26-ghost/net/packet/af_packet.c --- linux-2.6.26/net/packet/af_packet.c 2008-07-13 23:51:29.000000000 +0200 +++ linux-2.6.26-ghost/net/packet/af_packet.c 2009-11-24 22:38:54.000000000 +0100 @@ -41,6 +41,7 @@ * will simply extend the hardware address * byte arrays at the end of sockaddr_ll * and packet_mreq. + * Luca Saiu : Trivial changes for ghostification * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -84,6 +85,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Assumptions: - if device has no dev->hard_header routine, it adds and removes ll header @@ -448,6 +454,18 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Drop packets involving ghost interfaces: + * we don't want the user to be able to sniff them + */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Drop a packet which is going through a ghostified interface (rcv)"); + goto drop; + } +#endif /* CONFIG_GHOSTIFICATION */ + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -565,6 +583,18 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Drop packets involving ghost interfaces: + * we don't want the user to be able to sniff them. + */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Drop a packet which is going through a ghostified interface (trcv)"); + goto drop; + } +#endif /* CONFIG_GHOSTIFICATION */ + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -1900,17 +1930,38 @@ struct sock *s = v; const struct packet_sock *po = pkt_sk(s); +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Don't show packets involving ghost devices + */ + struct net_device *net_device = dev_get_by_index(sock_net(s), po->ifindex); + if(! is_a_ghost_interface_name(net_device->name)) { + ghost_debugmsg("Don't show packets involving ghostified interface"); + seq_printf(seq, + "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", + s, + atomic_read(&s->sk_refcnt), + s->sk_type, + ntohs(po->num), + po->ifindex, + po->running, + atomic_read(&s->sk_rmem_alloc), + sock_i_uid(s), + sock_i_ino(s) ); + } +#else seq_printf(seq, - "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", - s, - atomic_read(&s->sk_refcnt), - s->sk_type, - ntohs(po->num), - po->ifindex, - po->running, - atomic_read(&s->sk_rmem_alloc), - sock_i_uid(s), - sock_i_ino(s) ); + "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", + s, + atomic_read(&s->sk_refcnt), + s->sk_type, + ntohs(po->num), + po->ifindex, + po->running, + atomic_read(&s->sk_rmem_alloc), + sock_i_uid(s), + sock_i_ino(s) ); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/CONFIG-2.6.300000644000175000017500000005662013175722671023257 0ustar lucaslucas# # Automatically generated make config: don't edit # Linux kernel version: 2.6.30 # Fri Nov 27 12:42:17 2009 # CONFIG_DEFCONFIG_LIST="arch/$ARCH/defconfig" CONFIG_GENERIC_HARDIRQS=y CONFIG_UML=y CONFIG_MMU=y CONFIG_NO_IOMEM=y # CONFIG_TRACE_IRQFLAGS_SUPPORT is not set CONFIG_LOCKDEP_SUPPORT=y # CONFIG_STACKTRACE_SUPPORT is not set CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_TIME=y CONFIG_GENERIC_CLOCKEVENTS=y CONFIG_IRQ_RELEASE_METHOD=y CONFIG_HZ=100 # # UML-specific options # # # Host processor type and features # # CONFIG_M386 is not set # CONFIG_M486 is not set # CONFIG_M586 is not set # CONFIG_M586TSC is not set # CONFIG_M586MMX is not set CONFIG_M686=y # CONFIG_MPENTIUMII is not set # CONFIG_MPENTIUMIII is not set # CONFIG_MPENTIUMM is not set # CONFIG_MPENTIUM4 is not set # CONFIG_MK6 is not set # CONFIG_MK7 is not set # CONFIG_MK8 is not set # CONFIG_MCRUSOE is not set # CONFIG_MEFFICEON is not set # CONFIG_MWINCHIPC6 is not set # CONFIG_MWINCHIP3D is not set # CONFIG_MGEODEGX1 is not set # CONFIG_MGEODE_LX is not set # CONFIG_MCYRIXIII is not set # CONFIG_MVIAC3_2 is not set # CONFIG_MVIAC7 is not set # CONFIG_MPSC is not set # CONFIG_MCORE2 is not set # CONFIG_GENERIC_CPU is not set CONFIG_X86_GENERIC=y CONFIG_X86_CPU=y CONFIG_X86_L1_CACHE_BYTES=64 CONFIG_X86_INTERNODE_CACHE_BYTES=64 CONFIG_X86_CMPXCHG=y CONFIG_X86_L1_CACHE_SHIFT=5 CONFIG_X86_XADD=y CONFIG_X86_PPRO_FENCE=y CONFIG_X86_WP_WORKS_OK=y CONFIG_X86_INVLPG=y CONFIG_X86_BSWAP=y CONFIG_X86_POPAD_OK=y CONFIG_X86_INTEL_USERCOPY=y CONFIG_X86_USE_PPRO_CHECKSUM=y CONFIG_X86_TSC=y CONFIG_X86_CMOV=y CONFIG_X86_MINIMUM_CPU_FAMILY=4 CONFIG_CPU_SUP_INTEL=y CONFIG_CPU_SUP_CYRIX_32=y CONFIG_CPU_SUP_AMD=y CONFIG_CPU_SUP_CENTAUR=y CONFIG_CPU_SUP_TRANSMETA_32=y CONFIG_CPU_SUP_UMC_32=y CONFIG_UML_X86=y # CONFIG_64BIT is not set CONFIG_X86_32=y CONFIG_RWSEM_XCHGADD_ALGORITHM=y # CONFIG_RWSEM_GENERIC_SPINLOCK is not set # CONFIG_3_LEVEL_PGTABLES is not set CONFIG_ARCH_HAS_SC_SIGNALS=y CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA=y # CONFIG_SMP_BROKEN is not set CONFIG_GENERIC_HWEIGHT=y # CONFIG_STATIC_LINK is not set CONFIG_SELECT_MEMORY_MODEL=y CONFIG_FLATMEM_MANUAL=y # CONFIG_DISCONTIGMEM_MANUAL is not set # CONFIG_SPARSEMEM_MANUAL is not set CONFIG_FLATMEM=y CONFIG_FLAT_NODE_MEM_MAP=y CONFIG_PAGEFLAGS_EXTENDED=y CONFIG_SPLIT_PTLOCK_CPUS=4 # CONFIG_PHYS_ADDR_T_64BIT is not set CONFIG_ZONE_DMA_FLAG=0 CONFIG_VIRT_TO_BUS=y CONFIG_UNEVICTABLE_LRU=y CONFIG_HAVE_MLOCK=y CONFIG_HAVE_MLOCKED_PAGE_BIT=y CONFIG_TICK_ONESHOT=y CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y CONFIG_GENERIC_CLOCKEVENTS_BUILD=y CONFIG_LD_SCRIPT_DYN=y CONFIG_BINFMT_ELF=y # CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS is not set CONFIG_HAVE_AOUT=y # CONFIG_BINFMT_AOUT is not set CONFIG_BINFMT_MISC=y CONFIG_HOSTFS=y # CONFIG_HPPFS is not set CONFIG_MCONSOLE=y CONFIG_MAGIC_SYSRQ=y # CONFIG_HIGHMEM is not set CONFIG_KERNEL_STACK_ORDER=0 # # General setup # CONFIG_EXPERIMENTAL=y CONFIG_BROKEN_ON_SMP=y CONFIG_INIT_ENV_ARG_LIMIT=128 CONFIG_LOCALVERSION="-marionnet-ghost" CONFIG_LOCALVERSION_AUTO=y CONFIG_SWAP=y CONFIG_SYSVIPC=y CONFIG_SYSVIPC_SYSCTL=y CONFIG_POSIX_MQUEUE=y CONFIG_POSIX_MQUEUE_SYSCTL=y CONFIG_BSD_PROCESS_ACCT=y # CONFIG_BSD_PROCESS_ACCT_V3 is not set # CONFIG_TASKSTATS is not set # CONFIG_AUDIT is not set # # RCU Subsystem # CONFIG_CLASSIC_RCU=y # CONFIG_TREE_RCU is not set # CONFIG_PREEMPT_RCU is not set # CONFIG_TREE_RCU_TRACE is not set # CONFIG_PREEMPT_RCU_TRACE is not set CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y CONFIG_LOG_BUF_SHIFT=14 # CONFIG_GROUP_SCHED is not set # CONFIG_CGROUPS is not set CONFIG_SYSFS_DEPRECATED=y CONFIG_SYSFS_DEPRECATED_V2=y # CONFIG_RELAY is not set CONFIG_NAMESPACES=y # CONFIG_UTS_NS is not set # CONFIG_IPC_NS is not set # CONFIG_USER_NS is not set # CONFIG_PID_NS is not set # CONFIG_NET_NS is not set # CONFIG_BLK_DEV_INITRD is not set CONFIG_CC_OPTIMIZE_FOR_SIZE=y CONFIG_SYSCTL=y CONFIG_ANON_INODES=y # CONFIG_EMBEDDED is not set CONFIG_UID16=y CONFIG_SYSCTL_SYSCALL=y CONFIG_KALLSYMS=y CONFIG_KALLSYMS_EXTRA_PASS=y # CONFIG_STRIP_ASM_SYMS is not set CONFIG_HOTPLUG=y CONFIG_PRINTK=y CONFIG_BUG=y CONFIG_ELF_CORE=y CONFIG_BASE_FULL=y CONFIG_FUTEX=y CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_SHMEM=y CONFIG_AIO=y CONFIG_VM_EVENT_COUNTERS=y CONFIG_COMPAT_BRK=y CONFIG_SLAB=y # CONFIG_SLUB is not set # CONFIG_SLOB is not set # CONFIG_PROFILING is not set # CONFIG_MARKERS is not set # CONFIG_SLOW_WORK is not set # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set CONFIG_SLABINFO=y CONFIG_RT_MUTEXES=y CONFIG_BASE_SMALL=0 # CONFIG_MODULES is not set CONFIG_BLOCK=y # CONFIG_LBD is not set # CONFIG_BLK_DEV_BSG is not set # CONFIG_BLK_DEV_INTEGRITY is not set # # IO Schedulers # CONFIG_IOSCHED_NOOP=y CONFIG_IOSCHED_AS=y CONFIG_IOSCHED_DEADLINE=y CONFIG_IOSCHED_CFQ=y CONFIG_DEFAULT_AS=y # CONFIG_DEFAULT_DEADLINE is not set # CONFIG_DEFAULT_CFQ is not set # CONFIG_DEFAULT_NOOP is not set CONFIG_DEFAULT_IOSCHED="anticipatory" # CONFIG_FREEZER is not set CONFIG_BLK_DEV=y CONFIG_BLK_DEV_UBD=y # CONFIG_BLK_DEV_UBD_SYNC is not set CONFIG_BLK_DEV_COW_COMMON=y CONFIG_BLK_DEV_LOOP=y # CONFIG_BLK_DEV_CRYPTOLOOP is not set CONFIG_BLK_DEV_NBD=y # CONFIG_BLK_DEV_RAM is not set # CONFIG_ATA_OVER_ETH is not set # # Character Devices # CONFIG_STDERR_CONSOLE=y CONFIG_STDIO_CONSOLE=y CONFIG_SSL=y CONFIG_NULL_CHAN=y CONFIG_PORT_CHAN=y CONFIG_PTY_CHAN=y CONFIG_TTY_CHAN=y CONFIG_XTERM_CHAN=y # CONFIG_NOCONFIG_CHAN is not set CONFIG_CON_ZERO_CHAN="fd:0,fd:1" CONFIG_CON_CHAN="xterm" CONFIG_SSL_CHAN="pts" CONFIG_UNIX98_PTYS=y CONFIG_LEGACY_PTYS=y # CONFIG_RAW_DRIVER is not set CONFIG_LEGACY_PTY_COUNT=32 # CONFIG_WATCHDOG is not set CONFIG_UML_SOUND=y CONFIG_SOUND=y CONFIG_SOUND_OSS_CORE=y CONFIG_HOSTAUDIO=y # CONFIG_HW_RANDOM is not set CONFIG_UML_RANDOM=y # CONFIG_MMAPPER is not set # # Generic Driver Options # CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y CONFIG_FW_LOADER=y CONFIG_FIRMWARE_IN_KERNEL=y CONFIG_EXTRA_FIRMWARE="" # CONFIG_SYS_HYPERVISOR is not set CONFIG_NET=y # # Networking options # CONFIG_PACKET=y CONFIG_PACKET_MMAP=y CONFIG_UNIX=y CONFIG_XFRM=y CONFIG_XFRM_USER=y # CONFIG_XFRM_SUB_POLICY is not set # CONFIG_XFRM_MIGRATE is not set # CONFIG_XFRM_STATISTICS is not set CONFIG_XFRM_IPCOMP=y CONFIG_NET_KEY=y # CONFIG_NET_KEY_MIGRATE is not set CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_ASK_IP_FIB_HASH=y # CONFIG_IP_FIB_TRIE is not set CONFIG_IP_FIB_HASH=y CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_VERBOSE=y # CONFIG_IP_PNP is not set CONFIG_NET_IPIP=y CONFIG_NET_IPGRE=y CONFIG_NET_IPGRE_BROADCAST=y CONFIG_IP_MROUTE=y # CONFIG_IP_PIMSM_V1 is not set CONFIG_IP_PIMSM_V2=y CONFIG_ARPD=y CONFIG_SYN_COOKIES=y CONFIG_INET_AH=y CONFIG_INET_ESP=y CONFIG_INET_IPCOMP=y CONFIG_INET_XFRM_TUNNEL=y CONFIG_INET_TUNNEL=y CONFIG_INET_XFRM_MODE_TRANSPORT=y CONFIG_INET_XFRM_MODE_TUNNEL=y CONFIG_INET_XFRM_MODE_BEET=y # CONFIG_INET_LRO is not set CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y # CONFIG_TCP_CONG_ADVANCED is not set CONFIG_TCP_CONG_CUBIC=y CONFIG_DEFAULT_TCP_CONG="cubic" # CONFIG_TCP_MD5SIG is not set CONFIG_IPV6=y # CONFIG_IPV6_PRIVACY is not set # CONFIG_IPV6_ROUTER_PREF is not set # CONFIG_IPV6_OPTIMISTIC_DAD is not set # CONFIG_INET6_AH is not set # CONFIG_INET6_ESP is not set # CONFIG_INET6_IPCOMP is not set # CONFIG_IPV6_MIP6 is not set # CONFIG_INET6_XFRM_TUNNEL is not set # CONFIG_INET6_TUNNEL is not set CONFIG_INET6_XFRM_MODE_TRANSPORT=y CONFIG_INET6_XFRM_MODE_TUNNEL=y CONFIG_INET6_XFRM_MODE_BEET=y # CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set CONFIG_IPV6_SIT=y CONFIG_IPV6_NDISC_NODETYPE=y # CONFIG_IPV6_TUNNEL is not set # CONFIG_IPV6_MULTIPLE_TABLES is not set # CONFIG_IPV6_MROUTE is not set # CONFIG_NETWORK_SECMARK is not set CONFIG_NETFILTER=y # CONFIG_NETFILTER_DEBUG is not set CONFIG_NETFILTER_ADVANCED=y CONFIG_BRIDGE_NETFILTER=y # # Core Netfilter Configuration # CONFIG_NETFILTER_NETLINK=y CONFIG_NETFILTER_NETLINK_QUEUE=y CONFIG_NETFILTER_NETLINK_LOG=y CONFIG_NF_CONNTRACK=y CONFIG_NF_CT_ACCT=y CONFIG_NF_CONNTRACK_MARK=y CONFIG_NF_CONNTRACK_EVENTS=y CONFIG_NF_CT_PROTO_DCCP=y CONFIG_NF_CT_PROTO_GRE=y CONFIG_NF_CT_PROTO_SCTP=y CONFIG_NF_CT_PROTO_UDPLITE=y CONFIG_NF_CONNTRACK_AMANDA=y CONFIG_NF_CONNTRACK_FTP=y CONFIG_NF_CONNTRACK_H323=y CONFIG_NF_CONNTRACK_IRC=y CONFIG_NF_CONNTRACK_NETBIOS_NS=y CONFIG_NF_CONNTRACK_PPTP=y CONFIG_NF_CONNTRACK_SANE=y CONFIG_NF_CONNTRACK_SIP=y CONFIG_NF_CONNTRACK_TFTP=y CONFIG_NF_CT_NETLINK=y # CONFIG_NETFILTER_TPROXY is not set CONFIG_NETFILTER_XTABLES=y CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y CONFIG_NETFILTER_XT_TARGET_CONNMARK=y CONFIG_NETFILTER_XT_TARGET_DSCP=y CONFIG_NETFILTER_XT_TARGET_HL=y CONFIG_NETFILTER_XT_TARGET_MARK=y CONFIG_NETFILTER_XT_TARGET_NFLOG=y CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y CONFIG_NETFILTER_XT_TARGET_NOTRACK=y CONFIG_NETFILTER_XT_TARGET_RATEEST=y CONFIG_NETFILTER_XT_TARGET_TRACE=y CONFIG_NETFILTER_XT_TARGET_TCPMSS=y CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=y # CONFIG_NETFILTER_XT_MATCH_CLUSTER is not set CONFIG_NETFILTER_XT_MATCH_COMMENT=y CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y CONFIG_NETFILTER_XT_MATCH_CONNMARK=y CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y CONFIG_NETFILTER_XT_MATCH_DCCP=y CONFIG_NETFILTER_XT_MATCH_DSCP=y CONFIG_NETFILTER_XT_MATCH_ESP=y CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y CONFIG_NETFILTER_XT_MATCH_HELPER=y CONFIG_NETFILTER_XT_MATCH_HL=y CONFIG_NETFILTER_XT_MATCH_IPRANGE=y CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y CONFIG_NETFILTER_XT_MATCH_MAC=y CONFIG_NETFILTER_XT_MATCH_MARK=y CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y CONFIG_NETFILTER_XT_MATCH_OWNER=y CONFIG_NETFILTER_XT_MATCH_POLICY=y CONFIG_NETFILTER_XT_MATCH_PHYSDEV=y CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y CONFIG_NETFILTER_XT_MATCH_QUOTA=y CONFIG_NETFILTER_XT_MATCH_RATEEST=y CONFIG_NETFILTER_XT_MATCH_REALM=y # CONFIG_NETFILTER_XT_MATCH_RECENT is not set CONFIG_NETFILTER_XT_MATCH_SCTP=y CONFIG_NETFILTER_XT_MATCH_STATE=y CONFIG_NETFILTER_XT_MATCH_STATISTIC=y CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y CONFIG_NETFILTER_XT_MATCH_TIME=y CONFIG_NETFILTER_XT_MATCH_U32=y # CONFIG_IP_VS is not set # # IP: Netfilter Configuration # CONFIG_NF_DEFRAG_IPV4=y CONFIG_NF_CONNTRACK_IPV4=y CONFIG_NF_CONNTRACK_PROC_COMPAT=y CONFIG_IP_NF_QUEUE=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_ADDRTYPE=y CONFIG_IP_NF_MATCH_AH=y CONFIG_IP_NF_MATCH_ECN=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_TARGET_LOG=y CONFIG_IP_NF_TARGET_ULOG=y CONFIG_NF_NAT=y CONFIG_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=y CONFIG_IP_NF_TARGET_NETMAP=y CONFIG_IP_NF_TARGET_REDIRECT=y CONFIG_NF_NAT_SNMP_BASIC=y CONFIG_NF_NAT_PROTO_DCCP=y CONFIG_NF_NAT_PROTO_GRE=y CONFIG_NF_NAT_PROTO_UDPLITE=y CONFIG_NF_NAT_PROTO_SCTP=y CONFIG_NF_NAT_FTP=y CONFIG_NF_NAT_IRC=y CONFIG_NF_NAT_TFTP=y CONFIG_NF_NAT_AMANDA=y CONFIG_NF_NAT_PPTP=y CONFIG_NF_NAT_H323=y CONFIG_NF_NAT_SIP=y CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_TARGET_CLUSTERIP=y CONFIG_IP_NF_TARGET_ECN=y CONFIG_IP_NF_TARGET_TTL=y CONFIG_IP_NF_RAW=y CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_ARPFILTER=y CONFIG_IP_NF_ARP_MANGLE=y # # IPv6: Netfilter Configuration # CONFIG_NF_CONNTRACK_IPV6=y CONFIG_IP6_NF_QUEUE=y CONFIG_IP6_NF_IPTABLES=y CONFIG_IP6_NF_MATCH_AH=y CONFIG_IP6_NF_MATCH_EUI64=y CONFIG_IP6_NF_MATCH_FRAG=y CONFIG_IP6_NF_MATCH_OPTS=y CONFIG_IP6_NF_MATCH_HL=y CONFIG_IP6_NF_MATCH_IPV6HEADER=y CONFIG_IP6_NF_MATCH_MH=y CONFIG_IP6_NF_MATCH_RT=y CONFIG_IP6_NF_TARGET_HL=y CONFIG_IP6_NF_TARGET_LOG=y CONFIG_IP6_NF_FILTER=y CONFIG_IP6_NF_TARGET_REJECT=y CONFIG_IP6_NF_MANGLE=y CONFIG_IP6_NF_RAW=y CONFIG_BRIDGE_NF_EBTABLES=y CONFIG_BRIDGE_EBT_BROUTE=y CONFIG_BRIDGE_EBT_T_FILTER=y CONFIG_BRIDGE_EBT_T_NAT=y CONFIG_BRIDGE_EBT_802_3=y CONFIG_BRIDGE_EBT_AMONG=y CONFIG_BRIDGE_EBT_ARP=y CONFIG_BRIDGE_EBT_IP=y CONFIG_BRIDGE_EBT_IP6=y CONFIG_BRIDGE_EBT_LIMIT=y CONFIG_BRIDGE_EBT_MARK=y CONFIG_BRIDGE_EBT_PKTTYPE=y CONFIG_BRIDGE_EBT_STP=y CONFIG_BRIDGE_EBT_VLAN=y CONFIG_BRIDGE_EBT_ARPREPLY=y CONFIG_BRIDGE_EBT_DNAT=y CONFIG_BRIDGE_EBT_MARK_T=y CONFIG_BRIDGE_EBT_REDIRECT=y CONFIG_BRIDGE_EBT_SNAT=y CONFIG_BRIDGE_EBT_LOG=y CONFIG_BRIDGE_EBT_ULOG=y CONFIG_BRIDGE_EBT_NFLOG=y CONFIG_GHOSTIFICATION_NETFILTER=y CONFIG_GHOSTIFICATION_NETFILTER_ALL=y # CONFIG_IP_DCCP is not set # CONFIG_IP_SCTP is not set # CONFIG_TIPC is not set # CONFIG_ATM is not set CONFIG_STP=y CONFIG_GARP=y CONFIG_BRIDGE=y # CONFIG_NET_DSA is not set CONFIG_VLAN_8021Q=y CONFIG_VLAN_8021Q_GVRP=y # CONFIG_DECNET is not set CONFIG_LLC=y CONFIG_LLC2=y # CONFIG_IPX is not set # CONFIG_ATALK is not set # CONFIG_X25 is not set # CONFIG_LAPB is not set # CONFIG_ECONET is not set # CONFIG_WAN_ROUTER is not set # CONFIG_PHONET is not set CONFIG_NET_SCHED=y # # Queueing/Scheduling # CONFIG_NET_SCH_CBQ=y CONFIG_NET_SCH_HTB=y CONFIG_NET_SCH_HFSC=y CONFIG_NET_SCH_PRIO=y # CONFIG_NET_SCH_MULTIQ is not set CONFIG_NET_SCH_RED=y CONFIG_NET_SCH_SFQ=y CONFIG_NET_SCH_TEQL=y CONFIG_NET_SCH_TBF=y CONFIG_NET_SCH_GRED=y CONFIG_NET_SCH_DSMARK=y CONFIG_NET_SCH_NETEM=y # CONFIG_NET_SCH_DRR is not set # CONFIG_NET_SCH_INGRESS is not set # # Classification # CONFIG_NET_CLS=y CONFIG_NET_CLS_BASIC=y CONFIG_NET_CLS_TCINDEX=y CONFIG_NET_CLS_ROUTE4=y CONFIG_NET_CLS_ROUTE=y CONFIG_NET_CLS_FW=y CONFIG_NET_CLS_U32=y CONFIG_CLS_U32_PERF=y CONFIG_CLS_U32_MARK=y CONFIG_NET_CLS_RSVP=y CONFIG_NET_CLS_RSVP6=y CONFIG_NET_CLS_FLOW=y CONFIG_NET_EMATCH=y CONFIG_NET_EMATCH_STACK=32 CONFIG_NET_EMATCH_CMP=y CONFIG_NET_EMATCH_NBYTE=y CONFIG_NET_EMATCH_U32=y CONFIG_NET_EMATCH_META=y CONFIG_NET_EMATCH_TEXT=y CONFIG_NET_CLS_ACT=y CONFIG_NET_ACT_POLICE=y CONFIG_NET_ACT_GACT=y CONFIG_GACT_PROB=y CONFIG_NET_ACT_MIRRED=y CONFIG_NET_ACT_IPT=y CONFIG_NET_ACT_NAT=y CONFIG_NET_ACT_PEDIT=y # CONFIG_NET_ACT_SIMP is not set # CONFIG_NET_ACT_SKBEDIT is not set CONFIG_NET_CLS_IND=y CONFIG_NET_SCH_FIFO=y # CONFIG_DCB is not set # # Network testing # # CONFIG_NET_PKTGEN is not set # CONFIG_HAMRADIO is not set # CONFIG_CAN is not set # CONFIG_IRDA is not set # CONFIG_BT is not set # CONFIG_AF_RXRPC is not set CONFIG_FIB_RULES=y # CONFIG_WIRELESS is not set # CONFIG_WIMAX is not set # CONFIG_RFKILL is not set # CONFIG_NET_9P is not set CONFIG_GHOSTIFICATION=y CONFIG_GHOSTIFICATION_NUM=9 CONFIG_GHOSTIFICATION_MESG=y CONFIG_GHOSTIFICATION_PRINTK=y # CONFIG_GHOSTIFICATION_DEBUG is not set # CONFIG_GHOSTIFICATION_DEVEL is not set # # UML Network Devices # CONFIG_UML_NET=y CONFIG_UML_NET_ETHERTAP=y CONFIG_UML_NET_TUNTAP=y CONFIG_UML_NET_SLIP=y CONFIG_UML_NET_DAEMON=y CONFIG_UML_NET_VDE=y CONFIG_UML_NET_MCAST=y CONFIG_UML_NET_PCAP=y CONFIG_UML_NET_SLIRP=y CONFIG_NETDEVICES=y CONFIG_COMPAT_NET_DEV_OPS=y # CONFIG_IFB is not set CONFIG_DUMMY=y CONFIG_BONDING=y CONFIG_MACVLAN=y # CONFIG_EQUALIZER is not set CONFIG_TUN=y # CONFIG_VETH is not set # # Wireless LAN # # CONFIG_WLAN_PRE80211 is not set # CONFIG_WLAN_80211 is not set # # Enable WiMAX (Networking options) to see the WiMAX drivers # # CONFIG_WAN is not set CONFIG_PPP=y # CONFIG_PPP_MULTILINK is not set # CONFIG_PPP_FILTER is not set # CONFIG_PPP_ASYNC is not set # CONFIG_PPP_SYNC_TTY is not set # CONFIG_PPP_DEFLATE is not set # CONFIG_PPP_BSDCOMP is not set # CONFIG_PPP_MPPE is not set # CONFIG_PPPOE is not set # CONFIG_PPPOL2TP is not set CONFIG_SLIP=y # CONFIG_SLIP_COMPRESSED is not set CONFIG_SLHC=y # CONFIG_SLIP_SMART is not set # CONFIG_SLIP_MODE_SLIP6 is not set # CONFIG_NETCONSOLE is not set # CONFIG_NETPOLL is not set # CONFIG_NET_POLL_CONTROLLER is not set # CONFIG_CONNECTOR is not set # # File systems # CONFIG_EXT2_FS=y CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_POSIX_ACL=y # CONFIG_EXT2_FS_SECURITY is not set # CONFIG_EXT2_FS_XIP is not set CONFIG_EXT3_FS=y # CONFIG_EXT3_DEFAULTS_TO_ORDERED is not set CONFIG_EXT3_FS_XATTR=y CONFIG_EXT3_FS_POSIX_ACL=y CONFIG_EXT3_FS_SECURITY=y # CONFIG_EXT4_FS is not set CONFIG_JBD=y CONFIG_FS_MBCACHE=y # CONFIG_REISERFS_FS is not set # CONFIG_JFS_FS is not set CONFIG_FS_POSIX_ACL=y CONFIG_FILE_LOCKING=y # CONFIG_XFS_FS is not set # CONFIG_OCFS2_FS is not set # CONFIG_BTRFS_FS is not set CONFIG_DNOTIFY=y CONFIG_INOTIFY=y CONFIG_INOTIFY_USER=y CONFIG_QUOTA=y # CONFIG_QUOTA_NETLINK_INTERFACE is not set CONFIG_PRINT_QUOTA_WARNING=y # CONFIG_QFMT_V1 is not set # CONFIG_QFMT_V2 is not set CONFIG_QUOTACTL=y CONFIG_AUTOFS_FS=y CONFIG_AUTOFS4_FS=y # CONFIG_FUSE_FS is not set # # Caches # # CONFIG_FSCACHE is not set # # CD-ROM/DVD Filesystems # # CONFIG_ISO9660_FS is not set # CONFIG_UDF_FS is not set # # DOS/FAT/NT Filesystems # # CONFIG_MSDOS_FS is not set # CONFIG_VFAT_FS is not set # CONFIG_NTFS_FS is not set # # Pseudo filesystems # CONFIG_PROC_FS=y CONFIG_PROC_KCORE=y CONFIG_PROC_SYSCTL=y CONFIG_PROC_PAGE_MONITOR=y CONFIG_SYSFS=y CONFIG_TMPFS=y # CONFIG_TMPFS_POSIX_ACL is not set # CONFIG_HUGETLB_PAGE is not set # CONFIG_CONFIGFS_FS is not set CONFIG_MISC_FILESYSTEMS=y # CONFIG_ADFS_FS is not set # CONFIG_AFFS_FS is not set # CONFIG_HFS_FS is not set # CONFIG_HFSPLUS_FS is not set # CONFIG_BEFS_FS is not set # CONFIG_BFS_FS is not set # CONFIG_EFS_FS is not set # CONFIG_CRAMFS is not set # CONFIG_SQUASHFS is not set # CONFIG_VXFS_FS is not set # CONFIG_MINIX_FS is not set # CONFIG_OMFS_FS is not set # CONFIG_HPFS_FS is not set # CONFIG_QNX4FS_FS is not set # CONFIG_ROMFS_FS is not set # CONFIG_SYSV_FS is not set # CONFIG_UFS_FS is not set # CONFIG_NILFS2_FS is not set CONFIG_NETWORK_FILESYSTEMS=y CONFIG_NFS_FS=y CONFIG_NFS_V3=y CONFIG_NFS_V3_ACL=y CONFIG_NFS_V4=y CONFIG_NFSD=y CONFIG_NFSD_V2_ACL=y CONFIG_NFSD_V3=y CONFIG_NFSD_V3_ACL=y CONFIG_NFSD_V4=y CONFIG_LOCKD=y CONFIG_LOCKD_V4=y CONFIG_EXPORTFS=y CONFIG_NFS_ACL_SUPPORT=y CONFIG_NFS_COMMON=y CONFIG_SUNRPC=y CONFIG_SUNRPC_GSS=y CONFIG_RPCSEC_GSS_KRB5=y CONFIG_RPCSEC_GSS_SPKM3=y # CONFIG_SMB_FS is not set CONFIG_CIFS=y # CONFIG_CIFS_STATS is not set # CONFIG_CIFS_WEAK_PW_HASH is not set CONFIG_CIFS_XATTR=y CONFIG_CIFS_POSIX=y CONFIG_CIFS_DEBUG2=y # CONFIG_CIFS_EXPERIMENTAL is not set # CONFIG_NCP_FS is not set # CONFIG_CODA_FS is not set # CONFIG_AFS_FS is not set # # Partition Types # CONFIG_PARTITION_ADVANCED=y # CONFIG_ACORN_PARTITION is not set # CONFIG_OSF_PARTITION is not set # CONFIG_AMIGA_PARTITION is not set # CONFIG_ATARI_PARTITION is not set # CONFIG_MAC_PARTITION is not set CONFIG_MSDOS_PARTITION=y # CONFIG_BSD_DISKLABEL is not set # CONFIG_MINIX_SUBPARTITION is not set # CONFIG_SOLARIS_X86_PARTITION is not set # CONFIG_UNIXWARE_DISKLABEL is not set # CONFIG_LDM_PARTITION is not set # CONFIG_SGI_PARTITION is not set # CONFIG_ULTRIX_PARTITION is not set # CONFIG_SUN_PARTITION is not set # CONFIG_KARMA_PARTITION is not set # CONFIG_EFI_PARTITION is not set # CONFIG_SYSV68_PARTITION is not set CONFIG_NLS=y CONFIG_NLS_DEFAULT="iso8859-1" # CONFIG_NLS_CODEPAGE_437 is not set # CONFIG_NLS_CODEPAGE_737 is not set # CONFIG_NLS_CODEPAGE_775 is not set # CONFIG_NLS_CODEPAGE_850 is not set # CONFIG_NLS_CODEPAGE_852 is not set # CONFIG_NLS_CODEPAGE_855 is not set # CONFIG_NLS_CODEPAGE_857 is not set # CONFIG_NLS_CODEPAGE_860 is not set # CONFIG_NLS_CODEPAGE_861 is not set # CONFIG_NLS_CODEPAGE_862 is not set # CONFIG_NLS_CODEPAGE_863 is not set # CONFIG_NLS_CODEPAGE_864 is not set # CONFIG_NLS_CODEPAGE_865 is not set # CONFIG_NLS_CODEPAGE_866 is not set # CONFIG_NLS_CODEPAGE_869 is not set # CONFIG_NLS_CODEPAGE_936 is not set # CONFIG_NLS_CODEPAGE_950 is not set # CONFIG_NLS_CODEPAGE_932 is not set # CONFIG_NLS_CODEPAGE_949 is not set # CONFIG_NLS_CODEPAGE_874 is not set # CONFIG_NLS_ISO8859_8 is not set # CONFIG_NLS_CODEPAGE_1250 is not set # CONFIG_NLS_CODEPAGE_1251 is not set # CONFIG_NLS_ASCII is not set # CONFIG_NLS_ISO8859_1 is not set # CONFIG_NLS_ISO8859_2 is not set # CONFIG_NLS_ISO8859_3 is not set # CONFIG_NLS_ISO8859_4 is not set # CONFIG_NLS_ISO8859_5 is not set # CONFIG_NLS_ISO8859_6 is not set # CONFIG_NLS_ISO8859_7 is not set # CONFIG_NLS_ISO8859_9 is not set # CONFIG_NLS_ISO8859_13 is not set # CONFIG_NLS_ISO8859_14 is not set # CONFIG_NLS_ISO8859_15 is not set # CONFIG_NLS_KOI8_R is not set # CONFIG_NLS_KOI8_U is not set # CONFIG_NLS_UTF8 is not set # CONFIG_DLM is not set # # Security options # # CONFIG_KEYS is not set # CONFIG_SECURITY is not set # CONFIG_SECURITYFS is not set # CONFIG_SECURITY_FILE_CAPABILITIES is not set CONFIG_CRYPTO=y # # Crypto core or helper # # CONFIG_CRYPTO_FIPS is not set CONFIG_CRYPTO_ALGAPI=y CONFIG_CRYPTO_ALGAPI2=y CONFIG_CRYPTO_AEAD=y CONFIG_CRYPTO_AEAD2=y CONFIG_CRYPTO_BLKCIPHER=y CONFIG_CRYPTO_BLKCIPHER2=y CONFIG_CRYPTO_HASH=y CONFIG_CRYPTO_HASH2=y CONFIG_CRYPTO_RNG2=y CONFIG_CRYPTO_PCOMP=y CONFIG_CRYPTO_MANAGER=y CONFIG_CRYPTO_MANAGER2=y # CONFIG_CRYPTO_GF128MUL is not set # CONFIG_CRYPTO_NULL is not set CONFIG_CRYPTO_WORKQUEUE=y # CONFIG_CRYPTO_CRYPTD is not set CONFIG_CRYPTO_AUTHENC=y # # Authenticated Encryption with Associated Data # # CONFIG_CRYPTO_CCM is not set # CONFIG_CRYPTO_GCM is not set # CONFIG_CRYPTO_SEQIV is not set # # Block modes # CONFIG_CRYPTO_CBC=y # CONFIG_CRYPTO_CTR is not set # CONFIG_CRYPTO_CTS is not set # CONFIG_CRYPTO_ECB is not set # CONFIG_CRYPTO_LRW is not set # CONFIG_CRYPTO_PCBC is not set # CONFIG_CRYPTO_XTS is not set # # Hash modes # CONFIG_CRYPTO_HMAC=y # CONFIG_CRYPTO_XCBC is not set # # Digest # CONFIG_CRYPTO_CRC32C=y # CONFIG_CRYPTO_MD4 is not set CONFIG_CRYPTO_MD5=y # CONFIG_CRYPTO_MICHAEL_MIC is not set # CONFIG_CRYPTO_RMD128 is not set # CONFIG_CRYPTO_RMD160 is not set # CONFIG_CRYPTO_RMD256 is not set # CONFIG_CRYPTO_RMD320 is not set CONFIG_CRYPTO_SHA1=y # CONFIG_CRYPTO_SHA256 is not set # CONFIG_CRYPTO_SHA512 is not set # CONFIG_CRYPTO_TGR192 is not set # CONFIG_CRYPTO_WP512 is not set # # Ciphers # # CONFIG_CRYPTO_AES is not set # CONFIG_CRYPTO_AES_586 is not set # CONFIG_CRYPTO_ANUBIS is not set # CONFIG_CRYPTO_ARC4 is not set # CONFIG_CRYPTO_BLOWFISH is not set # CONFIG_CRYPTO_CAMELLIA is not set CONFIG_CRYPTO_CAST5=y # CONFIG_CRYPTO_CAST6 is not set CONFIG_CRYPTO_DES=y # CONFIG_CRYPTO_FCRYPT is not set # CONFIG_CRYPTO_KHAZAD is not set # CONFIG_CRYPTO_SALSA20 is not set # CONFIG_CRYPTO_SALSA20_586 is not set # CONFIG_CRYPTO_SEED is not set # CONFIG_CRYPTO_SERPENT is not set # CONFIG_CRYPTO_TEA is not set # CONFIG_CRYPTO_TWOFISH is not set # CONFIG_CRYPTO_TWOFISH_586 is not set # # Compression # CONFIG_CRYPTO_DEFLATE=y # CONFIG_CRYPTO_ZLIB is not set # CONFIG_CRYPTO_LZO is not set # # Random Number Generation # # CONFIG_CRYPTO_ANSI_CPRNG is not set CONFIG_CRYPTO_HW=y # CONFIG_BINARY_PRINTF is not set # # Library routines # CONFIG_BITREVERSE=y CONFIG_GENERIC_FIND_FIRST_BIT=y CONFIG_GENERIC_FIND_NEXT_BIT=y CONFIG_GENERIC_FIND_LAST_BIT=y # CONFIG_CRC_CCITT is not set CONFIG_CRC16=y # CONFIG_CRC_T10DIF is not set # CONFIG_CRC_ITU_T is not set CONFIG_CRC32=y # CONFIG_CRC7 is not set CONFIG_LIBCRC32C=y CONFIG_ZLIB_INFLATE=y CONFIG_ZLIB_DEFLATE=y CONFIG_TEXTSEARCH=y CONFIG_TEXTSEARCH_KMP=y CONFIG_TEXTSEARCH_BM=y CONFIG_TEXTSEARCH_FSM=y CONFIG_HAS_DMA=y CONFIG_NLATTR=y # # SCSI device support # # CONFIG_RAID_ATTRS is not set # CONFIG_SCSI is not set # CONFIG_SCSI_DMA is not set # CONFIG_SCSI_NETLINK is not set CONFIG_MD=y # CONFIG_BLK_DEV_MD is not set CONFIG_BLK_DEV_DM=y # CONFIG_DM_DEBUG is not set CONFIG_DM_CRYPT=y CONFIG_DM_SNAPSHOT=y CONFIG_DM_MIRROR=y # CONFIG_DM_ZERO is not set # CONFIG_DM_MULTIPATH is not set # CONFIG_DM_DELAY is not set # CONFIG_DM_UEVENT is not set # CONFIG_NEW_LEDS is not set # CONFIG_INPUT is not set # # Kernel hacking # # CONFIG_PRINTK_TIME is not set # CONFIG_ENABLE_WARN_DEPRECATED is not set CONFIG_ENABLE_MUST_CHECK=y CONFIG_FRAME_WARN=1024 # CONFIG_UNUSED_SYMBOLS is not set # CONFIG_DEBUG_FS is not set # CONFIG_DEBUG_KERNEL is not set CONFIG_DEBUG_BUGVERBOSE=y CONFIG_DEBUG_MEMORY_INIT=y # CONFIG_RCU_CPU_STALL_DETECTOR is not set CONFIG_SYSCTL_SYSCALL_CHECK=y # CONFIG_SAMPLES is not set # CONFIG_DEBUG_STACK_USAGE is not set marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/CONFIG-2.6.260000644000175000017500000005277513175722671023273 0ustar lucaslucas# # Automatically generated make config: don't edit # Linux kernel version: 2.6.26 # Fri Nov 27 11:55:55 2009 # CONFIG_DEFCONFIG_LIST="arch/$ARCH/defconfig" CONFIG_GENERIC_HARDIRQS=y CONFIG_UML=y CONFIG_MMU=y CONFIG_NO_IOMEM=y # CONFIG_TRACE_IRQFLAGS_SUPPORT is not set CONFIG_LOCKDEP_SUPPORT=y # CONFIG_STACKTRACE_SUPPORT is not set CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_TIME=y CONFIG_GENERIC_CLOCKEVENTS=y CONFIG_IRQ_RELEASE_METHOD=y CONFIG_HZ=100 # # UML-specific options # # CONFIG_STATIC_LINK is not set # # Host processor type and features # # CONFIG_M386 is not set # CONFIG_M486 is not set # CONFIG_M586 is not set # CONFIG_M586TSC is not set # CONFIG_M586MMX is not set CONFIG_M686=y # CONFIG_MPENTIUMII is not set # CONFIG_MPENTIUMIII is not set # CONFIG_MPENTIUMM is not set # CONFIG_MPENTIUM4 is not set # CONFIG_MK6 is not set # CONFIG_MK7 is not set # CONFIG_MK8 is not set # CONFIG_MCRUSOE is not set # CONFIG_MEFFICEON is not set # CONFIG_MWINCHIPC6 is not set # CONFIG_MWINCHIP2 is not set # CONFIG_MWINCHIP3D is not set # CONFIG_MGEODEGX1 is not set # CONFIG_MGEODE_LX is not set # CONFIG_MCYRIXIII is not set # CONFIG_MVIAC3_2 is not set # CONFIG_MVIAC7 is not set # CONFIG_MPSC is not set # CONFIG_MCORE2 is not set # CONFIG_GENERIC_CPU is not set CONFIG_X86_GENERIC=y CONFIG_X86_CPU=y CONFIG_X86_CMPXCHG=y CONFIG_X86_L1_CACHE_SHIFT=7 CONFIG_X86_XADD=y CONFIG_X86_PPRO_FENCE=y CONFIG_X86_WP_WORKS_OK=y CONFIG_X86_INVLPG=y CONFIG_X86_BSWAP=y CONFIG_X86_POPAD_OK=y CONFIG_X86_GOOD_APIC=y CONFIG_X86_INTEL_USERCOPY=y CONFIG_X86_USE_PPRO_CHECKSUM=y CONFIG_X86_TSC=y CONFIG_X86_CMOV=y CONFIG_X86_MINIMUM_CPU_FAMILY=4 CONFIG_X86_DEBUGCTLMSR=y CONFIG_UML_X86=y CONFIG_X86_32=y CONFIG_RWSEM_XCHGADD_ALGORITHM=y # CONFIG_64BIT is not set # CONFIG_3_LEVEL_PGTABLES is not set CONFIG_ARCH_HAS_SC_SIGNALS=y CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA=y CONFIG_GENERIC_HWEIGHT=y CONFIG_ARCH_SUPPORTS_AOUT=y CONFIG_SELECT_MEMORY_MODEL=y CONFIG_FLATMEM_MANUAL=y # CONFIG_DISCONTIGMEM_MANUAL is not set # CONFIG_SPARSEMEM_MANUAL is not set CONFIG_FLATMEM=y CONFIG_FLAT_NODE_MEM_MAP=y # CONFIG_SPARSEMEM_STATIC is not set # CONFIG_SPARSEMEM_VMEMMAP_ENABLE is not set CONFIG_PAGEFLAGS_EXTENDED=y CONFIG_SPLIT_PTLOCK_CPUS=4 # CONFIG_RESOURCES_64BIT is not set CONFIG_ZONE_DMA_FLAG=0 CONFIG_VIRT_TO_BUS=y CONFIG_TICK_ONESHOT=y CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y CONFIG_GENERIC_CLOCKEVENTS_BUILD=y CONFIG_LD_SCRIPT_DYN=y CONFIG_BINFMT_ELF=y # CONFIG_BINFMT_AOUT is not set CONFIG_BINFMT_MISC=y CONFIG_HOSTFS=y # CONFIG_HPPFS is not set CONFIG_MCONSOLE=y CONFIG_MAGIC_SYSRQ=y # CONFIG_HIGHMEM is not set CONFIG_KERNEL_STACK_ORDER=0 # # General setup # CONFIG_EXPERIMENTAL=y CONFIG_BROKEN_ON_SMP=y CONFIG_INIT_ENV_ARG_LIMIT=128 CONFIG_LOCALVERSION="-marionnet-ghost" CONFIG_LOCALVERSION_AUTO=y CONFIG_SWAP=y CONFIG_SYSVIPC=y CONFIG_SYSVIPC_SYSCTL=y CONFIG_POSIX_MQUEUE=y CONFIG_BSD_PROCESS_ACCT=y # CONFIG_BSD_PROCESS_ACCT_V3 is not set # CONFIG_TASKSTATS is not set # CONFIG_AUDIT is not set CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y CONFIG_LOG_BUF_SHIFT=14 # CONFIG_CGROUPS is not set # CONFIG_GROUP_SCHED is not set CONFIG_SYSFS_DEPRECATED=y CONFIG_SYSFS_DEPRECATED_V2=y # CONFIG_RELAY is not set CONFIG_NAMESPACES=y # CONFIG_UTS_NS is not set # CONFIG_IPC_NS is not set # CONFIG_USER_NS is not set # CONFIG_PID_NS is not set # CONFIG_BLK_DEV_INITRD is not set CONFIG_CC_OPTIMIZE_FOR_SIZE=y CONFIG_SYSCTL=y # CONFIG_EMBEDDED is not set CONFIG_UID16=y CONFIG_SYSCTL_SYSCALL=y CONFIG_SYSCTL_SYSCALL_CHECK=y CONFIG_KALLSYMS=y CONFIG_KALLSYMS_EXTRA_PASS=y CONFIG_HOTPLUG=y CONFIG_PRINTK=y CONFIG_BUG=y CONFIG_ELF_CORE=y CONFIG_COMPAT_BRK=y CONFIG_BASE_FULL=y CONFIG_FUTEX=y CONFIG_ANON_INODES=y CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_SHMEM=y CONFIG_VM_EVENT_COUNTERS=y CONFIG_SLAB=y # CONFIG_SLUB is not set # CONFIG_SLOB is not set # CONFIG_PROFILING is not set # CONFIG_MARKERS is not set # CONFIG_HAVE_OPROFILE is not set # CONFIG_HAVE_KPROBES is not set # CONFIG_HAVE_KRETPROBES is not set # CONFIG_HAVE_DMA_ATTRS is not set CONFIG_PROC_PAGE_MONITOR=y CONFIG_SLABINFO=y CONFIG_RT_MUTEXES=y # CONFIG_TINY_SHMEM is not set CONFIG_BASE_SMALL=0 # CONFIG_MODULES is not set CONFIG_BLOCK=y # CONFIG_LBD is not set # CONFIG_BLK_DEV_IO_TRACE is not set # CONFIG_LSF is not set # CONFIG_BLK_DEV_BSG is not set # # IO Schedulers # CONFIG_IOSCHED_NOOP=y CONFIG_IOSCHED_AS=y CONFIG_IOSCHED_DEADLINE=y CONFIG_IOSCHED_CFQ=y CONFIG_DEFAULT_AS=y # CONFIG_DEFAULT_DEADLINE is not set # CONFIG_DEFAULT_CFQ is not set # CONFIG_DEFAULT_NOOP is not set CONFIG_DEFAULT_IOSCHED="anticipatory" CONFIG_CLASSIC_RCU=y CONFIG_BLK_DEV=y CONFIG_BLK_DEV_UBD=y # CONFIG_BLK_DEV_UBD_SYNC is not set CONFIG_BLK_DEV_COW_COMMON=y CONFIG_BLK_DEV_LOOP=y # CONFIG_BLK_DEV_CRYPTOLOOP is not set CONFIG_BLK_DEV_NBD=y # CONFIG_BLK_DEV_RAM is not set # CONFIG_ATA_OVER_ETH is not set # # Character Devices # CONFIG_STDERR_CONSOLE=y CONFIG_STDIO_CONSOLE=y CONFIG_SSL=y CONFIG_NULL_CHAN=y CONFIG_PORT_CHAN=y CONFIG_PTY_CHAN=y CONFIG_TTY_CHAN=y CONFIG_XTERM_CHAN=y # CONFIG_NOCONFIG_CHAN is not set CONFIG_CON_ZERO_CHAN="fd:0,fd:1" CONFIG_CON_CHAN="xterm" CONFIG_SSL_CHAN="pts" CONFIG_UNIX98_PTYS=y CONFIG_LEGACY_PTYS=y # CONFIG_RAW_DRIVER is not set CONFIG_LEGACY_PTY_COUNT=32 # CONFIG_WATCHDOG is not set CONFIG_UML_SOUND=y CONFIG_SOUND=y CONFIG_HOSTAUDIO=y # CONFIG_HW_RANDOM is not set CONFIG_UML_RANDOM=y # CONFIG_MMAPPER is not set # # Generic Driver Options # CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y # CONFIG_FW_LOADER is not set # CONFIG_SYS_HYPERVISOR is not set # # Networking # CONFIG_NET=y # # Networking options # CONFIG_PACKET=y CONFIG_PACKET_MMAP=y CONFIG_UNIX=y CONFIG_XFRM=y CONFIG_XFRM_USER=y # CONFIG_XFRM_SUB_POLICY is not set # CONFIG_XFRM_MIGRATE is not set # CONFIG_XFRM_STATISTICS is not set CONFIG_NET_KEY=y # CONFIG_NET_KEY_MIGRATE is not set CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_ASK_IP_FIB_HASH=y # CONFIG_IP_FIB_TRIE is not set CONFIG_IP_FIB_HASH=y CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_VERBOSE=y # CONFIG_IP_PNP is not set CONFIG_NET_IPIP=y CONFIG_NET_IPGRE=y CONFIG_NET_IPGRE_BROADCAST=y CONFIG_IP_MROUTE=y # CONFIG_IP_PIMSM_V1 is not set CONFIG_IP_PIMSM_V2=y CONFIG_ARPD=y CONFIG_SYN_COOKIES=y CONFIG_INET_AH=y CONFIG_INET_ESP=y CONFIG_INET_IPCOMP=y CONFIG_INET_XFRM_TUNNEL=y CONFIG_INET_TUNNEL=y CONFIG_INET_XFRM_MODE_TRANSPORT=y CONFIG_INET_XFRM_MODE_TUNNEL=y CONFIG_INET_XFRM_MODE_BEET=y # CONFIG_INET_LRO is not set CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y # CONFIG_TCP_CONG_ADVANCED is not set CONFIG_TCP_CONG_CUBIC=y CONFIG_DEFAULT_TCP_CONG="cubic" # CONFIG_TCP_MD5SIG is not set # CONFIG_IP_VS is not set CONFIG_IPV6=y # CONFIG_IPV6_PRIVACY is not set # CONFIG_IPV6_ROUTER_PREF is not set # CONFIG_IPV6_OPTIMISTIC_DAD is not set # CONFIG_INET6_AH is not set # CONFIG_INET6_ESP is not set # CONFIG_INET6_IPCOMP is not set # CONFIG_IPV6_MIP6 is not set # CONFIG_INET6_XFRM_TUNNEL is not set # CONFIG_INET6_TUNNEL is not set CONFIG_INET6_XFRM_MODE_TRANSPORT=y CONFIG_INET6_XFRM_MODE_TUNNEL=y CONFIG_INET6_XFRM_MODE_BEET=y # CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set CONFIG_IPV6_SIT=y CONFIG_IPV6_NDISC_NODETYPE=y # CONFIG_IPV6_TUNNEL is not set # CONFIG_IPV6_MULTIPLE_TABLES is not set # CONFIG_IPV6_MROUTE is not set # CONFIG_NETWORK_SECMARK is not set CONFIG_NETFILTER=y # CONFIG_NETFILTER_DEBUG is not set CONFIG_NETFILTER_ADVANCED=y CONFIG_BRIDGE_NETFILTER=y # # Core Netfilter Configuration # CONFIG_NETFILTER_NETLINK=y CONFIG_NETFILTER_NETLINK_QUEUE=y CONFIG_NETFILTER_NETLINK_LOG=y CONFIG_NF_CONNTRACK=y CONFIG_NF_CT_ACCT=y CONFIG_NF_CONNTRACK_MARK=y CONFIG_NF_CONNTRACK_EVENTS=y CONFIG_NF_CT_PROTO_DCCP=y CONFIG_NF_CT_PROTO_GRE=y CONFIG_NF_CT_PROTO_SCTP=y CONFIG_NF_CT_PROTO_UDPLITE=y CONFIG_NF_CONNTRACK_AMANDA=y CONFIG_NF_CONNTRACK_FTP=y CONFIG_NF_CONNTRACK_H323=y CONFIG_NF_CONNTRACK_IRC=y CONFIG_NF_CONNTRACK_NETBIOS_NS=y CONFIG_NF_CONNTRACK_PPTP=y CONFIG_NF_CONNTRACK_SANE=y CONFIG_NF_CONNTRACK_SIP=y CONFIG_NF_CONNTRACK_TFTP=y CONFIG_NF_CT_NETLINK=y CONFIG_NETFILTER_XTABLES=y CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y CONFIG_NETFILTER_XT_TARGET_CONNMARK=y CONFIG_NETFILTER_XT_TARGET_DSCP=y CONFIG_NETFILTER_XT_TARGET_MARK=y CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y CONFIG_NETFILTER_XT_TARGET_NFLOG=y CONFIG_NETFILTER_XT_TARGET_NOTRACK=y CONFIG_NETFILTER_XT_TARGET_RATEEST=y CONFIG_NETFILTER_XT_TARGET_TRACE=y CONFIG_NETFILTER_XT_TARGET_TCPMSS=y CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=y CONFIG_NETFILTER_XT_MATCH_COMMENT=y CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y CONFIG_NETFILTER_XT_MATCH_CONNMARK=y CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y CONFIG_NETFILTER_XT_MATCH_DCCP=y CONFIG_NETFILTER_XT_MATCH_DSCP=y CONFIG_NETFILTER_XT_MATCH_ESP=y CONFIG_NETFILTER_XT_MATCH_HELPER=y CONFIG_NETFILTER_XT_MATCH_IPRANGE=y CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y CONFIG_NETFILTER_XT_MATCH_MAC=y CONFIG_NETFILTER_XT_MATCH_MARK=y CONFIG_NETFILTER_XT_MATCH_OWNER=y CONFIG_NETFILTER_XT_MATCH_POLICY=y CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y CONFIG_NETFILTER_XT_MATCH_PHYSDEV=y CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y CONFIG_NETFILTER_XT_MATCH_QUOTA=y CONFIG_NETFILTER_XT_MATCH_RATEEST=y CONFIG_NETFILTER_XT_MATCH_REALM=y CONFIG_NETFILTER_XT_MATCH_SCTP=y CONFIG_NETFILTER_XT_MATCH_STATE=y CONFIG_NETFILTER_XT_MATCH_STATISTIC=y CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y CONFIG_NETFILTER_XT_MATCH_TIME=y CONFIG_NETFILTER_XT_MATCH_U32=y CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y # # IP: Netfilter Configuration # CONFIG_NF_CONNTRACK_IPV4=y CONFIG_NF_CONNTRACK_PROC_COMPAT=y CONFIG_IP_NF_QUEUE=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_RECENT=y CONFIG_IP_NF_MATCH_ECN=y CONFIG_IP_NF_MATCH_AH=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_MATCH_ADDRTYPE=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_TARGET_LOG=y CONFIG_IP_NF_TARGET_ULOG=y CONFIG_NF_NAT=y CONFIG_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=y CONFIG_IP_NF_TARGET_REDIRECT=y CONFIG_IP_NF_TARGET_NETMAP=y CONFIG_NF_NAT_SNMP_BASIC=y CONFIG_NF_NAT_PROTO_DCCP=y CONFIG_NF_NAT_PROTO_GRE=y CONFIG_NF_NAT_PROTO_UDPLITE=y CONFIG_NF_NAT_PROTO_SCTP=y CONFIG_NF_NAT_FTP=y CONFIG_NF_NAT_IRC=y CONFIG_NF_NAT_TFTP=y CONFIG_NF_NAT_AMANDA=y CONFIG_NF_NAT_PPTP=y CONFIG_NF_NAT_H323=y CONFIG_NF_NAT_SIP=y CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_TARGET_ECN=y CONFIG_IP_NF_TARGET_TTL=y CONFIG_IP_NF_TARGET_CLUSTERIP=y CONFIG_IP_NF_RAW=y CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_ARPFILTER=y CONFIG_IP_NF_ARP_MANGLE=y # # IPv6: Netfilter Configuration # CONFIG_NF_CONNTRACK_IPV6=y CONFIG_IP6_NF_QUEUE=y CONFIG_IP6_NF_IPTABLES=y CONFIG_IP6_NF_MATCH_RT=y CONFIG_IP6_NF_MATCH_OPTS=y CONFIG_IP6_NF_MATCH_FRAG=y CONFIG_IP6_NF_MATCH_HL=y CONFIG_IP6_NF_MATCH_IPV6HEADER=y CONFIG_IP6_NF_MATCH_AH=y CONFIG_IP6_NF_MATCH_MH=y CONFIG_IP6_NF_MATCH_EUI64=y CONFIG_IP6_NF_FILTER=y CONFIG_IP6_NF_TARGET_LOG=y CONFIG_IP6_NF_TARGET_REJECT=y CONFIG_IP6_NF_MANGLE=y CONFIG_IP6_NF_TARGET_HL=y CONFIG_IP6_NF_RAW=y # # Bridge: Netfilter Configuration # CONFIG_BRIDGE_NF_EBTABLES=y CONFIG_BRIDGE_EBT_BROUTE=y CONFIG_BRIDGE_EBT_T_FILTER=y CONFIG_BRIDGE_EBT_T_NAT=y CONFIG_BRIDGE_EBT_802_3=y CONFIG_BRIDGE_EBT_AMONG=y CONFIG_BRIDGE_EBT_ARP=y CONFIG_BRIDGE_EBT_IP=y CONFIG_BRIDGE_EBT_LIMIT=y CONFIG_BRIDGE_EBT_MARK=y CONFIG_BRIDGE_EBT_PKTTYPE=y CONFIG_BRIDGE_EBT_STP=y CONFIG_BRIDGE_EBT_VLAN=y CONFIG_BRIDGE_EBT_ARPREPLY=y CONFIG_BRIDGE_EBT_DNAT=y CONFIG_BRIDGE_EBT_MARK_T=y CONFIG_BRIDGE_EBT_REDIRECT=y CONFIG_BRIDGE_EBT_SNAT=y CONFIG_BRIDGE_EBT_LOG=y CONFIG_BRIDGE_EBT_ULOG=y CONFIG_BRIDGE_EBT_NFLOG=y CONFIG_GHOSTIFICATION_NETFILTER=y CONFIG_GHOSTIFICATION_NETFILTER_ALL=y # CONFIG_IP_DCCP is not set # CONFIG_IP_SCTP is not set # CONFIG_TIPC is not set # CONFIG_ATM is not set CONFIG_BRIDGE=y CONFIG_VLAN_8021Q=y # CONFIG_DECNET is not set CONFIG_LLC=y CONFIG_LLC2=y # CONFIG_IPX is not set # CONFIG_ATALK is not set # CONFIG_X25 is not set # CONFIG_LAPB is not set # CONFIG_ECONET is not set # CONFIG_WAN_ROUTER is not set CONFIG_NET_SCHED=y # # Queueing/Scheduling # CONFIG_NET_SCH_CBQ=y CONFIG_NET_SCH_HTB=y CONFIG_NET_SCH_HFSC=y CONFIG_NET_SCH_PRIO=y CONFIG_NET_SCH_RED=y CONFIG_NET_SCH_SFQ=y CONFIG_NET_SCH_TEQL=y CONFIG_NET_SCH_TBF=y CONFIG_NET_SCH_GRED=y CONFIG_NET_SCH_DSMARK=y CONFIG_NET_SCH_NETEM=y # CONFIG_NET_SCH_INGRESS is not set # # Classification # CONFIG_NET_CLS=y CONFIG_NET_CLS_BASIC=y CONFIG_NET_CLS_TCINDEX=y CONFIG_NET_CLS_ROUTE4=y CONFIG_NET_CLS_ROUTE=y CONFIG_NET_CLS_FW=y CONFIG_NET_CLS_U32=y CONFIG_CLS_U32_PERF=y CONFIG_CLS_U32_MARK=y CONFIG_NET_CLS_RSVP=y CONFIG_NET_CLS_RSVP6=y CONFIG_NET_CLS_FLOW=y CONFIG_NET_EMATCH=y CONFIG_NET_EMATCH_STACK=32 CONFIG_NET_EMATCH_CMP=y CONFIG_NET_EMATCH_NBYTE=y CONFIG_NET_EMATCH_U32=y CONFIG_NET_EMATCH_META=y CONFIG_NET_EMATCH_TEXT=y CONFIG_NET_CLS_ACT=y CONFIG_NET_ACT_POLICE=y CONFIG_NET_ACT_GACT=y CONFIG_GACT_PROB=y CONFIG_NET_ACT_MIRRED=y CONFIG_NET_ACT_IPT=y CONFIG_NET_ACT_NAT=y CONFIG_NET_ACT_PEDIT=y # CONFIG_NET_ACT_SIMP is not set CONFIG_NET_CLS_IND=y CONFIG_NET_SCH_FIFO=y # # Network testing # # CONFIG_NET_PKTGEN is not set # CONFIG_HAMRADIO is not set # CONFIG_CAN is not set # CONFIG_IRDA is not set # CONFIG_BT is not set # CONFIG_AF_RXRPC is not set CONFIG_FIB_RULES=y # # Wireless # # CONFIG_CFG80211 is not set # CONFIG_WIRELESS_EXT is not set # CONFIG_MAC80211 is not set # CONFIG_IEEE80211 is not set # CONFIG_RFKILL is not set # CONFIG_NET_9P is not set CONFIG_GHOSTIFICATION=y CONFIG_GHOSTIFICATION_NUM=9 CONFIG_GHOSTIFICATION_MESG=y CONFIG_GHOSTIFICATION_PRINTK=y # CONFIG_GHOSTIFICATION_DEBUG is not set # CONFIG_GHOSTIFICATION_DEVEL is not set # # UML Network Devices # CONFIG_UML_NET=y CONFIG_UML_NET_ETHERTAP=y CONFIG_UML_NET_TUNTAP=y CONFIG_UML_NET_SLIP=y CONFIG_UML_NET_DAEMON=y CONFIG_UML_NET_VDE=y CONFIG_UML_NET_MCAST=y CONFIG_UML_NET_PCAP=y CONFIG_UML_NET_SLIRP=y CONFIG_NETDEVICES=y CONFIG_NETDEVICES_MULTIQUEUE=y # CONFIG_IFB is not set CONFIG_DUMMY=y CONFIG_BONDING=y CONFIG_MACVLAN=y # CONFIG_EQUALIZER is not set CONFIG_TUN=y # CONFIG_VETH is not set # # Wireless LAN # # CONFIG_WLAN_PRE80211 is not set # CONFIG_WLAN_80211 is not set # CONFIG_IWLWIFI_LEDS is not set # CONFIG_WAN is not set CONFIG_PPP=y # CONFIG_PPP_MULTILINK is not set # CONFIG_PPP_FILTER is not set # CONFIG_PPP_ASYNC is not set # CONFIG_PPP_SYNC_TTY is not set # CONFIG_PPP_DEFLATE is not set # CONFIG_PPP_BSDCOMP is not set # CONFIG_PPP_MPPE is not set # CONFIG_PPPOE is not set # CONFIG_PPPOL2TP is not set CONFIG_SLIP=y # CONFIG_SLIP_COMPRESSED is not set CONFIG_SLHC=y # CONFIG_SLIP_SMART is not set # CONFIG_SLIP_MODE_SLIP6 is not set # CONFIG_NETCONSOLE is not set # CONFIG_NETPOLL is not set # CONFIG_NET_POLL_CONTROLLER is not set # CONFIG_CONNECTOR is not set # # File systems # CONFIG_EXT2_FS=y CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_POSIX_ACL=y CONFIG_EXT2_FS_SECURITY=y # CONFIG_EXT2_FS_XIP is not set CONFIG_EXT3_FS=y CONFIG_EXT3_FS_XATTR=y CONFIG_EXT3_FS_POSIX_ACL=y CONFIG_EXT3_FS_SECURITY=y # CONFIG_EXT4DEV_FS is not set CONFIG_JBD=y CONFIG_FS_MBCACHE=y # CONFIG_REISERFS_FS is not set # CONFIG_JFS_FS is not set CONFIG_FS_POSIX_ACL=y # CONFIG_XFS_FS is not set # CONFIG_OCFS2_FS is not set CONFIG_DNOTIFY=y CONFIG_INOTIFY=y CONFIG_INOTIFY_USER=y CONFIG_QUOTA=y # CONFIG_QUOTA_NETLINK_INTERFACE is not set CONFIG_PRINT_QUOTA_WARNING=y # CONFIG_QFMT_V1 is not set # CONFIG_QFMT_V2 is not set CONFIG_QUOTACTL=y CONFIG_AUTOFS_FS=y CONFIG_AUTOFS4_FS=y # CONFIG_FUSE_FS is not set # # CD-ROM/DVD Filesystems # # CONFIG_ISO9660_FS is not set # CONFIG_UDF_FS is not set # # DOS/FAT/NT Filesystems # # CONFIG_MSDOS_FS is not set # CONFIG_VFAT_FS is not set # CONFIG_NTFS_FS is not set # # Pseudo filesystems # CONFIG_PROC_FS=y CONFIG_PROC_KCORE=y CONFIG_PROC_SYSCTL=y CONFIG_SYSFS=y CONFIG_TMPFS=y # CONFIG_TMPFS_POSIX_ACL is not set # CONFIG_HUGETLB_PAGE is not set # CONFIG_CONFIGFS_FS is not set # # Miscellaneous filesystems # # CONFIG_ADFS_FS is not set # CONFIG_AFFS_FS is not set # CONFIG_HFS_FS is not set # CONFIG_HFSPLUS_FS is not set # CONFIG_BEFS_FS is not set # CONFIG_BFS_FS is not set # CONFIG_EFS_FS is not set # CONFIG_CRAMFS is not set # CONFIG_VXFS_FS is not set # CONFIG_MINIX_FS is not set # CONFIG_HPFS_FS is not set # CONFIG_QNX4FS_FS is not set # CONFIG_ROMFS_FS is not set # CONFIG_SYSV_FS is not set # CONFIG_UFS_FS is not set CONFIG_NETWORK_FILESYSTEMS=y CONFIG_NFS_FS=y CONFIG_NFS_V3=y CONFIG_NFS_V3_ACL=y CONFIG_NFS_V4=y CONFIG_NFSD=y CONFIG_NFSD_V2_ACL=y CONFIG_NFSD_V3=y CONFIG_NFSD_V3_ACL=y CONFIG_NFSD_V4=y CONFIG_LOCKD=y CONFIG_LOCKD_V4=y CONFIG_EXPORTFS=y CONFIG_NFS_ACL_SUPPORT=y CONFIG_NFS_COMMON=y CONFIG_SUNRPC=y CONFIG_SUNRPC_GSS=y CONFIG_SUNRPC_BIND34=y CONFIG_RPCSEC_GSS_KRB5=y CONFIG_RPCSEC_GSS_SPKM3=y # CONFIG_SMB_FS is not set CONFIG_CIFS=y # CONFIG_CIFS_STATS is not set # CONFIG_CIFS_WEAK_PW_HASH is not set CONFIG_CIFS_XATTR=y CONFIG_CIFS_POSIX=y CONFIG_CIFS_DEBUG2=y # CONFIG_CIFS_EXPERIMENTAL is not set # CONFIG_NCP_FS is not set # CONFIG_CODA_FS is not set # CONFIG_AFS_FS is not set # # Partition Types # CONFIG_PARTITION_ADVANCED=y # CONFIG_ACORN_PARTITION is not set # CONFIG_OSF_PARTITION is not set # CONFIG_AMIGA_PARTITION is not set # CONFIG_ATARI_PARTITION is not set # CONFIG_MAC_PARTITION is not set CONFIG_MSDOS_PARTITION=y # CONFIG_BSD_DISKLABEL is not set # CONFIG_MINIX_SUBPARTITION is not set # CONFIG_SOLARIS_X86_PARTITION is not set # CONFIG_UNIXWARE_DISKLABEL is not set # CONFIG_LDM_PARTITION is not set # CONFIG_SGI_PARTITION is not set # CONFIG_ULTRIX_PARTITION is not set # CONFIG_SUN_PARTITION is not set # CONFIG_KARMA_PARTITION is not set # CONFIG_EFI_PARTITION is not set # CONFIG_SYSV68_PARTITION is not set CONFIG_NLS=y CONFIG_NLS_DEFAULT="iso8859-1" # CONFIG_NLS_CODEPAGE_437 is not set # CONFIG_NLS_CODEPAGE_737 is not set # CONFIG_NLS_CODEPAGE_775 is not set # CONFIG_NLS_CODEPAGE_850 is not set # CONFIG_NLS_CODEPAGE_852 is not set # CONFIG_NLS_CODEPAGE_855 is not set # CONFIG_NLS_CODEPAGE_857 is not set # CONFIG_NLS_CODEPAGE_860 is not set # CONFIG_NLS_CODEPAGE_861 is not set # CONFIG_NLS_CODEPAGE_862 is not set # CONFIG_NLS_CODEPAGE_863 is not set # CONFIG_NLS_CODEPAGE_864 is not set # CONFIG_NLS_CODEPAGE_865 is not set # CONFIG_NLS_CODEPAGE_866 is not set # CONFIG_NLS_CODEPAGE_869 is not set # CONFIG_NLS_CODEPAGE_936 is not set # CONFIG_NLS_CODEPAGE_950 is not set # CONFIG_NLS_CODEPAGE_932 is not set # CONFIG_NLS_CODEPAGE_949 is not set # CONFIG_NLS_CODEPAGE_874 is not set # CONFIG_NLS_ISO8859_8 is not set # CONFIG_NLS_CODEPAGE_1250 is not set # CONFIG_NLS_CODEPAGE_1251 is not set # CONFIG_NLS_ASCII is not set # CONFIG_NLS_ISO8859_1 is not set # CONFIG_NLS_ISO8859_2 is not set # CONFIG_NLS_ISO8859_3 is not set # CONFIG_NLS_ISO8859_4 is not set # CONFIG_NLS_ISO8859_5 is not set # CONFIG_NLS_ISO8859_6 is not set # CONFIG_NLS_ISO8859_7 is not set # CONFIG_NLS_ISO8859_9 is not set # CONFIG_NLS_ISO8859_13 is not set # CONFIG_NLS_ISO8859_14 is not set # CONFIG_NLS_ISO8859_15 is not set # CONFIG_NLS_KOI8_R is not set # CONFIG_NLS_KOI8_U is not set # CONFIG_NLS_UTF8 is not set # CONFIG_DLM is not set # # Security options # # CONFIG_KEYS is not set # CONFIG_SECURITY is not set # CONFIG_SECURITY_FILE_CAPABILITIES is not set CONFIG_CRYPTO=y # # Crypto core or helper # CONFIG_CRYPTO_ALGAPI=y CONFIG_CRYPTO_AEAD=y CONFIG_CRYPTO_BLKCIPHER=y CONFIG_CRYPTO_HASH=y CONFIG_CRYPTO_MANAGER=y # CONFIG_CRYPTO_GF128MUL is not set # CONFIG_CRYPTO_NULL is not set # CONFIG_CRYPTO_CRYPTD is not set CONFIG_CRYPTO_AUTHENC=y # # Authenticated Encryption with Associated Data # # CONFIG_CRYPTO_CCM is not set # CONFIG_CRYPTO_GCM is not set # CONFIG_CRYPTO_SEQIV is not set # # Block modes # CONFIG_CRYPTO_CBC=y # CONFIG_CRYPTO_CTR is not set # CONFIG_CRYPTO_CTS is not set # CONFIG_CRYPTO_ECB is not set # CONFIG_CRYPTO_LRW is not set # CONFIG_CRYPTO_PCBC is not set # CONFIG_CRYPTO_XTS is not set # # Hash modes # CONFIG_CRYPTO_HMAC=y # CONFIG_CRYPTO_XCBC is not set # # Digest # # CONFIG_CRYPTO_CRC32C is not set # CONFIG_CRYPTO_MD4 is not set CONFIG_CRYPTO_MD5=y # CONFIG_CRYPTO_MICHAEL_MIC is not set CONFIG_CRYPTO_SHA1=y # CONFIG_CRYPTO_SHA256 is not set # CONFIG_CRYPTO_SHA512 is not set # CONFIG_CRYPTO_TGR192 is not set # CONFIG_CRYPTO_WP512 is not set # # Ciphers # # CONFIG_CRYPTO_AES is not set # CONFIG_CRYPTO_AES_586 is not set # CONFIG_CRYPTO_ANUBIS is not set # CONFIG_CRYPTO_ARC4 is not set # CONFIG_CRYPTO_BLOWFISH is not set # CONFIG_CRYPTO_CAMELLIA is not set CONFIG_CRYPTO_CAST5=y # CONFIG_CRYPTO_CAST6 is not set CONFIG_CRYPTO_DES=y # CONFIG_CRYPTO_FCRYPT is not set # CONFIG_CRYPTO_KHAZAD is not set # CONFIG_CRYPTO_SALSA20 is not set # CONFIG_CRYPTO_SALSA20_586 is not set # CONFIG_CRYPTO_SEED is not set # CONFIG_CRYPTO_SERPENT is not set # CONFIG_CRYPTO_TEA is not set # CONFIG_CRYPTO_TWOFISH is not set # CONFIG_CRYPTO_TWOFISH_586 is not set # # Compression # CONFIG_CRYPTO_DEFLATE=y # CONFIG_CRYPTO_LZO is not set CONFIG_CRYPTO_HW=y # # Library routines # CONFIG_BITREVERSE=y CONFIG_GENERIC_FIND_FIRST_BIT=y CONFIG_GENERIC_FIND_NEXT_BIT=y # CONFIG_CRC_CCITT is not set CONFIG_CRC16=y # CONFIG_CRC_ITU_T is not set CONFIG_CRC32=y # CONFIG_CRC7 is not set CONFIG_LIBCRC32C=y CONFIG_ZLIB_INFLATE=y CONFIG_ZLIB_DEFLATE=y CONFIG_TEXTSEARCH=y CONFIG_TEXTSEARCH_KMP=y CONFIG_TEXTSEARCH_BM=y CONFIG_TEXTSEARCH_FSM=y CONFIG_PLIST=y CONFIG_HAS_DMA=y # # SCSI device support # # CONFIG_RAID_ATTRS is not set # CONFIG_SCSI is not set # CONFIG_SCSI_DMA is not set # CONFIG_SCSI_NETLINK is not set # CONFIG_MD is not set # CONFIG_NEW_LEDS is not set # CONFIG_INPUT is not set # # Kernel hacking # # CONFIG_PRINTK_TIME is not set # CONFIG_ENABLE_WARN_DEPRECATED is not set CONFIG_ENABLE_MUST_CHECK=y CONFIG_FRAME_WARN=1024 # CONFIG_UNUSED_SYMBOLS is not set # CONFIG_DEBUG_FS is not set # CONFIG_DEBUG_KERNEL is not set CONFIG_DEBUG_BUGVERBOSE=y # CONFIG_SAMPLES is not set # CONFIG_DEBUG_STACK_USAGE is not set marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/CONFIG-2.6.29_x86_640000644000175000017500000005443013175722671024302 0ustar lucaslucas# # Automatically generated make config: don't edit # Linux kernel version: 2.6.29 # Fri Nov 27 10:09:30 2009 # CONFIG_DEFCONFIG_LIST="arch/$ARCH/defconfig" CONFIG_GENERIC_HARDIRQS=y CONFIG_UML=y CONFIG_MMU=y CONFIG_NO_IOMEM=y # CONFIG_TRACE_IRQFLAGS_SUPPORT is not set CONFIG_LOCKDEP_SUPPORT=y # CONFIG_STACKTRACE_SUPPORT is not set CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_TIME=y CONFIG_GENERIC_CLOCKEVENTS=y CONFIG_IRQ_RELEASE_METHOD=y CONFIG_HZ=100 # # UML-specific options # # # Host processor type and features # # CONFIG_M386 is not set # CONFIG_M486 is not set # CONFIG_M586 is not set # CONFIG_M586TSC is not set # CONFIG_M586MMX is not set # CONFIG_M686 is not set # CONFIG_MPENTIUMII is not set # CONFIG_MPENTIUMIII is not set # CONFIG_MPENTIUMM is not set # CONFIG_MPENTIUM4 is not set # CONFIG_MK6 is not set # CONFIG_MK7 is not set CONFIG_MK8=y # CONFIG_MCRUSOE is not set # CONFIG_MEFFICEON is not set # CONFIG_MWINCHIPC6 is not set # CONFIG_MWINCHIP3D is not set # CONFIG_MGEODEGX1 is not set # CONFIG_MGEODE_LX is not set # CONFIG_MCYRIXIII is not set # CONFIG_MVIAC3_2 is not set # CONFIG_MVIAC7 is not set # CONFIG_MPSC is not set # CONFIG_MCORE2 is not set # CONFIG_GENERIC_CPU is not set CONFIG_X86_CPU=y # CONFIG_X86_CMPXCHG is not set CONFIG_X86_L1_CACHE_SHIFT=6 CONFIG_X86_WP_WORKS_OK=y CONFIG_X86_INTEL_USERCOPY=y CONFIG_X86_USE_PPRO_CHECKSUM=y CONFIG_X86_TSC=y CONFIG_X86_CMOV=y CONFIG_X86_MINIMUM_CPU_FAMILY=3 CONFIG_CPU_SUP_INTEL=y CONFIG_CPU_SUP_AMD=y CONFIG_CPU_SUP_CENTAUR_64=y CONFIG_UML_X86=y CONFIG_64BIT=y # CONFIG_X86_32 is not set # CONFIG_RWSEM_XCHGADD_ALGORITHM is not set CONFIG_RWSEM_GENERIC_SPINLOCK=y CONFIG_3_LEVEL_PGTABLES=y # CONFIG_ARCH_HAS_SC_SIGNALS is not set # CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA is not set CONFIG_SMP_BROKEN=y CONFIG_GENERIC_HWEIGHT=y # CONFIG_STATIC_LINK is not set CONFIG_SELECT_MEMORY_MODEL=y CONFIG_FLATMEM_MANUAL=y # CONFIG_DISCONTIGMEM_MANUAL is not set # CONFIG_SPARSEMEM_MANUAL is not set CONFIG_FLATMEM=y CONFIG_FLAT_NODE_MEM_MAP=y CONFIG_PAGEFLAGS_EXTENDED=y CONFIG_SPLIT_PTLOCK_CPUS=4 CONFIG_PHYS_ADDR_T_64BIT=y CONFIG_ZONE_DMA_FLAG=0 CONFIG_VIRT_TO_BUS=y CONFIG_UNEVICTABLE_LRU=y CONFIG_TICK_ONESHOT=y CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y CONFIG_GENERIC_CLOCKEVENTS_BUILD=y CONFIG_LD_SCRIPT_DYN=y CONFIG_BINFMT_ELF=y # CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS is not set # CONFIG_HAVE_AOUT is not set CONFIG_BINFMT_MISC=y CONFIG_HOSTFS=y # CONFIG_HPPFS is not set CONFIG_MCONSOLE=y CONFIG_MAGIC_SYSRQ=y CONFIG_KERNEL_STACK_ORDER=1 # # General setup # CONFIG_EXPERIMENTAL=y CONFIG_BROKEN_ON_SMP=y CONFIG_INIT_ENV_ARG_LIMIT=128 CONFIG_LOCALVERSION="-marionnet-ghost" CONFIG_LOCALVERSION_AUTO=y CONFIG_SWAP=y CONFIG_SYSVIPC=y CONFIG_SYSVIPC_SYSCTL=y CONFIG_POSIX_MQUEUE=y CONFIG_BSD_PROCESS_ACCT=y # CONFIG_BSD_PROCESS_ACCT_V3 is not set # CONFIG_TASKSTATS is not set # CONFIG_AUDIT is not set # # RCU Subsystem # CONFIG_CLASSIC_RCU=y # CONFIG_TREE_RCU is not set # CONFIG_PREEMPT_RCU is not set # CONFIG_TREE_RCU_TRACE is not set # CONFIG_PREEMPT_RCU_TRACE is not set CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y CONFIG_LOG_BUF_SHIFT=14 # CONFIG_GROUP_SCHED is not set # CONFIG_CGROUPS is not set CONFIG_SYSFS_DEPRECATED=y CONFIG_SYSFS_DEPRECATED_V2=y # CONFIG_RELAY is not set CONFIG_NAMESPACES=y # CONFIG_UTS_NS is not set # CONFIG_IPC_NS is not set # CONFIG_USER_NS is not set # CONFIG_PID_NS is not set # CONFIG_NET_NS is not set # CONFIG_BLK_DEV_INITRD is not set CONFIG_CC_OPTIMIZE_FOR_SIZE=y CONFIG_SYSCTL=y CONFIG_ANON_INODES=y # CONFIG_EMBEDDED is not set CONFIG_UID16=y CONFIG_SYSCTL_SYSCALL=y CONFIG_KALLSYMS=y CONFIG_KALLSYMS_EXTRA_PASS=y CONFIG_HOTPLUG=y CONFIG_PRINTK=y CONFIG_BUG=y CONFIG_ELF_CORE=y CONFIG_BASE_FULL=y CONFIG_FUTEX=y CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_SHMEM=y CONFIG_AIO=y CONFIG_VM_EVENT_COUNTERS=y CONFIG_COMPAT_BRK=y CONFIG_SLAB=y # CONFIG_SLUB is not set # CONFIG_SLOB is not set # CONFIG_PROFILING is not set # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set CONFIG_SLABINFO=y CONFIG_RT_MUTEXES=y CONFIG_BASE_SMALL=0 # CONFIG_MODULES is not set CONFIG_BLOCK=y # CONFIG_BLK_DEV_IO_TRACE is not set # CONFIG_BLK_DEV_BSG is not set # CONFIG_BLK_DEV_INTEGRITY is not set # # IO Schedulers # CONFIG_IOSCHED_NOOP=y CONFIG_IOSCHED_AS=y CONFIG_IOSCHED_DEADLINE=y CONFIG_IOSCHED_CFQ=y CONFIG_DEFAULT_AS=y # CONFIG_DEFAULT_DEADLINE is not set # CONFIG_DEFAULT_CFQ is not set # CONFIG_DEFAULT_NOOP is not set CONFIG_DEFAULT_IOSCHED="anticipatory" # CONFIG_FREEZER is not set CONFIG_BLK_DEV=y CONFIG_BLK_DEV_UBD=y # CONFIG_BLK_DEV_UBD_SYNC is not set CONFIG_BLK_DEV_COW_COMMON=y CONFIG_BLK_DEV_LOOP=y CONFIG_BLK_DEV_CRYPTOLOOP=y CONFIG_BLK_DEV_NBD=y # CONFIG_BLK_DEV_RAM is not set # CONFIG_ATA_OVER_ETH is not set # # Character Devices # CONFIG_STDERR_CONSOLE=y CONFIG_STDIO_CONSOLE=y CONFIG_SSL=y CONFIG_NULL_CHAN=y CONFIG_PORT_CHAN=y CONFIG_PTY_CHAN=y CONFIG_TTY_CHAN=y CONFIG_XTERM_CHAN=y # CONFIG_NOCONFIG_CHAN is not set CONFIG_CON_ZERO_CHAN="fd:0,fd:1" CONFIG_CON_CHAN="xterm" CONFIG_SSL_CHAN="pts" CONFIG_UNIX98_PTYS=y CONFIG_LEGACY_PTYS=y # CONFIG_RAW_DRIVER is not set CONFIG_LEGACY_PTY_COUNT=32 # CONFIG_WATCHDOG is not set CONFIG_UML_SOUND=y CONFIG_SOUND=y CONFIG_SOUND_OSS_CORE=y CONFIG_HOSTAUDIO=y # CONFIG_HW_RANDOM is not set CONFIG_UML_RANDOM=y # CONFIG_MMAPPER is not set # # Generic Driver Options # CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y CONFIG_FW_LOADER=y CONFIG_FIRMWARE_IN_KERNEL=y CONFIG_EXTRA_FIRMWARE="" # CONFIG_SYS_HYPERVISOR is not set CONFIG_NET=y # # Networking options # CONFIG_COMPAT_NET_DEV_OPS=y CONFIG_PACKET=y CONFIG_PACKET_MMAP=y CONFIG_UNIX=y CONFIG_XFRM=y CONFIG_XFRM_USER=y # CONFIG_XFRM_SUB_POLICY is not set # CONFIG_XFRM_MIGRATE is not set # CONFIG_XFRM_STATISTICS is not set CONFIG_XFRM_IPCOMP=y CONFIG_NET_KEY=y # CONFIG_NET_KEY_MIGRATE is not set CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_ASK_IP_FIB_HASH=y # CONFIG_IP_FIB_TRIE is not set CONFIG_IP_FIB_HASH=y CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_VERBOSE=y # CONFIG_IP_PNP is not set CONFIG_NET_IPIP=y CONFIG_NET_IPGRE=y CONFIG_NET_IPGRE_BROADCAST=y CONFIG_IP_MROUTE=y # CONFIG_IP_PIMSM_V1 is not set CONFIG_IP_PIMSM_V2=y CONFIG_ARPD=y CONFIG_SYN_COOKIES=y CONFIG_INET_AH=y CONFIG_INET_ESP=y CONFIG_INET_IPCOMP=y CONFIG_INET_XFRM_TUNNEL=y CONFIG_INET_TUNNEL=y CONFIG_INET_XFRM_MODE_TRANSPORT=y CONFIG_INET_XFRM_MODE_TUNNEL=y CONFIG_INET_XFRM_MODE_BEET=y # CONFIG_INET_LRO is not set CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y # CONFIG_TCP_CONG_ADVANCED is not set CONFIG_TCP_CONG_CUBIC=y CONFIG_DEFAULT_TCP_CONG="cubic" # CONFIG_TCP_MD5SIG is not set CONFIG_IPV6=y # CONFIG_IPV6_PRIVACY is not set # CONFIG_IPV6_ROUTER_PREF is not set # CONFIG_IPV6_OPTIMISTIC_DAD is not set # CONFIG_INET6_AH is not set # CONFIG_INET6_ESP is not set # CONFIG_INET6_IPCOMP is not set # CONFIG_IPV6_MIP6 is not set # CONFIG_INET6_XFRM_TUNNEL is not set # CONFIG_INET6_TUNNEL is not set CONFIG_INET6_XFRM_MODE_TRANSPORT=y CONFIG_INET6_XFRM_MODE_TUNNEL=y CONFIG_INET6_XFRM_MODE_BEET=y # CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set CONFIG_IPV6_SIT=y CONFIG_IPV6_NDISC_NODETYPE=y # CONFIG_IPV6_TUNNEL is not set # CONFIG_IPV6_MULTIPLE_TABLES is not set # CONFIG_IPV6_MROUTE is not set # CONFIG_NETWORK_SECMARK is not set CONFIG_NETFILTER=y # CONFIG_NETFILTER_DEBUG is not set CONFIG_NETFILTER_ADVANCED=y CONFIG_BRIDGE_NETFILTER=y # # Core Netfilter Configuration # CONFIG_NETFILTER_NETLINK=y CONFIG_NETFILTER_NETLINK_QUEUE=y CONFIG_NETFILTER_NETLINK_LOG=y CONFIG_NF_CONNTRACK=y CONFIG_NF_CT_ACCT=y CONFIG_NF_CONNTRACK_MARK=y CONFIG_NF_CONNTRACK_EVENTS=y CONFIG_NF_CT_PROTO_DCCP=y CONFIG_NF_CT_PROTO_GRE=y CONFIG_NF_CT_PROTO_SCTP=y CONFIG_NF_CT_PROTO_UDPLITE=y CONFIG_NF_CONNTRACK_AMANDA=y CONFIG_NF_CONNTRACK_FTP=y CONFIG_NF_CONNTRACK_H323=y CONFIG_NF_CONNTRACK_IRC=y CONFIG_NF_CONNTRACK_NETBIOS_NS=y CONFIG_NF_CONNTRACK_PPTP=y CONFIG_NF_CONNTRACK_SANE=y CONFIG_NF_CONNTRACK_SIP=y CONFIG_NF_CONNTRACK_TFTP=y CONFIG_NF_CT_NETLINK=y # CONFIG_NETFILTER_TPROXY is not set CONFIG_NETFILTER_XTABLES=y CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y CONFIG_NETFILTER_XT_TARGET_CONNMARK=y CONFIG_NETFILTER_XT_TARGET_DSCP=y CONFIG_NETFILTER_XT_TARGET_MARK=y CONFIG_NETFILTER_XT_TARGET_NFLOG=y CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y CONFIG_NETFILTER_XT_TARGET_NOTRACK=y CONFIG_NETFILTER_XT_TARGET_RATEEST=y CONFIG_NETFILTER_XT_TARGET_TRACE=y CONFIG_NETFILTER_XT_TARGET_TCPMSS=y CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=y CONFIG_NETFILTER_XT_MATCH_COMMENT=y CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y CONFIG_NETFILTER_XT_MATCH_CONNMARK=y CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y CONFIG_NETFILTER_XT_MATCH_DCCP=y CONFIG_NETFILTER_XT_MATCH_DSCP=y CONFIG_NETFILTER_XT_MATCH_ESP=y CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y CONFIG_NETFILTER_XT_MATCH_HELPER=y CONFIG_NETFILTER_XT_MATCH_IPRANGE=y CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y CONFIG_NETFILTER_XT_MATCH_MAC=y CONFIG_NETFILTER_XT_MATCH_MARK=y CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y CONFIG_NETFILTER_XT_MATCH_OWNER=y CONFIG_NETFILTER_XT_MATCH_POLICY=y CONFIG_NETFILTER_XT_MATCH_PHYSDEV=y CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y CONFIG_NETFILTER_XT_MATCH_QUOTA=y CONFIG_NETFILTER_XT_MATCH_RATEEST=y CONFIG_NETFILTER_XT_MATCH_REALM=y # CONFIG_NETFILTER_XT_MATCH_RECENT is not set CONFIG_NETFILTER_XT_MATCH_SCTP=y CONFIG_NETFILTER_XT_MATCH_STATE=y CONFIG_NETFILTER_XT_MATCH_STATISTIC=y CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y CONFIG_NETFILTER_XT_MATCH_TIME=y CONFIG_NETFILTER_XT_MATCH_U32=y # CONFIG_IP_VS is not set # # IP: Netfilter Configuration # CONFIG_NF_DEFRAG_IPV4=y CONFIG_NF_CONNTRACK_IPV4=y CONFIG_NF_CONNTRACK_PROC_COMPAT=y CONFIG_IP_NF_QUEUE=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_ADDRTYPE=y CONFIG_IP_NF_MATCH_AH=y CONFIG_IP_NF_MATCH_ECN=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_TARGET_LOG=y CONFIG_IP_NF_TARGET_ULOG=y CONFIG_NF_NAT=y CONFIG_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=y CONFIG_IP_NF_TARGET_NETMAP=y CONFIG_IP_NF_TARGET_REDIRECT=y CONFIG_NF_NAT_SNMP_BASIC=y CONFIG_NF_NAT_PROTO_DCCP=y CONFIG_NF_NAT_PROTO_GRE=y CONFIG_NF_NAT_PROTO_UDPLITE=y CONFIG_NF_NAT_PROTO_SCTP=y CONFIG_NF_NAT_FTP=y CONFIG_NF_NAT_IRC=y CONFIG_NF_NAT_TFTP=y CONFIG_NF_NAT_AMANDA=y CONFIG_NF_NAT_PPTP=y CONFIG_NF_NAT_H323=y CONFIG_NF_NAT_SIP=y CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_TARGET_CLUSTERIP=y CONFIG_IP_NF_TARGET_ECN=y CONFIG_IP_NF_TARGET_TTL=y CONFIG_IP_NF_RAW=y CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_ARPFILTER=y CONFIG_IP_NF_ARP_MANGLE=y # # IPv6: Netfilter Configuration # CONFIG_NF_CONNTRACK_IPV6=y CONFIG_IP6_NF_QUEUE=y CONFIG_IP6_NF_IPTABLES=y CONFIG_IP6_NF_MATCH_AH=y CONFIG_IP6_NF_MATCH_EUI64=y CONFIG_IP6_NF_MATCH_FRAG=y CONFIG_IP6_NF_MATCH_OPTS=y CONFIG_IP6_NF_MATCH_HL=y CONFIG_IP6_NF_MATCH_IPV6HEADER=y CONFIG_IP6_NF_MATCH_MH=y CONFIG_IP6_NF_MATCH_RT=y CONFIG_IP6_NF_TARGET_LOG=y CONFIG_IP6_NF_FILTER=y CONFIG_IP6_NF_TARGET_REJECT=y CONFIG_IP6_NF_MANGLE=y CONFIG_IP6_NF_TARGET_HL=y CONFIG_IP6_NF_RAW=y CONFIG_BRIDGE_NF_EBTABLES=y CONFIG_BRIDGE_EBT_BROUTE=y CONFIG_BRIDGE_EBT_T_FILTER=y CONFIG_BRIDGE_EBT_T_NAT=y CONFIG_BRIDGE_EBT_802_3=y CONFIG_BRIDGE_EBT_AMONG=y CONFIG_BRIDGE_EBT_ARP=y CONFIG_BRIDGE_EBT_IP=y CONFIG_BRIDGE_EBT_IP6=y CONFIG_BRIDGE_EBT_LIMIT=y CONFIG_BRIDGE_EBT_MARK=y CONFIG_BRIDGE_EBT_PKTTYPE=y CONFIG_BRIDGE_EBT_STP=y CONFIG_BRIDGE_EBT_VLAN=y CONFIG_BRIDGE_EBT_ARPREPLY=y CONFIG_BRIDGE_EBT_DNAT=y CONFIG_BRIDGE_EBT_MARK_T=y CONFIG_BRIDGE_EBT_REDIRECT=y CONFIG_BRIDGE_EBT_SNAT=y CONFIG_BRIDGE_EBT_LOG=y CONFIG_BRIDGE_EBT_ULOG=y CONFIG_BRIDGE_EBT_NFLOG=y CONFIG_GHOSTIFICATION_NETFILTER=y CONFIG_GHOSTIFICATION_NETFILTER_ALL=y # CONFIG_IP_DCCP is not set # CONFIG_IP_SCTP is not set # CONFIG_TIPC is not set # CONFIG_ATM is not set CONFIG_STP=y CONFIG_GARP=y CONFIG_BRIDGE=y # CONFIG_NET_DSA is not set CONFIG_VLAN_8021Q=y CONFIG_VLAN_8021Q_GVRP=y # CONFIG_DECNET is not set CONFIG_LLC=y CONFIG_LLC2=y # CONFIG_IPX is not set # CONFIG_ATALK is not set # CONFIG_X25 is not set # CONFIG_LAPB is not set # CONFIG_ECONET is not set # CONFIG_WAN_ROUTER is not set CONFIG_NET_SCHED=y # # Queueing/Scheduling # CONFIG_NET_SCH_CBQ=y CONFIG_NET_SCH_HTB=y CONFIG_NET_SCH_HFSC=y CONFIG_NET_SCH_PRIO=y # CONFIG_NET_SCH_MULTIQ is not set CONFIG_NET_SCH_RED=y CONFIG_NET_SCH_SFQ=y CONFIG_NET_SCH_TEQL=y CONFIG_NET_SCH_TBF=y CONFIG_NET_SCH_GRED=y CONFIG_NET_SCH_DSMARK=y CONFIG_NET_SCH_NETEM=y # CONFIG_NET_SCH_DRR is not set # CONFIG_NET_SCH_INGRESS is not set # # Classification # CONFIG_NET_CLS=y CONFIG_NET_CLS_BASIC=y CONFIG_NET_CLS_TCINDEX=y CONFIG_NET_CLS_ROUTE4=y CONFIG_NET_CLS_ROUTE=y CONFIG_NET_CLS_FW=y CONFIG_NET_CLS_U32=y CONFIG_CLS_U32_PERF=y CONFIG_CLS_U32_MARK=y CONFIG_NET_CLS_RSVP=y CONFIG_NET_CLS_RSVP6=y CONFIG_NET_CLS_FLOW=y CONFIG_NET_EMATCH=y CONFIG_NET_EMATCH_STACK=32 CONFIG_NET_EMATCH_CMP=y CONFIG_NET_EMATCH_NBYTE=y CONFIG_NET_EMATCH_U32=y CONFIG_NET_EMATCH_META=y CONFIG_NET_EMATCH_TEXT=y CONFIG_NET_CLS_ACT=y CONFIG_NET_ACT_POLICE=y CONFIG_NET_ACT_GACT=y CONFIG_GACT_PROB=y CONFIG_NET_ACT_MIRRED=y CONFIG_NET_ACT_IPT=y CONFIG_NET_ACT_NAT=y CONFIG_NET_ACT_PEDIT=y # CONFIG_NET_ACT_SIMP is not set # CONFIG_NET_ACT_SKBEDIT is not set CONFIG_NET_CLS_IND=y CONFIG_NET_SCH_FIFO=y # CONFIG_DCB is not set # # Network testing # # CONFIG_NET_PKTGEN is not set # CONFIG_HAMRADIO is not set # CONFIG_CAN is not set # CONFIG_IRDA is not set # CONFIG_BT is not set # CONFIG_AF_RXRPC is not set # CONFIG_PHONET is not set CONFIG_FIB_RULES=y # CONFIG_WIRELESS is not set # CONFIG_WIMAX is not set # CONFIG_RFKILL is not set # CONFIG_NET_9P is not set CONFIG_GHOSTIFICATION=y CONFIG_GHOSTIFICATION_NUM=9 CONFIG_GHOSTIFICATION_MESG=y CONFIG_GHOSTIFICATION_PRINTK=y # CONFIG_GHOSTIFICATION_DEBUG is not set # CONFIG_GHOSTIFICATION_DEVEL is not set # # UML Network Devices # CONFIG_UML_NET=y CONFIG_UML_NET_ETHERTAP=y CONFIG_UML_NET_TUNTAP=y CONFIG_UML_NET_SLIP=y CONFIG_UML_NET_DAEMON=y CONFIG_UML_NET_VDE=y CONFIG_UML_NET_MCAST=y CONFIG_UML_NET_PCAP=y CONFIG_UML_NET_SLIRP=y CONFIG_NETDEVICES=y # CONFIG_IFB is not set CONFIG_DUMMY=y CONFIG_BONDING=y CONFIG_MACVLAN=y # CONFIG_EQUALIZER is not set CONFIG_TUN=y # CONFIG_VETH is not set # # Wireless LAN # # CONFIG_WLAN_PRE80211 is not set # CONFIG_WLAN_80211 is not set # CONFIG_IWLWIFI_LEDS is not set # # Enable WiMAX (Networking options) to see the WiMAX drivers # # CONFIG_WAN is not set CONFIG_PPP=y # CONFIG_PPP_MULTILINK is not set # CONFIG_PPP_FILTER is not set # CONFIG_PPP_ASYNC is not set # CONFIG_PPP_SYNC_TTY is not set # CONFIG_PPP_DEFLATE is not set # CONFIG_PPP_BSDCOMP is not set # CONFIG_PPP_MPPE is not set # CONFIG_PPPOE is not set # CONFIG_PPPOL2TP is not set CONFIG_SLIP=y # CONFIG_SLIP_COMPRESSED is not set CONFIG_SLHC=y # CONFIG_SLIP_SMART is not set # CONFIG_SLIP_MODE_SLIP6 is not set # CONFIG_NETCONSOLE is not set # CONFIG_NETPOLL is not set # CONFIG_NET_POLL_CONTROLLER is not set # CONFIG_CONNECTOR is not set # # File systems # CONFIG_EXT2_FS=y CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_POSIX_ACL=y # CONFIG_EXT2_FS_SECURITY is not set # CONFIG_EXT2_FS_XIP is not set CONFIG_EXT3_FS=y CONFIG_EXT3_FS_XATTR=y CONFIG_EXT3_FS_POSIX_ACL=y CONFIG_EXT3_FS_SECURITY=y # CONFIG_EXT4_FS is not set CONFIG_JBD=y CONFIG_FS_MBCACHE=y # CONFIG_REISERFS_FS is not set # CONFIG_JFS_FS is not set CONFIG_FS_POSIX_ACL=y CONFIG_FILE_LOCKING=y # CONFIG_XFS_FS is not set # CONFIG_GFS2_FS is not set # CONFIG_OCFS2_FS is not set # CONFIG_BTRFS_FS is not set CONFIG_DNOTIFY=y CONFIG_INOTIFY=y CONFIG_INOTIFY_USER=y CONFIG_QUOTA=y # CONFIG_QUOTA_NETLINK_INTERFACE is not set CONFIG_PRINT_QUOTA_WARNING=y # CONFIG_QFMT_V1 is not set # CONFIG_QFMT_V2 is not set CONFIG_QUOTACTL=y CONFIG_AUTOFS_FS=y CONFIG_AUTOFS4_FS=y # CONFIG_FUSE_FS is not set # # CD-ROM/DVD Filesystems # # CONFIG_ISO9660_FS is not set # CONFIG_UDF_FS is not set # # DOS/FAT/NT Filesystems # # CONFIG_MSDOS_FS is not set # CONFIG_VFAT_FS is not set # CONFIG_NTFS_FS is not set # # Pseudo filesystems # CONFIG_PROC_FS=y CONFIG_PROC_KCORE=y CONFIG_PROC_SYSCTL=y CONFIG_PROC_PAGE_MONITOR=y CONFIG_SYSFS=y CONFIG_TMPFS=y # CONFIG_TMPFS_POSIX_ACL is not set # CONFIG_HUGETLB_PAGE is not set # CONFIG_CONFIGFS_FS is not set # CONFIG_MISC_FILESYSTEMS is not set CONFIG_NETWORK_FILESYSTEMS=y CONFIG_NFS_FS=y CONFIG_NFS_V3=y CONFIG_NFS_V3_ACL=y CONFIG_NFS_V4=y CONFIG_NFSD=y CONFIG_NFSD_V2_ACL=y CONFIG_NFSD_V3=y CONFIG_NFSD_V3_ACL=y CONFIG_NFSD_V4=y CONFIG_LOCKD=y CONFIG_LOCKD_V4=y CONFIG_EXPORTFS=y CONFIG_NFS_ACL_SUPPORT=y CONFIG_NFS_COMMON=y CONFIG_SUNRPC=y CONFIG_SUNRPC_GSS=y # CONFIG_SUNRPC_REGISTER_V4 is not set CONFIG_RPCSEC_GSS_KRB5=y CONFIG_RPCSEC_GSS_SPKM3=y # CONFIG_SMB_FS is not set CONFIG_CIFS=y # CONFIG_CIFS_STATS is not set # CONFIG_CIFS_WEAK_PW_HASH is not set CONFIG_CIFS_XATTR=y CONFIG_CIFS_POSIX=y CONFIG_CIFS_DEBUG2=y # CONFIG_CIFS_EXPERIMENTAL is not set # CONFIG_NCP_FS is not set # CONFIG_CODA_FS is not set # CONFIG_AFS_FS is not set # # Partition Types # CONFIG_PARTITION_ADVANCED=y # CONFIG_ACORN_PARTITION is not set # CONFIG_OSF_PARTITION is not set # CONFIG_AMIGA_PARTITION is not set # CONFIG_ATARI_PARTITION is not set # CONFIG_MAC_PARTITION is not set CONFIG_MSDOS_PARTITION=y # CONFIG_BSD_DISKLABEL is not set # CONFIG_MINIX_SUBPARTITION is not set # CONFIG_SOLARIS_X86_PARTITION is not set # CONFIG_UNIXWARE_DISKLABEL is not set # CONFIG_LDM_PARTITION is not set # CONFIG_SGI_PARTITION is not set # CONFIG_ULTRIX_PARTITION is not set # CONFIG_SUN_PARTITION is not set # CONFIG_KARMA_PARTITION is not set # CONFIG_EFI_PARTITION is not set # CONFIG_SYSV68_PARTITION is not set CONFIG_NLS=y CONFIG_NLS_DEFAULT="iso8859-1" # CONFIG_NLS_CODEPAGE_437 is not set # CONFIG_NLS_CODEPAGE_737 is not set # CONFIG_NLS_CODEPAGE_775 is not set # CONFIG_NLS_CODEPAGE_850 is not set # CONFIG_NLS_CODEPAGE_852 is not set # CONFIG_NLS_CODEPAGE_855 is not set # CONFIG_NLS_CODEPAGE_857 is not set # CONFIG_NLS_CODEPAGE_860 is not set # CONFIG_NLS_CODEPAGE_861 is not set # CONFIG_NLS_CODEPAGE_862 is not set # CONFIG_NLS_CODEPAGE_863 is not set # CONFIG_NLS_CODEPAGE_864 is not set # CONFIG_NLS_CODEPAGE_865 is not set # CONFIG_NLS_CODEPAGE_866 is not set # CONFIG_NLS_CODEPAGE_869 is not set # CONFIG_NLS_CODEPAGE_936 is not set # CONFIG_NLS_CODEPAGE_950 is not set # CONFIG_NLS_CODEPAGE_932 is not set # CONFIG_NLS_CODEPAGE_949 is not set # CONFIG_NLS_CODEPAGE_874 is not set # CONFIG_NLS_ISO8859_8 is not set # CONFIG_NLS_CODEPAGE_1250 is not set # CONFIG_NLS_CODEPAGE_1251 is not set # CONFIG_NLS_ASCII is not set # CONFIG_NLS_ISO8859_1 is not set # CONFIG_NLS_ISO8859_2 is not set # CONFIG_NLS_ISO8859_3 is not set # CONFIG_NLS_ISO8859_4 is not set # CONFIG_NLS_ISO8859_5 is not set # CONFIG_NLS_ISO8859_6 is not set # CONFIG_NLS_ISO8859_7 is not set # CONFIG_NLS_ISO8859_9 is not set # CONFIG_NLS_ISO8859_13 is not set # CONFIG_NLS_ISO8859_14 is not set # CONFIG_NLS_ISO8859_15 is not set # CONFIG_NLS_KOI8_R is not set # CONFIG_NLS_KOI8_U is not set # CONFIG_NLS_UTF8 is not set # CONFIG_DLM is not set # # Security options # # CONFIG_KEYS is not set # CONFIG_SECURITY is not set # CONFIG_SECURITYFS is not set # CONFIG_SECURITY_FILE_CAPABILITIES is not set CONFIG_CRYPTO=y # # Crypto core or helper # # CONFIG_CRYPTO_FIPS is not set CONFIG_CRYPTO_ALGAPI=y CONFIG_CRYPTO_ALGAPI2=y CONFIG_CRYPTO_AEAD=y CONFIG_CRYPTO_AEAD2=y CONFIG_CRYPTO_BLKCIPHER=y CONFIG_CRYPTO_BLKCIPHER2=y CONFIG_CRYPTO_HASH=y CONFIG_CRYPTO_HASH2=y CONFIG_CRYPTO_RNG2=y CONFIG_CRYPTO_MANAGER=y CONFIG_CRYPTO_MANAGER2=y # CONFIG_CRYPTO_GF128MUL is not set # CONFIG_CRYPTO_NULL is not set # CONFIG_CRYPTO_CRYPTD is not set CONFIG_CRYPTO_AUTHENC=y # # Authenticated Encryption with Associated Data # # CONFIG_CRYPTO_CCM is not set # CONFIG_CRYPTO_GCM is not set # CONFIG_CRYPTO_SEQIV is not set # # Block modes # CONFIG_CRYPTO_CBC=y # CONFIG_CRYPTO_CTR is not set # CONFIG_CRYPTO_CTS is not set # CONFIG_CRYPTO_ECB is not set # CONFIG_CRYPTO_LRW is not set # CONFIG_CRYPTO_PCBC is not set # CONFIG_CRYPTO_XTS is not set # # Hash modes # CONFIG_CRYPTO_HMAC=y # CONFIG_CRYPTO_XCBC is not set # # Digest # CONFIG_CRYPTO_CRC32C=y # CONFIG_CRYPTO_MD4 is not set CONFIG_CRYPTO_MD5=y # CONFIG_CRYPTO_MICHAEL_MIC is not set # CONFIG_CRYPTO_RMD128 is not set # CONFIG_CRYPTO_RMD160 is not set # CONFIG_CRYPTO_RMD256 is not set # CONFIG_CRYPTO_RMD320 is not set CONFIG_CRYPTO_SHA1=y # CONFIG_CRYPTO_SHA256 is not set # CONFIG_CRYPTO_SHA512 is not set # CONFIG_CRYPTO_TGR192 is not set # CONFIG_CRYPTO_WP512 is not set # # Ciphers # CONFIG_CRYPTO_AES=y CONFIG_CRYPTO_AES_X86_64=y # CONFIG_CRYPTO_ANUBIS is not set # CONFIG_CRYPTO_ARC4 is not set # CONFIG_CRYPTO_BLOWFISH is not set # CONFIG_CRYPTO_CAMELLIA is not set CONFIG_CRYPTO_CAST5=y # CONFIG_CRYPTO_CAST6 is not set CONFIG_CRYPTO_DES=y # CONFIG_CRYPTO_FCRYPT is not set # CONFIG_CRYPTO_KHAZAD is not set # CONFIG_CRYPTO_SALSA20 is not set CONFIG_CRYPTO_SALSA20_X86_64=y # CONFIG_CRYPTO_SEED is not set # CONFIG_CRYPTO_SERPENT is not set # CONFIG_CRYPTO_TEA is not set # CONFIG_CRYPTO_TWOFISH is not set CONFIG_CRYPTO_TWOFISH_COMMON=y CONFIG_CRYPTO_TWOFISH_X86_64=y # # Compression # CONFIG_CRYPTO_DEFLATE=y # CONFIG_CRYPTO_LZO is not set # # Random Number Generation # # CONFIG_CRYPTO_ANSI_CPRNG is not set CONFIG_CRYPTO_HW=y # # Library routines # CONFIG_BITREVERSE=y CONFIG_GENERIC_FIND_FIRST_BIT=y CONFIG_GENERIC_FIND_NEXT_BIT=y CONFIG_GENERIC_FIND_LAST_BIT=y # CONFIG_CRC_CCITT is not set CONFIG_CRC16=y # CONFIG_CRC_T10DIF is not set # CONFIG_CRC_ITU_T is not set CONFIG_CRC32=y # CONFIG_CRC7 is not set CONFIG_LIBCRC32C=y CONFIG_ZLIB_INFLATE=y CONFIG_ZLIB_DEFLATE=y CONFIG_TEXTSEARCH=y CONFIG_TEXTSEARCH_KMP=y CONFIG_TEXTSEARCH_BM=y CONFIG_TEXTSEARCH_FSM=y CONFIG_PLIST=y CONFIG_HAS_DMA=y # # SCSI device support # # CONFIG_RAID_ATTRS is not set # CONFIG_SCSI is not set # CONFIG_SCSI_DMA is not set # CONFIG_SCSI_NETLINK is not set CONFIG_MD=y # CONFIG_BLK_DEV_MD is not set CONFIG_BLK_DEV_DM=y # CONFIG_DM_DEBUG is not set CONFIG_DM_CRYPT=y CONFIG_DM_SNAPSHOT=y CONFIG_DM_MIRROR=y # CONFIG_DM_ZERO is not set # CONFIG_DM_MULTIPATH is not set # CONFIG_DM_DELAY is not set # CONFIG_DM_UEVENT is not set # CONFIG_NEW_LEDS is not set # CONFIG_INPUT is not set # # Kernel hacking # # CONFIG_PRINTK_TIME is not set # CONFIG_ENABLE_WARN_DEPRECATED is not set CONFIG_ENABLE_MUST_CHECK=y CONFIG_FRAME_WARN=1024 # CONFIG_UNUSED_SYMBOLS is not set # CONFIG_DEBUG_FS is not set # CONFIG_DEBUG_KERNEL is not set CONFIG_DEBUG_BUGVERBOSE=y CONFIG_DEBUG_MEMORY_INIT=y # CONFIG_RCU_CPU_STALL_DETECTOR is not set CONFIG_SYSCTL_SYSCALL_CHECK=y # # Tracers # # CONFIG_DYNAMIC_PRINTK_DEBUG is not set # CONFIG_SAMPLES is not set # CONFIG_DEBUG_STACK_USAGE is not set marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/linux-2.6.30-ghost_debian.patch0000644000175000017500000030270513175722671027171 0ustar lucaslucasdiff -rNuad linux-source-2.6.30/include/linux/netdevice.h linux-source-2.6.30-ghost/include/linux/netdevice.h --- linux-source-2.6.30/include/linux/netdevice.h 2009-06-10 05:05:27.000000000 +0200 +++ linux-source-2.6.30-ghost/include/linux/netdevice.h 2009-12-02 13:24:38.000000000 +0100 @@ -14,6 +14,8 @@ * Alan Cox, * Bjorn Ekwall. * Pekka Riikonen + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -1910,4 +1912,12 @@ extern struct pernet_operations __net_initdata loopback_net_ops; #endif /* __KERNEL__ */ +/* + * (ghost support) Just check whether the given name + * belongs to the ghost interface + */ +#ifdef CONFIG_GHOSTIFICATION +int is_a_ghost_interface_name(const char *interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + #endif /* _LINUX_DEV_H */ diff -rNuad linux-source-2.6.30/include/linux/sockios.h linux-source-2.6.30-ghost/include/linux/sockios.h --- linux-source-2.6.30/include/linux/sockios.h 2009-06-10 05:05:27.000000000 +0200 +++ linux-source-2.6.30-ghost/include/linux/sockios.h 2009-12-02 13:24:38.000000000 +0100 @@ -9,6 +9,8 @@ * * Authors: Ross Biro * Fred N. van Kempen, + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -83,6 +85,13 @@ #define SIOCWANDEV 0x894A /* get/set netdev parameters */ +/* (ghost support) ghostification's ioctl */ +#ifdef CONFIG_GHOSTIFICATION +#define SIOKLOG 0x894D /* Write a string to the log */ +#define SIOCGIFGHOSTIFY 0x894E /* Make a network device 'ghost' */ +#define SIOCGIFUNGHOSTIFY 0x894F /* Make a network device 'ghost' */ +#endif /* CONFIG_GHOSTIFICATION */ + /* ARP cache control calls. */ /* 0x8950 - 0x8952 * obsolete calls, don't re-use */ #define SIOCDARP 0x8953 /* delete ARP table entry */ diff -rNuad linux-source-2.6.30/include/net/ghostdebug.h linux-source-2.6.30-ghost/include/net/ghostdebug.h --- linux-source-2.6.30/include/net/ghostdebug.h 1970-01-01 01:00:00.000000000 +0100 +++ linux-source-2.6.30-ghost/include/net/ghostdebug.h 2009-12-02 13:24:38.000000000 +0100 @@ -0,0 +1,93 @@ +/* + * Ghost support: + * Some trivials macros for display messages, trace ghost ops, + * debug and devel the ghostification kernel patch. + * + * Authors: Roudiere Jonathan, + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version + * 2 of the License, or (at your option) any later version. + */ + +#ifndef __GHOSTDEBUG__ +#define __GHOSTDEBUG__ + +#ifdef CONFIG_GHOSTIFICATION + +/* + * Ghost macros: there are three type of macros for three kind of + * information level : + * + * - the first one is ghost_ptk, that is a simple printk with the + * KERN_INFO log level, it is the standard type of display used + * by the ghostification kernel code to allow user to monitor + * ghost operations, if GHOSTIFICATION_PRINTK is not defined then + * user will not any information about the ghostified interfaces + * and the ghost engine (almost any infos ;-)), + * + * - ghost_debug and ghost_debugmsg are respectively used to show a + * calling card in a part of the code (function, files) and to show + * in plus informations additional (variable, etc ..), these two macros + * display messages with the level KERNEL_DEBUG, + * + * - ghost_devel and ghost_develmsg are very similar (redundant) + * in both previous ones, they are mainly used for the development + * of the patch to follow the stream of execution, activate + * GHOSTIFICATION_DEVEL has interest only for developers. + * +*/ + +/* + * Macro usable to debug during normal usage of the kernel. +*/ +#ifdef CONFIG_GHOSTIFICATION_DEBUG +#define ghost_debug \ + printk(KERN_DEBUG \ + "(ghost_debug): file(%s): funct(%s): line(%04d): -- info debug -- \n", \ + __FILE__, __FUNCTION__, __LINE__) +#define ghost_debugmsg(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost_debug): file(%s): funct(%s): line(%04d): " msg "\n", \ + __FILE__, __FUNCTION__, __LINE__, ##args) +#else +#define ghost_debug +#define ghost_debugmsg(msg,args...) +#endif + +/* + * A little bit redundant with the macro ghost_debug/debugmsg + * but allows a difference in the use, they are not used for the + * debugging, but to verify roads borrowed during the development. + * (note: certainly remove at next release of the patch) +*/ +#ifdef CONFIG_GHOSTIFICATION_DEVEL +#define ghost_devel \ + printk(KERN_DEBUG \ + "(ghost_devel): file(%s): funct(%s): line(%04d): -- info devel -- \n", \ + __FILE__, __FUNCTION__, __LINE__) +#define ghost_develmsg(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost_devel): file(%s): funct(%s): line(%04d): " msg "\n", \ + __FILE__, __FUNCTION__, __LINE__, ##args) +#else +#define ghost_devel +#define ghost_develmsg(msg,args...) +#endif + +/* + * Macro to display all message from chunk of code which has + * ghostification in charge (use macro to add debug level later). +*/ +#ifdef CONFIG_GHOSTIFICATION_PRINTK +#define ghost_ptk(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost) " msg "\n", ##args) +#else +#define ghost_ptk(msg,args...) +#endif + +#endif /* CONFIG_GHOSTIFICATION */ + +#endif /* __GHOSTDEBUG__ */ diff -rNuad linux-source-2.6.30/kernel/softirq.c linux-source-2.6.30-ghost/kernel/softirq.c --- linux-source-2.6.30/kernel/softirq.c 2009-06-10 05:05:27.000000000 +0200 +++ linux-source-2.6.30-ghost/kernel/softirq.c 2009-12-02 13:24:38.000000000 +0100 @@ -126,8 +126,11 @@ */ void _local_bh_enable(void) { +/* (ghost support) we don't want disturbe user's console */ +#ifndef CONFIG_GHOSTIFICATION WARN_ON_ONCE(in_irq()); WARN_ON_ONCE(!irqs_disabled()); +#endif if (softirq_count() == SOFTIRQ_OFFSET) trace_softirqs_on((unsigned long)__builtin_return_address(0)); @@ -138,7 +141,10 @@ static inline void _local_bh_enable_ip(unsigned long ip) { +/* (ghost support) we don't want disturbe user's console */ +#ifndef CONFIG_GHOSTIFICATION WARN_ON_ONCE(in_irq() || irqs_disabled()); +#endif #ifdef CONFIG_TRACE_IRQFLAGS local_irq_disable(); #endif diff -rNuad linux-source-2.6.30/net/core/dev.c linux-source-2.6.30-ghost/net/core/dev.c --- linux-source-2.6.30/net/core/dev.c 2009-06-10 05:05:27.000000000 +0200 +++ linux-source-2.6.30-ghost/net/core/dev.c 2009-12-02 13:24:38.000000000 +0100 @@ -18,6 +18,7 @@ * Alexey Kuznetsov * Adam Sulmicki * Pekka Riikonen + * Luca Saiu (ghostification support) * * Changes: * D.J. Barrow : Fixed bug where dev->refcnt gets set @@ -70,6 +71,8 @@ * indefinitely on dev->refcnt * J Hadi Salim : - Backlog queue sampling * - netif_rx() feedback + * Roudiere Jonathan : make some buxfix in ghostification engine + * verify CAP_NET_ADMIN before (un)ghost iface */ #include @@ -136,6 +139,230 @@ #define GRO_MAX_HEAD (MAX_HEADER + 128) /* + * (ghost support) Chunk of code which has in charge + * the ghostification of network interfaces. + */ +#ifdef CONFIG_GHOSTIFICATION +#include + +/* The maximum number of ghost interfaces allowed at any given time: */ +#define MAX_GHOST_INTERFACES_NO CONFIG_GHOSTIFICATION_NUM + +/* + * A crude unsorted array of unique names, where "" stands for an + * empty slot. Elements are so few that an hash table would be overkill, + * and possibly also less efficient than this solution: + */ +static char ghost_interface_names[MAX_GHOST_INTERFACES_NO][IFNAMSIZ]; + +/* A lock protecting the ghost interfaces' support structure: */ +/* static DEFINE_SPINLOCK(ghostification_spin_lock); */ +static rwlock_t ghostification_spin_lock = RW_LOCK_UNLOCKED; + +/* Lock disabling local interrupts and saving flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + unsigned long flags; write_lock_irqsave(&ghostification_spin_lock, flags) + +/* Unlock re-enabling interrupts and restoring flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + write_unlock_irqrestore(&ghostification_spin_lock, flags) + +/* Lock disabling local interrupts and saving flags. This is for + readers, which are allowed to execute concurrently: */ +#define LOCK_GHOSTIFICATION_FOR_READING \ + unsigned long flags; read_lock_irqsave(&ghostification_spin_lock, flags) + +/* Lock re-enabling interrupts and restoring flags. This is for + readers, which are allowed to execute concurrently: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING \ + read_unlock_irqrestore(&ghostification_spin_lock, flags) + +#ifdef CONFIG_IPV6 +/* Defined in net/ipv6/addrconf.c: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +#endif /* CONFIG_IPV6 */ + +/* Return the index of the given element (which may be "") within + ghost_interface_names, or -1 on failure. Note that this must be + executed in a critical section: */ +static int __lookup_ghost_interface_names(const char *interface_name) +{ + int i; + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(!strcmp(interface_name, ghost_interface_names[i])) + return i; /* we found the given name in the i-th element */ + return -1; /* we didn't find the given name in the array */ +} + +/* This is useful for debugging. It must be called in a critical section. */ +static void __dump_ghost_interfaces(void) +{ + int i; + int number_of_ghost_interfaces = 0; + + ghost_ptk("Ghost interfaces are now: "); + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(strcmp(ghost_interface_names[i], "")) { + number_of_ghost_interfaces++; + ghost_ptk("%i. %s", number_of_ghost_interfaces, + ghost_interface_names[i]); + } + + ghost_ptk("There are now %i ghost interfaces. " + "A maximum of %i can exist at any given time.", + number_of_ghost_interfaces, MAX_GHOST_INTERFACES_NO); +} + +/* Just check whether the given name belongs to a ghost interface. + This must be called in a critical section: */ +int __is_a_ghost_interface_name(const char *interface_name) +{ + /* Particular case: "" is *not* a ghost interface name, even + if it's in the ghost interfaces array (we use it just to mark + an empty slot): */ + if(interface_name[0] == '\0') + return 0; + /* Just check whether interface_name is an element of the array: */ + return __lookup_ghost_interface_names(interface_name) >= 0; +} + +/* Just check whether the given name belongs to a ghost interface: */ +int is_a_ghost_interface_name(const char *interface_name) +{ + int result; + LOCK_GHOSTIFICATION_FOR_READING; + /* Just check whether interface_name is an element of the array: */ + result = __is_a_ghost_interface_name(interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING; + return result; +} + +/* Make the given interface ghost. Return 0 on success, nonzero on + failure. Failure occours when the interface is already ghost or + does not exist: */ +static int ghostify_interface(char *interface_name) +{ + int a_free_element_index; + const size_t name_length = strlen(interface_name); + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + + /* Let's avoid buffer overflows... This could possibly be exploited: */ + if((name_length >= IFNAMSIZ) || (name_length == 0)) + { + ghost_ptk("The user asked to ghostify the interface %s, " + "which has a name of length %i. Failing.", + interface_name, name_length); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EINVAL; + } + + /* Fail if the interface is already ghostified. In particular we + want *no* duplicates in the array. Note that we're already in + a critical section here, so there's no need for locking: */ + if(__is_a_ghost_interface_name(interface_name)) + { + ghost_ptk("Could not ghostify the interface %s, " + "because it\'s already ghost.", interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EEXIST; /* File exists, seems to be more appropriate */ + /* return -EINVAL; */ + } + + /* Fail if the interface is not found. We don't want add a + no-existing interface in our array */ + struct net_device *device; + device = dev_get_by_name(&init_net, interface_name); + if (device == NULL) { + ghost_ptk("Could not ghostify the interface %s which " + "doesn't exist. Try again.", interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENODEV; + } + + /* Look for a free spot: */ + a_free_element_index = __lookup_ghost_interface_names(""); + if(a_free_element_index < 0) + { + ghost_ptk("Could not ghostify the interface %s, " + "because %i interfaces are already ghostified. Sorry.", + interface_name, MAX_GHOST_INTERFACES_NO); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENOMEM; + } + + /* Ok, we found a free spot; just copy the interface name: */ + strcpy(ghost_interface_names[a_free_element_index], interface_name); + +#ifdef CONFIG_IPV6 + /* Hide /proc/net/dev_snmp6/DEVICE for the new ghost DEVICE: */ + hide_proc_net_dev_snmp6_DEVICE_if_needed( + ghost_interface_names[a_free_element_index]); +#endif /* CONFIG_IPV6 */ + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} + +/* Make the given interface, which should be ghost, non-ghost. + Return 0 on success, nonzero on failure. Failure occours when + the given interface is non-ghost or does not exist: */ +static int unghostify_interface(char *ghost_interface_name) +{ + int the_interface_index; + struct net_device *device; + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + + /* Fail if the interface is not found. It is not necessary + to search in the array a no-existing interface and allow + to return a more appropriate error code to the userspace. */ + device = dev_get_by_name(&init_net, ghost_interface_name); + if (device == NULL) { + ghost_ptk("Could not unghostify the interface %s " + "which doesn't exist. Try again.\n", ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENODEV; + } + + /* Look for the given interface: */ + the_interface_index = + __lookup_ghost_interface_names(ghost_interface_name); + if(the_interface_index < 0) + { + ghost_ptk("Could not unghostify the interface %s, \ + because it's non-ghost or not existing.\n", + ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ESRCH; /* No such device or address, seems to be more appropriate */ + /* return -EINVAL; */ + } + + /* Ok, we found the interface: just "remove" its name from the array: */ + ghost_interface_names[the_interface_index][0] = '\0'; + +#ifdef CONFIG_IPV6 + /* Show again /proc/net/dev_snmp6/DEVICE for the now non-ghost DEVICE: */ + show_proc_net_dev_snmp6_DEVICE_if_needed(ghost_interface_name); +#endif /* CONFIG_IPV6 */ + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} +EXPORT_SYMBOL(is_a_ghost_interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + +/* + * (ghost support) End of ghostification support + */ + + +/* * The list of packet types we will receive (as opposed to discard) * and the routines to invoke. * @@ -536,6 +763,13 @@ { int ints[5]; struct ifmap map; + /* (ghost support) There are no ghost interfaces by default */ +#ifdef CONFIG_GHOSTIFICATION + int i; + + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + ghost_interface_names[i][0] = '\0'; +#endif /* CONFIG_GHOSTIFICATION */ str = get_options(str, ARRAY_SIZE(ints), ints); if (!str || !*str) @@ -2899,11 +3133,20 @@ len = ifc.ifc_len; /* - * Loop over the interfaces, and write an info block for each. + * Loop over the interfaces, and write an info block for each, + * (ghost support) unless they are ghostified. */ total = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* Don't tell the user about ghost interfaces: just skip them */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Skipping the ghost interface %s in SIOCGIFCONF", + dev->name); + continue; + } +#endif /* CONFIG_GHOSTIFICATION */ for (i = 0; i < NPROTO; i++) { if (gifconf_list[i]) { int done; @@ -2972,6 +3215,10 @@ { const struct net_device_stats *stats = dev_get_stats(dev); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't show anything in /proc if iface is ghostified */ + if(! is_a_ghost_interface_name(dev->name)) +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(seq, "%6s:%8lu %7lu %4lu %4lu %4lu %5lu %10lu %9lu " "%8lu %7lu %4lu %4lu %4lu %5lu %7lu %10lu\n", dev->name, stats->rx_bytes, stats->rx_packets, @@ -3851,6 +4098,16 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) skip if it is a ghostified interface */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("The user is performing a SIOCxIFxxx ioctl() " + "on the ghost interface %s, Failing.", dev->name); + ghost_debugmsg("we make the SIOCxIFxxx ioctl's call fail with -ENODEV"); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + switch (cmd) { case SIOCGIFFLAGS: /* Get interface flags */ ifr->ifr_flags = dev_get_flags(dev); @@ -3921,6 +4178,17 @@ ops = dev->netdev_ops; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) skip if it is a ghostified interface */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("The user is performing a SIOCxIFxxx ioctl() on " + "the ghost interface %s, Failing.", dev->name); + ghost_debugmsg("we make the SIOCxIFxxx ioctl's call fail " + "with -ENODEV"); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + switch (cmd) { case SIOCSIFFLAGS: /* Set interface flags */ return dev_change_flags(dev, ifr->ifr_flags); @@ -4064,6 +4332,57 @@ */ switch (cmd) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) catch ghostification's ioctl */ + case SIOKLOG: { + char text[1000]; + if(copy_from_user(text, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + text[IFNAMSIZ] = '\0'; + printk(KERN_DEBUG "%s\n", text); + return 0; + } + /* (un)ghostification ops require superuser power */ + case SIOCGIFGHOSTIFY: { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, + (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + ghost_ptk("The user asked to ghostify the interface %s.", + interface_name); + if((failure = ghostify_interface(interface_name)) == 0) + ghost_ptk("Ok, %s was ghostified.", + interface_name); + else + ghost_ptk("Failure in ghostification of %s.", + interface_name); + return failure; + } + case SIOCGIFUNGHOSTIFY: { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + ghost_ptk("The user asked to unghostify the interface %s.", + interface_name); + if((failure = unghostify_interface(interface_name)) == 0) + ghost_ptk("Ok, %s was unghostified.", + interface_name); + else + ghost_ptk("Failure in unghostification of %s.", + interface_name); + return failure; + } + /* end of ghostficiation ioctl */ +#endif /* CONFIG_GHOSTIFICATION */ + /* * These ioctl calls: * - can be done by all. diff -rNuad linux-source-2.6.30/net/core/dev_mcast.c linux-source-2.6.30-ghost/net/core/dev_mcast.c --- linux-source-2.6.30/net/core/dev_mcast.c 2009-06-10 05:05:27.000000000 +0200 +++ linux-source-2.6.30-ghost/net/core/dev_mcast.c 2009-12-02 13:24:38.000000000 +0100 @@ -14,6 +14,8 @@ * Alan Cox : IFF_ALLMULTI support. * Alan Cox : New format set_multicast_list() calls. * Gleb Natapov : Remove dev_mc_lock. + * Luca Saiu : trivial changes for + * ghostification support. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -48,6 +50,9 @@ #include #include +#ifdef CONFIG_GHOSTIFICATION +#include +#endif /* CONFIG_GHOSTIFICATION */ /* * Device multicast list maintenance. @@ -167,7 +172,15 @@ netif_addr_lock_bh(dev); for (m = dev->mc_list; m; m = m->next) { int i; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information + in /proc about ghost interfaces */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Don't show any information in /proc " + "about ghostified interface"); + continue; + } +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(seq, "%-4d %-15s %-5d %-5d ", dev->ifindex, dev->name, m->dmi_users, m->dmi_gusers); diff -rNuad linux-source-2.6.30/net/core/rtnetlink.c linux-source-2.6.30-ghost/net/core/rtnetlink.c --- linux-source-2.6.30/net/core/rtnetlink.c 2009-06-10 05:05:27.000000000 +0200 +++ linux-source-2.6.30-ghost/net/core/rtnetlink.c 2009-12-02 13:24:38.000000000 +0100 @@ -12,8 +12,12 @@ * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * - * Fixes: + * Fixes: * Vitaly E. Lavrov RTA_OK arithmetics was wrong. + * + * Changes: + * Roudiere Jonathan Some changes + * to ghost support, to allow to hide ghost net interfaces */ #include @@ -53,6 +57,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + struct rtnl_link { rtnl_doit_func doit; @@ -106,7 +115,10 @@ static rtnl_doit_func rtnl_get_doit(int protocol, int msgindex) { struct rtnl_link *tab; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("protocol = %i and msgindex %i ",protocol, msgindex); +#endif tab = rtnl_msg_handlers[protocol]; if (tab == NULL || tab[msgindex].doit == NULL) tab = rtnl_msg_handlers[PF_UNSPEC]; @@ -117,7 +129,10 @@ static rtnl_dumpit_func rtnl_get_dumpit(int protocol, int msgindex) { struct rtnl_link *tab; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("protocol = %i and msgindex %i ",protocol, msgindex); +#endif tab = rtnl_msg_handlers[protocol]; if (tab == NULL || tab[msgindex].dumpit == NULL) tab = rtnl_msg_handlers[PF_UNSPEC]; @@ -460,6 +475,12 @@ { struct sock *rtnl = net->rtnl; int report = 0; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add inforation to devel patch */ + ghost_develmsg("pid = %i, nlh->nlmsg_pid = %i, nlh->nlmsg_type %i " + "and nlh->nlmsg_seq = %i", pid, nlh->nlmsg_pid, + nlh->nlmsg_type, nlh->nlmsg_seq); +#endif if (nlh) report = nlmsg_report(nlh); @@ -616,6 +637,20 @@ if (nlh == NULL) return -EMSGSIZE; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("pid = %i, nlh->nlmsg_pid = %i, nlh->nlmsg_type " + "= %i, seq = %i and nlh->nlmsg_seq = %i", + pid, nlh->nlmsg_pid, nlh->nlmsg_type, + seq, nlh->nlmsg_seq); + ghost_develmsg("dev->name = %s and dev->ifindex = %i", + dev->name, + dev->ifindex); + /* function whose call rtnl_fill_ifinfo has been modified, except + rtmsg_ifinfo so if it will be necessary to skip ghost iface here then + keep in your mind to test pid because if it is eq. to 0 then it is a + kernel request (else user request) and we don't want disturbe its work. */ +#endif ifm = nlmsg_data(nlh); ifm->ifi_family = AF_UNSPEC; ifm->__ifi_pad = 0; @@ -690,6 +725,24 @@ idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) function which encapsulates calls to + * rtnl_fill_ifinfo and which is call after rtnl_get_doit/dumpit, + * use to dump list of network interfaces (as used by "ip link") + */ + ghost_develmsg("for_each_netdev, current net_device is %s", + dev->name); + ghost_develmsg("netlink cb pid = %i, cb nlh->nlmsg_type = %i, " + "cb familly/proto = %i, cb nlh->nlmsg_pid %i", + NETLINK_CB(cb->skb).pid, cb->nlh->nlmsg_type, + cb->family, cb->nlh->nlmsg_pid); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Hide ghotified interface (%s) in the dump", + dev->name); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if (rtnl_fill_ifinfo(skb, dev, RTM_NEWLINK, @@ -941,6 +994,18 @@ err = -ENODEV; goto errout; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it + with user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change state/parameters of a ghotified " + "interface (%s), skip", dev->name); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ if ((err = validate_linkmsg(dev, tb)) < 0) goto errout_dev; @@ -979,6 +1044,17 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it + with user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change dell a ghotified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ ops = dev->rtnl_link_ops; if (!ops) @@ -1181,6 +1257,17 @@ dev = dev_get_by_index(net, ifm->ifi_index); if (dev == NULL) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it with + user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get infos about a ghotified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ } else return -EINVAL; @@ -1235,6 +1322,8 @@ struct sk_buff *skb; int err = -ENOBUFS; + /* (ghost support) call rtnl_fill_ifinfo so maybe it + is need here to modify, in order to skip ghost iface */ skb = nlmsg_new(if_nlmsg_size(dev), GFP_KERNEL); if (skb == NULL) goto errout; @@ -1270,6 +1359,11 @@ int err; type = nlh->nlmsg_type; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("Enter, nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i and nlh->nlmsg_seq = %i ", + nlh->nlmsg_pid, nlh->nlmsg_seq, nlh->nlmsg_seq); +#endif /* CONFIG_GHOSTIFICATION */ + if (type > RTM_MAX) return -EOPNOTSUPP; @@ -1289,14 +1383,21 @@ if (kind != 2 && security_netlink_recv(skb, CAP_NET_ADMIN)) return -EPERM; + /* (ghost support) kind = 2 then imply RTM_GETLINK has been used */ if (kind == 2 && nlh->nlmsg_flags&NLM_F_DUMP) { struct sock *rtnl; rtnl_dumpit_func dumpit; + /* (ghost support) then rtnl_get_dumpit return pointer to the appropriate + function for this family and this type take in rtnl_msg_handler[] */ dumpit = rtnl_get_dumpit(family, type); if (dumpit == NULL) return -EOPNOTSUPP; - +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("Part 1: rtnl_get_dumpit(family %i, type %i) " + "is used before call to netlink_dump_start", + family,type); +#endif /* CONFIG_GHOSTIFICATION */ __rtnl_unlock(); rtnl = net->rtnl; err = netlink_dump_start(rtnl, skb, nlh, dumpit, NULL); @@ -1328,6 +1429,11 @@ doit = rtnl_get_doit(family, type); if (doit == NULL) return -EOPNOTSUPP; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) rtnl_get_doit return pointer to the appropriate + function for this family and this type take in rtnl_msg_handler[] */ + ghost_develmsg("Part 2: rtnl_get_doit(family %i, type %i)", family, type); +#endif /* CONFIG_GHOSTIFICATION */ return doit(skb, nlh, (void *)&rta_buf[0]); } @@ -1343,6 +1449,10 @@ { struct net_device *dev = ptr; + /* (ghost support) if we want provide a ghost's way to modify + the state of a ghost iface, it will be necessary to skip event + reports involing ghost iface (actually any changes are possible + if the iface is ghostified so there is nothing to report) */ switch (event) { case NETDEV_UNREGISTER: rtmsg_ifinfo(RTM_DELLINK, dev, ~0U); diff -rNuad linux-source-2.6.30/net/ipv4/arp.c linux-source-2.6.30-ghost/net/ipv4/arp.c --- linux-source-2.6.30/net/ipv4/arp.c 2009-06-10 05:05:27.000000000 +0200 +++ linux-source-2.6.30-ghost/net/ipv4/arp.c 2009-12-02 13:24:38.000000000 +0100 @@ -70,6 +70,8 @@ * bonding can change the skb before * sending (e.g. insert 8021q tag). * Harald Welte : convert to make use of jenkins hash + * Luca Saiu @@ -116,6 +118,11 @@ struct neigh_table *clip_tbl_hook; #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include #include @@ -1312,9 +1319,21 @@ } #endif sprintf(tbuf, "%pI4", n->primary_key); +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) Don't show anything in /proc if it involves +ghost interfaces: */ + if (! is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Don't show any arp information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", + tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); + read_unlock(&n->lock); + } +#else seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", - tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); + tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); read_unlock(&n->lock); +#endif /* CONFIG_GHOSTIFICATION */ } static void arp_format_pneigh_entry(struct seq_file *seq, @@ -1325,9 +1344,21 @@ char tbuf[16]; sprintf(tbuf, "%pI4", n->key); +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) Don't show anything in /proc if it involves + ghost interfaces */ + if (! is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Don't show any arp information in /proc " + "about ghostified interfaces (2)."); + seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", + tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", + dev ? dev->name : "*"); + } +#else seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", - tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", - dev ? dev->name : "*"); + tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", + dev ? dev->name : "*"); +#endif /* CONFIG_GHOSTIFICATION */ } static int arp_seq_show(struct seq_file *seq, void *v) diff -rNuad linux-source-2.6.30/net/ipv4/devinet.c linux-source-2.6.30-ghost/net/ipv4/devinet.c --- linux-source-2.6.30/net/ipv4/devinet.c 2009-06-10 05:05:27.000000000 +0200 +++ linux-source-2.6.30-ghost/net/ipv4/devinet.c 2009-12-02 13:24:38.000000000 +0100 @@ -23,6 +23,9 @@ * address (4.4BSD alias style support), * fall back to comparing just the label * if no match found. + * Roudiere Jonathan : + * some changes to ghost support, skip + * request involving a ghostified iface. */ @@ -62,6 +65,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + static struct ipv4_devconf ipv4_devconf = { .data = { [NET_IPV4_CONF_ACCEPT_REDIRECTS - 1] = 1, @@ -448,6 +456,16 @@ err = -ENODEV; goto errout; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("in_dev->dev->name = %s", in_dev->dev->name); + if (is_a_ghost_interface_name(in_dev->dev->name)) { + ghost_ptk("Try to delete address on a ghostified interface (%s), skip", + (in_dev->dev->name)); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ __in_dev_put(in_dev); @@ -497,6 +515,17 @@ if (dev == NULL) goto errout; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("(dev->name) = %s ", (dev->name)); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change/modfy address on a ghostified interface (%s), skip", + (dev->name)); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ + in_dev = __in_dev_get_rtnl(dev); err = -ENOBUFS; if (in_dev == NULL) @@ -546,6 +575,12 @@ ASSERT_RTNL(); + /* (ghost support) don't modify this funct but directly + rtm_to_ifaddr, as for others funct, with user-levels tools + (as iproute) we normaly never arrive here (because a dump + all ifaces is perform before and func which make the dump + has been modified (but we want prevent user tool request + the ghost iface directly */ ifa = rtm_to_ifaddr(net, nlh); if (IS_ERR(ifa)) return PTR_ERR(ifa); @@ -1169,6 +1204,15 @@ s_ip_idx = ip_idx = cb->args[1]; idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION /* _VERIFICATION_NEED_ */ + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("dev->name = %s", dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get address on a ghostified interface (%s), skip", + (dev->name)); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if (idx > s_idx) diff -rNuad linux-source-2.6.30/net/ipv4/fib_frontend.c linux-source-2.6.30-ghost/net/ipv4/fib_frontend.c --- linux-source-2.6.30/net/ipv4/fib_frontend.c 2009-06-10 05:05:27.000000000 +0200 +++ linux-source-2.6.30-ghost/net/ipv4/fib_frontend.c 2009-12-02 13:24:38.000000000 +0100 @@ -6,6 +6,10 @@ * IPv4 Forwarding Information Base: FIB frontend. * * Authors: Alexey Kuznetsov, + * Luca Saiu (simple changes for ghostification + * support). + * Roudiere Jonathan (some display + * and comment for ghostification in rtnetlink functions). * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -45,6 +49,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #ifndef CONFIG_IP_MULTIPLE_TABLES static int __net_init fib4_rules_init(struct net *net) @@ -451,6 +460,11 @@ * Handle IP routing ioctl calls. These are used to manipulate the routing tables */ +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) A function implemented in net/core/dev.c */ +int is_a_ghost_interface_name(const char *interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + int ip_rt_ioctl(struct net *net, unsigned int cmd, void __user *arg) { struct fib_config cfg; @@ -465,6 +479,22 @@ if (copy_from_user(&rt, arg, sizeof(rt))) return -EFAULT; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Forbid any action involving a ghost interface */ + if (rt.rt_dev != (char __user*)NULL) { + /* We need to have this name in kernel space to check + for ghostification: */ + char interface_name[1000]; /* [IFNAMSIZ+1] is certainly sufficient */ + if(copy_from_user(interface_name, rt.rt_dev, IFNAMSIZ + 1)) + return -EFAULT; + if(is_a_ghost_interface_name(interface_name)) { + ghost_ptk("The user aked to add a route involving the " + "ghost interface %s. We make this operation fail", + interface_name); + return -ENODEV; + } + } +#endif /* CONFIG_GHOSTIFICATION */ rtnl_lock(); err = rtentry_to_fib_config(net, cmd, &rt, &cfg); @@ -473,12 +503,18 @@ if (cmd == SIOCDELRT) { tb = fib_get_table(net, cfg.fc_table); + /* (ghost support) The function pointed by tb->tb_delete was + also modified to deal with ghost interfaces. Such function + may be either fn_hash_delete() or fn_trie_delete() */ if (tb) err = tb->tb_delete(tb, &cfg); else err = -ESRCH; } else { tb = fib_new_table(net, cfg.fc_table); + /* (ghost support) The function pointed by tb->tb_insert was + also modified to deal with ghost interfaces. Such function + may be either fn_hash_insert() or fn_trie_insert() */ if (tb) err = tb->tb_insert(tb, &cfg); else @@ -585,6 +621,16 @@ struct fib_table *tb; int err; + /* + * (ghost support) add infos for patch devel, we don't modify + * inet_rtm_newroute but instead functions pointed by tb->tb_delete, + * either fn_hash_delete() (in fib_hash.c) or fn_trie_delete() + * (in fib_trie.c) + */ + ghost_develmsg(" nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i " + "and nlh->nlmsg_type = %i", nlh->nlmsg_pid, + nlh->nlmsg_seq, nlh->nlmsg_type); + err = rtm_to_fib_config(net, skb, nlh, &cfg); if (err < 0) goto errout; @@ -607,6 +653,16 @@ struct fib_table *tb; int err; + /* + * (ghost support) add infos for patch devel, we don't modify + * inet_rtm_newroute but instead function pointed by tb->tb_insert, + * either fn_hash_insert() (in fib_hash.c) or fn_trie_insert() + * (in fib_trie.c) + */ + ghost_develmsg(" nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i " + "and nlh->nlmsg_type = %i", nlh->nlmsg_pid, + nlh->nlmsg_seq, nlh->nlmsg_type); + err = rtm_to_fib_config(net, skb, nlh, &cfg); if (err < 0) goto errout; @@ -622,6 +678,12 @@ return err; } +/* + * (ghost support) Fonction called through rtnetlink to dump + * all routes, we don't change anythings here, changes have + * been made in fib_semantics.c (in fib_dump_info which is + * called by fib_trie and fib_hash). + */ static int inet_dump_fib(struct sk_buff *skb, struct netlink_callback *cb) { struct net *net = sock_net(skb->sk); @@ -634,7 +696,7 @@ if (nlmsg_len(cb->nlh) >= sizeof(struct rtmsg) && ((struct rtmsg *) nlmsg_data(cb->nlh))->rtm_flags & RTM_F_CLONED) - return ip_rt_dump(skb, cb); + return ip_rt_dump(skb, cb); /* (ghost support) need modify this func */ s_h = cb->args[0]; s_e = cb->args[1]; @@ -659,6 +721,9 @@ cb->args[1] = e; cb->args[0] = h; + /* (ghost support) Length returned can be changed by + fib_dump_info when a route of a ghositifed iface is + lookup (skb length may be abnormal, diff of mod(240)) */ return skb->len; } diff -rNuad linux-source-2.6.30/net/ipv4/fib_hash.c linux-source-2.6.30-ghost/net/ipv4/fib_hash.c --- linux-source-2.6.30/net/ipv4/fib_hash.c 2009-06-10 05:05:27.000000000 +0200 +++ linux-source-2.6.30-ghost/net/ipv4/fib_hash.c 2009-12-02 13:24:38.000000000 +0100 @@ -6,6 +6,11 @@ * IPv4 FIB: lookup engine and maintenance routines. * * Authors: Alexey Kuznetsov, + * Luca Saiu (simple changes for ghostification + * support). + * Roudiere Jonathan (bugfixes, + * forgetting ghost support in the function fn_hash_insert, bad + * field check in fib_seq_show). * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -41,6 +46,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "fib_lookup.h" static struct kmem_cache *fn_hash_kmem __read_mostly; @@ -397,6 +407,18 @@ if (IS_ERR(fi)) return PTR_ERR(fi); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for route involving + ghostified interface, current funct is pointed by tb->tb_insert */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + if (fz->fz_nent > (fz->fz_divisor<<1) && fz->fz_divisor < FZ_MAX_DIVISOR && (cfg->fc_dst_len == 32 || @@ -580,7 +602,17 @@ fa = list_entry(fa->fa_list.prev, struct fib_alias, fa_list); list_for_each_entry_continue(fa, &f->fn_alias, fa_list) { struct fib_info *fi = fa->fa_info; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for route involving + ghostified interface, current funct is pointed by tb->tb_delete */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ if (fa->fa_tos != cfg->fc_tos) break; @@ -1022,19 +1054,39 @@ prefix = f->fn_key; mask = FZ_MASK(iter->zone); flags = fib_flag_trans(fa->fa_type, mask, fi); - if (fi) + if (fi) + { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't display any informations about + ghostified interfaces under /proc/net/route, bf */ + if (! is_a_ghost_interface_name((const char*)fi->fib_dev->name)) + { + ghost_ptk("Don't display routes for a ghostified " + "interface (%s) /proc/net/route", + (const char*)fi->fib_dev->name); + seq_printf(seq, + "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", prefix, + fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, + mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); + } +#else seq_printf(seq, - "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", - fi->fib_dev ? fi->fib_dev->name : "*", prefix, - fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, - mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), - fi->fib_window, - fi->fib_rtt >> 3, &len); - else + "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", prefix, + fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, + mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); +#endif /* CONFIG_GHOSTIFICATION */ + } + else { seq_printf(seq, - "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", - prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); - + "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); + } seq_printf(seq, "%*s\n", 127 - len, ""); out: return 0; diff -rNuad linux-source-2.6.30/net/ipv4/fib_semantics.c linux-source-2.6.30-ghost/net/ipv4/fib_semantics.c --- linux-source-2.6.30/net/ipv4/fib_semantics.c 2009-06-10 05:05:27.000000000 +0200 +++ linux-source-2.6.30-ghost/net/ipv4/fib_semantics.c 2009-12-02 13:24:38.000000000 +0100 @@ -11,6 +11,9 @@ * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. + * Changes: + * Roudiere Jonathan trivial + * change for ghostification. */ #include @@ -43,6 +46,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "fib_lookup.h" static DEFINE_SPINLOCK(fib_info_lock); @@ -954,6 +962,23 @@ if (nlh == NULL) return -EMSGSIZE; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) function call by fib_trie and fib_hash to dump route, + * in most case we won't arrive here with usertools (like iproute), because + * modification in rtnl_dump_ifinfo hide iface and modif here may be not really + * proper because put abnormal length in the skb->len return by inet_dump_fib + * (used without error..) if pid != 0 then user talks else that is the kernel; + */ + if (pid != 0) + if (is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Try to get route about ghost iface (%s), skip", + fi->fib_dev->name); + /* return -EMSGSIZE; don't use this because that stops evaluation */ + return nlmsg_end(skb, nlh); + } +#endif /* CONFIG_GHOSTIFICATION */ + rtm = nlmsg_data(nlh); rtm->rtm_family = AF_INET; rtm->rtm_dst_len = dst_len; diff -rNuad linux-source-2.6.30/net/ipv4/fib_trie.c linux-source-2.6.30-ghost/net/ipv4/fib_trie.c --- linux-source-2.6.30/net/ipv4/fib_trie.c 2009-06-10 05:05:27.000000000 +0200 +++ linux-source-2.6.30-ghost/net/ipv4/fib_trie.c 2009-12-02 13:24:38.000000000 +0100 @@ -12,6 +12,12 @@ * * Hans Liss Uppsala Universitet * + * Luca Saiu (simple changes for ghostification + * support) + * Roudiere Jonathan (bugfixes, + * forgetting ghost support in the function fn_trie_insert, bad + * field check in fib_route_seq_show). + * * This work is based on the LPC-trie which is originally descibed in: * * An experimental study of compression methods for dynamic tries @@ -80,6 +86,11 @@ #include #include "fib_lookup.h" +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define MAX_STAT_DEPTH 32 #define KEYLENGTH (8*sizeof(t_key)) @@ -1199,6 +1210,18 @@ goto err; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for + route involving ghostified interface */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + l = fib_find_node(t, key); fa = NULL; @@ -1627,7 +1650,17 @@ fa = list_entry(fa->fa_list.prev, struct fib_alias, fa_list); list_for_each_entry_continue(fa, fa_head, fa_list) { struct fib_info *fi = fa->fa_info; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for + route involving ghostified interface */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ if (fa->fa_tos != tos) break; @@ -2587,7 +2620,28 @@ || fa->fa_type == RTN_MULTICAST) continue; - if (fi) + if (fi) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't display any informations about + ghostified interfaces under /proc/net/route, bf */ + if (! is_a_ghost_interface_name((const char*)fi->fib_dev->name)) { + ghost_ptk("Don't display routes for a ghostified " + "interface (%s) in /proc/net/route", + (const char*)fi->fib_dev->name); + seq_printf(seq, + "%s\t%08X\t%08X\t%04X\t%d\t%u\t" + "%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", + prefix, + fi->fib_nh->nh_gw, flags, 0, 0, + fi->fib_priority, + mask, + (fi->fib_advmss ? + fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); + } +#else seq_printf(seq, "%s\t%08X\t%08X\t%04X\t%d\t%u\t" "%d\t%08X\t%d\t%u\t%u%n", @@ -2600,13 +2654,14 @@ fi->fib_advmss + 40 : 0), fi->fib_window, fi->fib_rtt >> 3, &len); - else +#endif /* CONFIG_GHOSTIFICATION */ + } else { seq_printf(seq, "*\t%08X\t%08X\t%04X\t%d\t%u\t" "%d\t%08X\t%d\t%u\t%u%n", prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); - + } seq_printf(seq, "%*s\n", 127 - len, ""); } } diff -rNuad linux-source-2.6.30/net/ipv4/igmp.c linux-source-2.6.30-ghost/net/ipv4/igmp.c --- linux-source-2.6.30/net/ipv4/igmp.c 2009-06-10 05:05:27.000000000 +0200 +++ linux-source-2.6.30-ghost/net/ipv4/igmp.c 2009-12-02 13:24:38.000000000 +0100 @@ -68,6 +68,8 @@ * Alexey Kuznetsov: Accordance to igmp-v2-06 draft. * David L Stevens: IGMPv3 support, with help from * Vinay Kulkarni + * Luca Saiu : trivial changes for ghostification + * support */ #include @@ -105,6 +107,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define IP_MAX_MEMBERSHIPS 20 #define IP_MAX_MSF 10 @@ -2387,8 +2394,18 @@ #endif if (state->in_dev->mc_list == im) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if(! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, "%d\t%-10s: %5d %7s\n", + state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier); + } +#else seq_printf(seq, "%d\t%-10s: %5d %7s\n", state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier); +#endif /* CONFIG_GHOSTIFICATION */ } seq_printf(seq, @@ -2550,14 +2567,30 @@ "Device", "MCA", "SRC", "INC", "EXC"); } else { - seq_printf(seq, - "%3d %6.6s 0x%08x " - "0x%08x %6lu %6lu\n", - state->dev->ifindex, state->dev->name, - ntohl(state->im->multiaddr), - ntohl(psf->sf_inaddr), - psf->sf_count[MCAST_INCLUDE], - psf->sf_count[MCAST_EXCLUDE]); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if (! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp information in /proc " + "about ghostified interfaces (2)."); + seq_printf(seq, + "%3d %6.6s 0x%08x " + "0x%08x %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + ntohl(state->im->multiaddr), + ntohl(psf->sf_inaddr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); + } +#else + seq_printf(seq, + "%3d %6.6s 0x%08x " + "0x%08x %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + ntohl(state->im->multiaddr), + ntohl(psf->sf_inaddr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; } diff -rNuad linux-source-2.6.30/net/ipv4/route.c linux-source-2.6.30-ghost/net/ipv4/route.c --- linux-source-2.6.30/net/ipv4/route.c 2009-07-18 10:10:11.000000000 +0200 +++ linux-source-2.6.30-ghost/net/ipv4/route.c 2009-12-02 13:24:38.000000000 +0100 @@ -55,6 +55,9 @@ * Eric Dumazet : hashed spinlocks and rt_check_expire() fixes. * Ilia Sotnikov : Ignore TOS on PMTUD and Redirect * Ilia Sotnikov : Removed TOS from hash calculations + * Luca Saiu : trivial changes for ghostification support + * Roudiere Jonathan : ghost support to rtnetlink + * function, ghost bugfix (field) in rt_cache_seq_show * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -108,6 +111,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define RT_FL_TOS(oldflp) \ ((u32)(oldflp->fl4_tos & (IPTOS_RT_MASK | RTO_ONLINK))) @@ -375,6 +383,14 @@ "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t" "HHUptod\tSpecDst"); else { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Dont't display informations about ghost ifaces, bf */ + if(is_a_ghost_interface_name((const char*)((struct rtable*)v)->u.dst.dev->name)) { + ghost_ptk("Don't display routing informations about ghost interface (%s)", + ((const char*)((struct rtable*)v)->u.dst.dev->name)); + return 0; + } +#endif /* CONFIG_GHOSTIFICATION */ struct rtable *r = v; int len; @@ -392,11 +408,11 @@ r->fl.fl4_tos, r->u.dst.hh ? atomic_read(&r->u.dst.hh->hh_refcnt) : -1, r->u.dst.hh ? (r->u.dst.hh->hh_output == - dev_queue_xmit) : 0, + dev_queue_xmit) : 0, r->rt_spec_dst, &len); seq_printf(seq, "%*s\n", 127 - len, ""); - } + } return 0; } @@ -2823,8 +2839,13 @@ r->rtm_src_len = 32; NLA_PUT_BE32(skb, RTA_SRC, rt->fl.fl4_src); } - if (rt->u.dst.dev) + if (rt->u.dst.dev) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) */ + ghost_develmsg("Net device is = %s ",rt->u.dst.dev->name); +#endif NLA_PUT_U32(skb, RTA_OIF, rt->u.dst.dev->ifindex); + } #ifdef CONFIG_NET_CLS_ROUTE if (rt->u.dst.tclassid) NLA_PUT_U32(skb, RTA_FLOW, rt->u.dst.tclassid); @@ -2907,7 +2928,7 @@ err = -ENOBUFS; goto errout; } - + /* Reserve room for dummy headers, this skb can pass through good chunk of routing engine. */ @@ -2929,6 +2950,17 @@ if (dev == NULL) { err = -ENODEV; goto errout_free; + +#ifdef CONFIG_GHOSTIFICATION + ghost_debugmsg("Net device is %s ", dev->name); + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get a route involving a ghostified " + "interface (%s), skip", dev->name); + err = -ENODEV; + goto errout_free; + } +#endif /* CONFIG_GHOSTIFICATION */ } skb->protocol = htons(ETH_P_IP); @@ -2961,6 +2993,22 @@ if (rtm->rtm_flags & RTM_F_NOTIFY) rt->rt_flags |= RTCF_NOTIFY; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't allow get ops for route + involving a ghostified interface, unnecessary test ..(rt) */ + if (rt) { + if (rt->u.dst.dev) { + ghost_debugmsg("Net device is %s ",rt->u.dst.dev->name); + if (is_a_ghost_interface_name(rt->u.dst.dev->name)) { + ghost_ptk("Try to get a route involving a ghostified " + "interface (%s), skip", + rt->u.dst.dev->name); + err = -ENETUNREACH; + goto errout_free; + } + } + } +#endif /* CONFIG_GHOSTIFICATION */ err = rt_fill_info(net, skb, NETLINK_CB(in_skb).pid, nlh->nlmsg_seq, RTM_NEWROUTE, 0, 0); if (err <= 0) @@ -2975,6 +3023,8 @@ goto errout; } +/* (ghost support) maybe it will be necessary to modify +this func which is call in fib_frontend.c */ int ip_rt_dump(struct sk_buff *skb, struct netlink_callback *cb) { struct rtable *rt; diff -rNuad linux-source-2.6.30/net/ipv6/addrconf.c linux-source-2.6.30-ghost/net/ipv6/addrconf.c --- linux-source-2.6.30/net/ipv6/addrconf.c 2009-06-10 05:05:27.000000000 +0200 +++ linux-source-2.6.30-ghost/net/ipv6/addrconf.c 2009-12-02 13:24:38.000000000 +0100 @@ -36,6 +36,9 @@ * YOSHIFUJI Hideaki @USAGI : improved source address * selection; consider scope, * status etc. + * Luca Saiu : ghostification support + * Roudiere Jonathan : ghost + * modify functions using (rt)netlink */ #include @@ -81,6 +84,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include #include @@ -446,6 +454,86 @@ return idev; } +/* + * (ghost support) Support to hide snmp6 proc infos. + */ +#ifdef CONFIG_GHOSTIFICATION +/* Utility procedure, needed for {show,hide}_proc_net_dev_snmp6_DEVICE_if_needed(). + Return a pointer to a valid inet6_dev structure on success, NULL on failure: */ +static struct inet6_dev* lookup_snmp6_device(const char *interface_name) +{ + struct net_device *device; + struct inet6_dev *idev; + + /* Lookup the device by name, obtaining an inet6_dev structure: */ + device = dev_get_by_name(&init_net, interface_name); + if(device == NULL) + return NULL; + rtnl_lock(); + idev = ipv6_find_idev(device); + rtnl_unlock(); + return idev; +} + +/* These are defined in net/ipv6/proc.c: */ +extern struct proc_dir_entry *proc_net_devsnmp6; +extern struct file_operations snmp6_seq_fops; + +/* Remove the virtual file /proc/net/dev_snmp6/DEVICE, unless + it's already hidden. Return 0 on success, nonzero on error: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name) +{ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + ghost_ptk("Hiding /proc/net/dev_snmp6/%s...", interface_name); + if(idev == NULL) /* lookup failed */ + return -EINVAL; + + /* Remove the proc/ entry, if any. If there was no entry + then remove_proc_entry() will fail, but it's ok for us: */ +#ifdef CONFIG_PROC_FS + if (!proc_net_devsnmp6) + return -ENOENT; + if (idev->stats.proc_dir_entry == NULL) + return -EINVAL; + remove_proc_entry(interface_name, proc_net_devsnmp6); +#endif /* CONFIG_PROC_FS */ + return 0; + //return snmp6_unregister_dev(idev); +} + +/* Create the virtual file /proc/net/dev_snmp6/DEVICE, unless + it's already shown. Return 0 on success, nonzero on error: */ +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name) +{ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + struct proc_dir_entry *proc_directory_entry; + ghost_ptk("Showing /proc/net/dev_snmp6/%s...", + interface_name); + if(idev == NULL) /* lookup failed */ + return -EINVAL; + if(idev->dev == NULL) /* I doubt this may happen... */ + return -EINVAL; +#ifdef CONFIG_PROC_FS + if(!proc_net_devsnmp6) /* there isn't any /proc/net/dev_snmp6 */ + return -ENOENT; + if((proc_directory_entry = create_proc_entry(interface_name, + S_IRUGO, proc_net_devsnmp6)) == NULL) + return -ENOMEM; + proc_directory_entry->data = idev; + proc_directory_entry->proc_fops = &snmp6_seq_fops; + idev->stats.proc_dir_entry = proc_directory_entry; +#endif /* CONFIG_PROC_FS */ + return 0; + /* return snmp6_register_dev(idev); */ +} +EXPORT_SYMBOL(show_proc_net_dev_snmp6_DEVICE_if_needed); +EXPORT_SYMBOL(hide_proc_net_dev_snmp6_DEVICE_if_needed); +#endif /* CONFIG_GHOSTIFICATION */ + +/* + * End of ghostification support + */ + #ifdef CONFIG_SYSCTL static void dev_forward_change(struct inet6_dev *idev) { @@ -2126,6 +2214,10 @@ return PTR_ERR(ifp); } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_addr_del(struct net *net, int ifindex, struct in6_addr *pfx, unsigned int plen) { @@ -2140,6 +2232,15 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to delete address on a ghostified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + if ((idev = __in6_dev_get(dev)) == NULL) return -ENXIO; @@ -2954,6 +3055,22 @@ static int if6_seq_show(struct seq_file *seq, void *v) { struct inet6_ifaddr *ifp = (struct inet6_ifaddr *)v; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information about ghost interfaces */ + if (is_a_ghost_interface_name(ifp->idev->dev->name)) { + ghost_ptk("Don't show informations about a ghostified " + "interface (%s) under /proc.", + ifp->idev->dev->name); + } else { + seq_printf(seq, "%pi6 %02x %02x %02x %02x %8s\n", + &ifp->addr, + ifp->idev->dev->ifindex, + ifp->prefix_len, + ifp->scope, + ifp->flags, + ifp->idev->dev->name); + } +#else seq_printf(seq, "%pi6 %02x %02x %02x %02x %8s\n", &ifp->addr, ifp->idev->dev->ifindex, @@ -2961,6 +3078,8 @@ ifp->scope, ifp->flags, ifp->idev->dev->name); +#endif /* CONFIG_GHOSTIFICATION */ + return 0; } @@ -3168,6 +3287,10 @@ [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) }, }; +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { @@ -3185,7 +3308,9 @@ pfx = extract_addr(tb[IFA_ADDRESS], tb[IFA_LOCAL]); if (pfx == NULL) return -EINVAL; - + /* (ghost support) we could/should stop here a request involving a + ghostified interface but inet6_addr_del already do a part of our work + (get dev etc ..) so instead we modify inet6_addr_del */ return inet6_addr_del(net, ifm->ifa_index, pfx, ifm->ifa_prefixlen); } @@ -3234,6 +3359,10 @@ return 0; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { @@ -3271,6 +3400,15 @@ if (dev == NULL) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to add a address to a ghostified interface (%s). Failing.", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + /* We ignore other flags so far. */ ifa_flags = ifm->ifa_flags & (IFA_F_NODAD | IFA_F_HOMEADDRESS); @@ -3436,6 +3574,12 @@ ANYCAST_ADDR, }; +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc; + * inet6_dump_addr is called by inet6_dump_{ifaddr,ifmcaddr,ifacaddr} + * and call the appropriate inet6_fill_* function. + */ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb, enum addr_type_t type) { @@ -3461,6 +3605,17 @@ ip_idx = 0; if ((idev = in6_dev_get(dev)) == NULL) goto cont; + +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get infos about addresses of a ghostified interface (%s), skip.", + dev->name); + goto cont; + /* return -ENODEV; don't use it */ + } +#endif /* CONFIG_GHOSTIFICATION */ + read_lock_bh(&idev->lock); switch (type) { case UNICAST_ADDR: @@ -3532,7 +3687,6 @@ return inet6_dump_addr(skb, cb, type); } - static int inet6_dump_ifacaddr(struct sk_buff *skb, struct netlink_callback *cb) { enum addr_type_t type = ANYCAST_ADDR; @@ -3540,6 +3694,10 @@ return inet6_dump_addr(skb, cb, type); } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_getaddr(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) { @@ -3566,6 +3724,17 @@ if (ifm->ifa_index) dev = __dev_get_by_index(net, ifm->ifa_index); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (dev) { + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get address of a ghostified interface (%s), skip.", + dev->name); + return -ENODEV; + } + } +#endif /* CONFIG_GHOSTIFICATION */ + if ((ifa = ipv6_get_ifaddr(net, addr, dev, 1)) == NULL) { err = -EADDRNOTAVAIL; goto errout; @@ -3774,6 +3943,10 @@ return -EMSGSIZE; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb) { struct net *net = sock_net(skb->sk); @@ -3785,6 +3958,14 @@ read_lock(&dev_base_lock); idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to dump address infos about a ghostified interface (%s), skip.", + dev->name); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if ((idev = in6_dev_get(dev)) == NULL) @@ -3812,7 +3993,6 @@ skb = nlmsg_new(inet6_if_nlmsg_size(), GFP_ATOMIC); if (skb == NULL) goto errout; - err = inet6_fill_ifinfo(skb, idev, 0, 0, event, 0); if (err < 0) { /* -EMSGSIZE implies BUG in inet6_if_nlmsg_size() */ diff -rNuad linux-source-2.6.30/net/ipv6/ip6_fib.c linux-source-2.6.30-ghost/net/ipv6/ip6_fib.c --- linux-source-2.6.30/net/ipv6/ip6_fib.c 2009-06-10 05:05:27.000000000 +0200 +++ linux-source-2.6.30-ghost/net/ipv6/ip6_fib.c 2009-12-02 13:24:38.000000000 +0100 @@ -275,6 +275,8 @@ #endif +/* (ghost support) iterate on net device, don't modify this function, +we can return ENODEV here, user-space tools (as ip) dump iface list before */ static int fib6_dump_node(struct fib6_walker_t *w) { int res; @@ -320,7 +322,6 @@ { struct fib6_walker_t *w; int res; - w = (void *)cb->args[2]; w->root = &table->tb6_root; diff -rNuad linux-source-2.6.30/net/ipv6/Kconfig linux-source-2.6.30-ghost/net/ipv6/Kconfig --- linux-source-2.6.30/net/ipv6/Kconfig 2009-06-10 05:05:27.000000000 +0200 +++ linux-source-2.6.30-ghost/net/ipv6/Kconfig 2009-12-02 13:24:38.000000000 +0100 @@ -4,8 +4,8 @@ # IPv6 as module will cause a CRASH if you try to unload it menuconfig IPV6 - tristate "The IPv6 protocol" - default m + bool "The IPv6 protocol" + default y ---help--- This is complemental support for the IP version 6. You will still be able to do traditional IPv4 networking as well. @@ -16,6 +16,10 @@ For specific information about IPv6 under Linux, read the HOWTO at . + Ghostification notes: + ===================== + IPV6 can not be built in module with ghost support. + To compile this protocol support as a module, choose M here: the module will be called ipv6. @@ -68,7 +72,7 @@ If unsure, say N. config INET6_AH - tristate "IPv6: AH transformation" + bool "IPv6: AH transformation" select XFRM select CRYPTO select CRYPTO_HMAC @@ -80,7 +84,7 @@ If unsure, say Y. config INET6_ESP - tristate "IPv6: ESP transformation" + bool "IPv6: ESP transformation" select XFRM select CRYPTO select CRYPTO_AUTHENC @@ -95,7 +99,7 @@ If unsure, say Y. config INET6_IPCOMP - tristate "IPv6: IPComp transformation" + bool "IPv6: IPComp transformation" select INET6_XFRM_TUNNEL select XFRM_IPCOMP ---help--- @@ -105,7 +109,7 @@ If unsure, say Y. config IPV6_MIP6 - tristate "IPv6: Mobility (EXPERIMENTAL)" + bool "IPv6: Mobility (EXPERIMENTAL)" depends on EXPERIMENTAL select XFRM ---help--- @@ -114,16 +118,16 @@ If unsure, say N. config INET6_XFRM_TUNNEL - tristate + bool select INET6_TUNNEL default n config INET6_TUNNEL - tristate + bool default n config INET6_XFRM_MODE_TRANSPORT - tristate "IPv6: IPsec transport mode" + bool "IPv6: IPsec transport mode" default IPV6 select XFRM ---help--- @@ -132,7 +136,7 @@ If unsure, say Y. config INET6_XFRM_MODE_TUNNEL - tristate "IPv6: IPsec tunnel mode" + bool "IPv6: IPsec tunnel mode" default IPV6 select XFRM ---help--- @@ -141,7 +145,7 @@ If unsure, say Y. config INET6_XFRM_MODE_BEET - tristate "IPv6: IPsec BEET mode" + bool "IPv6: IPsec BEET mode" default IPV6 select XFRM ---help--- @@ -150,14 +154,14 @@ If unsure, say Y. config INET6_XFRM_MODE_ROUTEOPTIMIZATION - tristate "IPv6: MIPv6 route optimization mode (EXPERIMENTAL)" + bool "IPv6: MIPv6 route optimization mode (EXPERIMENTAL)" depends on EXPERIMENTAL select XFRM ---help--- Support for MIPv6 route optimization mode. config IPV6_SIT - tristate "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" + bool "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" select INET_TUNNEL select IPV6_NDISC_NODETYPE default y @@ -174,7 +178,7 @@ bool config IPV6_TUNNEL - tristate "IPv6: IP-in-IPv6 tunnel (RFC2473)" + bool "IPv6: IP-in-IPv6 tunnel (RFC2473)" select INET6_TUNNEL ---help--- Support for IPv6-in-IPv6 and IPv4-in-IPv6 tunnels described in diff -rNuad linux-source-2.6.30/net/ipv6/mcast.c linux-source-2.6.30-ghost/net/ipv6/mcast.c --- linux-source-2.6.30/net/ipv6/mcast.c 2009-06-10 05:05:27.000000000 +0200 +++ linux-source-2.6.30-ghost/net/ipv6/mcast.c 2009-12-02 13:24:38.000000000 +0100 @@ -24,6 +24,10 @@ * - MLD for link-local addresses. * David L Stevens : * - MLDv2 support + * Luca Saiu : + * - trivial changes for ghostification support + * Roudiere Jonathan + * - trivial changes to correct an forgetting */ #include @@ -61,6 +65,11 @@ #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Set to 3 to get tracing... */ #define MCAST_DEBUG 2 @@ -2432,6 +2441,11 @@ struct ifmcaddr6 *im = (struct ifmcaddr6 *)v; struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information about ghost interfaces */ + if(! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp6 information in /proc " + "about ghostified interfaces (1)."); seq_printf(seq, "%-4d %-15s %pi6 %5d %08X %ld\n", state->dev->ifindex, state->dev->name, @@ -2439,6 +2453,16 @@ im->mca_users, im->mca_flags, (im->mca_flags&MAF_TIMER_RUNNING) ? jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); + } +#else + seq_printf(seq, + "%-4d %-15s %pi6 %5d %08X %ld\n", + state->dev->ifindex, state->dev->name, + &im->mca_addr, + im->mca_users, im->mca_flags, + (im->mca_flags&MAF_TIMER_RUNNING) ? + jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); +#endif /* CONFIG_GHOSTIFICATION */ return 0; } @@ -2593,6 +2617,11 @@ "Device", "Multicast Address", "Source Address", "INC", "EXC"); } else { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if (! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp6 information in /proc" + " about ghostified interfaces (2)."); seq_printf(seq, "%3d %6.6s %pi6 %pi6 %6lu %6lu\n", state->dev->ifindex, state->dev->name, @@ -2600,6 +2629,16 @@ &psf->sf_addr, psf->sf_count[MCAST_INCLUDE], psf->sf_count[MCAST_EXCLUDE]); + } +#else + seq_printf(seq, + "%3d %6.6s %pi6 %pi6 %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + &state->im->mca_addr, + &psf->sf_addr, + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; } diff -rNuad linux-source-2.6.30/net/ipv6/proc.c linux-source-2.6.30-ghost/net/ipv6/proc.c --- linux-source-2.6.30/net/ipv6/proc.c 2009-06-10 05:05:27.000000000 +0200 +++ linux-source-2.6.30-ghost/net/ipv6/proc.c 2009-12-02 13:24:38.000000000 +0100 @@ -9,6 +9,8 @@ * * Authors: David S. Miller (davem@caip.rutgers.edu) * YOSHIFUJI Hideaki + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -29,6 +31,16 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include + +/* (ghost support) We don't want this to be static, as it has to + be read at ghostifying and unghostifying time */ +struct proc_dir_entry *proc_net_devsnmp6; +EXPORT_SYMBOL(proc_net_devsnmp6); +#endif /* CONFIG_GHOSTIFICATION */ + static int sockstat6_seq_show(struct seq_file *seq, void *v) { struct net *net = seq->private; @@ -194,6 +206,18 @@ return single_open_net(inode, file, snmp6_seq_show); } +/* (ghost support) This was originally static, +but we need to make it visible */ +#ifdef CONFIG_GHOSTIFICATION +struct file_operations snmp6_seq_fops = { + .owner = THIS_MODULE, + .open = snmp6_seq_open, + .read = seq_read, + .llseek = seq_lseek, + .release = single_release, +}; +EXPORT_SYMBOL(snmp6_seq_fops); +#else static const struct file_operations snmp6_seq_fops = { .owner = THIS_MODULE, .open = snmp6_seq_open, @@ -201,6 +225,7 @@ .llseek = seq_lseek, .release = single_release_net, }; +#endif /* CONFIG_GHOSTIFICATION */ static int snmp6_dev_seq_show(struct seq_file *seq, void *v) { diff -rNuad linux-source-2.6.30/net/ipv6/route.c linux-source-2.6.30-ghost/net/ipv6/route.c --- linux-source-2.6.30/net/ipv6/route.c 2009-06-10 05:05:27.000000000 +0200 +++ linux-source-2.6.30-ghost/net/ipv6/route.c 2009-12-02 13:24:38.000000000 +0100 @@ -22,6 +22,10 @@ * reachable. otherwise, round-robin the list. * Ville Nuorvala * Fixed routing subtrees. + * Luca Saiu + * trivial changes for ghostification support + * Roudiere Jonathan + * ghostification support update, modify functions using netlink */ #include @@ -60,6 +64,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Set to 3 to get tracing. */ #define RT6_DEBUG 2 @@ -1115,10 +1124,6 @@ return hoplimit; } -/* - * - */ - int ip6_route_add(struct fib6_config *cfg) { int err; @@ -1830,6 +1835,8 @@ struct in6_rtmsg rtmsg; int err; + /* (ghost support) don't make any change, changes + have been made later for ioctl request */ switch(cmd) { case SIOCADDRT: /* Add a route */ case SIOCDELRT: /* Delete a route */ @@ -2133,26 +2140,84 @@ return err; } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc. + */ static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) { struct fib6_config cfg; int err; - err = rtm_to_fib6_config(skb, nlh, &cfg); - if (err < 0) - return err; +#ifdef CONFIG_GHOSTIFICATION + struct net *net = NULL; + struct net_device *dev = NULL; + + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; + + /* (ghost support) get the net struct through sock struct */ + net = sock_net(skb->sk); + if(!net) + return ip6_route_del(&cfg); /* do that or exit on error ... */ + /* (ghost support) get the net_device struct through fib6_config */ + dev = dev_get_by_index(net, cfg.fc_ifindex); + if(!dev) + return ip6_route_del(&cfg); /* do that or exit on error ... */ + /* (ghost support) ok we know the device name so if it + is a ghostified interface, return device not exist */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to del route involving a ghostified interface (%s). Failing", + dev->name); + return -ENODEV; + } +#else + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; +#endif /* CONFIG_GHOSTIFICATION */ return ip6_route_del(&cfg); } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc. + */ static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) { struct fib6_config cfg; int err; +#ifdef CONFIG_GHOSTIFICATION + struct net *net = NULL; + struct net_device *dev = NULL; + err = rtm_to_fib6_config(skb, nlh, &cfg); if (err < 0) return err; + + /* (ghost support) get the net struct through sock struct */ + net = sock_net(skb->sk); + if(!net) + return ip6_route_add(&cfg); /* do that or exit on error ... */ + /* (ghost support) get the net_device struct through fib6_config */ + dev = dev_get_by_index(net, cfg.fc_ifindex); + if(!dev) + return ip6_route_add(&cfg); /* do that or exit on error ... */ + /* (ghost support) ok we know the device name so if it is + a ghostified interface, return device not exist */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to add route involving a ghostified interface (%s). Failing.", + dev->name); + return -ENODEV; + } +#else + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; +#endif /* CONFIG_GHOSTIFICATION */ return ip6_route_add(&cfg); } @@ -2172,6 +2237,10 @@ + nla_total_size(sizeof(struct rta_cacheinfo)); } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc + */ static int rt6_fill_node(struct net *net, struct sk_buff *skb, struct rt6_info *rt, struct in6_addr *dst, struct in6_addr *src, @@ -2183,6 +2252,19 @@ long expires; u32 table; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("rtnetlink msg type %i, pid %i and seq %i", + type, pid, seq); + /* (ghost support) this function is called by by rt6_dump_route, and + inet6_rtm_get_route and inet6_rt_notify, test if it is a kernel request*/ + if (rt->rt6i_dev->name) + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Try to get/notify route infos about a " + "ghostified interface (%s), skip.", + rt->rt6i_dev->name); + return 1; + } +#endif /* CONFIG_GHOSTIFICATION */ if (prefix) { /* user wants prefix routes only */ if (!(rt->rt6i_flags & RTF_PREFIX_RT)) { /* success since this is not a prefix route */ @@ -2290,10 +2372,26 @@ return -EMSGSIZE; } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc, + */ int rt6_dump_route(struct rt6_info *rt, void *p_arg) { struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg; int prefix; + +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg(" rtnetlink mesg %i, pid %i and seq %i", + arg->cb->nlh->nlmsg_type, arg->cb->nlh->nlmsg_pid, arg->cb->nlh->nlmsg_seq); + /* if (rt->rt6i_dev) + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Try to dump route infos about a ghostified interface (%s), skip", + rt->rt6i_dev->name); + return -ENODEV; errro maybe come from here, modify instead + rt6_fill_node which has multiple callers + } */ +#endif /* CONFIG_GHOSTIFICATION */ if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) { struct rtmsg *rtm = nlmsg_data(arg->cb->nlh); @@ -2307,6 +2405,8 @@ prefix, 0, NLM_F_MULTI); } +/* (ghost support) Don't make changes here, function +rt6_fill_node has been modified instead */ static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) { struct net *net = sock_net(in_skb->sk); @@ -2452,6 +2552,17 @@ { struct seq_file *m = p_arg; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Do nothing if this route involves a + ghostified interface */ + if(rt->rt6i_dev != NULL) /* can't use &&: evaluation order is undefined */ + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Don't show any informations under /proc/net" + "involving a ghostified interface (%s)", + rt->rt6i_dev->name); + return 0; + } +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(m, "%pi6 %02x ", &rt->rt6i_dst.addr, rt->rt6i_dst.plen); #ifdef CONFIG_IPV6_SUBTREES diff -rNuad linux-source-2.6.30/net/Kconfig linux-source-2.6.30-ghost/net/Kconfig --- linux-source-2.6.30/net/Kconfig 2009-06-10 05:05:27.000000000 +0200 +++ linux-source-2.6.30-ghost/net/Kconfig 2009-12-02 13:24:38.000000000 +0100 @@ -159,6 +159,105 @@ source "net/decnet/netfilter/Kconfig" source "net/bridge/netfilter/Kconfig" +config GHOSTIFICATION_NETFILTER + bool "Ghostification support to netfilter" + depends on GHOSTIFICATION && NETFILTER_ADVANCED + default y + help + Ghostification support to Netfilter. Allow to bypass all + Netfilter's hooks (INPUT, OUTPUT, FORWARD, POSTROUTING and + PREROUTING (when available)) and that for all layer or protocol: + ARP, Bridge, IPv4, IPv6 (and Decnet) or just for one protocol + or layer. + If you choose to activate the Ghostification of Netfilter then + all the network packets which come from, or go to an ghostified + interface will not get through the hooks of Netfilter; so rules + which have been created with Iptables, Ip6tables, Arptables or + Ebtables will have no effect on these packets. + Note: This option allows you to have access to the options of + configuration of the Ghostification of Netfilter but it activates + no section of code; you will thus need to select one or some + among those this below. + +config GHOSTIFICATION_NETFILTER_ALL + bool "Ghostification support to netfilter, skip all hooks" + depends on GHOSTIFICATION_NETFILTER + default y + help + Netfiter Ghostification support for all protocols/layers. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass + Netfilter's hooks; thus any actions or rules which have been + created through Iptables, Ip6tables, Arptables or Ebtables + will not have any effect on this packets. + +config GHOSTIFICATION_NETFILTER_ARP + bool "Ghostification support to netfilter, skip ARP hooks" + depends on GHOSTIFICATION_NETFILTER && IP_NF_ARPTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the ARP protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass Arp + hooks of Netfilter; thus the rules which have been created + with the Arptables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_BRIDGE + bool "Ghostification support to netfilter, skip Bridge hooks" + depends on GHOSTIFICATION_NETFILTER && BRIDGE_NF_EBTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the Bridge protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass Bridge + hooks of Netfilter; thus the rules which have been created + with the Ebtables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_IPV4 + bool "Ghostification support to netfilter, skip IPv4 hooks" + depends on GHOSTIFICATION_NETFILTER && !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the IPv4 protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass IPv4 + hooks of Netfilter; thus the rules which have been created + with the Iptables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_IPV6 + bool "Ghostification support to netfilter, skip IPv6 hooks" + depends on GHOSTIFICATION_NETFILTER && IP6_NF_IPTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the IPv6 protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass IPv6 + hooks of Netfilter; thus the rules which have been created + with the Ip6tables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + endif source "net/dccp/Kconfig" @@ -255,4 +354,93 @@ source "net/rfkill/Kconfig" source "net/9p/Kconfig" +config GHOSTIFICATION + bool "Ghostification support" + depends on INET + default y + help + Ghostification support allow you to hide network interfaces + on your system. Ghostify and Unghostify are the actions which + make dynamically invisible and visible a network interface/cards + (eth0, lo, tun, ...) for the userspace. + When a network interface is ghostified, users of your system + can not see it with userspace tools like ifconfig, route, iproute, + netstat and/or have statistics about it. However even if a network + interface is ghostified it is always possible to open a socket + using the Ip address of this interface, ping this interface or + any host connected to the same network remains possible; has the + opposite, it is not possible to sniff packets on a ghostified + interface with userspace tools like tcpdump, wireshark, ... + Informations about a ghostified interface are hidden under /proc + but they can be find under /sys, it is a limit of the ghostification + patch. + For more informations about Ghostification patch and engine see + the README of the tarball that you have used or go to website of + the Marionnet project at . + + +config GHOSTIFICATION_NUM + int "Ghostification support : max number of possible ghostified interface" + depends on GHOSTIFICATION + range 4 32 + default 8 + help + Here you can choose the number of network interfaces that + you will be allowed to ghostify. This number must be between + 4 and 32. + +config GHOSTIFICATION_MESG + bool "Ghostification messages, display, debug and devel" + depends on GHOSTIFICATION + default y + help + Ghostification messages configuration. This option allow + you to have acces to the options which configure and control + the type of messages that you want the ghostification engine + diplay (visible through syslogd). + There are three options which make more or less verbose the + ghostification engine. You can choose to not select any + options below if you want to try to hide the ghostification + operations for the users of your system. + Note: This option allows you to have access to the options + which control the number of messages and the verbosity of + the Ghostification engine but it activates no section of + code; you will thus need to select one or some among those + this below. + +config GHOSTIFICATION_PRINTK + bool "Ghostification, messages to monitor ghost operations" + depends on GHOSTIFICATION_MESG + default y + help + This option allow you to activate normal messsages from the + ghostification engine, those messages are display through a + simple printk (visible through syslogd), this messages allow + to have informations about the ghost operations (like "the + interface ethX has been ghostified", "unghostified", "is already + ghostified", etc ...). If you really wish to hide ghostified + interfaces and ghost operations for the users of your system + don't select this option. + +config GHOSTIFICATION_DEBUG + bool "Ghostification, debugging messages to monitor ghost operations" + depends on GHOSTIFICATION_MESG + help + This option increase the verbosity of the ghostification engine, + allow to get more informations in order to debug the ghost ops. + This option is in general used to verify the result of a test or + to display the datas (interface name, pid of a calling process, ...) + which are treated by the ghost engine. + +config GHOSTIFICATION_DEVEL + bool "Ghostification, helping messages to trace ghost operations (devel)" + depends on GHOSTIFICATION_MESG + help + This option give more informations that the option above, it is use + by developer of the ghostification patch in order to control some + paths used in the kernel code and the datas which are manipulated. + This option is a little redundant with the debug option but allow + to have a better granularity, maybe it will be remove for the next + release of the ghostification patch. + endif # if NET diff -rNuad linux-source-2.6.30/net/netfilter/core.c linux-source-2.6.30-ghost/net/netfilter/core.c --- linux-source-2.6.30/net/netfilter/core.c 2009-06-10 05:05:27.000000000 +0200 +++ linux-source-2.6.30-ghost/net/netfilter/core.c 2009-12-02 13:24:38.000000000 +0100 @@ -5,6 +5,8 @@ * way. * * Rusty Russell (C)2000 -- This code is GPL. + * Little change by Jonathan Roudiere to add + * Ghostification support (bypass netfilter for ghost interface). */ #include #include @@ -22,6 +24,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "nf_internals.h" static DEFINE_MUTEX(afinfo_mutex); @@ -59,7 +66,6 @@ { struct nf_hook_ops *elem; int err; - err = mutex_lock_interruptible(&nf_hook_mutex); if (err < 0) return err; @@ -169,7 +175,158 @@ rcu_read_lock(); elem = &nf_hooks[pf][hook]; + next_hook: + /* + * (ghost support) Netfilter ghostification support. + * Perform too much tests here is not a good idea because all + * network packets pass through this section but we have + * not other choice to skip netfilter hooks (per hook). + */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER + /* + * Bypass all Netfilter hooks (for ipv4/6, arp, bridge) for any + * ghostified interface (eq. to return NF_ACCEPT for each packet which + * go through an interface which is ghostified (do that at hook level + * in order to skip all chains's rules hang on the hooks)) + */ + + /* don't use ghost_debugmsg macro in this section + because it may introduce too much delay */ + ghost_develmsg("Enter in hook (pf=%i) (hook=%i) from indev->name = " + "%s to outdev->name = %s", pf, hook, indev->name, outdev->name); + +/* If we wish to skip all netfilter hooks for all PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ALL + /* + * outdev->name field is defined in OUTPUT, FORWARD and POSTROUTING hooks, + * if it is a ghostified interface then we must bypass netfilter hooks + * (and all rules chains), we start here (with outdev) to bypass netfilter's + * hooks in the case where we are in FORWARD. + */ + if ((outdev->name) != NULL) { + if (!is_a_ghost_interface_name(outdev->name)) { + ghost_develmsg("(outdev->name) = %s is not a ghostfied interface", + (outdev->name)); + goto apply_hook; + } else { + ghost_develmsg("(outdev->name) = %s is a ghostfied interface", + (outdev->name)); + ret = 1; + goto unlock; + } + } + /* + * indev->name field is defined in PREROUTING, FORWARD and INPUT hooks, + * if it is a ghostified interface then we must bypass netfilter hooks + * (and all rules chains), if we are in FORWARD hook and outdev/indev->name + * is not a ghostified interface then we can go towards hooks. + */ + if ((indev->name) != NULL) { + if (!is_a_ghost_interface_name(indev->name)) { + ghost_develmsg("(indev->name) = %s is not a ghostfied interface", + (indev->name)); + goto apply_hook; + } else { + ghost_develmsg("(indev->name) = %s is a ghostfied interface", + (indev->name)); + ret = 1; + goto unlock; + } + } + +/* + * If GHOSTIFICATION_NETFILTER_ALL is not defined neither any + * GHOSTIFICATION_NETFILTER_PF then we 'll skip all this code chunk. + * (about performance, choose to skip netfilter just for certains PF + * is the most bad things we can do, but ...) + */ +#elif (defined(CONFIG_GHOSTIFICATION_NETFILTER_IPV4) || defined(CONFIG_GHOSTIFICATION_NETFILTER_IPV6) || \ + defined(CONFIG_GHOSTIFICATION_NETFILTER_ARP) || defined(CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE)) + /* Here we have the same logic as previously (in GHOSTIFICATION_NETFILTER_ALL) + but with the ability to choose what are the PFs that we want to skip */ + if ((outdev->name) != NULL) { + if (!is_a_ghost_interface_name(outdev->name)) { + ghost_develmsg("(outdev->name) = %s is not a ghostfied interface", + (outdev->name)); + goto apply_hook; + } else { + ghost_develmsg("(outdev->name) = %s is a ghostfied interface", + (outdev->name)); + /* start with IPv4, IPv6 because they are the most current PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV4 + if (pf == PF_INET) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV4 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV6 + if (pf == PF_INET6) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV6 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ARP + if (pf == NF_ARP) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_ARP */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE + if (pf == PF_BRIDGE) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE */ + /* We arrive here that is because we are not in a PF + that we wish skip so we apply rules chain (for decnet) */ + goto apply_hook; + } + } + if ((indev->name) != NULL) { + if (!is_a_ghost_interface_name(indev->name)) { + ghost_develmsg("(indev->name) = %s is not a ghostfied interface", + (indev->name)); + goto apply_hook; + } else { + ghost_develmsg("(indev->name) = %s is a ghostfied interface", + (indev->name)); + /* start with IPv4, IPv6 because they are the most current PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV4 + if (pf == PF_INET) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV4 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV6 + if (pf == PF_INET6) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV6 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ARP + if (pf == NF_ARP) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_ARP */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE + if (pf == PF_BRIDGE) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE */ + /* We arrive here that is because we are not in a PF + that we wish skip so we apply rules chain (for decnet) */ + goto apply_hook; + } + } + +#endif /* CONFIG_GHOSTIFICATION_ALL */ +apply_hook: +#endif /* CONFIG_GHOSTIFICATION_NETFILTER */ +/* (ghost support) End of ghostification support */ + verdict = nf_iterate(&nf_hooks[pf][hook], skb, hook, indev, outdev, &elem, okfn, hook_thresh); if (verdict == NF_ACCEPT || verdict == NF_STOP) { @@ -182,6 +339,9 @@ verdict >> NF_VERDICT_BITS)) goto next_hook; } +#ifdef CONFIG_GHOSTIFICATION_NETFILTER +unlock: +#endif rcu_read_unlock(); return ret; } diff -rNuad linux-source-2.6.30/net/packet/af_packet.c linux-source-2.6.30-ghost/net/packet/af_packet.c --- linux-source-2.6.30/net/packet/af_packet.c 2009-06-10 05:05:27.000000000 +0200 +++ linux-source-2.6.30-ghost/net/packet/af_packet.c 2009-12-02 13:24:38.000000000 +0100 @@ -39,6 +39,7 @@ * will simply extend the hardware address * byte arrays at the end of sockaddr_ll * and packet_mreq. + * Luca Saiu : Trivial changes for ghostification * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -83,6 +84,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Assumptions: - if device has no dev->hard_header routine, it adds and removes ll header @@ -489,6 +495,18 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Drop packets involving ghost interfaces: + * we don't want the user to be able to sniff them + */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Drop a packet which is going through a ghostified interface (rcv)"); + goto drop; + } +#endif /* CONFIG_GHOSTIFICATION */ + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -611,6 +629,18 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Drop packets involving ghost interfaces: + * we don't want the user to be able to sniff them. + */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Drop a packet which is going through a ghostified interface (trcv)"); + goto drop; + } +#endif /* CONFIG_GHOSTIFICATION */ + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -2049,17 +2079,38 @@ struct sock *s = v; const struct packet_sock *po = pkt_sk(s); +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Don't show packets involving ghost devices + */ + struct net_device *net_device = dev_get_by_index(sock_net(s), po->ifindex); + if(! is_a_ghost_interface_name(net_device->name)) { + ghost_debugmsg("Don't show packets involving ghostified interface"); + seq_printf(seq, + "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", + s, + atomic_read(&s->sk_refcnt), + s->sk_type, + ntohs(po->num), + po->ifindex, + po->running, + atomic_read(&s->sk_rmem_alloc), + sock_i_uid(s), + sock_i_ino(s) ); + } +#else seq_printf(seq, - "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", - s, - atomic_read(&s->sk_refcnt), - s->sk_type, - ntohs(po->num), - po->ifindex, - po->running, - atomic_read(&s->sk_rmem_alloc), - sock_i_uid(s), - sock_i_ino(s) ); + "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", + s, + atomic_read(&s->sk_refcnt), + s->sk_type, + ntohs(po->num), + po->ifindex, + po->running, + atomic_read(&s->sk_rmem_alloc), + sock_i_uid(s), + sock_i_ino(s) ); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/linux-2.6.32-ghost.patch0000644000175000017500000030142213175722671025664 0ustar lucaslucasdiff -rNuad linux-2.6.32/include/linux/netdevice.h linux-2.6.32-ghost/include/linux/netdevice.h --- linux-2.6.32/include/linux/netdevice.h 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/include/linux/netdevice.h 2009-12-05 12:34:40.000000000 +0100 @@ -14,6 +14,8 @@ * Alan Cox, * Bjorn Ekwall. * Pekka Riikonen + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -2015,4 +2017,12 @@ } #endif /* __KERNEL__ */ +/* + * (ghost support) Just check whether the given name + * belongs to the ghost interface + */ +#ifdef CONFIG_GHOSTIFICATION +int is_a_ghost_interface_name(const char *interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + #endif /* _LINUX_NETDEVICE_H */ diff -rNuad linux-2.6.32/include/linux/sockios.h linux-2.6.32-ghost/include/linux/sockios.h --- linux-2.6.32/include/linux/sockios.h 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/include/linux/sockios.h 2009-12-05 12:34:40.000000000 +0100 @@ -9,6 +9,8 @@ * * Authors: Ross Biro * Fred N. van Kempen, + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -83,6 +85,13 @@ #define SIOCWANDEV 0x894A /* get/set netdev parameters */ +/* (ghost support) ghostification's ioctl */ +#ifdef CONFIG_GHOSTIFICATION +#define SIOKLOG 0x894D /* Write a string to the log */ +#define SIOCGIFGHOSTIFY 0x894E /* Make a network device 'ghost' */ +#define SIOCGIFUNGHOSTIFY 0x894F /* Make a network device 'ghost' */ +#endif /* CONFIG_GHOSTIFICATION */ + /* ARP cache control calls. */ /* 0x8950 - 0x8952 * obsolete calls, don't re-use */ #define SIOCDARP 0x8953 /* delete ARP table entry */ diff -rNuad linux-2.6.32/include/net/ghostdebug.h linux-2.6.32-ghost/include/net/ghostdebug.h --- linux-2.6.32/include/net/ghostdebug.h 1970-01-01 01:00:00.000000000 +0100 +++ linux-2.6.32-ghost/include/net/ghostdebug.h 2009-12-05 12:34:40.000000000 +0100 @@ -0,0 +1,93 @@ +/* + * Ghost support: + * Some trivials macros for display messages, trace ghost ops, + * debug and devel the ghostification kernel patch. + * + * Authors: Roudiere Jonathan, + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version + * 2 of the License, or (at your option) any later version. + */ + +#ifndef __GHOSTDEBUG__ +#define __GHOSTDEBUG__ + +#ifdef CONFIG_GHOSTIFICATION + +/* + * Ghost macros: there are three type of macros for three kind of + * information level : + * + * - the first one is ghost_ptk, that is a simple printk with the + * KERN_INFO log level, it is the standard type of display used + * by the ghostification kernel code to allow user to monitor + * ghost operations, if GHOSTIFICATION_PRINTK is not defined then + * user will not any information about the ghostified interfaces + * and the ghost engine (almost any infos ;-)), + * + * - ghost_debug and ghost_debugmsg are respectively used to show a + * calling card in a part of the code (function, files) and to show + * in plus informations additional (variable, etc ..), these two macros + * display messages with the level KERNEL_DEBUG, + * + * - ghost_devel and ghost_develmsg are very similar (redundant) + * in both previous ones, they are mainly used for the development + * of the patch to follow the stream of execution, activate + * GHOSTIFICATION_DEVEL has interest only for developers. + * +*/ + +/* + * Macro usable to debug during normal usage of the kernel. +*/ +#ifdef CONFIG_GHOSTIFICATION_DEBUG +#define ghost_debug \ + printk(KERN_DEBUG \ + "(ghost_debug): file(%s): funct(%s): line(%04d): -- info debug -- \n", \ + __FILE__, __FUNCTION__, __LINE__) +#define ghost_debugmsg(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost_debug): file(%s): funct(%s): line(%04d): " msg "\n", \ + __FILE__, __FUNCTION__, __LINE__, ##args) +#else +#define ghost_debug +#define ghost_debugmsg(msg,args...) +#endif + +/* + * A little bit redundant with the macro ghost_debug/debugmsg + * but allows a difference in the use, they are not used for the + * debugging, but to verify roads borrowed during the development. + * (note: certainly remove at next release of the patch) +*/ +#ifdef CONFIG_GHOSTIFICATION_DEVEL +#define ghost_devel \ + printk(KERN_DEBUG \ + "(ghost_devel): file(%s): funct(%s): line(%04d): -- info devel -- \n", \ + __FILE__, __FUNCTION__, __LINE__) +#define ghost_develmsg(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost_devel): file(%s): funct(%s): line(%04d): " msg "\n", \ + __FILE__, __FUNCTION__, __LINE__, ##args) +#else +#define ghost_devel +#define ghost_develmsg(msg,args...) +#endif + +/* + * Macro to display all message from chunk of code which has + * ghostification in charge (use macro to add debug level later). +*/ +#ifdef CONFIG_GHOSTIFICATION_PRINTK +#define ghost_ptk(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost) " msg "\n", ##args) +#else +#define ghost_ptk(msg,args...) +#endif + +#endif /* CONFIG_GHOSTIFICATION */ + +#endif /* __GHOSTDEBUG__ */ diff -rNuad linux-2.6.32/kernel/softirq.c linux-2.6.32-ghost/kernel/softirq.c --- linux-2.6.32/kernel/softirq.c 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/kernel/softirq.c 2009-12-05 12:34:40.000000000 +0100 @@ -128,8 +128,11 @@ */ void _local_bh_enable(void) { +/* (ghost support) we don't want disturbe user's console */ +#ifndef CONFIG_GHOSTIFICATION WARN_ON_ONCE(in_irq()); WARN_ON_ONCE(!irqs_disabled()); +#endif if (softirq_count() == SOFTIRQ_OFFSET) trace_softirqs_on((unsigned long)__builtin_return_address(0)); @@ -140,7 +143,10 @@ static inline void _local_bh_enable_ip(unsigned long ip) { +/* (ghost support) we don't want disturbe user's console */ +#ifndef CONFIG_GHOSTIFICATION WARN_ON_ONCE(in_irq() || irqs_disabled()); +#endif #ifdef CONFIG_TRACE_IRQFLAGS local_irq_disable(); #endif diff -rNuad linux-2.6.32/net/core/dev.c linux-2.6.32-ghost/net/core/dev.c --- linux-2.6.32/net/core/dev.c 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/net/core/dev.c 2009-12-05 12:50:12.000000000 +0100 @@ -18,6 +18,7 @@ * Alexey Kuznetsov * Adam Sulmicki * Pekka Riikonen + * Luca Saiu (ghostification support) * * Changes: * D.J. Barrow : Fixed bug where dev->refcnt gets set @@ -70,6 +71,8 @@ * indefinitely on dev->refcnt * J Hadi Salim : - Backlog queue sampling * - netif_rx() feedback + * Roudiere Jonathan : make some buxfix in ghostification engine + * verify CAP_NET_ADMIN before (un)ghost iface */ #include @@ -137,6 +140,230 @@ #define GRO_MAX_HEAD (MAX_HEADER + 128) /* + * (ghost support) Chunk of code which has in charge + * the ghostification of network interfaces. + */ +#ifdef CONFIG_GHOSTIFICATION +#include + +/* The maximum number of ghost interfaces allowed at any given time: */ +#define MAX_GHOST_INTERFACES_NO CONFIG_GHOSTIFICATION_NUM + +/* + * A crude unsorted array of unique names, where "" stands for an + * empty slot. Elements are so few that an hash table would be overkill, + * and possibly also less efficient than this solution: + */ +static char ghost_interface_names[MAX_GHOST_INTERFACES_NO][IFNAMSIZ]; + +/* A lock protecting the ghost interfaces' support structure: */ +/* static DEFINE_SPINLOCK(ghostification_spin_lock); */ +static rwlock_t ghostification_spin_lock = RW_LOCK_UNLOCKED; + +/* Lock disabling local interrupts and saving flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + unsigned long flags; write_lock_irqsave(&ghostification_spin_lock, flags) + +/* Unlock re-enabling interrupts and restoring flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + write_unlock_irqrestore(&ghostification_spin_lock, flags) + +/* Lock disabling local interrupts and saving flags. This is for + readers, which are allowed to execute concurrently: */ +#define LOCK_GHOSTIFICATION_FOR_READING \ + unsigned long flags; read_lock_irqsave(&ghostification_spin_lock, flags) + +/* Lock re-enabling interrupts and restoring flags. This is for + readers, which are allowed to execute concurrently: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING \ + read_unlock_irqrestore(&ghostification_spin_lock, flags) + +#ifdef CONFIG_IPV6 +/* Defined in net/ipv6/addrconf.c: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +#endif /* CONFIG_IPV6 */ + +/* Return the index of the given element (which may be "") within + ghost_interface_names, or -1 on failure. Note that this must be + executed in a critical section: */ +static int __lookup_ghost_interface_names(const char *interface_name) +{ + int i; + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(!strcmp(interface_name, ghost_interface_names[i])) + return i; /* we found the given name in the i-th element */ + return -1; /* we didn't find the given name in the array */ +} + +/* This is useful for debugging. It must be called in a critical section. */ +static void __dump_ghost_interfaces(void) +{ + int i; + int number_of_ghost_interfaces = 0; + + ghost_ptk("Ghost interfaces are now: "); + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(strcmp(ghost_interface_names[i], "")) { + number_of_ghost_interfaces++; + ghost_ptk("%i. %s", number_of_ghost_interfaces, + ghost_interface_names[i]); + } + + ghost_ptk("There are now %i ghost interfaces. " + "A maximum of %i can exist at any given time.", + number_of_ghost_interfaces, MAX_GHOST_INTERFACES_NO); +} + +/* Just check whether the given name belongs to a ghost interface. + This must be called in a critical section: */ +int __is_a_ghost_interface_name(const char *interface_name) +{ + /* Particular case: "" is *not* a ghost interface name, even + if it's in the ghost interfaces array (we use it just to mark + an empty slot): */ + if(interface_name[0] == '\0') + return 0; + /* Just check whether interface_name is an element of the array: */ + return __lookup_ghost_interface_names(interface_name) >= 0; +} + +/* Just check whether the given name belongs to a ghost interface: */ +int is_a_ghost_interface_name(const char *interface_name) +{ + int result; + LOCK_GHOSTIFICATION_FOR_READING; + /* Just check whether interface_name is an element of the array: */ + result = __is_a_ghost_interface_name(interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING; + return result; +} + +/* Make the given interface ghost. Return 0 on success, nonzero on + failure. Failure occours when the interface is already ghost or + does not exist: */ +static int ghostify_interface(char *interface_name) +{ + int a_free_element_index; + const size_t name_length = strlen(interface_name); + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + + /* Let's avoid buffer overflows... This could possibly be exploited: */ + if((name_length >= IFNAMSIZ) || (name_length == 0)) + { + ghost_ptk("The user asked to ghostify the interface %s, " + "which has a name of length %i. Failing.", + interface_name, name_length); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EINVAL; + } + + /* Fail if the interface is already ghostified. In particular we + want *no* duplicates in the array. Note that we're already in + a critical section here, so there's no need for locking: */ + if(__is_a_ghost_interface_name(interface_name)) + { + ghost_ptk("Could not ghostify the interface %s, " + "because it\'s already ghost.", interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EEXIST; /* File exists, seems to be more appropriate */ + /* return -EINVAL; */ + } + + /* Fail if the interface is not found. We don't want add a + no-existing interface in our array */ + struct net_device *device; + device = dev_get_by_name(&init_net, interface_name); + if (device == NULL) { + ghost_ptk("Could not ghostify the interface %s which " + "doesn't exist. Try again.", interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENODEV; + } + + /* Look for a free spot: */ + a_free_element_index = __lookup_ghost_interface_names(""); + if(a_free_element_index < 0) + { + ghost_ptk("Could not ghostify the interface %s, " + "because %i interfaces are already ghostified. Sorry.", + interface_name, MAX_GHOST_INTERFACES_NO); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENOMEM; + } + + /* Ok, we found a free spot; just copy the interface name: */ + strcpy(ghost_interface_names[a_free_element_index], interface_name); + +#ifdef CONFIG_IPV6 + /* Hide /proc/net/dev_snmp6/DEVICE for the new ghost DEVICE: */ + hide_proc_net_dev_snmp6_DEVICE_if_needed( + ghost_interface_names[a_free_element_index]); +#endif /* CONFIG_IPV6 */ + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} + +/* Make the given interface, which should be ghost, non-ghost. + Return 0 on success, nonzero on failure. Failure occours when + the given interface is non-ghost or does not exist: */ +static int unghostify_interface(char *ghost_interface_name) +{ + int the_interface_index; + struct net_device *device; + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + + /* Fail if the interface is not found. It is not necessary + to search in the array a no-existing interface and allow + to return a more appropriate error code to the userspace. */ + device = dev_get_by_name(&init_net, ghost_interface_name); + if (device == NULL) { + ghost_ptk("Could not unghostify the interface %s " + "which doesn't exist. Try again.\n", ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENODEV; + } + + /* Look for the given interface: */ + the_interface_index = + __lookup_ghost_interface_names(ghost_interface_name); + if(the_interface_index < 0) + { + ghost_ptk("Could not unghostify the interface %s, \ + because it's non-ghost or not existing.\n", + ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ESRCH; /* No such device or address, seems to be more appropriate */ + /* return -EINVAL; */ + } + + /* Ok, we found the interface: just "remove" its name from the array: */ + ghost_interface_names[the_interface_index][0] = '\0'; + +#ifdef CONFIG_IPV6 + /* Show again /proc/net/dev_snmp6/DEVICE for the now non-ghost DEVICE: */ + show_proc_net_dev_snmp6_DEVICE_if_needed(ghost_interface_name); +#endif /* CONFIG_IPV6 */ + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} +EXPORT_SYMBOL(is_a_ghost_interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + +/* + * (ghost support) End of ghostification support + */ + + +/* * The list of packet types we will receive (as opposed to discard) * and the routines to invoke. * @@ -544,6 +771,13 @@ { int ints[5]; struct ifmap map; + /* (ghost support) There are no ghost interfaces by default */ +#ifdef CONFIG_GHOSTIFICATION + int i; + + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + ghost_interface_names[i][0] = '\0'; +#endif /* CONFIG_GHOSTIFICATION */ str = get_options(str, ARRAY_SIZE(ints), ints); if (!str || !*str) @@ -2979,11 +3213,20 @@ len = ifc.ifc_len; /* - * Loop over the interfaces, and write an info block for each. + * Loop over the interfaces, and write an info block for each, + * (ghost support) unless they are ghostified. */ total = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* Don't tell the user about ghost interfaces: just skip them */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Skipping the ghost interface %s in SIOCGIFCONF", + dev->name); + continue; + } +#endif /* CONFIG_GHOSTIFICATION */ for (i = 0; i < NPROTO; i++) { if (gifconf_list[i]) { int done; @@ -3052,6 +3295,10 @@ { const struct net_device_stats *stats = dev_get_stats(dev); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't show anything in /proc if iface is ghostified */ + if(! is_a_ghost_interface_name(dev->name)) +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(seq, "%6s:%8lu %7lu %4lu %4lu %4lu %5lu %10lu %9lu " "%8lu %7lu %4lu %4lu %4lu %5lu %7lu %10lu\n", dev->name, stats->rx_bytes, stats->rx_packets, @@ -4264,6 +4511,16 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) skip if it is a ghostified interface */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("The user is performing a SIOCxIFxxx ioctl() " + "on the ghost interface %s, Failing.", dev->name); + ghost_debugmsg("we make the SIOCxIFxxx ioctl's call fail with -ENODEV"); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + switch (cmd) { case SIOCGIFFLAGS: /* Get interface flags */ ifr->ifr_flags = (short) dev_get_flags(dev); @@ -4334,6 +4591,17 @@ ops = dev->netdev_ops; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) skip if it is a ghostified interface */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("The user is performing a SIOCxIFxxx ioctl() on " + "the ghost interface %s, Failing.", dev->name); + ghost_debugmsg("we make the SIOCxIFxxx ioctl's call fail " + "with -ENODEV"); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + switch (cmd) { case SIOCSIFFLAGS: /* Set interface flags */ return dev_change_flags(dev, ifr->ifr_flags); @@ -4476,6 +4744,56 @@ */ switch (cmd) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) catch ghostification's ioctl */ + case SIOKLOG: { + char text[1000]; + if(copy_from_user(text, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + text[IFNAMSIZ] = '\0'; + printk(KERN_DEBUG "%s\n", text); + return 0; + } + /* (un)ghostification ops require superuser power */ + case SIOCGIFGHOSTIFY: { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, + (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + ghost_ptk("The user asked to ghostify the interface %s.", + interface_name); + if((failure = ghostify_interface(interface_name)) == 0) + ghost_ptk("Ok, %s was ghostified.", + interface_name); + else + ghost_ptk("Failure in ghostification of %s.", + interface_name); + return failure; + } + case SIOCGIFUNGHOSTIFY: { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + ghost_ptk("The user asked to unghostify the interface %s.", + interface_name); + if((failure = unghostify_interface(interface_name)) == 0) + ghost_ptk("Ok, %s was unghostified.", + interface_name); + else + ghost_ptk("Failure in unghostification of %s.", + interface_name); + return failure; + } + /* end of ghostficiation ioctl */ +#endif /* CONFIG_GHOSTIFICATION */ /* * These ioctl calls: * - can be done by all. diff -rNuad linux-2.6.32/net/core/dev_mcast.c linux-2.6.32-ghost/net/core/dev_mcast.c --- linux-2.6.32/net/core/dev_mcast.c 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/net/core/dev_mcast.c 2009-12-05 12:34:40.000000000 +0100 @@ -14,6 +14,8 @@ * Alan Cox : IFF_ALLMULTI support. * Alan Cox : New format set_multicast_list() calls. * Gleb Natapov : Remove dev_mc_lock. + * Luca Saiu : trivial changes for + * ghostification support. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -48,6 +50,9 @@ #include #include +#ifdef CONFIG_GHOSTIFICATION +#include +#endif /* CONFIG_GHOSTIFICATION */ /* * Device multicast list maintenance. @@ -167,7 +172,15 @@ netif_addr_lock_bh(dev); for (m = dev->mc_list; m; m = m->next) { int i; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information + in /proc about ghost interfaces */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Don't show any information in /proc " + "about ghostified interface"); + continue; + } +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(seq, "%-4d %-15s %-5d %-5d ", dev->ifindex, dev->name, m->dmi_users, m->dmi_gusers); diff -rNuad linux-2.6.32/net/core/rtnetlink.c linux-2.6.32-ghost/net/core/rtnetlink.c --- linux-2.6.32/net/core/rtnetlink.c 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/net/core/rtnetlink.c 2009-12-05 12:34:40.000000000 +0100 @@ -12,8 +12,12 @@ * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * - * Fixes: + * Fixes: * Vitaly E. Lavrov RTA_OK arithmetics was wrong. + * + * Changes: + * Roudiere Jonathan Some changes + * to ghost support, to allow to hide ghost net interfaces */ #include @@ -53,6 +57,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + struct rtnl_link { rtnl_doit_func doit; @@ -106,7 +115,10 @@ static rtnl_doit_func rtnl_get_doit(int protocol, int msgindex) { struct rtnl_link *tab; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("protocol = %i and msgindex %i ",protocol, msgindex); +#endif tab = rtnl_msg_handlers[protocol]; if (tab == NULL || tab[msgindex].doit == NULL) tab = rtnl_msg_handlers[PF_UNSPEC]; @@ -117,7 +129,10 @@ static rtnl_dumpit_func rtnl_get_dumpit(int protocol, int msgindex) { struct rtnl_link *tab; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("protocol = %i and msgindex %i ",protocol, msgindex); +#endif tab = rtnl_msg_handlers[protocol]; if (tab == NULL || tab[msgindex].dumpit == NULL) tab = rtnl_msg_handlers[PF_UNSPEC]; @@ -460,6 +475,12 @@ { struct sock *rtnl = net->rtnl; int report = 0; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add inforation to devel patch */ + ghost_develmsg("pid = %i, nlh->nlmsg_pid = %i, nlh->nlmsg_type %i " + "and nlh->nlmsg_seq = %i", pid, nlh->nlmsg_pid, + nlh->nlmsg_type, nlh->nlmsg_seq); +#endif if (nlh) report = nlmsg_report(nlh); @@ -615,6 +636,20 @@ if (nlh == NULL) return -EMSGSIZE; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("pid = %i, nlh->nlmsg_pid = %i, nlh->nlmsg_type " + "= %i, seq = %i and nlh->nlmsg_seq = %i", + pid, nlh->nlmsg_pid, nlh->nlmsg_type, + seq, nlh->nlmsg_seq); + ghost_develmsg("dev->name = %s and dev->ifindex = %i", + dev->name, + dev->ifindex); + /* function whose call rtnl_fill_ifinfo has been modified, except + rtmsg_ifinfo so if it will be necessary to skip ghost iface here then + keep in your mind to test pid because if it is eq. to 0 then it is a + kernel request (else user request) and we don't want disturbe its work. */ +#endif ifm = nlmsg_data(nlh); ifm->ifi_family = AF_UNSPEC; ifm->__ifi_pad = 0; @@ -688,6 +723,24 @@ idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) function which encapsulates calls to + * rtnl_fill_ifinfo and which is call after rtnl_get_doit/dumpit, + * use to dump list of network interfaces (as used by "ip link") + */ + ghost_develmsg("for_each_netdev, current net_device is %s", + dev->name); + ghost_develmsg("netlink cb pid = %i, cb nlh->nlmsg_type = %i, " + "cb familly/proto = %i, cb nlh->nlmsg_pid %i", + NETLINK_CB(cb->skb).pid, cb->nlh->nlmsg_type, + cb->family, cb->nlh->nlmsg_pid); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Hide ghotified interface (%s) in the dump", + dev->name); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if (rtnl_fill_ifinfo(skb, dev, RTM_NEWLINK, @@ -920,6 +973,18 @@ err = -ENODEV; goto errout; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it + with user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change state/parameters of a ghotified " + "interface (%s), skip", dev->name); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ if ((err = validate_linkmsg(dev, tb)) < 0) goto errout_dev; @@ -958,6 +1023,17 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it + with user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change dell a ghotified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ ops = dev->rtnl_link_ops; if (!ops) @@ -1168,6 +1244,17 @@ dev = dev_get_by_index(net, ifm->ifi_index); if (dev == NULL) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it with + user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get infos about a ghotified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ } else return -EINVAL; @@ -1222,6 +1309,8 @@ struct sk_buff *skb; int err = -ENOBUFS; + /* (ghost support) call rtnl_fill_ifinfo so maybe it + is need here to modify, in order to skip ghost iface */ skb = nlmsg_new(if_nlmsg_size(dev), GFP_KERNEL); if (skb == NULL) goto errout; @@ -1257,6 +1346,11 @@ int err; type = nlh->nlmsg_type; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("Enter, nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i and nlh->nlmsg_seq = %i ", + nlh->nlmsg_pid, nlh->nlmsg_seq, nlh->nlmsg_seq); +#endif /* CONFIG_GHOSTIFICATION */ + if (type > RTM_MAX) return -EOPNOTSUPP; @@ -1276,14 +1370,21 @@ if (kind != 2 && security_netlink_recv(skb, CAP_NET_ADMIN)) return -EPERM; + /* (ghost support) kind = 2 then imply RTM_GETLINK has been used */ if (kind == 2 && nlh->nlmsg_flags&NLM_F_DUMP) { struct sock *rtnl; rtnl_dumpit_func dumpit; + /* (ghost support) then rtnl_get_dumpit return pointer to the appropriate + function for this family and this type take in rtnl_msg_handler[] */ dumpit = rtnl_get_dumpit(family, type); if (dumpit == NULL) return -EOPNOTSUPP; - +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("Part 1: rtnl_get_dumpit(family %i, type %i) " + "is used before call to netlink_dump_start", + family,type); +#endif /* CONFIG_GHOSTIFICATION */ __rtnl_unlock(); rtnl = net->rtnl; err = netlink_dump_start(rtnl, skb, nlh, dumpit, NULL); @@ -1315,6 +1416,11 @@ doit = rtnl_get_doit(family, type); if (doit == NULL) return -EOPNOTSUPP; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) rtnl_get_doit return pointer to the appropriate + function for this family and this type take in rtnl_msg_handler[] */ + ghost_develmsg("Part 2: rtnl_get_doit(family %i, type %i)", family, type); +#endif /* CONFIG_GHOSTIFICATION */ return doit(skb, nlh, (void *)&rta_buf[0]); } @@ -1330,6 +1436,10 @@ { struct net_device *dev = ptr; + /* (ghost support) if we want provide a ghost's way to modify + the state of a ghost iface, it will be necessary to skip event + reports involing ghost iface (actually any changes are possible + if the iface is ghostified so there is nothing to report) */ switch (event) { case NETDEV_UNREGISTER: rtmsg_ifinfo(RTM_DELLINK, dev, ~0U); diff -rNuad linux-2.6.32/net/ipv4/arp.c linux-2.6.32-ghost/net/ipv4/arp.c --- linux-2.6.32/net/ipv4/arp.c 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/net/ipv4/arp.c 2009-12-05 12:34:40.000000000 +0100 @@ -70,6 +70,8 @@ * bonding can change the skb before * sending (e.g. insert 8021q tag). * Harald Welte : convert to make use of jenkins hash + * Luca Saiu @@ -116,6 +118,11 @@ struct neigh_table *clip_tbl_hook; #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include #include @@ -1311,9 +1318,21 @@ } #endif sprintf(tbuf, "%pI4", n->primary_key); +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) Don't show anything in /proc if it involves +ghost interfaces: */ + if (! is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Don't show any arp information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", + tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); + read_unlock(&n->lock); + } +#else seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", - tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); + tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); read_unlock(&n->lock); +#endif /* CONFIG_GHOSTIFICATION */ } static void arp_format_pneigh_entry(struct seq_file *seq, @@ -1324,9 +1343,21 @@ char tbuf[16]; sprintf(tbuf, "%pI4", n->key); +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) Don't show anything in /proc if it involves + ghost interfaces */ + if (! is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Don't show any arp information in /proc " + "about ghostified interfaces (2)."); + seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", + tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", + dev ? dev->name : "*"); + } +#else seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", - tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", - dev ? dev->name : "*"); + tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", + dev ? dev->name : "*"); +#endif /* CONFIG_GHOSTIFICATION */ } static int arp_seq_show(struct seq_file *seq, void *v) diff -rNuad linux-2.6.32/net/ipv4/devinet.c linux-2.6.32-ghost/net/ipv4/devinet.c --- linux-2.6.32/net/ipv4/devinet.c 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/net/ipv4/devinet.c 2009-12-05 12:34:40.000000000 +0100 @@ -23,6 +23,9 @@ * address (4.4BSD alias style support), * fall back to comparing just the label * if no match found. + * Roudiere Jonathan : + * some changes to ghost support, skip + * request involving a ghostified iface. */ @@ -62,6 +65,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + static struct ipv4_devconf ipv4_devconf = { .data = { [NET_IPV4_CONF_ACCEPT_REDIRECTS - 1] = 1, @@ -448,6 +456,16 @@ err = -ENODEV; goto errout; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("in_dev->dev->name = %s", in_dev->dev->name); + if (is_a_ghost_interface_name(in_dev->dev->name)) { + ghost_ptk("Try to delete address on a ghostified interface (%s), skip", + (in_dev->dev->name)); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ __in_dev_put(in_dev); @@ -497,6 +515,17 @@ if (dev == NULL) goto errout; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("(dev->name) = %s ", (dev->name)); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change/modfy address on a ghostified interface (%s), skip", + (dev->name)); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ + in_dev = __in_dev_get_rtnl(dev); err = -ENOBUFS; if (in_dev == NULL) @@ -546,6 +575,12 @@ ASSERT_RTNL(); + /* (ghost support) don't modify this funct but directly + rtm_to_ifaddr, as for others funct, with user-levels tools + (as iproute) we normaly never arrive here (because a dump + all ifaces is perform before and func which make the dump + has been modified (but we want prevent user tool request + the ghost iface directly */ ifa = rtm_to_ifaddr(net, nlh); if (IS_ERR(ifa)) return PTR_ERR(ifa); @@ -1179,6 +1214,15 @@ s_ip_idx = ip_idx = cb->args[1]; idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION /* _VERIFICATION_NEED_ */ + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("dev->name = %s", dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get address on a ghostified interface (%s), skip", + (dev->name)); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if (idx > s_idx) diff -rNuad linux-2.6.32/net/ipv4/fib_frontend.c linux-2.6.32-ghost/net/ipv4/fib_frontend.c --- linux-2.6.32/net/ipv4/fib_frontend.c 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/net/ipv4/fib_frontend.c 2009-12-05 12:34:40.000000000 +0100 @@ -6,6 +6,10 @@ * IPv4 Forwarding Information Base: FIB frontend. * * Authors: Alexey Kuznetsov, + * Luca Saiu (simple changes for ghostification + * support). + * Roudiere Jonathan (some display + * and comment for ghostification in rtnetlink functions). * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -44,6 +48,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #ifndef CONFIG_IP_MULTIPLE_TABLES static int __net_init fib4_rules_init(struct net *net) @@ -453,6 +462,11 @@ * Handle IP routing ioctl calls. These are used to manipulate the routing tables */ +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) A function implemented in net/core/dev.c */ +int is_a_ghost_interface_name(const char *interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + int ip_rt_ioctl(struct net *net, unsigned int cmd, void __user *arg) { struct fib_config cfg; @@ -467,6 +481,22 @@ if (copy_from_user(&rt, arg, sizeof(rt))) return -EFAULT; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Forbid any action involving a ghost interface */ + if (rt.rt_dev != (char __user*)NULL) { + /* We need to have this name in kernel space to check + for ghostification: */ + char interface_name[1000]; /* [IFNAMSIZ+1] is certainly sufficient */ + if(copy_from_user(interface_name, rt.rt_dev, IFNAMSIZ + 1)) + return -EFAULT; + if(is_a_ghost_interface_name(interface_name)) { + ghost_ptk("The user aked to add a route involving the " + "ghost interface %s. We make this operation fail", + interface_name); + return -ENODEV; + } + } +#endif /* CONFIG_GHOSTIFICATION */ rtnl_lock(); err = rtentry_to_fib_config(net, cmd, &rt, &cfg); @@ -475,12 +505,18 @@ if (cmd == SIOCDELRT) { tb = fib_get_table(net, cfg.fc_table); + /* (ghost support) The function pointed by tb->tb_delete was + also modified to deal with ghost interfaces. Such function + may be either fn_hash_delete() or fn_trie_delete() */ if (tb) err = tb->tb_delete(tb, &cfg); else err = -ESRCH; } else { tb = fib_new_table(net, cfg.fc_table); + /* (ghost support) The function pointed by tb->tb_insert was + also modified to deal with ghost interfaces. Such function + may be either fn_hash_insert() or fn_trie_insert() */ if (tb) err = tb->tb_insert(tb, &cfg); else @@ -587,6 +623,16 @@ struct fib_table *tb; int err; + /* + * (ghost support) add infos for patch devel, we don't modify + * inet_rtm_newroute but instead functions pointed by tb->tb_delete, + * either fn_hash_delete() (in fib_hash.c) or fn_trie_delete() + * (in fib_trie.c) + */ + ghost_develmsg(" nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i " + "and nlh->nlmsg_type = %i", nlh->nlmsg_pid, + nlh->nlmsg_seq, nlh->nlmsg_type); + err = rtm_to_fib_config(net, skb, nlh, &cfg); if (err < 0) goto errout; @@ -609,6 +655,16 @@ struct fib_table *tb; int err; + /* + * (ghost support) add infos for patch devel, we don't modify + * inet_rtm_newroute but instead function pointed by tb->tb_insert, + * either fn_hash_insert() (in fib_hash.c) or fn_trie_insert() + * (in fib_trie.c) + */ + ghost_develmsg(" nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i " + "and nlh->nlmsg_type = %i", nlh->nlmsg_pid, + nlh->nlmsg_seq, nlh->nlmsg_type); + err = rtm_to_fib_config(net, skb, nlh, &cfg); if (err < 0) goto errout; @@ -624,6 +680,12 @@ return err; } +/* + * (ghost support) Fonction called through rtnetlink to dump + * all routes, we don't change anythings here, changes have + * been made in fib_semantics.c (in fib_dump_info which is + * called by fib_trie and fib_hash). + */ static int inet_dump_fib(struct sk_buff *skb, struct netlink_callback *cb) { struct net *net = sock_net(skb->sk); @@ -636,7 +698,7 @@ if (nlmsg_len(cb->nlh) >= sizeof(struct rtmsg) && ((struct rtmsg *) nlmsg_data(cb->nlh))->rtm_flags & RTM_F_CLONED) - return ip_rt_dump(skb, cb); + return ip_rt_dump(skb, cb); /* (ghost support) need modify this func */ s_h = cb->args[0]; s_e = cb->args[1]; @@ -661,6 +723,9 @@ cb->args[1] = e; cb->args[0] = h; + /* (ghost support) Length returned can be changed by + fib_dump_info when a route of a ghositifed iface is + lookup (skb length may be abnormal, diff of mod(240)) */ return skb->len; } diff -rNuad linux-2.6.32/net/ipv4/fib_hash.c linux-2.6.32-ghost/net/ipv4/fib_hash.c --- linux-2.6.32/net/ipv4/fib_hash.c 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/net/ipv4/fib_hash.c 2009-12-05 12:34:40.000000000 +0100 @@ -6,6 +6,11 @@ * IPv4 FIB: lookup engine and maintenance routines. * * Authors: Alexey Kuznetsov, + * Luca Saiu (simple changes for ghostification + * support). + * Roudiere Jonathan (bugfixes, + * forgetting ghost support in the function fn_hash_insert, bad + * field check in fib_seq_show). * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -41,6 +46,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "fib_lookup.h" static struct kmem_cache *fn_hash_kmem __read_mostly; @@ -396,6 +406,18 @@ if (IS_ERR(fi)) return PTR_ERR(fi); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for route involving + ghostified interface, current funct is pointed by tb->tb_insert */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + if (fz->fz_nent > (fz->fz_divisor<<1) && fz->fz_divisor < FZ_MAX_DIVISOR && (cfg->fc_dst_len == 32 || @@ -579,7 +601,17 @@ fa = list_entry(fa->fa_list.prev, struct fib_alias, fa_list); list_for_each_entry_continue(fa, &f->fn_alias, fa_list) { struct fib_info *fi = fa->fa_info; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for route involving + ghostified interface, current funct is pointed by tb->tb_delete */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ if (fa->fa_tos != cfg->fc_tos) break; @@ -1021,19 +1053,39 @@ prefix = f->fn_key; mask = FZ_MASK(iter->zone); flags = fib_flag_trans(fa->fa_type, mask, fi); - if (fi) + if (fi) + { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't display any informations about + ghostified interfaces under /proc/net/route, bf */ + if (! is_a_ghost_interface_name((const char*)fi->fib_dev->name)) + { + ghost_ptk("Don't display routes for a ghostified " + "interface (%s) /proc/net/route", + (const char*)fi->fib_dev->name); + seq_printf(seq, + "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", prefix, + fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, + mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); + } +#else seq_printf(seq, - "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", - fi->fib_dev ? fi->fib_dev->name : "*", prefix, - fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, - mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), - fi->fib_window, - fi->fib_rtt >> 3, &len); - else + "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", prefix, + fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, + mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); +#endif /* CONFIG_GHOSTIFICATION */ + } + else { seq_printf(seq, - "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", - prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); - + "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); + } seq_printf(seq, "%*s\n", 127 - len, ""); out: return 0; diff -rNuad linux-2.6.32/net/ipv4/fib_semantics.c linux-2.6.32-ghost/net/ipv4/fib_semantics.c --- linux-2.6.32/net/ipv4/fib_semantics.c 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/net/ipv4/fib_semantics.c 2009-12-05 12:34:40.000000000 +0100 @@ -11,6 +11,9 @@ * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. + * Changes: + * Roudiere Jonathan trivial + * change for ghostification. */ #include @@ -43,6 +46,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "fib_lookup.h" static DEFINE_SPINLOCK(fib_info_lock); @@ -953,6 +961,23 @@ if (nlh == NULL) return -EMSGSIZE; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) function call by fib_trie and fib_hash to dump route, + * in most case we won't arrive here with usertools (like iproute), because + * modification in rtnl_dump_ifinfo hide iface and modif here may be not really + * proper because put abnormal length in the skb->len return by inet_dump_fib + * (used without error..) if pid != 0 then user talks else that is the kernel; + */ + if (pid != 0) + if (is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Try to get route about ghost iface (%s), skip", + fi->fib_dev->name); + /* return -EMSGSIZE; don't use this because that stops evaluation */ + return nlmsg_end(skb, nlh); + } +#endif /* CONFIG_GHOSTIFICATION */ + rtm = nlmsg_data(nlh); rtm->rtm_family = AF_INET; rtm->rtm_dst_len = dst_len; diff -rNuad linux-2.6.32/net/ipv4/fib_trie.c linux-2.6.32-ghost/net/ipv4/fib_trie.c --- linux-2.6.32/net/ipv4/fib_trie.c 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/net/ipv4/fib_trie.c 2009-12-05 12:34:40.000000000 +0100 @@ -12,6 +12,12 @@ * * Hans Liss Uppsala Universitet * + * Luca Saiu (simple changes for ghostification + * support) + * Roudiere Jonathan (bugfixes, + * forgetting ghost support in the function fn_trie_insert, bad + * field check in fib_route_seq_show). + * * This work is based on the LPC-trie which is originally descibed in: * * An experimental study of compression methods for dynamic tries @@ -80,6 +86,11 @@ #include #include "fib_lookup.h" +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define MAX_STAT_DEPTH 32 #define KEYLENGTH (8*sizeof(t_key)) @@ -1206,6 +1217,18 @@ goto err; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for + route involving ghostified interface */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + l = fib_find_node(t, key); fa = NULL; @@ -1633,7 +1656,17 @@ fa = list_entry(fa->fa_list.prev, struct fib_alias, fa_list); list_for_each_entry_continue(fa, fa_head, fa_list) { struct fib_info *fi = fa->fa_info; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for + route involving ghostified interface */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ if (fa->fa_tos != tos) break; @@ -2593,7 +2626,28 @@ || fa->fa_type == RTN_MULTICAST) continue; - if (fi) + if (fi) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't display any informations about + ghostified interfaces under /proc/net/route, bf */ + if (! is_a_ghost_interface_name((const char*)fi->fib_dev->name)) { + ghost_ptk("Don't display routes for a ghostified " + "interface (%s) in /proc/net/route", + (const char*)fi->fib_dev->name); + seq_printf(seq, + "%s\t%08X\t%08X\t%04X\t%d\t%u\t" + "%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", + prefix, + fi->fib_nh->nh_gw, flags, 0, 0, + fi->fib_priority, + mask, + (fi->fib_advmss ? + fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); + } +#else seq_printf(seq, "%s\t%08X\t%08X\t%04X\t%d\t%u\t" "%d\t%08X\t%d\t%u\t%u%n", @@ -2606,13 +2660,14 @@ fi->fib_advmss + 40 : 0), fi->fib_window, fi->fib_rtt >> 3, &len); - else +#endif /* CONFIG_GHOSTIFICATION */ + } else { seq_printf(seq, "*\t%08X\t%08X\t%04X\t%d\t%u\t" "%d\t%08X\t%d\t%u\t%u%n", prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); - + } seq_printf(seq, "%*s\n", 127 - len, ""); } } diff -rNuad linux-2.6.32/net/ipv4/igmp.c linux-2.6.32-ghost/net/ipv4/igmp.c --- linux-2.6.32/net/ipv4/igmp.c 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/net/ipv4/igmp.c 2009-12-05 12:34:40.000000000 +0100 @@ -68,6 +68,8 @@ * Alexey Kuznetsov: Accordance to igmp-v2-06 draft. * David L Stevens: IGMPv3 support, with help from * Vinay Kulkarni + * Luca Saiu : trivial changes for ghostification + * support */ #include @@ -105,6 +107,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define IP_MAX_MEMBERSHIPS 20 #define IP_MAX_MSF 10 @@ -2409,8 +2416,18 @@ #endif if (state->in_dev->mc_list == im) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if(! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, "%d\t%-10s: %5d %7s\n", + state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier); + } +#else seq_printf(seq, "%d\t%-10s: %5d %7s\n", state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier); +#endif /* CONFIG_GHOSTIFICATION */ } seq_printf(seq, @@ -2572,14 +2589,30 @@ "Device", "MCA", "SRC", "INC", "EXC"); } else { - seq_printf(seq, - "%3d %6.6s 0x%08x " - "0x%08x %6lu %6lu\n", - state->dev->ifindex, state->dev->name, - ntohl(state->im->multiaddr), - ntohl(psf->sf_inaddr), - psf->sf_count[MCAST_INCLUDE], - psf->sf_count[MCAST_EXCLUDE]); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if (! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp information in /proc " + "about ghostified interfaces (2)."); + seq_printf(seq, + "%3d %6.6s 0x%08x " + "0x%08x %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + ntohl(state->im->multiaddr), + ntohl(psf->sf_inaddr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); + } +#else + seq_printf(seq, + "%3d %6.6s 0x%08x " + "0x%08x %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + ntohl(state->im->multiaddr), + ntohl(psf->sf_inaddr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; } diff -rNuad linux-2.6.32/net/ipv4/route.c linux-2.6.32-ghost/net/ipv4/route.c --- linux-2.6.32/net/ipv4/route.c 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/net/ipv4/route.c 2009-12-05 12:34:40.000000000 +0100 @@ -55,6 +55,9 @@ * Eric Dumazet : hashed spinlocks and rt_check_expire() fixes. * Ilia Sotnikov : Ignore TOS on PMTUD and Redirect * Ilia Sotnikov : Removed TOS from hash calculations + * Luca Saiu : trivial changes for ghostification support + * Roudiere Jonathan : ghost support to rtnetlink + * function, ghost bugfix (field) in rt_cache_seq_show * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -108,6 +111,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define RT_FL_TOS(oldflp) \ ((u32)(oldflp->fl4_tos & (IPTOS_RT_MASK | RTO_ONLINK))) @@ -375,6 +383,14 @@ "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t" "HHUptod\tSpecDst"); else { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Dont't display informations about ghost ifaces, bf */ + if(is_a_ghost_interface_name((const char*)((struct rtable*)v)->u.dst.dev->name)) { + ghost_ptk("Don't display routing informations about ghost interface (%s)", + ((const char*)((struct rtable*)v)->u.dst.dev->name)); + return 0; + } +#endif /* CONFIG_GHOSTIFICATION */ struct rtable *r = v; int len; @@ -392,11 +408,11 @@ r->fl.fl4_tos, r->u.dst.hh ? atomic_read(&r->u.dst.hh->hh_refcnt) : -1, r->u.dst.hh ? (r->u.dst.hh->hh_output == - dev_queue_xmit) : 0, + dev_queue_xmit) : 0, r->rt_spec_dst, &len); seq_printf(seq, "%*s\n", 127 - len, ""); - } + } return 0; } @@ -2835,8 +2851,13 @@ r->rtm_src_len = 32; NLA_PUT_BE32(skb, RTA_SRC, rt->fl.fl4_src); } - if (rt->u.dst.dev) + if (rt->u.dst.dev) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) */ + ghost_develmsg("Net device is = %s ",rt->u.dst.dev->name); +#endif NLA_PUT_U32(skb, RTA_OIF, rt->u.dst.dev->ifindex); + } #ifdef CONFIG_NET_CLS_ROUTE if (rt->u.dst.tclassid) NLA_PUT_U32(skb, RTA_FLOW, rt->u.dst.tclassid); @@ -2919,7 +2940,7 @@ err = -ENOBUFS; goto errout; } - + /* Reserve room for dummy headers, this skb can pass through good chunk of routing engine. */ @@ -2941,6 +2962,17 @@ if (dev == NULL) { err = -ENODEV; goto errout_free; + +#ifdef CONFIG_GHOSTIFICATION + ghost_debugmsg("Net device is %s ", dev->name); + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get a route involving a ghostified " + "interface (%s), skip", dev->name); + err = -ENODEV; + goto errout_free; + } +#endif /* CONFIG_GHOSTIFICATION */ } skb->protocol = htons(ETH_P_IP); @@ -2973,6 +3005,22 @@ if (rtm->rtm_flags & RTM_F_NOTIFY) rt->rt_flags |= RTCF_NOTIFY; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't allow get ops for route + involving a ghostified interface, unnecessary test ..(rt) */ + if (rt) { + if (rt->u.dst.dev) { + ghost_debugmsg("Net device is %s ",rt->u.dst.dev->name); + if (is_a_ghost_interface_name(rt->u.dst.dev->name)) { + ghost_ptk("Try to get a route involving a ghostified " + "interface (%s), skip", + rt->u.dst.dev->name); + err = -ENETUNREACH; + goto errout_free; + } + } + } +#endif /* CONFIG_GHOSTIFICATION */ err = rt_fill_info(net, skb, NETLINK_CB(in_skb).pid, nlh->nlmsg_seq, RTM_NEWROUTE, 0, 0); if (err <= 0) @@ -2987,6 +3035,8 @@ goto errout; } +/* (ghost support) maybe it will be necessary to modify +this func which is call in fib_frontend.c */ int ip_rt_dump(struct sk_buff *skb, struct netlink_callback *cb) { struct rtable *rt; diff -rNuad linux-2.6.32/net/ipv6/addrconf.c linux-2.6.32-ghost/net/ipv6/addrconf.c --- linux-2.6.32/net/ipv6/addrconf.c 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/net/ipv6/addrconf.c 2009-12-05 12:34:40.000000000 +0100 @@ -36,6 +36,9 @@ * YOSHIFUJI Hideaki @USAGI : improved source address * selection; consider scope, * status etc. + * Luca Saiu : ghostification support + * Roudiere Jonathan : ghost + * modify functions using (rt)netlink */ #include @@ -81,6 +84,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include #include @@ -448,6 +456,86 @@ return idev; } +/* + * (ghost support) Support to hide snmp6 proc infos. + */ +#ifdef CONFIG_GHOSTIFICATION +/* Utility procedure, needed for {show,hide}_proc_net_dev_snmp6_DEVICE_if_needed(). + Return a pointer to a valid inet6_dev structure on success, NULL on failure: */ +static struct inet6_dev* lookup_snmp6_device(const char *interface_name) +{ + struct net_device *device; + struct inet6_dev *idev; + + /* Lookup the device by name, obtaining an inet6_dev structure: */ + device = dev_get_by_name(&init_net, interface_name); + if(device == NULL) + return NULL; + rtnl_lock(); + idev = ipv6_find_idev(device); + rtnl_unlock(); + return idev; +} + +/* These are defined in net/ipv6/proc.c: */ +extern struct proc_dir_entry *proc_net_devsnmp6; +extern struct file_operations snmp6_seq_fops; + +/* Remove the virtual file /proc/net/dev_snmp6/DEVICE, unless + it's already hidden. Return 0 on success, nonzero on error: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name) +{ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + ghost_ptk("Hiding /proc/net/dev_snmp6/%s...", interface_name); + if(idev == NULL) /* lookup failed */ + return -EINVAL; + + /* Remove the proc/ entry, if any. If there was no entry + then remove_proc_entry() will fail, but it's ok for us: */ +#ifdef CONFIG_PROC_FS + if (!proc_net_devsnmp6) + return -ENOENT; + if (idev->stats.proc_dir_entry == NULL) + return -EINVAL; + remove_proc_entry(interface_name, proc_net_devsnmp6); +#endif /* CONFIG_PROC_FS */ + return 0; + //return snmp6_unregister_dev(idev); +} + +/* Create the virtual file /proc/net/dev_snmp6/DEVICE, unless + it's already shown. Return 0 on success, nonzero on error: */ +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name) +{ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + struct proc_dir_entry *proc_directory_entry; + ghost_ptk("Showing /proc/net/dev_snmp6/%s...", + interface_name); + if(idev == NULL) /* lookup failed */ + return -EINVAL; + if(idev->dev == NULL) /* I doubt this may happen... */ + return -EINVAL; +#ifdef CONFIG_PROC_FS + if(!proc_net_devsnmp6) /* there isn't any /proc/net/dev_snmp6 */ + return -ENOENT; + if((proc_directory_entry = create_proc_entry(interface_name, + S_IRUGO, proc_net_devsnmp6)) == NULL) + return -ENOMEM; + proc_directory_entry->data = idev; + proc_directory_entry->proc_fops = &snmp6_seq_fops; + idev->stats.proc_dir_entry = proc_directory_entry; +#endif /* CONFIG_PROC_FS */ + return 0; + /* return snmp6_register_dev(idev); */ +} +EXPORT_SYMBOL(show_proc_net_dev_snmp6_DEVICE_if_needed); +EXPORT_SYMBOL(hide_proc_net_dev_snmp6_DEVICE_if_needed); +#endif /* CONFIG_GHOSTIFICATION */ + +/* + * End of ghostification support + */ + #ifdef CONFIG_SYSCTL static void dev_forward_change(struct inet6_dev *idev) { @@ -2155,6 +2243,10 @@ return PTR_ERR(ifp); } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_addr_del(struct net *net, int ifindex, struct in6_addr *pfx, unsigned int plen) { @@ -2169,6 +2261,15 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to delete address on a ghostified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + if ((idev = __in6_dev_get(dev)) == NULL) return -ENXIO; @@ -3000,6 +3101,22 @@ static int if6_seq_show(struct seq_file *seq, void *v) { struct inet6_ifaddr *ifp = (struct inet6_ifaddr *)v; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information about ghost interfaces */ + if (is_a_ghost_interface_name(ifp->idev->dev->name)) { + ghost_ptk("Don't show informations about a ghostified " + "interface (%s) under /proc.", + ifp->idev->dev->name); + } else { + seq_printf(seq, "%pi6 %02x %02x %02x %02x %8s\n", + &ifp->addr, + ifp->idev->dev->ifindex, + ifp->prefix_len, + ifp->scope, + ifp->flags, + ifp->idev->dev->name); + } +#else seq_printf(seq, "%pi6 %02x %02x %02x %02x %8s\n", &ifp->addr, ifp->idev->dev->ifindex, @@ -3007,6 +3124,8 @@ ifp->scope, ifp->flags, ifp->idev->dev->name); +#endif /* CONFIG_GHOSTIFICATION */ + return 0; } @@ -3214,6 +3333,10 @@ [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) }, }; +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { @@ -3231,7 +3354,9 @@ pfx = extract_addr(tb[IFA_ADDRESS], tb[IFA_LOCAL]); if (pfx == NULL) return -EINVAL; - + /* (ghost support) we could/should stop here a request involving a + ghostified interface but inet6_addr_del already do a part of our work + (get dev etc ..) so instead we modify inet6_addr_del */ return inet6_addr_del(net, ifm->ifa_index, pfx, ifm->ifa_prefixlen); } @@ -3280,6 +3405,10 @@ return 0; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { @@ -3317,6 +3446,15 @@ if (dev == NULL) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to add a address to a ghostified interface (%s). Failing.", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + /* We ignore other flags so far. */ ifa_flags = ifm->ifa_flags & (IFA_F_NODAD | IFA_F_HOMEADDRESS); @@ -3485,6 +3623,12 @@ ANYCAST_ADDR, }; +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc; + * inet6_dump_addr is called by inet6_dump_{ifaddr,ifmcaddr,ifacaddr} + * and call the appropriate inet6_fill_* function. + */ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb, enum addr_type_t type) { @@ -3510,6 +3654,17 @@ ip_idx = 0; if ((idev = in6_dev_get(dev)) == NULL) goto cont; + +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get infos about addresses of a ghostified interface (%s), skip.", + dev->name); + goto cont; + /* return -ENODEV; don't use it */ + } +#endif /* CONFIG_GHOSTIFICATION */ + read_lock_bh(&idev->lock); switch (type) { case UNICAST_ADDR: @@ -3581,7 +3736,6 @@ return inet6_dump_addr(skb, cb, type); } - static int inet6_dump_ifacaddr(struct sk_buff *skb, struct netlink_callback *cb) { enum addr_type_t type = ANYCAST_ADDR; @@ -3589,6 +3743,10 @@ return inet6_dump_addr(skb, cb, type); } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_getaddr(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) { @@ -3615,6 +3773,17 @@ if (ifm->ifa_index) dev = __dev_get_by_index(net, ifm->ifa_index); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (dev) { + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get address of a ghostified interface (%s), skip.", + dev->name); + return -ENODEV; + } + } +#endif /* CONFIG_GHOSTIFICATION */ + if ((ifa = ipv6_get_ifaddr(net, addr, dev, 1)) == NULL) { err = -EADDRNOTAVAIL; goto errout; @@ -3823,6 +3992,10 @@ return -EMSGSIZE; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb) { struct net *net = sock_net(skb->sk); @@ -3834,6 +4007,14 @@ read_lock(&dev_base_lock); idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to dump address infos about a ghostified interface (%s), skip.", + dev->name); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if ((idev = in6_dev_get(dev)) == NULL) @@ -3861,7 +4042,6 @@ skb = nlmsg_new(inet6_if_nlmsg_size(), GFP_ATOMIC); if (skb == NULL) goto errout; - err = inet6_fill_ifinfo(skb, idev, 0, 0, event, 0); if (err < 0) { /* -EMSGSIZE implies BUG in inet6_if_nlmsg_size() */ diff -rNuad linux-2.6.32/net/ipv6/ip6_fib.c linux-2.6.32-ghost/net/ipv6/ip6_fib.c --- linux-2.6.32/net/ipv6/ip6_fib.c 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/net/ipv6/ip6_fib.c 2009-12-05 12:34:40.000000000 +0100 @@ -269,6 +269,8 @@ #endif +/* (ghost support) iterate on net device, don't modify this function, +we can return ENODEV here, user-space tools (as ip) dump iface list before */ static int fib6_dump_node(struct fib6_walker_t *w) { int res; @@ -314,7 +316,6 @@ { struct fib6_walker_t *w; int res; - w = (void *)cb->args[2]; w->root = &table->tb6_root; diff -rNuad linux-2.6.32/net/ipv6/Kconfig linux-2.6.32-ghost/net/ipv6/Kconfig --- linux-2.6.32/net/ipv6/Kconfig 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/net/ipv6/Kconfig 2009-12-05 12:34:40.000000000 +0100 @@ -4,8 +4,8 @@ # IPv6 as module will cause a CRASH if you try to unload it menuconfig IPV6 - tristate "The IPv6 protocol" - default m + bool "The IPv6 protocol" + default y ---help--- This is complemental support for the IP version 6. You will still be able to do traditional IPv4 networking as well. @@ -16,6 +16,10 @@ For specific information about IPv6 under Linux, read the HOWTO at . + Ghostification notes: + ===================== + IPV6 can not be built in module with ghost support. + To compile this protocol support as a module, choose M here: the module will be called ipv6. @@ -68,7 +72,7 @@ If unsure, say N. config INET6_AH - tristate "IPv6: AH transformation" + bool "IPv6: AH transformation" select XFRM select CRYPTO select CRYPTO_HMAC @@ -80,7 +84,7 @@ If unsure, say Y. config INET6_ESP - tristate "IPv6: ESP transformation" + bool "IPv6: ESP transformation" select XFRM select CRYPTO select CRYPTO_AUTHENC @@ -95,7 +99,7 @@ If unsure, say Y. config INET6_IPCOMP - tristate "IPv6: IPComp transformation" + bool "IPv6: IPComp transformation" select INET6_XFRM_TUNNEL select XFRM_IPCOMP ---help--- @@ -105,7 +109,7 @@ If unsure, say Y. config IPV6_MIP6 - tristate "IPv6: Mobility (EXPERIMENTAL)" + bool "IPv6: Mobility (EXPERIMENTAL)" depends on EXPERIMENTAL select XFRM ---help--- @@ -114,16 +118,16 @@ If unsure, say N. config INET6_XFRM_TUNNEL - tristate + bool select INET6_TUNNEL default n config INET6_TUNNEL - tristate + bool default n config INET6_XFRM_MODE_TRANSPORT - tristate "IPv6: IPsec transport mode" + bool "IPv6: IPsec transport mode" default IPV6 select XFRM ---help--- @@ -132,7 +136,7 @@ If unsure, say Y. config INET6_XFRM_MODE_TUNNEL - tristate "IPv6: IPsec tunnel mode" + bool "IPv6: IPsec tunnel mode" default IPV6 select XFRM ---help--- @@ -141,7 +145,7 @@ If unsure, say Y. config INET6_XFRM_MODE_BEET - tristate "IPv6: IPsec BEET mode" + bool "IPv6: IPsec BEET mode" default IPV6 select XFRM ---help--- @@ -150,14 +154,14 @@ If unsure, say Y. config INET6_XFRM_MODE_ROUTEOPTIMIZATION - tristate "IPv6: MIPv6 route optimization mode (EXPERIMENTAL)" + bool "IPv6: MIPv6 route optimization mode (EXPERIMENTAL)" depends on EXPERIMENTAL select XFRM ---help--- Support for MIPv6 route optimization mode. config IPV6_SIT - tristate "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" + bool "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" select INET_TUNNEL select IPV6_NDISC_NODETYPE default y @@ -174,7 +178,7 @@ bool config IPV6_TUNNEL - tristate "IPv6: IP-in-IPv6 tunnel (RFC2473)" + bool "IPv6: IP-in-IPv6 tunnel (RFC2473)" select INET6_TUNNEL ---help--- Support for IPv6-in-IPv6 and IPv4-in-IPv6 tunnels described in diff -rNuad linux-2.6.32/net/ipv6/mcast.c linux-2.6.32-ghost/net/ipv6/mcast.c --- linux-2.6.32/net/ipv6/mcast.c 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/net/ipv6/mcast.c 2009-12-05 12:34:40.000000000 +0100 @@ -24,6 +24,10 @@ * - MLD for link-local addresses. * David L Stevens : * - MLDv2 support + * Luca Saiu : + * - trivial changes for ghostification support + * Roudiere Jonathan + * - trivial changes to correct an forgetting */ #include @@ -61,6 +65,11 @@ #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Set to 3 to get tracing... */ #define MCAST_DEBUG 2 @@ -2458,6 +2467,20 @@ struct ifmcaddr6 *im = (struct ifmcaddr6 *)v; struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information about ghost interfaces */ + if(! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp6 information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, + "%-4d %-15s %pi6 %5d %08X %ld\n", + state->dev->ifindex, state->dev->name, + &im->mca_addr, + im->mca_users, im->mca_flags, + (im->mca_flags&MAF_TIMER_RUNNING) ? + jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); + } +#else seq_printf(seq, "%-4d %-15s %pi6 %5d %08X %ld\n", state->dev->ifindex, state->dev->name, @@ -2465,6 +2488,7 @@ im->mca_users, im->mca_flags, (im->mca_flags&MAF_TIMER_RUNNING) ? jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); +#endif /* CONFIG_GHOSTIFICATION */ return 0; } @@ -2619,6 +2643,20 @@ "Device", "Multicast Address", "Source Address", "INC", "EXC"); } else { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if (! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp6 information in /proc" + " about ghostified interfaces (2)."); + seq_printf(seq, + "%3d %6.6s %pi6 %pi6 %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + &state->im->mca_addr, + &psf->sf_addr, + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); + } +#else seq_printf(seq, "%3d %6.6s %pi6 %pi6 %6lu %6lu\n", state->dev->ifindex, state->dev->name, @@ -2626,6 +2664,7 @@ &psf->sf_addr, psf->sf_count[MCAST_INCLUDE], psf->sf_count[MCAST_EXCLUDE]); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; } diff -rNuad linux-2.6.32/net/ipv6/proc.c linux-2.6.32-ghost/net/ipv6/proc.c --- linux-2.6.32/net/ipv6/proc.c 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/net/ipv6/proc.c 2009-12-05 12:34:40.000000000 +0100 @@ -9,6 +9,8 @@ * * Authors: David S. Miller (davem@caip.rutgers.edu) * YOSHIFUJI Hideaki + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -29,6 +31,16 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include + +/* (ghost support) We don't want this to be static, as it has to + be read at ghostifying and unghostifying time */ +struct proc_dir_entry *proc_net_devsnmp6; +EXPORT_SYMBOL(proc_net_devsnmp6); +#endif /* CONFIG_GHOSTIFICATION */ + static int sockstat6_seq_show(struct seq_file *seq, void *v) { struct net *net = seq->private; @@ -200,6 +212,18 @@ return single_open_net(inode, file, snmp6_seq_show); } +/* (ghost support) This was originally static, +but we need to make it visible */ +#ifdef CONFIG_GHOSTIFICATION +struct file_operations snmp6_seq_fops = { + .owner = THIS_MODULE, + .open = snmp6_seq_open, + .read = seq_read, + .llseek = seq_lseek, + .release = single_release, +}; +EXPORT_SYMBOL(snmp6_seq_fops); +#else static const struct file_operations snmp6_seq_fops = { .owner = THIS_MODULE, .open = snmp6_seq_open, @@ -207,6 +231,7 @@ .llseek = seq_lseek, .release = single_release_net, }; +#endif /* CONFIG_GHOSTIFICATION */ static int snmp6_dev_seq_show(struct seq_file *seq, void *v) { diff -rNuad linux-2.6.32/net/ipv6/route.c linux-2.6.32-ghost/net/ipv6/route.c --- linux-2.6.32/net/ipv6/route.c 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/net/ipv6/route.c 2009-12-05 12:34:40.000000000 +0100 @@ -22,6 +22,10 @@ * reachable. otherwise, round-robin the list. * Ville Nuorvala * Fixed routing subtrees. + * Luca Saiu + * trivial changes for ghostification support + * Roudiere Jonathan + * ghostification support update, modify functions using netlink */ #include @@ -60,6 +64,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Set to 3 to get tracing. */ #define RT6_DEBUG 2 @@ -1115,10 +1124,6 @@ return hoplimit; } -/* - * - */ - int ip6_route_add(struct fib6_config *cfg) { int err; @@ -1830,6 +1835,8 @@ struct in6_rtmsg rtmsg; int err; + /* (ghost support) don't make any change, changes + have been made later for ioctl request */ switch(cmd) { case SIOCADDRT: /* Add a route */ case SIOCDELRT: /* Delete a route */ @@ -2133,26 +2140,84 @@ return err; } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc. + */ static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) { struct fib6_config cfg; int err; - err = rtm_to_fib6_config(skb, nlh, &cfg); - if (err < 0) - return err; +#ifdef CONFIG_GHOSTIFICATION + struct net *net = NULL; + struct net_device *dev = NULL; + + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; + + /* (ghost support) get the net struct through sock struct */ + net = sock_net(skb->sk); + if(!net) + return ip6_route_del(&cfg); /* do that or exit on error ... */ + /* (ghost support) get the net_device struct through fib6_config */ + dev = dev_get_by_index(net, cfg.fc_ifindex); + if(!dev) + return ip6_route_del(&cfg); /* do that or exit on error ... */ + /* (ghost support) ok we know the device name so if it + is a ghostified interface, return device not exist */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to del route involving a ghostified interface (%s). Failing", + dev->name); + return -ENODEV; + } +#else + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; +#endif /* CONFIG_GHOSTIFICATION */ return ip6_route_del(&cfg); } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc. + */ static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) { struct fib6_config cfg; int err; +#ifdef CONFIG_GHOSTIFICATION + struct net *net = NULL; + struct net_device *dev = NULL; + err = rtm_to_fib6_config(skb, nlh, &cfg); if (err < 0) return err; + + /* (ghost support) get the net struct through sock struct */ + net = sock_net(skb->sk); + if(!net) + return ip6_route_add(&cfg); /* do that or exit on error ... */ + /* (ghost support) get the net_device struct through fib6_config */ + dev = dev_get_by_index(net, cfg.fc_ifindex); + if(!dev) + return ip6_route_add(&cfg); /* do that or exit on error ... */ + /* (ghost support) ok we know the device name so if it is + a ghostified interface, return device not exist */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to add route involving a ghostified interface (%s). Failing.", + dev->name); + return -ENODEV; + } +#else + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; +#endif /* CONFIG_GHOSTIFICATION */ return ip6_route_add(&cfg); } @@ -2172,6 +2237,10 @@ + nla_total_size(sizeof(struct rta_cacheinfo)); } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc + */ static int rt6_fill_node(struct net *net, struct sk_buff *skb, struct rt6_info *rt, struct in6_addr *dst, struct in6_addr *src, @@ -2183,6 +2252,19 @@ long expires; u32 table; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("rtnetlink msg type %i, pid %i and seq %i", + type, pid, seq); + /* (ghost support) this function is called by by rt6_dump_route, and + inet6_rtm_get_route and inet6_rt_notify, test if it is a kernel request*/ + if (rt->rt6i_dev->name) + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Try to get/notify route infos about a " + "ghostified interface (%s), skip.", + rt->rt6i_dev->name); + return 1; + } +#endif /* CONFIG_GHOSTIFICATION */ if (prefix) { /* user wants prefix routes only */ if (!(rt->rt6i_flags & RTF_PREFIX_RT)) { /* success since this is not a prefix route */ @@ -2290,10 +2372,26 @@ return -EMSGSIZE; } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc, + */ int rt6_dump_route(struct rt6_info *rt, void *p_arg) { struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg; int prefix; + +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg(" rtnetlink mesg %i, pid %i and seq %i", + arg->cb->nlh->nlmsg_type, arg->cb->nlh->nlmsg_pid, arg->cb->nlh->nlmsg_seq); + /* if (rt->rt6i_dev) + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Try to dump route infos about a ghostified interface (%s), skip", + rt->rt6i_dev->name); + return -ENODEV; errro maybe come from here, modify instead + rt6_fill_node which has multiple callers + } */ +#endif /* CONFIG_GHOSTIFICATION */ if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) { struct rtmsg *rtm = nlmsg_data(arg->cb->nlh); @@ -2307,6 +2405,8 @@ prefix, 0, NLM_F_MULTI); } +/* (ghost support) Don't make changes here, function +rt6_fill_node has been modified instead */ static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) { struct net *net = sock_net(in_skb->sk); @@ -2452,6 +2552,17 @@ { struct seq_file *m = p_arg; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Do nothing if this route involves a + ghostified interface */ + if(rt->rt6i_dev != NULL) /* can't use &&: evaluation order is undefined */ + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Don't show any informations under /proc/net" + "involving a ghostified interface (%s)", + rt->rt6i_dev->name); + return 0; + } +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(m, "%pi6 %02x ", &rt->rt6i_dst.addr, rt->rt6i_dst.plen); #ifdef CONFIG_IPV6_SUBTREES diff -rNuad linux-2.6.32/net/Kconfig linux-2.6.32-ghost/net/Kconfig --- linux-2.6.32/net/Kconfig 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/net/Kconfig 2009-12-05 12:34:40.000000000 +0100 @@ -179,6 +179,105 @@ source "net/decnet/netfilter/Kconfig" source "net/bridge/netfilter/Kconfig" +config GHOSTIFICATION_NETFILTER + bool "Ghostification support to netfilter" + depends on GHOSTIFICATION && NETFILTER_ADVANCED + default y + help + Ghostification support to Netfilter. Allow to bypass all + Netfilter's hooks (INPUT, OUTPUT, FORWARD, POSTROUTING and + PREROUTING (when available)) and that for all layer or protocol: + ARP, Bridge, IPv4, IPv6 (and Decnet) or just for one protocol + or layer. + If you choose to activate the Ghostification of Netfilter then + all the network packets which come from, or go to an ghostified + interface will not get through the hooks of Netfilter; so rules + which have been created with Iptables, Ip6tables, Arptables or + Ebtables will have no effect on these packets. + Note: This option allows you to have access to the options of + configuration of the Ghostification of Netfilter but it activates + no section of code; you will thus need to select one or some + among those this below. + +config GHOSTIFICATION_NETFILTER_ALL + bool "Ghostification support to netfilter, skip all hooks" + depends on GHOSTIFICATION_NETFILTER + default y + help + Netfiter Ghostification support for all protocols/layers. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass + Netfilter's hooks; thus any actions or rules which have been + created through Iptables, Ip6tables, Arptables or Ebtables + will not have any effect on this packets. + +config GHOSTIFICATION_NETFILTER_ARP + bool "Ghostification support to netfilter, skip ARP hooks" + depends on GHOSTIFICATION_NETFILTER && IP_NF_ARPTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the ARP protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass Arp + hooks of Netfilter; thus the rules which have been created + with the Arptables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_BRIDGE + bool "Ghostification support to netfilter, skip Bridge hooks" + depends on GHOSTIFICATION_NETFILTER && BRIDGE_NF_EBTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the Bridge protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass Bridge + hooks of Netfilter; thus the rules which have been created + with the Ebtables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_IPV4 + bool "Ghostification support to netfilter, skip IPv4 hooks" + depends on GHOSTIFICATION_NETFILTER && !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the IPv4 protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass IPv4 + hooks of Netfilter; thus the rules which have been created + with the Iptables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_IPV6 + bool "Ghostification support to netfilter, skip IPv6 hooks" + depends on GHOSTIFICATION_NETFILTER && IP6_NF_IPTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the IPv6 protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass IPv6 + hooks of Netfilter; thus the rules which have been created + with the Ip6tables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + endif source "net/dccp/Kconfig" @@ -276,4 +375,93 @@ source "net/rfkill/Kconfig" source "net/9p/Kconfig" +config GHOSTIFICATION + bool "Ghostification support" + depends on INET + default y + help + Ghostification support allow you to hide network interfaces + on your system. Ghostify and Unghostify are the actions which + make dynamically invisible and visible a network interface/cards + (eth0, lo, tun, ...) for the userspace. + When a network interface is ghostified, users of your system + can not see it with userspace tools like ifconfig, route, iproute, + netstat and/or have statistics about it. However even if a network + interface is ghostified it is always possible to open a socket + using the Ip address of this interface, ping this interface or + any host connected to the same network remains possible; has the + opposite, it is not possible to sniff packets on a ghostified + interface with userspace tools like tcpdump, wireshark, ... + Informations about a ghostified interface are hidden under /proc + but they can be find under /sys, it is a limit of the ghostification + patch. + For more informations about Ghostification patch and engine see + the README of the tarball that you have used or go to website of + the Marionnet project at . + + +config GHOSTIFICATION_NUM + int "Ghostification support : max number of possible ghostified interface" + depends on GHOSTIFICATION + range 4 32 + default 8 + help + Here you can choose the number of network interfaces that + you will be allowed to ghostify. This number must be between + 4 and 32. + +config GHOSTIFICATION_MESG + bool "Ghostification messages, display, debug and devel" + depends on GHOSTIFICATION + default y + help + Ghostification messages configuration. This option allow + you to have acces to the options which configure and control + the type of messages that you want the ghostification engine + diplay (visible through syslogd). + There are three options which make more or less verbose the + ghostification engine. You can choose to not select any + options below if you want to try to hide the ghostification + operations for the users of your system. + Note: This option allows you to have access to the options + which control the number of messages and the verbosity of + the Ghostification engine but it activates no section of + code; you will thus need to select one or some among those + this below. + +config GHOSTIFICATION_PRINTK + bool "Ghostification, messages to monitor ghost operations" + depends on GHOSTIFICATION_MESG + default y + help + This option allow you to activate normal messsages from the + ghostification engine, those messages are display through a + simple printk (visible through syslogd), this messages allow + to have informations about the ghost operations (like "the + interface ethX has been ghostified", "unghostified", "is already + ghostified", etc ...). If you really wish to hide ghostified + interfaces and ghost operations for the users of your system + don't select this option. + +config GHOSTIFICATION_DEBUG + bool "Ghostification, debugging messages to monitor ghost operations" + depends on GHOSTIFICATION_MESG + help + This option increase the verbosity of the ghostification engine, + allow to get more informations in order to debug the ghost ops. + This option is in general used to verify the result of a test or + to display the datas (interface name, pid of a calling process, ...) + which are treated by the ghost engine. + +config GHOSTIFICATION_DEVEL + bool "Ghostification, helping messages to trace ghost operations (devel)" + depends on GHOSTIFICATION_MESG + help + This option give more informations that the option above, it is use + by developer of the ghostification patch in order to control some + paths used in the kernel code and the datas which are manipulated. + This option is a little redundant with the debug option but allow + to have a better granularity, maybe it will be remove for the next + release of the ghostification patch. + endif # if NET diff -rNuad linux-2.6.32/net/netfilter/core.c linux-2.6.32-ghost/net/netfilter/core.c --- linux-2.6.32/net/netfilter/core.c 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/net/netfilter/core.c 2009-12-05 12:34:40.000000000 +0100 @@ -5,6 +5,8 @@ * way. * * Rusty Russell (C)2000 -- This code is GPL. + * Little change by Jonathan Roudiere to add + * Ghostification support (bypass netfilter for ghost interface). */ #include #include @@ -22,6 +24,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "nf_internals.h" static DEFINE_MUTEX(afinfo_mutex); @@ -59,7 +66,6 @@ { struct nf_hook_ops *elem; int err; - err = mutex_lock_interruptible(&nf_hook_mutex); if (err < 0) return err; @@ -169,7 +175,158 @@ rcu_read_lock(); elem = &nf_hooks[pf][hook]; + next_hook: + /* + * (ghost support) Netfilter ghostification support. + * Perform too much tests here is not a good idea because all + * network packets pass through this section but we have + * not other choice to skip netfilter hooks (per hook). + */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER + /* + * Bypass all Netfilter hooks (for ipv4/6, arp, bridge) for any + * ghostified interface (eq. to return NF_ACCEPT for each packet which + * go through an interface which is ghostified (do that at hook level + * in order to skip all chains's rules hang on the hooks)) + */ + + /* don't use ghost_debugmsg macro in this section + because it may introduce too much delay */ + ghost_develmsg("Enter in hook (pf=%i) (hook=%i) from indev->name = " + "%s to outdev->name = %s", pf, hook, indev->name, outdev->name); + +/* If we wish to skip all netfilter hooks for all PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ALL + /* + * outdev->name field is defined in OUTPUT, FORWARD and POSTROUTING hooks, + * if it is a ghostified interface then we must bypass netfilter hooks + * (and all rules chains), we start here (with outdev) to bypass netfilter's + * hooks in the case where we are in FORWARD. + */ + if ((outdev->name) != NULL) { + if (!is_a_ghost_interface_name(outdev->name)) { + ghost_develmsg("(outdev->name) = %s is not a ghostfied interface", + (outdev->name)); + goto apply_hook; + } else { + ghost_develmsg("(outdev->name) = %s is a ghostfied interface", + (outdev->name)); + ret = 1; + goto unlock; + } + } + /* + * indev->name field is defined in PREROUTING, FORWARD and INPUT hooks, + * if it is a ghostified interface then we must bypass netfilter hooks + * (and all rules chains), if we are in FORWARD hook and outdev/indev->name + * is not a ghostified interface then we can go towards hooks. + */ + if ((indev->name) != NULL) { + if (!is_a_ghost_interface_name(indev->name)) { + ghost_develmsg("(indev->name) = %s is not a ghostfied interface", + (indev->name)); + goto apply_hook; + } else { + ghost_develmsg("(indev->name) = %s is a ghostfied interface", + (indev->name)); + ret = 1; + goto unlock; + } + } + +/* + * If GHOSTIFICATION_NETFILTER_ALL is not defined neither any + * GHOSTIFICATION_NETFILTER_PF then we 'll skip all this code chunk. + * (about performance, choose to skip netfilter just for certains PF + * is the most bad things we can do, but ...) + */ +#elif (defined(CONFIG_GHOSTIFICATION_NETFILTER_IPV4) || defined(CONFIG_GHOSTIFICATION_NETFILTER_IPV6) || \ + defined(CONFIG_GHOSTIFICATION_NETFILTER_ARP) || defined(CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE)) + /* Here we have the same logic as previously (in GHOSTIFICATION_NETFILTER_ALL) + but with the ability to choose what are the PFs that we want to skip */ + if ((outdev->name) != NULL) { + if (!is_a_ghost_interface_name(outdev->name)) { + ghost_develmsg("(outdev->name) = %s is not a ghostfied interface", + (outdev->name)); + goto apply_hook; + } else { + ghost_develmsg("(outdev->name) = %s is a ghostfied interface", + (outdev->name)); + /* start with IPv4, IPv6 because they are the most current PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV4 + if (pf == PF_INET) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV4 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV6 + if (pf == PF_INET6) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV6 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ARP + if (pf == NF_ARP) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_ARP */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE + if (pf == PF_BRIDGE) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE */ + /* We arrive here that is because we are not in a PF + that we wish skip so we apply rules chain (for decnet) */ + goto apply_hook; + } + } + if ((indev->name) != NULL) { + if (!is_a_ghost_interface_name(indev->name)) { + ghost_develmsg("(indev->name) = %s is not a ghostfied interface", + (indev->name)); + goto apply_hook; + } else { + ghost_develmsg("(indev->name) = %s is a ghostfied interface", + (indev->name)); + /* start with IPv4, IPv6 because they are the most current PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV4 + if (pf == PF_INET) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV4 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV6 + if (pf == PF_INET6) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV6 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ARP + if (pf == NF_ARP) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_ARP */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE + if (pf == PF_BRIDGE) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE */ + /* We arrive here that is because we are not in a PF + that we wish skip so we apply rules chain (for decnet) */ + goto apply_hook; + } + } + +#endif /* CONFIG_GHOSTIFICATION_ALL */ +apply_hook: +#endif /* CONFIG_GHOSTIFICATION_NETFILTER */ +/* (ghost support) End of ghostification support */ + verdict = nf_iterate(&nf_hooks[pf][hook], skb, hook, indev, outdev, &elem, okfn, hook_thresh); if (verdict == NF_ACCEPT || verdict == NF_STOP) { @@ -182,6 +339,9 @@ verdict >> NF_VERDICT_BITS)) goto next_hook; } +#ifdef CONFIG_GHOSTIFICATION_NETFILTER +unlock: +#endif rcu_read_unlock(); return ret; } diff -rNuad linux-2.6.32/net/packet/af_packet.c linux-2.6.32-ghost/net/packet/af_packet.c --- linux-2.6.32/net/packet/af_packet.c 2009-12-03 04:51:21.000000000 +0100 +++ linux-2.6.32-ghost/net/packet/af_packet.c 2009-12-05 12:55:15.000000000 +0100 @@ -8,6 +8,7 @@ * Authors: Ross Biro * Fred N. van Kempen, * Alan Cox, + * Luca Saiu : Trivial changes for ghostification * * Fixes: * Alan Cox : verify_area() now used correctly @@ -84,6 +85,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Assumptions: - if device has no dev->hard_header routine, it adds and removes ll header @@ -548,6 +554,18 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Drop packets involving ghost interfaces: + * we don't want the user to be able to sniff them + */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Drop a packet which is going through a ghostified interface (rcv)"); + goto drop; + } +#endif /* CONFIG_GHOSTIFICATION */ + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -670,6 +688,18 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Drop packets involving ghost interfaces: + * we don't want the user to be able to sniff them. + */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Drop a packet which is going through a ghostified interface (trcv)"); + goto drop; + } +#endif /* CONFIG_GHOSTIFICATION */ + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -2415,17 +2445,38 @@ struct sock *s = v; const struct packet_sock *po = pkt_sk(s); +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Don't show packets involving ghost devices + */ + struct net_device *net_device = dev_get_by_index(sock_net(s), po->ifindex); + if(! is_a_ghost_interface_name(net_device->name)) { + ghost_debugmsg("Don't show packets involving ghostified interface"); + seq_printf(seq, + "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", + s, + atomic_read(&s->sk_refcnt), + s->sk_type, + ntohs(po->num), + po->ifindex, + po->running, + atomic_read(&s->sk_rmem_alloc), + sock_i_uid(s), + sock_i_ino(s) ); + } +#else seq_printf(seq, - "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", - s, - atomic_read(&s->sk_refcnt), - s->sk_type, - ntohs(po->num), - po->ifindex, - po->running, - atomic_read(&s->sk_rmem_alloc), - sock_i_uid(s), - sock_i_ino(s)); + "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", + s, + atomic_read(&s->sk_refcnt), + s->sk_type, + ntohs(po->num), + po->ifindex, + po->running, + atomic_read(&s->sk_rmem_alloc), + sock_i_uid(s), + sock_i_ino(s) ); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/CONFIG-2.6.31_x86_640000644000175000017500000005561013175722671024274 0ustar lucaslucas# # Automatically generated make config: don't edit # Linux kernel version: 2.6.31 # Fri Nov 27 10:21:19 2009 # CONFIG_DEFCONFIG_LIST="arch/$ARCH/defconfig" CONFIG_GENERIC_HARDIRQS=y CONFIG_UML=y CONFIG_MMU=y CONFIG_NO_IOMEM=y # CONFIG_TRACE_IRQFLAGS_SUPPORT is not set CONFIG_LOCKDEP_SUPPORT=y # CONFIG_STACKTRACE_SUPPORT is not set CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_TIME=y CONFIG_GENERIC_CLOCKEVENTS=y CONFIG_IRQ_RELEASE_METHOD=y CONFIG_HZ=100 # # UML-specific options # # # Host processor type and features # # CONFIG_M386 is not set # CONFIG_M486 is not set # CONFIG_M586 is not set # CONFIG_M586TSC is not set # CONFIG_M586MMX is not set # CONFIG_M686 is not set # CONFIG_MPENTIUMII is not set # CONFIG_MPENTIUMIII is not set # CONFIG_MPENTIUMM is not set # CONFIG_MPENTIUM4 is not set # CONFIG_MK6 is not set # CONFIG_MK7 is not set CONFIG_MK8=y # CONFIG_MCRUSOE is not set # CONFIG_MEFFICEON is not set # CONFIG_MWINCHIPC6 is not set # CONFIG_MWINCHIP3D is not set # CONFIG_MGEODEGX1 is not set # CONFIG_MGEODE_LX is not set # CONFIG_MCYRIXIII is not set # CONFIG_MVIAC3_2 is not set # CONFIG_MVIAC7 is not set # CONFIG_MPSC is not set # CONFIG_MCORE2 is not set # CONFIG_GENERIC_CPU is not set CONFIG_X86_CPU=y CONFIG_X86_L1_CACHE_BYTES=64 CONFIG_X86_INTERNODE_CACHE_BYTES=64 # CONFIG_X86_CMPXCHG is not set CONFIG_X86_L1_CACHE_SHIFT=6 CONFIG_X86_WP_WORKS_OK=y CONFIG_X86_INTEL_USERCOPY=y CONFIG_X86_USE_PPRO_CHECKSUM=y CONFIG_X86_TSC=y CONFIG_X86_CMOV=y CONFIG_X86_MINIMUM_CPU_FAMILY=3 CONFIG_CPU_SUP_INTEL=y CONFIG_CPU_SUP_AMD=y CONFIG_CPU_SUP_CENTAUR=y CONFIG_UML_X86=y CONFIG_64BIT=y # CONFIG_X86_32 is not set # CONFIG_RWSEM_XCHGADD_ALGORITHM is not set CONFIG_RWSEM_GENERIC_SPINLOCK=y CONFIG_3_LEVEL_PGTABLES=y # CONFIG_ARCH_HAS_SC_SIGNALS is not set # CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA is not set CONFIG_SMP_BROKEN=y CONFIG_GENERIC_HWEIGHT=y # CONFIG_STATIC_LINK is not set CONFIG_SELECT_MEMORY_MODEL=y CONFIG_FLATMEM_MANUAL=y # CONFIG_DISCONTIGMEM_MANUAL is not set # CONFIG_SPARSEMEM_MANUAL is not set CONFIG_FLATMEM=y CONFIG_FLAT_NODE_MEM_MAP=y CONFIG_PAGEFLAGS_EXTENDED=y CONFIG_SPLIT_PTLOCK_CPUS=4 CONFIG_PHYS_ADDR_T_64BIT=y CONFIG_ZONE_DMA_FLAG=0 CONFIG_VIRT_TO_BUS=y CONFIG_HAVE_MLOCK=y CONFIG_HAVE_MLOCKED_PAGE_BIT=y CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 CONFIG_TICK_ONESHOT=y CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y CONFIG_GENERIC_CLOCKEVENTS_BUILD=y CONFIG_LD_SCRIPT_DYN=y CONFIG_BINFMT_ELF=y # CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS is not set # CONFIG_HAVE_AOUT is not set CONFIG_BINFMT_MISC=y CONFIG_HOSTFS=y # CONFIG_HPPFS is not set CONFIG_MCONSOLE=y CONFIG_MAGIC_SYSRQ=y CONFIG_KERNEL_STACK_ORDER=1 # # General setup # CONFIG_EXPERIMENTAL=y CONFIG_BROKEN_ON_SMP=y CONFIG_INIT_ENV_ARG_LIMIT=128 CONFIG_LOCALVERSION="-marionnet-ghost" CONFIG_LOCALVERSION_AUTO=y CONFIG_SWAP=y CONFIG_SYSVIPC=y CONFIG_SYSVIPC_SYSCTL=y CONFIG_POSIX_MQUEUE=y CONFIG_POSIX_MQUEUE_SYSCTL=y CONFIG_BSD_PROCESS_ACCT=y # CONFIG_BSD_PROCESS_ACCT_V3 is not set # CONFIG_TASKSTATS is not set # CONFIG_AUDIT is not set # # RCU Subsystem # CONFIG_CLASSIC_RCU=y # CONFIG_TREE_RCU is not set # CONFIG_PREEMPT_RCU is not set # CONFIG_TREE_RCU_TRACE is not set # CONFIG_PREEMPT_RCU_TRACE is not set CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y CONFIG_LOG_BUF_SHIFT=14 # CONFIG_GROUP_SCHED is not set # CONFIG_CGROUPS is not set CONFIG_SYSFS_DEPRECATED=y CONFIG_SYSFS_DEPRECATED_V2=y # CONFIG_RELAY is not set CONFIG_NAMESPACES=y # CONFIG_UTS_NS is not set # CONFIG_IPC_NS is not set # CONFIG_USER_NS is not set # CONFIG_PID_NS is not set # CONFIG_NET_NS is not set # CONFIG_BLK_DEV_INITRD is not set CONFIG_CC_OPTIMIZE_FOR_SIZE=y CONFIG_SYSCTL=y CONFIG_ANON_INODES=y # CONFIG_EMBEDDED is not set CONFIG_UID16=y CONFIG_SYSCTL_SYSCALL=y CONFIG_KALLSYMS=y CONFIG_KALLSYMS_EXTRA_PASS=y CONFIG_HOTPLUG=y CONFIG_PRINTK=y CONFIG_BUG=y CONFIG_ELF_CORE=y CONFIG_BASE_FULL=y CONFIG_FUTEX=y CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_SHMEM=y CONFIG_AIO=y # # Performance Counters # CONFIG_VM_EVENT_COUNTERS=y # CONFIG_STRIP_ASM_SYMS is not set CONFIG_COMPAT_BRK=y CONFIG_SLAB=y # CONFIG_SLUB is not set # CONFIG_SLOB is not set # CONFIG_PROFILING is not set # CONFIG_MARKERS is not set # # GCOV-based kernel profiling # # CONFIG_SLOW_WORK is not set # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set CONFIG_SLABINFO=y CONFIG_RT_MUTEXES=y CONFIG_BASE_SMALL=0 # CONFIG_MODULES is not set CONFIG_BLOCK=y # CONFIG_BLK_DEV_BSG is not set # CONFIG_BLK_DEV_INTEGRITY is not set # # IO Schedulers # CONFIG_IOSCHED_NOOP=y CONFIG_IOSCHED_AS=y CONFIG_IOSCHED_DEADLINE=y CONFIG_IOSCHED_CFQ=y CONFIG_DEFAULT_AS=y # CONFIG_DEFAULT_DEADLINE is not set # CONFIG_DEFAULT_CFQ is not set # CONFIG_DEFAULT_NOOP is not set CONFIG_DEFAULT_IOSCHED="anticipatory" # CONFIG_FREEZER is not set CONFIG_BLK_DEV=y CONFIG_BLK_DEV_UBD=y # CONFIG_BLK_DEV_UBD_SYNC is not set CONFIG_BLK_DEV_COW_COMMON=y CONFIG_BLK_DEV_LOOP=y CONFIG_BLK_DEV_CRYPTOLOOP=y CONFIG_BLK_DEV_NBD=y # CONFIG_BLK_DEV_RAM is not set # CONFIG_ATA_OVER_ETH is not set # # Character Devices # CONFIG_STDERR_CONSOLE=y CONFIG_STDIO_CONSOLE=y CONFIG_SSL=y CONFIG_NULL_CHAN=y CONFIG_PORT_CHAN=y CONFIG_PTY_CHAN=y CONFIG_TTY_CHAN=y CONFIG_XTERM_CHAN=y # CONFIG_NOCONFIG_CHAN is not set CONFIG_CON_ZERO_CHAN="fd:0,fd:1" CONFIG_CON_CHAN="xterm" CONFIG_SSL_CHAN="pts" CONFIG_UNIX98_PTYS=y CONFIG_LEGACY_PTYS=y # CONFIG_RAW_DRIVER is not set CONFIG_LEGACY_PTY_COUNT=32 # CONFIG_WATCHDOG is not set CONFIG_UML_SOUND=y CONFIG_SOUND=y CONFIG_SOUND_OSS_CORE=y CONFIG_HOSTAUDIO=y # CONFIG_HW_RANDOM is not set CONFIG_UML_RANDOM=y # CONFIG_MMAPPER is not set # # Generic Driver Options # CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y CONFIG_FW_LOADER=y CONFIG_FIRMWARE_IN_KERNEL=y CONFIG_EXTRA_FIRMWARE="" # CONFIG_SYS_HYPERVISOR is not set CONFIG_NET=y # # Networking options # CONFIG_PACKET=y CONFIG_PACKET_MMAP=y CONFIG_UNIX=y CONFIG_XFRM=y CONFIG_XFRM_USER=y # CONFIG_XFRM_SUB_POLICY is not set # CONFIG_XFRM_MIGRATE is not set # CONFIG_XFRM_STATISTICS is not set CONFIG_XFRM_IPCOMP=y CONFIG_NET_KEY=y # CONFIG_NET_KEY_MIGRATE is not set CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_ASK_IP_FIB_HASH=y # CONFIG_IP_FIB_TRIE is not set CONFIG_IP_FIB_HASH=y CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_VERBOSE=y # CONFIG_IP_PNP is not set CONFIG_NET_IPIP=y CONFIG_NET_IPGRE=y CONFIG_NET_IPGRE_BROADCAST=y CONFIG_IP_MROUTE=y # CONFIG_IP_PIMSM_V1 is not set CONFIG_IP_PIMSM_V2=y CONFIG_ARPD=y CONFIG_SYN_COOKIES=y CONFIG_INET_AH=y CONFIG_INET_ESP=y CONFIG_INET_IPCOMP=y CONFIG_INET_XFRM_TUNNEL=y CONFIG_INET_TUNNEL=y CONFIG_INET_XFRM_MODE_TRANSPORT=y CONFIG_INET_XFRM_MODE_TUNNEL=y CONFIG_INET_XFRM_MODE_BEET=y # CONFIG_INET_LRO is not set CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y # CONFIG_TCP_CONG_ADVANCED is not set CONFIG_TCP_CONG_CUBIC=y CONFIG_DEFAULT_TCP_CONG="cubic" # CONFIG_TCP_MD5SIG is not set CONFIG_IPV6=y # CONFIG_IPV6_PRIVACY is not set # CONFIG_IPV6_ROUTER_PREF is not set # CONFIG_IPV6_OPTIMISTIC_DAD is not set # CONFIG_INET6_AH is not set # CONFIG_INET6_ESP is not set # CONFIG_INET6_IPCOMP is not set # CONFIG_IPV6_MIP6 is not set # CONFIG_INET6_XFRM_TUNNEL is not set # CONFIG_INET6_TUNNEL is not set CONFIG_INET6_XFRM_MODE_TRANSPORT=y CONFIG_INET6_XFRM_MODE_TUNNEL=y CONFIG_INET6_XFRM_MODE_BEET=y # CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set CONFIG_IPV6_SIT=y CONFIG_IPV6_NDISC_NODETYPE=y # CONFIG_IPV6_TUNNEL is not set # CONFIG_IPV6_MULTIPLE_TABLES is not set # CONFIG_IPV6_MROUTE is not set # CONFIG_NETWORK_SECMARK is not set CONFIG_NETFILTER=y # CONFIG_NETFILTER_DEBUG is not set CONFIG_NETFILTER_ADVANCED=y CONFIG_BRIDGE_NETFILTER=y # # Core Netfilter Configuration # CONFIG_NETFILTER_NETLINK=y CONFIG_NETFILTER_NETLINK_QUEUE=y CONFIG_NETFILTER_NETLINK_LOG=y CONFIG_NF_CONNTRACK=y CONFIG_NF_CT_ACCT=y CONFIG_NF_CONNTRACK_MARK=y CONFIG_NF_CONNTRACK_EVENTS=y CONFIG_NF_CT_PROTO_DCCP=y CONFIG_NF_CT_PROTO_GRE=y CONFIG_NF_CT_PROTO_SCTP=y CONFIG_NF_CT_PROTO_UDPLITE=y CONFIG_NF_CONNTRACK_AMANDA=y CONFIG_NF_CONNTRACK_FTP=y CONFIG_NF_CONNTRACK_H323=y CONFIG_NF_CONNTRACK_IRC=y CONFIG_NF_CONNTRACK_NETBIOS_NS=y CONFIG_NF_CONNTRACK_PPTP=y CONFIG_NF_CONNTRACK_SANE=y CONFIG_NF_CONNTRACK_SIP=y CONFIG_NF_CONNTRACK_TFTP=y CONFIG_NF_CT_NETLINK=y # CONFIG_NETFILTER_TPROXY is not set CONFIG_NETFILTER_XTABLES=y CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y CONFIG_NETFILTER_XT_TARGET_CONNMARK=y CONFIG_NETFILTER_XT_TARGET_DSCP=y CONFIG_NETFILTER_XT_TARGET_HL=y CONFIG_NETFILTER_XT_TARGET_MARK=y CONFIG_NETFILTER_XT_TARGET_NFLOG=y CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y CONFIG_NETFILTER_XT_TARGET_NOTRACK=y CONFIG_NETFILTER_XT_TARGET_RATEEST=y CONFIG_NETFILTER_XT_TARGET_TRACE=y CONFIG_NETFILTER_XT_TARGET_TCPMSS=y CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=y # CONFIG_NETFILTER_XT_MATCH_CLUSTER is not set CONFIG_NETFILTER_XT_MATCH_COMMENT=y CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y CONFIG_NETFILTER_XT_MATCH_CONNMARK=y CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y CONFIG_NETFILTER_XT_MATCH_DCCP=y CONFIG_NETFILTER_XT_MATCH_DSCP=y CONFIG_NETFILTER_XT_MATCH_ESP=y CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y CONFIG_NETFILTER_XT_MATCH_HELPER=y CONFIG_NETFILTER_XT_MATCH_HL=y CONFIG_NETFILTER_XT_MATCH_IPRANGE=y CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y CONFIG_NETFILTER_XT_MATCH_MAC=y CONFIG_NETFILTER_XT_MATCH_MARK=y CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y CONFIG_NETFILTER_XT_MATCH_OWNER=y CONFIG_NETFILTER_XT_MATCH_POLICY=y CONFIG_NETFILTER_XT_MATCH_PHYSDEV=y CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y CONFIG_NETFILTER_XT_MATCH_QUOTA=y CONFIG_NETFILTER_XT_MATCH_RATEEST=y CONFIG_NETFILTER_XT_MATCH_REALM=y # CONFIG_NETFILTER_XT_MATCH_RECENT is not set CONFIG_NETFILTER_XT_MATCH_SCTP=y CONFIG_NETFILTER_XT_MATCH_STATE=y CONFIG_NETFILTER_XT_MATCH_STATISTIC=y CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y CONFIG_NETFILTER_XT_MATCH_TIME=y CONFIG_NETFILTER_XT_MATCH_U32=y # CONFIG_NETFILTER_XT_MATCH_OSF is not set # CONFIG_IP_VS is not set # # IP: Netfilter Configuration # CONFIG_NF_DEFRAG_IPV4=y CONFIG_NF_CONNTRACK_IPV4=y CONFIG_NF_CONNTRACK_PROC_COMPAT=y CONFIG_IP_NF_QUEUE=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_ADDRTYPE=y CONFIG_IP_NF_MATCH_AH=y CONFIG_IP_NF_MATCH_ECN=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_TARGET_LOG=y CONFIG_IP_NF_TARGET_ULOG=y CONFIG_NF_NAT=y CONFIG_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=y CONFIG_IP_NF_TARGET_NETMAP=y CONFIG_IP_NF_TARGET_REDIRECT=y CONFIG_NF_NAT_SNMP_BASIC=y CONFIG_NF_NAT_PROTO_DCCP=y CONFIG_NF_NAT_PROTO_GRE=y CONFIG_NF_NAT_PROTO_UDPLITE=y CONFIG_NF_NAT_PROTO_SCTP=y CONFIG_NF_NAT_FTP=y CONFIG_NF_NAT_IRC=y CONFIG_NF_NAT_TFTP=y CONFIG_NF_NAT_AMANDA=y CONFIG_NF_NAT_PPTP=y CONFIG_NF_NAT_H323=y CONFIG_NF_NAT_SIP=y CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_TARGET_CLUSTERIP=y CONFIG_IP_NF_TARGET_ECN=y CONFIG_IP_NF_TARGET_TTL=y CONFIG_IP_NF_RAW=y CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_ARPFILTER=y CONFIG_IP_NF_ARP_MANGLE=y # # IPv6: Netfilter Configuration # CONFIG_NF_CONNTRACK_IPV6=y CONFIG_IP6_NF_QUEUE=y CONFIG_IP6_NF_IPTABLES=y CONFIG_IP6_NF_MATCH_AH=y CONFIG_IP6_NF_MATCH_EUI64=y CONFIG_IP6_NF_MATCH_FRAG=y CONFIG_IP6_NF_MATCH_OPTS=y CONFIG_IP6_NF_MATCH_HL=y CONFIG_IP6_NF_MATCH_IPV6HEADER=y CONFIG_IP6_NF_MATCH_MH=y CONFIG_IP6_NF_MATCH_RT=y CONFIG_IP6_NF_TARGET_HL=y CONFIG_IP6_NF_TARGET_LOG=y CONFIG_IP6_NF_FILTER=y CONFIG_IP6_NF_TARGET_REJECT=y CONFIG_IP6_NF_MANGLE=y CONFIG_IP6_NF_RAW=y CONFIG_BRIDGE_NF_EBTABLES=y CONFIG_BRIDGE_EBT_BROUTE=y CONFIG_BRIDGE_EBT_T_FILTER=y CONFIG_BRIDGE_EBT_T_NAT=y CONFIG_BRIDGE_EBT_802_3=y CONFIG_BRIDGE_EBT_AMONG=y CONFIG_BRIDGE_EBT_ARP=y CONFIG_BRIDGE_EBT_IP=y CONFIG_BRIDGE_EBT_IP6=y CONFIG_BRIDGE_EBT_LIMIT=y CONFIG_BRIDGE_EBT_MARK=y CONFIG_BRIDGE_EBT_PKTTYPE=y CONFIG_BRIDGE_EBT_STP=y CONFIG_BRIDGE_EBT_VLAN=y CONFIG_BRIDGE_EBT_ARPREPLY=y CONFIG_BRIDGE_EBT_DNAT=y CONFIG_BRIDGE_EBT_MARK_T=y CONFIG_BRIDGE_EBT_REDIRECT=y CONFIG_BRIDGE_EBT_SNAT=y CONFIG_BRIDGE_EBT_LOG=y CONFIG_BRIDGE_EBT_ULOG=y CONFIG_BRIDGE_EBT_NFLOG=y CONFIG_GHOSTIFICATION_NETFILTER=y CONFIG_GHOSTIFICATION_NETFILTER_ALL=y # CONFIG_IP_DCCP is not set # CONFIG_IP_SCTP is not set # CONFIG_TIPC is not set # CONFIG_ATM is not set CONFIG_STP=y CONFIG_GARP=y CONFIG_BRIDGE=y # CONFIG_NET_DSA is not set CONFIG_VLAN_8021Q=y CONFIG_VLAN_8021Q_GVRP=y # CONFIG_DECNET is not set CONFIG_LLC=y CONFIG_LLC2=y # CONFIG_IPX is not set # CONFIG_ATALK is not set # CONFIG_X25 is not set # CONFIG_LAPB is not set # CONFIG_ECONET is not set # CONFIG_WAN_ROUTER is not set # CONFIG_PHONET is not set # CONFIG_IEEE802154 is not set CONFIG_NET_SCHED=y # # Queueing/Scheduling # CONFIG_NET_SCH_CBQ=y CONFIG_NET_SCH_HTB=y CONFIG_NET_SCH_HFSC=y CONFIG_NET_SCH_PRIO=y # CONFIG_NET_SCH_MULTIQ is not set CONFIG_NET_SCH_RED=y CONFIG_NET_SCH_SFQ=y CONFIG_NET_SCH_TEQL=y CONFIG_NET_SCH_TBF=y CONFIG_NET_SCH_GRED=y CONFIG_NET_SCH_DSMARK=y CONFIG_NET_SCH_NETEM=y # CONFIG_NET_SCH_DRR is not set # CONFIG_NET_SCH_INGRESS is not set # # Classification # CONFIG_NET_CLS=y CONFIG_NET_CLS_BASIC=y CONFIG_NET_CLS_TCINDEX=y CONFIG_NET_CLS_ROUTE4=y CONFIG_NET_CLS_ROUTE=y CONFIG_NET_CLS_FW=y CONFIG_NET_CLS_U32=y CONFIG_CLS_U32_PERF=y CONFIG_CLS_U32_MARK=y CONFIG_NET_CLS_RSVP=y CONFIG_NET_CLS_RSVP6=y CONFIG_NET_CLS_FLOW=y CONFIG_NET_EMATCH=y CONFIG_NET_EMATCH_STACK=32 CONFIG_NET_EMATCH_CMP=y CONFIG_NET_EMATCH_NBYTE=y CONFIG_NET_EMATCH_U32=y CONFIG_NET_EMATCH_META=y CONFIG_NET_EMATCH_TEXT=y CONFIG_NET_CLS_ACT=y CONFIG_NET_ACT_POLICE=y CONFIG_NET_ACT_GACT=y CONFIG_GACT_PROB=y CONFIG_NET_ACT_MIRRED=y CONFIG_NET_ACT_IPT=y CONFIG_NET_ACT_NAT=y CONFIG_NET_ACT_PEDIT=y # CONFIG_NET_ACT_SIMP is not set # CONFIG_NET_ACT_SKBEDIT is not set CONFIG_NET_CLS_IND=y CONFIG_NET_SCH_FIFO=y # CONFIG_DCB is not set # # Network testing # # CONFIG_NET_PKTGEN is not set # CONFIG_HAMRADIO is not set # CONFIG_CAN is not set # CONFIG_IRDA is not set # CONFIG_BT is not set # CONFIG_AF_RXRPC is not set CONFIG_FIB_RULES=y # CONFIG_WIRELESS is not set # CONFIG_WIMAX is not set # CONFIG_RFKILL is not set # CONFIG_NET_9P is not set CONFIG_GHOSTIFICATION=y CONFIG_GHOSTIFICATION_NUM=9 CONFIG_GHOSTIFICATION_MESG=y CONFIG_GHOSTIFICATION_PRINTK=y # CONFIG_GHOSTIFICATION_DEBUG is not set # CONFIG_GHOSTIFICATION_DEVEL is not set # # UML Network Devices # CONFIG_UML_NET=y CONFIG_UML_NET_ETHERTAP=y CONFIG_UML_NET_TUNTAP=y CONFIG_UML_NET_SLIP=y CONFIG_UML_NET_DAEMON=y CONFIG_UML_NET_VDE=y CONFIG_UML_NET_MCAST=y CONFIG_UML_NET_PCAP=y CONFIG_UML_NET_SLIRP=y CONFIG_NETDEVICES=y # CONFIG_IFB is not set CONFIG_DUMMY=y CONFIG_BONDING=y CONFIG_MACVLAN=y # CONFIG_EQUALIZER is not set CONFIG_TUN=y # CONFIG_VETH is not set # # Wireless LAN # # CONFIG_WLAN_PRE80211 is not set # CONFIG_WLAN_80211 is not set # # Enable WiMAX (Networking options) to see the WiMAX drivers # # CONFIG_WAN is not set CONFIG_PPP=y # CONFIG_PPP_MULTILINK is not set # CONFIG_PPP_FILTER is not set # CONFIG_PPP_ASYNC is not set # CONFIG_PPP_SYNC_TTY is not set # CONFIG_PPP_DEFLATE is not set # CONFIG_PPP_BSDCOMP is not set # CONFIG_PPP_MPPE is not set # CONFIG_PPPOE is not set # CONFIG_PPPOL2TP is not set CONFIG_SLIP=y # CONFIG_SLIP_COMPRESSED is not set CONFIG_SLHC=y # CONFIG_SLIP_SMART is not set # CONFIG_SLIP_MODE_SLIP6 is not set # CONFIG_NETCONSOLE is not set # CONFIG_NETPOLL is not set # CONFIG_NET_POLL_CONTROLLER is not set # CONFIG_CONNECTOR is not set # # File systems # CONFIG_EXT2_FS=y CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_POSIX_ACL=y # CONFIG_EXT2_FS_SECURITY is not set # CONFIG_EXT2_FS_XIP is not set CONFIG_EXT3_FS=y # CONFIG_EXT3_DEFAULTS_TO_ORDERED is not set CONFIG_EXT3_FS_XATTR=y CONFIG_EXT3_FS_POSIX_ACL=y CONFIG_EXT3_FS_SECURITY=y # CONFIG_EXT4_FS is not set CONFIG_JBD=y CONFIG_FS_MBCACHE=y # CONFIG_REISERFS_FS is not set # CONFIG_JFS_FS is not set CONFIG_FS_POSIX_ACL=y # CONFIG_XFS_FS is not set # CONFIG_GFS2_FS is not set # CONFIG_OCFS2_FS is not set # CONFIG_BTRFS_FS is not set CONFIG_FILE_LOCKING=y CONFIG_FSNOTIFY=y CONFIG_DNOTIFY=y CONFIG_INOTIFY=y CONFIG_INOTIFY_USER=y CONFIG_QUOTA=y # CONFIG_QUOTA_NETLINK_INTERFACE is not set CONFIG_PRINT_QUOTA_WARNING=y # CONFIG_QFMT_V1 is not set # CONFIG_QFMT_V2 is not set CONFIG_QUOTACTL=y CONFIG_AUTOFS_FS=y CONFIG_AUTOFS4_FS=y # CONFIG_FUSE_FS is not set # # Caches # # CONFIG_FSCACHE is not set # # CD-ROM/DVD Filesystems # # CONFIG_ISO9660_FS is not set # CONFIG_UDF_FS is not set # # DOS/FAT/NT Filesystems # # CONFIG_MSDOS_FS is not set # CONFIG_VFAT_FS is not set # CONFIG_NTFS_FS is not set # # Pseudo filesystems # CONFIG_PROC_FS=y CONFIG_PROC_KCORE=y CONFIG_PROC_SYSCTL=y CONFIG_PROC_PAGE_MONITOR=y CONFIG_SYSFS=y CONFIG_TMPFS=y # CONFIG_TMPFS_POSIX_ACL is not set # CONFIG_HUGETLB_PAGE is not set # CONFIG_CONFIGFS_FS is not set # CONFIG_MISC_FILESYSTEMS is not set CONFIG_NETWORK_FILESYSTEMS=y CONFIG_NFS_FS=y CONFIG_NFS_V3=y CONFIG_NFS_V3_ACL=y CONFIG_NFS_V4=y # CONFIG_NFS_V4_1 is not set CONFIG_NFSD=y CONFIG_NFSD_V2_ACL=y CONFIG_NFSD_V3=y CONFIG_NFSD_V3_ACL=y CONFIG_NFSD_V4=y CONFIG_LOCKD=y CONFIG_LOCKD_V4=y CONFIG_EXPORTFS=y CONFIG_NFS_ACL_SUPPORT=y CONFIG_NFS_COMMON=y CONFIG_SUNRPC=y CONFIG_SUNRPC_GSS=y CONFIG_RPCSEC_GSS_KRB5=y CONFIG_RPCSEC_GSS_SPKM3=y # CONFIG_SMB_FS is not set CONFIG_CIFS=y # CONFIG_CIFS_STATS is not set # CONFIG_CIFS_WEAK_PW_HASH is not set CONFIG_CIFS_XATTR=y CONFIG_CIFS_POSIX=y CONFIG_CIFS_DEBUG2=y # CONFIG_CIFS_EXPERIMENTAL is not set # CONFIG_NCP_FS is not set # CONFIG_CODA_FS is not set # CONFIG_AFS_FS is not set # # Partition Types # CONFIG_PARTITION_ADVANCED=y # CONFIG_ACORN_PARTITION is not set # CONFIG_OSF_PARTITION is not set # CONFIG_AMIGA_PARTITION is not set # CONFIG_ATARI_PARTITION is not set # CONFIG_MAC_PARTITION is not set CONFIG_MSDOS_PARTITION=y # CONFIG_BSD_DISKLABEL is not set # CONFIG_MINIX_SUBPARTITION is not set # CONFIG_SOLARIS_X86_PARTITION is not set # CONFIG_UNIXWARE_DISKLABEL is not set # CONFIG_LDM_PARTITION is not set # CONFIG_SGI_PARTITION is not set # CONFIG_ULTRIX_PARTITION is not set # CONFIG_SUN_PARTITION is not set # CONFIG_KARMA_PARTITION is not set # CONFIG_EFI_PARTITION is not set # CONFIG_SYSV68_PARTITION is not set CONFIG_NLS=y CONFIG_NLS_DEFAULT="iso8859-1" # CONFIG_NLS_CODEPAGE_437 is not set # CONFIG_NLS_CODEPAGE_737 is not set # CONFIG_NLS_CODEPAGE_775 is not set # CONFIG_NLS_CODEPAGE_850 is not set # CONFIG_NLS_CODEPAGE_852 is not set # CONFIG_NLS_CODEPAGE_855 is not set # CONFIG_NLS_CODEPAGE_857 is not set # CONFIG_NLS_CODEPAGE_860 is not set # CONFIG_NLS_CODEPAGE_861 is not set # CONFIG_NLS_CODEPAGE_862 is not set # CONFIG_NLS_CODEPAGE_863 is not set # CONFIG_NLS_CODEPAGE_864 is not set # CONFIG_NLS_CODEPAGE_865 is not set # CONFIG_NLS_CODEPAGE_866 is not set # CONFIG_NLS_CODEPAGE_869 is not set # CONFIG_NLS_CODEPAGE_936 is not set # CONFIG_NLS_CODEPAGE_950 is not set # CONFIG_NLS_CODEPAGE_932 is not set # CONFIG_NLS_CODEPAGE_949 is not set # CONFIG_NLS_CODEPAGE_874 is not set # CONFIG_NLS_ISO8859_8 is not set # CONFIG_NLS_CODEPAGE_1250 is not set # CONFIG_NLS_CODEPAGE_1251 is not set # CONFIG_NLS_ASCII is not set # CONFIG_NLS_ISO8859_1 is not set # CONFIG_NLS_ISO8859_2 is not set # CONFIG_NLS_ISO8859_3 is not set # CONFIG_NLS_ISO8859_4 is not set # CONFIG_NLS_ISO8859_5 is not set # CONFIG_NLS_ISO8859_6 is not set # CONFIG_NLS_ISO8859_7 is not set # CONFIG_NLS_ISO8859_9 is not set # CONFIG_NLS_ISO8859_13 is not set # CONFIG_NLS_ISO8859_14 is not set # CONFIG_NLS_ISO8859_15 is not set # CONFIG_NLS_KOI8_R is not set # CONFIG_NLS_KOI8_U is not set # CONFIG_NLS_UTF8 is not set # CONFIG_DLM is not set # # Security options # # CONFIG_KEYS is not set # CONFIG_SECURITY is not set # CONFIG_SECURITYFS is not set # CONFIG_SECURITY_FILE_CAPABILITIES is not set CONFIG_CRYPTO=y # # Crypto core or helper # # CONFIG_CRYPTO_FIPS is not set CONFIG_CRYPTO_ALGAPI=y CONFIG_CRYPTO_ALGAPI2=y CONFIG_CRYPTO_AEAD=y CONFIG_CRYPTO_AEAD2=y CONFIG_CRYPTO_BLKCIPHER=y CONFIG_CRYPTO_BLKCIPHER2=y CONFIG_CRYPTO_HASH=y CONFIG_CRYPTO_HASH2=y CONFIG_CRYPTO_RNG2=y CONFIG_CRYPTO_PCOMP=y CONFIG_CRYPTO_MANAGER=y CONFIG_CRYPTO_MANAGER2=y # CONFIG_CRYPTO_GF128MUL is not set # CONFIG_CRYPTO_NULL is not set CONFIG_CRYPTO_WORKQUEUE=y # CONFIG_CRYPTO_CRYPTD is not set CONFIG_CRYPTO_AUTHENC=y # # Authenticated Encryption with Associated Data # # CONFIG_CRYPTO_CCM is not set # CONFIG_CRYPTO_GCM is not set # CONFIG_CRYPTO_SEQIV is not set # # Block modes # CONFIG_CRYPTO_CBC=y # CONFIG_CRYPTO_CTR is not set # CONFIG_CRYPTO_CTS is not set # CONFIG_CRYPTO_ECB is not set # CONFIG_CRYPTO_LRW is not set # CONFIG_CRYPTO_PCBC is not set # CONFIG_CRYPTO_XTS is not set # # Hash modes # CONFIG_CRYPTO_HMAC=y # CONFIG_CRYPTO_XCBC is not set # # Digest # CONFIG_CRYPTO_CRC32C=y # CONFIG_CRYPTO_MD4 is not set CONFIG_CRYPTO_MD5=y # CONFIG_CRYPTO_MICHAEL_MIC is not set # CONFIG_CRYPTO_RMD128 is not set # CONFIG_CRYPTO_RMD160 is not set # CONFIG_CRYPTO_RMD256 is not set # CONFIG_CRYPTO_RMD320 is not set CONFIG_CRYPTO_SHA1=y # CONFIG_CRYPTO_SHA256 is not set # CONFIG_CRYPTO_SHA512 is not set # CONFIG_CRYPTO_TGR192 is not set # CONFIG_CRYPTO_WP512 is not set # # Ciphers # CONFIG_CRYPTO_AES=y CONFIG_CRYPTO_AES_X86_64=y # CONFIG_CRYPTO_AES_NI_INTEL is not set # CONFIG_CRYPTO_ANUBIS is not set # CONFIG_CRYPTO_ARC4 is not set # CONFIG_CRYPTO_BLOWFISH is not set # CONFIG_CRYPTO_CAMELLIA is not set CONFIG_CRYPTO_CAST5=y # CONFIG_CRYPTO_CAST6 is not set CONFIG_CRYPTO_DES=y # CONFIG_CRYPTO_FCRYPT is not set # CONFIG_CRYPTO_KHAZAD is not set # CONFIG_CRYPTO_SALSA20 is not set CONFIG_CRYPTO_SALSA20_X86_64=y # CONFIG_CRYPTO_SEED is not set # CONFIG_CRYPTO_SERPENT is not set # CONFIG_CRYPTO_TEA is not set # CONFIG_CRYPTO_TWOFISH is not set CONFIG_CRYPTO_TWOFISH_COMMON=y CONFIG_CRYPTO_TWOFISH_X86_64=y # # Compression # CONFIG_CRYPTO_DEFLATE=y # CONFIG_CRYPTO_ZLIB is not set # CONFIG_CRYPTO_LZO is not set # # Random Number Generation # # CONFIG_CRYPTO_ANSI_CPRNG is not set CONFIG_CRYPTO_HW=y # CONFIG_BINARY_PRINTF is not set # # Library routines # CONFIG_BITREVERSE=y CONFIG_GENERIC_FIND_FIRST_BIT=y CONFIG_GENERIC_FIND_NEXT_BIT=y CONFIG_GENERIC_FIND_LAST_BIT=y # CONFIG_CRC_CCITT is not set CONFIG_CRC16=y # CONFIG_CRC_T10DIF is not set # CONFIG_CRC_ITU_T is not set CONFIG_CRC32=y # CONFIG_CRC7 is not set CONFIG_LIBCRC32C=y CONFIG_ZLIB_INFLATE=y CONFIG_ZLIB_DEFLATE=y CONFIG_TEXTSEARCH=y CONFIG_TEXTSEARCH_KMP=y CONFIG_TEXTSEARCH_BM=y CONFIG_TEXTSEARCH_FSM=y CONFIG_HAS_DMA=y CONFIG_NLATTR=y # # SCSI device support # # CONFIG_RAID_ATTRS is not set # CONFIG_SCSI is not set # CONFIG_SCSI_DMA is not set # CONFIG_SCSI_NETLINK is not set CONFIG_MD=y # CONFIG_BLK_DEV_MD is not set CONFIG_BLK_DEV_DM=y # CONFIG_DM_DEBUG is not set CONFIG_DM_CRYPT=y CONFIG_DM_SNAPSHOT=y CONFIG_DM_MIRROR=y # CONFIG_DM_LOG_USERSPACE is not set # CONFIG_DM_ZERO is not set # CONFIG_DM_MULTIPATH is not set # CONFIG_DM_DELAY is not set # CONFIG_DM_UEVENT is not set # CONFIG_NEW_LEDS is not set # CONFIG_INPUT is not set # # Kernel hacking # # CONFIG_PRINTK_TIME is not set # CONFIG_ENABLE_WARN_DEPRECATED is not set CONFIG_ENABLE_MUST_CHECK=y CONFIG_FRAME_WARN=1024 # CONFIG_UNUSED_SYMBOLS is not set # CONFIG_DEBUG_FS is not set # CONFIG_DEBUG_KERNEL is not set CONFIG_DEBUG_BUGVERBOSE=y CONFIG_DEBUG_MEMORY_INIT=y # CONFIG_RCU_CPU_STALL_DETECTOR is not set CONFIG_SYSCTL_SYSCALL_CHECK=y # CONFIG_SAMPLES is not set # CONFIG_DEBUG_STACK_USAGE is not set marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/CONFIG-2.6.30_x86_640000644000175000017500000005527613175722671024303 0ustar lucaslucas# # Automatically generated make config: don't edit # Linux kernel version: 2.6.30 # Fri Nov 27 10:13:36 2009 # CONFIG_DEFCONFIG_LIST="arch/$ARCH/defconfig" CONFIG_GENERIC_HARDIRQS=y CONFIG_UML=y CONFIG_MMU=y CONFIG_NO_IOMEM=y # CONFIG_TRACE_IRQFLAGS_SUPPORT is not set CONFIG_LOCKDEP_SUPPORT=y # CONFIG_STACKTRACE_SUPPORT is not set CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_TIME=y CONFIG_GENERIC_CLOCKEVENTS=y CONFIG_IRQ_RELEASE_METHOD=y CONFIG_HZ=100 # # UML-specific options # # # Host processor type and features # # CONFIG_M386 is not set # CONFIG_M486 is not set # CONFIG_M586 is not set # CONFIG_M586TSC is not set # CONFIG_M586MMX is not set # CONFIG_M686 is not set # CONFIG_MPENTIUMII is not set # CONFIG_MPENTIUMIII is not set # CONFIG_MPENTIUMM is not set # CONFIG_MPENTIUM4 is not set # CONFIG_MK6 is not set # CONFIG_MK7 is not set CONFIG_MK8=y # CONFIG_MCRUSOE is not set # CONFIG_MEFFICEON is not set # CONFIG_MWINCHIPC6 is not set # CONFIG_MWINCHIP3D is not set # CONFIG_MGEODEGX1 is not set # CONFIG_MGEODE_LX is not set # CONFIG_MCYRIXIII is not set # CONFIG_MVIAC3_2 is not set # CONFIG_MVIAC7 is not set # CONFIG_MPSC is not set # CONFIG_MCORE2 is not set # CONFIG_GENERIC_CPU is not set CONFIG_X86_CPU=y CONFIG_X86_L1_CACHE_BYTES=64 CONFIG_X86_INTERNODE_CACHE_BYTES=64 # CONFIG_X86_CMPXCHG is not set CONFIG_X86_L1_CACHE_SHIFT=6 CONFIG_X86_WP_WORKS_OK=y CONFIG_X86_INTEL_USERCOPY=y CONFIG_X86_USE_PPRO_CHECKSUM=y CONFIG_X86_TSC=y CONFIG_X86_CMOV=y CONFIG_X86_MINIMUM_CPU_FAMILY=3 CONFIG_CPU_SUP_INTEL=y CONFIG_CPU_SUP_AMD=y CONFIG_CPU_SUP_CENTAUR=y CONFIG_UML_X86=y CONFIG_64BIT=y # CONFIG_X86_32 is not set # CONFIG_RWSEM_XCHGADD_ALGORITHM is not set CONFIG_RWSEM_GENERIC_SPINLOCK=y CONFIG_3_LEVEL_PGTABLES=y # CONFIG_ARCH_HAS_SC_SIGNALS is not set # CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA is not set CONFIG_SMP_BROKEN=y CONFIG_GENERIC_HWEIGHT=y # CONFIG_STATIC_LINK is not set CONFIG_SELECT_MEMORY_MODEL=y CONFIG_FLATMEM_MANUAL=y # CONFIG_DISCONTIGMEM_MANUAL is not set # CONFIG_SPARSEMEM_MANUAL is not set CONFIG_FLATMEM=y CONFIG_FLAT_NODE_MEM_MAP=y CONFIG_PAGEFLAGS_EXTENDED=y CONFIG_SPLIT_PTLOCK_CPUS=4 CONFIG_PHYS_ADDR_T_64BIT=y CONFIG_ZONE_DMA_FLAG=0 CONFIG_VIRT_TO_BUS=y CONFIG_UNEVICTABLE_LRU=y CONFIG_HAVE_MLOCK=y CONFIG_HAVE_MLOCKED_PAGE_BIT=y CONFIG_TICK_ONESHOT=y CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y CONFIG_GENERIC_CLOCKEVENTS_BUILD=y CONFIG_LD_SCRIPT_DYN=y CONFIG_BINFMT_ELF=y # CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS is not set # CONFIG_HAVE_AOUT is not set CONFIG_BINFMT_MISC=y CONFIG_HOSTFS=y # CONFIG_HPPFS is not set CONFIG_MCONSOLE=y CONFIG_MAGIC_SYSRQ=y CONFIG_KERNEL_STACK_ORDER=1 # # General setup # CONFIG_EXPERIMENTAL=y CONFIG_BROKEN_ON_SMP=y CONFIG_INIT_ENV_ARG_LIMIT=128 CONFIG_LOCALVERSION="-marionnet-ghost" CONFIG_LOCALVERSION_AUTO=y CONFIG_SWAP=y CONFIG_SYSVIPC=y CONFIG_SYSVIPC_SYSCTL=y CONFIG_POSIX_MQUEUE=y CONFIG_POSIX_MQUEUE_SYSCTL=y CONFIG_BSD_PROCESS_ACCT=y # CONFIG_BSD_PROCESS_ACCT_V3 is not set # CONFIG_TASKSTATS is not set # CONFIG_AUDIT is not set # # RCU Subsystem # CONFIG_CLASSIC_RCU=y # CONFIG_TREE_RCU is not set # CONFIG_PREEMPT_RCU is not set # CONFIG_TREE_RCU_TRACE is not set # CONFIG_PREEMPT_RCU_TRACE is not set CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y CONFIG_LOG_BUF_SHIFT=14 # CONFIG_GROUP_SCHED is not set # CONFIG_CGROUPS is not set CONFIG_SYSFS_DEPRECATED=y CONFIG_SYSFS_DEPRECATED_V2=y # CONFIG_RELAY is not set CONFIG_NAMESPACES=y # CONFIG_UTS_NS is not set # CONFIG_IPC_NS is not set # CONFIG_USER_NS is not set # CONFIG_PID_NS is not set # CONFIG_NET_NS is not set # CONFIG_BLK_DEV_INITRD is not set CONFIG_CC_OPTIMIZE_FOR_SIZE=y CONFIG_SYSCTL=y CONFIG_ANON_INODES=y # CONFIG_EMBEDDED is not set CONFIG_UID16=y CONFIG_SYSCTL_SYSCALL=y CONFIG_KALLSYMS=y CONFIG_KALLSYMS_EXTRA_PASS=y # CONFIG_STRIP_ASM_SYMS is not set CONFIG_HOTPLUG=y CONFIG_PRINTK=y CONFIG_BUG=y CONFIG_ELF_CORE=y CONFIG_BASE_FULL=y CONFIG_FUTEX=y CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_SHMEM=y CONFIG_AIO=y CONFIG_VM_EVENT_COUNTERS=y CONFIG_COMPAT_BRK=y CONFIG_SLAB=y # CONFIG_SLUB is not set # CONFIG_SLOB is not set # CONFIG_PROFILING is not set # CONFIG_MARKERS is not set # CONFIG_SLOW_WORK is not set # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set CONFIG_SLABINFO=y CONFIG_RT_MUTEXES=y CONFIG_BASE_SMALL=0 # CONFIG_MODULES is not set CONFIG_BLOCK=y # CONFIG_BLK_DEV_BSG is not set # CONFIG_BLK_DEV_INTEGRITY is not set # # IO Schedulers # CONFIG_IOSCHED_NOOP=y CONFIG_IOSCHED_AS=y CONFIG_IOSCHED_DEADLINE=y CONFIG_IOSCHED_CFQ=y CONFIG_DEFAULT_AS=y # CONFIG_DEFAULT_DEADLINE is not set # CONFIG_DEFAULT_CFQ is not set # CONFIG_DEFAULT_NOOP is not set CONFIG_DEFAULT_IOSCHED="anticipatory" # CONFIG_FREEZER is not set CONFIG_BLK_DEV=y CONFIG_BLK_DEV_UBD=y # CONFIG_BLK_DEV_UBD_SYNC is not set CONFIG_BLK_DEV_COW_COMMON=y CONFIG_BLK_DEV_LOOP=y CONFIG_BLK_DEV_CRYPTOLOOP=y CONFIG_BLK_DEV_NBD=y # CONFIG_BLK_DEV_RAM is not set # CONFIG_ATA_OVER_ETH is not set # # Character Devices # CONFIG_STDERR_CONSOLE=y CONFIG_STDIO_CONSOLE=y CONFIG_SSL=y CONFIG_NULL_CHAN=y CONFIG_PORT_CHAN=y CONFIG_PTY_CHAN=y CONFIG_TTY_CHAN=y CONFIG_XTERM_CHAN=y # CONFIG_NOCONFIG_CHAN is not set CONFIG_CON_ZERO_CHAN="fd:0,fd:1" CONFIG_CON_CHAN="xterm" CONFIG_SSL_CHAN="pts" CONFIG_UNIX98_PTYS=y CONFIG_LEGACY_PTYS=y # CONFIG_RAW_DRIVER is not set CONFIG_LEGACY_PTY_COUNT=32 # CONFIG_WATCHDOG is not set CONFIG_UML_SOUND=y CONFIG_SOUND=y CONFIG_SOUND_OSS_CORE=y CONFIG_HOSTAUDIO=y # CONFIG_HW_RANDOM is not set CONFIG_UML_RANDOM=y # CONFIG_MMAPPER is not set # # Generic Driver Options # CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y CONFIG_FW_LOADER=y CONFIG_FIRMWARE_IN_KERNEL=y CONFIG_EXTRA_FIRMWARE="" # CONFIG_SYS_HYPERVISOR is not set CONFIG_NET=y # # Networking options # CONFIG_PACKET=y CONFIG_PACKET_MMAP=y CONFIG_UNIX=y CONFIG_XFRM=y CONFIG_XFRM_USER=y # CONFIG_XFRM_SUB_POLICY is not set # CONFIG_XFRM_MIGRATE is not set # CONFIG_XFRM_STATISTICS is not set CONFIG_XFRM_IPCOMP=y CONFIG_NET_KEY=y # CONFIG_NET_KEY_MIGRATE is not set CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_ASK_IP_FIB_HASH=y # CONFIG_IP_FIB_TRIE is not set CONFIG_IP_FIB_HASH=y CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_VERBOSE=y # CONFIG_IP_PNP is not set CONFIG_NET_IPIP=y CONFIG_NET_IPGRE=y CONFIG_NET_IPGRE_BROADCAST=y CONFIG_IP_MROUTE=y # CONFIG_IP_PIMSM_V1 is not set CONFIG_IP_PIMSM_V2=y CONFIG_ARPD=y CONFIG_SYN_COOKIES=y CONFIG_INET_AH=y CONFIG_INET_ESP=y CONFIG_INET_IPCOMP=y CONFIG_INET_XFRM_TUNNEL=y CONFIG_INET_TUNNEL=y CONFIG_INET_XFRM_MODE_TRANSPORT=y CONFIG_INET_XFRM_MODE_TUNNEL=y CONFIG_INET_XFRM_MODE_BEET=y # CONFIG_INET_LRO is not set CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y # CONFIG_TCP_CONG_ADVANCED is not set CONFIG_TCP_CONG_CUBIC=y CONFIG_DEFAULT_TCP_CONG="cubic" # CONFIG_TCP_MD5SIG is not set CONFIG_IPV6=y # CONFIG_IPV6_PRIVACY is not set # CONFIG_IPV6_ROUTER_PREF is not set # CONFIG_IPV6_OPTIMISTIC_DAD is not set # CONFIG_INET6_AH is not set # CONFIG_INET6_ESP is not set # CONFIG_INET6_IPCOMP is not set # CONFIG_IPV6_MIP6 is not set # CONFIG_INET6_XFRM_TUNNEL is not set # CONFIG_INET6_TUNNEL is not set CONFIG_INET6_XFRM_MODE_TRANSPORT=y CONFIG_INET6_XFRM_MODE_TUNNEL=y CONFIG_INET6_XFRM_MODE_BEET=y # CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set CONFIG_IPV6_SIT=y CONFIG_IPV6_NDISC_NODETYPE=y # CONFIG_IPV6_TUNNEL is not set # CONFIG_IPV6_MULTIPLE_TABLES is not set # CONFIG_IPV6_MROUTE is not set # CONFIG_NETWORK_SECMARK is not set CONFIG_NETFILTER=y # CONFIG_NETFILTER_DEBUG is not set CONFIG_NETFILTER_ADVANCED=y CONFIG_BRIDGE_NETFILTER=y # # Core Netfilter Configuration # CONFIG_NETFILTER_NETLINK=y CONFIG_NETFILTER_NETLINK_QUEUE=y CONFIG_NETFILTER_NETLINK_LOG=y CONFIG_NF_CONNTRACK=y CONFIG_NF_CT_ACCT=y CONFIG_NF_CONNTRACK_MARK=y CONFIG_NF_CONNTRACK_EVENTS=y CONFIG_NF_CT_PROTO_DCCP=y CONFIG_NF_CT_PROTO_GRE=y CONFIG_NF_CT_PROTO_SCTP=y CONFIG_NF_CT_PROTO_UDPLITE=y CONFIG_NF_CONNTRACK_AMANDA=y CONFIG_NF_CONNTRACK_FTP=y CONFIG_NF_CONNTRACK_H323=y CONFIG_NF_CONNTRACK_IRC=y CONFIG_NF_CONNTRACK_NETBIOS_NS=y CONFIG_NF_CONNTRACK_PPTP=y CONFIG_NF_CONNTRACK_SANE=y CONFIG_NF_CONNTRACK_SIP=y CONFIG_NF_CONNTRACK_TFTP=y CONFIG_NF_CT_NETLINK=y # CONFIG_NETFILTER_TPROXY is not set CONFIG_NETFILTER_XTABLES=y CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y CONFIG_NETFILTER_XT_TARGET_CONNMARK=y CONFIG_NETFILTER_XT_TARGET_DSCP=y CONFIG_NETFILTER_XT_TARGET_HL=y CONFIG_NETFILTER_XT_TARGET_MARK=y CONFIG_NETFILTER_XT_TARGET_NFLOG=y CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y CONFIG_NETFILTER_XT_TARGET_NOTRACK=y CONFIG_NETFILTER_XT_TARGET_RATEEST=y CONFIG_NETFILTER_XT_TARGET_TRACE=y CONFIG_NETFILTER_XT_TARGET_TCPMSS=y CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=y # CONFIG_NETFILTER_XT_MATCH_CLUSTER is not set CONFIG_NETFILTER_XT_MATCH_COMMENT=y CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y CONFIG_NETFILTER_XT_MATCH_CONNMARK=y CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y CONFIG_NETFILTER_XT_MATCH_DCCP=y CONFIG_NETFILTER_XT_MATCH_DSCP=y CONFIG_NETFILTER_XT_MATCH_ESP=y CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y CONFIG_NETFILTER_XT_MATCH_HELPER=y CONFIG_NETFILTER_XT_MATCH_HL=y CONFIG_NETFILTER_XT_MATCH_IPRANGE=y CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y CONFIG_NETFILTER_XT_MATCH_MAC=y CONFIG_NETFILTER_XT_MATCH_MARK=y CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y CONFIG_NETFILTER_XT_MATCH_OWNER=y CONFIG_NETFILTER_XT_MATCH_POLICY=y CONFIG_NETFILTER_XT_MATCH_PHYSDEV=y CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y CONFIG_NETFILTER_XT_MATCH_QUOTA=y CONFIG_NETFILTER_XT_MATCH_RATEEST=y CONFIG_NETFILTER_XT_MATCH_REALM=y # CONFIG_NETFILTER_XT_MATCH_RECENT is not set CONFIG_NETFILTER_XT_MATCH_SCTP=y CONFIG_NETFILTER_XT_MATCH_STATE=y CONFIG_NETFILTER_XT_MATCH_STATISTIC=y CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y CONFIG_NETFILTER_XT_MATCH_TIME=y CONFIG_NETFILTER_XT_MATCH_U32=y # CONFIG_IP_VS is not set # # IP: Netfilter Configuration # CONFIG_NF_DEFRAG_IPV4=y CONFIG_NF_CONNTRACK_IPV4=y CONFIG_NF_CONNTRACK_PROC_COMPAT=y CONFIG_IP_NF_QUEUE=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_ADDRTYPE=y CONFIG_IP_NF_MATCH_AH=y CONFIG_IP_NF_MATCH_ECN=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_TARGET_LOG=y CONFIG_IP_NF_TARGET_ULOG=y CONFIG_NF_NAT=y CONFIG_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=y CONFIG_IP_NF_TARGET_NETMAP=y CONFIG_IP_NF_TARGET_REDIRECT=y CONFIG_NF_NAT_SNMP_BASIC=y CONFIG_NF_NAT_PROTO_DCCP=y CONFIG_NF_NAT_PROTO_GRE=y CONFIG_NF_NAT_PROTO_UDPLITE=y CONFIG_NF_NAT_PROTO_SCTP=y CONFIG_NF_NAT_FTP=y CONFIG_NF_NAT_IRC=y CONFIG_NF_NAT_TFTP=y CONFIG_NF_NAT_AMANDA=y CONFIG_NF_NAT_PPTP=y CONFIG_NF_NAT_H323=y CONFIG_NF_NAT_SIP=y CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_TARGET_CLUSTERIP=y CONFIG_IP_NF_TARGET_ECN=y CONFIG_IP_NF_TARGET_TTL=y CONFIG_IP_NF_RAW=y CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_ARPFILTER=y CONFIG_IP_NF_ARP_MANGLE=y # # IPv6: Netfilter Configuration # CONFIG_NF_CONNTRACK_IPV6=y CONFIG_IP6_NF_QUEUE=y CONFIG_IP6_NF_IPTABLES=y CONFIG_IP6_NF_MATCH_AH=y CONFIG_IP6_NF_MATCH_EUI64=y CONFIG_IP6_NF_MATCH_FRAG=y CONFIG_IP6_NF_MATCH_OPTS=y CONFIG_IP6_NF_MATCH_HL=y CONFIG_IP6_NF_MATCH_IPV6HEADER=y CONFIG_IP6_NF_MATCH_MH=y CONFIG_IP6_NF_MATCH_RT=y CONFIG_IP6_NF_TARGET_HL=y CONFIG_IP6_NF_TARGET_LOG=y CONFIG_IP6_NF_FILTER=y CONFIG_IP6_NF_TARGET_REJECT=y CONFIG_IP6_NF_MANGLE=y CONFIG_IP6_NF_RAW=y CONFIG_BRIDGE_NF_EBTABLES=y CONFIG_BRIDGE_EBT_BROUTE=y CONFIG_BRIDGE_EBT_T_FILTER=y CONFIG_BRIDGE_EBT_T_NAT=y CONFIG_BRIDGE_EBT_802_3=y CONFIG_BRIDGE_EBT_AMONG=y CONFIG_BRIDGE_EBT_ARP=y CONFIG_BRIDGE_EBT_IP=y CONFIG_BRIDGE_EBT_IP6=y CONFIG_BRIDGE_EBT_LIMIT=y CONFIG_BRIDGE_EBT_MARK=y CONFIG_BRIDGE_EBT_PKTTYPE=y CONFIG_BRIDGE_EBT_STP=y CONFIG_BRIDGE_EBT_VLAN=y CONFIG_BRIDGE_EBT_ARPREPLY=y CONFIG_BRIDGE_EBT_DNAT=y CONFIG_BRIDGE_EBT_MARK_T=y CONFIG_BRIDGE_EBT_REDIRECT=y CONFIG_BRIDGE_EBT_SNAT=y CONFIG_BRIDGE_EBT_LOG=y CONFIG_BRIDGE_EBT_ULOG=y CONFIG_BRIDGE_EBT_NFLOG=y CONFIG_GHOSTIFICATION_NETFILTER=y CONFIG_GHOSTIFICATION_NETFILTER_ALL=y # CONFIG_IP_DCCP is not set # CONFIG_IP_SCTP is not set # CONFIG_TIPC is not set # CONFIG_ATM is not set CONFIG_STP=y CONFIG_GARP=y CONFIG_BRIDGE=y # CONFIG_NET_DSA is not set CONFIG_VLAN_8021Q=y CONFIG_VLAN_8021Q_GVRP=y # CONFIG_DECNET is not set CONFIG_LLC=y CONFIG_LLC2=y # CONFIG_IPX is not set # CONFIG_ATALK is not set # CONFIG_X25 is not set # CONFIG_LAPB is not set # CONFIG_ECONET is not set # CONFIG_WAN_ROUTER is not set # CONFIG_PHONET is not set CONFIG_NET_SCHED=y # # Queueing/Scheduling # CONFIG_NET_SCH_CBQ=y CONFIG_NET_SCH_HTB=y CONFIG_NET_SCH_HFSC=y CONFIG_NET_SCH_PRIO=y # CONFIG_NET_SCH_MULTIQ is not set CONFIG_NET_SCH_RED=y CONFIG_NET_SCH_SFQ=y CONFIG_NET_SCH_TEQL=y CONFIG_NET_SCH_TBF=y CONFIG_NET_SCH_GRED=y CONFIG_NET_SCH_DSMARK=y CONFIG_NET_SCH_NETEM=y # CONFIG_NET_SCH_DRR is not set # CONFIG_NET_SCH_INGRESS is not set # # Classification # CONFIG_NET_CLS=y CONFIG_NET_CLS_BASIC=y CONFIG_NET_CLS_TCINDEX=y CONFIG_NET_CLS_ROUTE4=y CONFIG_NET_CLS_ROUTE=y CONFIG_NET_CLS_FW=y CONFIG_NET_CLS_U32=y CONFIG_CLS_U32_PERF=y CONFIG_CLS_U32_MARK=y CONFIG_NET_CLS_RSVP=y CONFIG_NET_CLS_RSVP6=y CONFIG_NET_CLS_FLOW=y CONFIG_NET_EMATCH=y CONFIG_NET_EMATCH_STACK=32 CONFIG_NET_EMATCH_CMP=y CONFIG_NET_EMATCH_NBYTE=y CONFIG_NET_EMATCH_U32=y CONFIG_NET_EMATCH_META=y CONFIG_NET_EMATCH_TEXT=y CONFIG_NET_CLS_ACT=y CONFIG_NET_ACT_POLICE=y CONFIG_NET_ACT_GACT=y CONFIG_GACT_PROB=y CONFIG_NET_ACT_MIRRED=y CONFIG_NET_ACT_IPT=y CONFIG_NET_ACT_NAT=y CONFIG_NET_ACT_PEDIT=y # CONFIG_NET_ACT_SIMP is not set # CONFIG_NET_ACT_SKBEDIT is not set CONFIG_NET_CLS_IND=y CONFIG_NET_SCH_FIFO=y # CONFIG_DCB is not set # # Network testing # # CONFIG_NET_PKTGEN is not set # CONFIG_HAMRADIO is not set # CONFIG_CAN is not set # CONFIG_IRDA is not set # CONFIG_BT is not set # CONFIG_AF_RXRPC is not set CONFIG_FIB_RULES=y # CONFIG_WIRELESS is not set # CONFIG_WIMAX is not set # CONFIG_RFKILL is not set # CONFIG_NET_9P is not set CONFIG_GHOSTIFICATION=y CONFIG_GHOSTIFICATION_NUM=9 CONFIG_GHOSTIFICATION_MESG=y CONFIG_GHOSTIFICATION_PRINTK=y # CONFIG_GHOSTIFICATION_DEBUG is not set # CONFIG_GHOSTIFICATION_DEVEL is not set # # UML Network Devices # CONFIG_UML_NET=y CONFIG_UML_NET_ETHERTAP=y CONFIG_UML_NET_TUNTAP=y CONFIG_UML_NET_SLIP=y CONFIG_UML_NET_DAEMON=y CONFIG_UML_NET_VDE=y CONFIG_UML_NET_MCAST=y CONFIG_UML_NET_PCAP=y CONFIG_UML_NET_SLIRP=y CONFIG_NETDEVICES=y CONFIG_COMPAT_NET_DEV_OPS=y # CONFIG_IFB is not set CONFIG_DUMMY=y CONFIG_BONDING=y CONFIG_MACVLAN=y # CONFIG_EQUALIZER is not set CONFIG_TUN=y # CONFIG_VETH is not set # # Wireless LAN # # CONFIG_WLAN_PRE80211 is not set # CONFIG_WLAN_80211 is not set # # Enable WiMAX (Networking options) to see the WiMAX drivers # # CONFIG_WAN is not set CONFIG_PPP=y # CONFIG_PPP_MULTILINK is not set # CONFIG_PPP_FILTER is not set # CONFIG_PPP_ASYNC is not set # CONFIG_PPP_SYNC_TTY is not set # CONFIG_PPP_DEFLATE is not set # CONFIG_PPP_BSDCOMP is not set # CONFIG_PPP_MPPE is not set # CONFIG_PPPOE is not set # CONFIG_PPPOL2TP is not set CONFIG_SLIP=y # CONFIG_SLIP_COMPRESSED is not set CONFIG_SLHC=y # CONFIG_SLIP_SMART is not set # CONFIG_SLIP_MODE_SLIP6 is not set # CONFIG_NETCONSOLE is not set # CONFIG_NETPOLL is not set # CONFIG_NET_POLL_CONTROLLER is not set # CONFIG_CONNECTOR is not set # # File systems # CONFIG_EXT2_FS=y CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_POSIX_ACL=y # CONFIG_EXT2_FS_SECURITY is not set # CONFIG_EXT2_FS_XIP is not set CONFIG_EXT3_FS=y # CONFIG_EXT3_DEFAULTS_TO_ORDERED is not set CONFIG_EXT3_FS_XATTR=y CONFIG_EXT3_FS_POSIX_ACL=y CONFIG_EXT3_FS_SECURITY=y # CONFIG_EXT4_FS is not set CONFIG_JBD=y CONFIG_FS_MBCACHE=y # CONFIG_REISERFS_FS is not set # CONFIG_JFS_FS is not set CONFIG_FS_POSIX_ACL=y CONFIG_FILE_LOCKING=y # CONFIG_XFS_FS is not set # CONFIG_GFS2_FS is not set # CONFIG_OCFS2_FS is not set # CONFIG_BTRFS_FS is not set CONFIG_DNOTIFY=y CONFIG_INOTIFY=y CONFIG_INOTIFY_USER=y CONFIG_QUOTA=y # CONFIG_QUOTA_NETLINK_INTERFACE is not set CONFIG_PRINT_QUOTA_WARNING=y # CONFIG_QFMT_V1 is not set # CONFIG_QFMT_V2 is not set CONFIG_QUOTACTL=y CONFIG_AUTOFS_FS=y CONFIG_AUTOFS4_FS=y # CONFIG_FUSE_FS is not set # # Caches # # CONFIG_FSCACHE is not set # # CD-ROM/DVD Filesystems # # CONFIG_ISO9660_FS is not set # CONFIG_UDF_FS is not set # # DOS/FAT/NT Filesystems # # CONFIG_MSDOS_FS is not set # CONFIG_VFAT_FS is not set # CONFIG_NTFS_FS is not set # # Pseudo filesystems # CONFIG_PROC_FS=y CONFIG_PROC_KCORE=y CONFIG_PROC_SYSCTL=y CONFIG_PROC_PAGE_MONITOR=y CONFIG_SYSFS=y CONFIG_TMPFS=y # CONFIG_TMPFS_POSIX_ACL is not set # CONFIG_HUGETLB_PAGE is not set # CONFIG_CONFIGFS_FS is not set # CONFIG_MISC_FILESYSTEMS is not set CONFIG_NETWORK_FILESYSTEMS=y CONFIG_NFS_FS=y CONFIG_NFS_V3=y CONFIG_NFS_V3_ACL=y CONFIG_NFS_V4=y CONFIG_NFSD=y CONFIG_NFSD_V2_ACL=y CONFIG_NFSD_V3=y CONFIG_NFSD_V3_ACL=y CONFIG_NFSD_V4=y CONFIG_LOCKD=y CONFIG_LOCKD_V4=y CONFIG_EXPORTFS=y CONFIG_NFS_ACL_SUPPORT=y CONFIG_NFS_COMMON=y CONFIG_SUNRPC=y CONFIG_SUNRPC_GSS=y CONFIG_RPCSEC_GSS_KRB5=y CONFIG_RPCSEC_GSS_SPKM3=y # CONFIG_SMB_FS is not set CONFIG_CIFS=y # CONFIG_CIFS_STATS is not set # CONFIG_CIFS_WEAK_PW_HASH is not set CONFIG_CIFS_XATTR=y CONFIG_CIFS_POSIX=y CONFIG_CIFS_DEBUG2=y # CONFIG_CIFS_EXPERIMENTAL is not set # CONFIG_NCP_FS is not set # CONFIG_CODA_FS is not set # CONFIG_AFS_FS is not set # # Partition Types # CONFIG_PARTITION_ADVANCED=y # CONFIG_ACORN_PARTITION is not set # CONFIG_OSF_PARTITION is not set # CONFIG_AMIGA_PARTITION is not set # CONFIG_ATARI_PARTITION is not set # CONFIG_MAC_PARTITION is not set CONFIG_MSDOS_PARTITION=y # CONFIG_BSD_DISKLABEL is not set # CONFIG_MINIX_SUBPARTITION is not set # CONFIG_SOLARIS_X86_PARTITION is not set # CONFIG_UNIXWARE_DISKLABEL is not set # CONFIG_LDM_PARTITION is not set # CONFIG_SGI_PARTITION is not set # CONFIG_ULTRIX_PARTITION is not set # CONFIG_SUN_PARTITION is not set # CONFIG_KARMA_PARTITION is not set # CONFIG_EFI_PARTITION is not set # CONFIG_SYSV68_PARTITION is not set CONFIG_NLS=y CONFIG_NLS_DEFAULT="iso8859-1" # CONFIG_NLS_CODEPAGE_437 is not set # CONFIG_NLS_CODEPAGE_737 is not set # CONFIG_NLS_CODEPAGE_775 is not set # CONFIG_NLS_CODEPAGE_850 is not set # CONFIG_NLS_CODEPAGE_852 is not set # CONFIG_NLS_CODEPAGE_855 is not set # CONFIG_NLS_CODEPAGE_857 is not set # CONFIG_NLS_CODEPAGE_860 is not set # CONFIG_NLS_CODEPAGE_861 is not set # CONFIG_NLS_CODEPAGE_862 is not set # CONFIG_NLS_CODEPAGE_863 is not set # CONFIG_NLS_CODEPAGE_864 is not set # CONFIG_NLS_CODEPAGE_865 is not set # CONFIG_NLS_CODEPAGE_866 is not set # CONFIG_NLS_CODEPAGE_869 is not set # CONFIG_NLS_CODEPAGE_936 is not set # CONFIG_NLS_CODEPAGE_950 is not set # CONFIG_NLS_CODEPAGE_932 is not set # CONFIG_NLS_CODEPAGE_949 is not set # CONFIG_NLS_CODEPAGE_874 is not set # CONFIG_NLS_ISO8859_8 is not set # CONFIG_NLS_CODEPAGE_1250 is not set # CONFIG_NLS_CODEPAGE_1251 is not set # CONFIG_NLS_ASCII is not set # CONFIG_NLS_ISO8859_1 is not set # CONFIG_NLS_ISO8859_2 is not set # CONFIG_NLS_ISO8859_3 is not set # CONFIG_NLS_ISO8859_4 is not set # CONFIG_NLS_ISO8859_5 is not set # CONFIG_NLS_ISO8859_6 is not set # CONFIG_NLS_ISO8859_7 is not set # CONFIG_NLS_ISO8859_9 is not set # CONFIG_NLS_ISO8859_13 is not set # CONFIG_NLS_ISO8859_14 is not set # CONFIG_NLS_ISO8859_15 is not set # CONFIG_NLS_KOI8_R is not set # CONFIG_NLS_KOI8_U is not set # CONFIG_NLS_UTF8 is not set # CONFIG_DLM is not set # # Security options # # CONFIG_KEYS is not set # CONFIG_SECURITY is not set # CONFIG_SECURITYFS is not set # CONFIG_SECURITY_FILE_CAPABILITIES is not set CONFIG_CRYPTO=y # # Crypto core or helper # # CONFIG_CRYPTO_FIPS is not set CONFIG_CRYPTO_ALGAPI=y CONFIG_CRYPTO_ALGAPI2=y CONFIG_CRYPTO_AEAD=y CONFIG_CRYPTO_AEAD2=y CONFIG_CRYPTO_BLKCIPHER=y CONFIG_CRYPTO_BLKCIPHER2=y CONFIG_CRYPTO_HASH=y CONFIG_CRYPTO_HASH2=y CONFIG_CRYPTO_RNG2=y CONFIG_CRYPTO_PCOMP=y CONFIG_CRYPTO_MANAGER=y CONFIG_CRYPTO_MANAGER2=y # CONFIG_CRYPTO_GF128MUL is not set # CONFIG_CRYPTO_NULL is not set CONFIG_CRYPTO_WORKQUEUE=y # CONFIG_CRYPTO_CRYPTD is not set CONFIG_CRYPTO_AUTHENC=y # # Authenticated Encryption with Associated Data # # CONFIG_CRYPTO_CCM is not set # CONFIG_CRYPTO_GCM is not set # CONFIG_CRYPTO_SEQIV is not set # # Block modes # CONFIG_CRYPTO_CBC=y # CONFIG_CRYPTO_CTR is not set # CONFIG_CRYPTO_CTS is not set # CONFIG_CRYPTO_ECB is not set # CONFIG_CRYPTO_LRW is not set # CONFIG_CRYPTO_PCBC is not set # CONFIG_CRYPTO_XTS is not set # # Hash modes # CONFIG_CRYPTO_HMAC=y # CONFIG_CRYPTO_XCBC is not set # # Digest # CONFIG_CRYPTO_CRC32C=y # CONFIG_CRYPTO_MD4 is not set CONFIG_CRYPTO_MD5=y # CONFIG_CRYPTO_MICHAEL_MIC is not set # CONFIG_CRYPTO_RMD128 is not set # CONFIG_CRYPTO_RMD160 is not set # CONFIG_CRYPTO_RMD256 is not set # CONFIG_CRYPTO_RMD320 is not set CONFIG_CRYPTO_SHA1=y # CONFIG_CRYPTO_SHA256 is not set # CONFIG_CRYPTO_SHA512 is not set # CONFIG_CRYPTO_TGR192 is not set # CONFIG_CRYPTO_WP512 is not set # # Ciphers # CONFIG_CRYPTO_AES=y CONFIG_CRYPTO_AES_X86_64=y # CONFIG_CRYPTO_AES_NI_INTEL is not set # CONFIG_CRYPTO_ANUBIS is not set # CONFIG_CRYPTO_ARC4 is not set # CONFIG_CRYPTO_BLOWFISH is not set # CONFIG_CRYPTO_CAMELLIA is not set CONFIG_CRYPTO_CAST5=y # CONFIG_CRYPTO_CAST6 is not set CONFIG_CRYPTO_DES=y # CONFIG_CRYPTO_FCRYPT is not set # CONFIG_CRYPTO_KHAZAD is not set # CONFIG_CRYPTO_SALSA20 is not set CONFIG_CRYPTO_SALSA20_X86_64=y # CONFIG_CRYPTO_SEED is not set # CONFIG_CRYPTO_SERPENT is not set # CONFIG_CRYPTO_TEA is not set # CONFIG_CRYPTO_TWOFISH is not set CONFIG_CRYPTO_TWOFISH_COMMON=y CONFIG_CRYPTO_TWOFISH_X86_64=y # # Compression # CONFIG_CRYPTO_DEFLATE=y # CONFIG_CRYPTO_ZLIB is not set # CONFIG_CRYPTO_LZO is not set # # Random Number Generation # # CONFIG_CRYPTO_ANSI_CPRNG is not set CONFIG_CRYPTO_HW=y # CONFIG_BINARY_PRINTF is not set # # Library routines # CONFIG_BITREVERSE=y CONFIG_GENERIC_FIND_FIRST_BIT=y CONFIG_GENERIC_FIND_NEXT_BIT=y CONFIG_GENERIC_FIND_LAST_BIT=y # CONFIG_CRC_CCITT is not set CONFIG_CRC16=y # CONFIG_CRC_T10DIF is not set # CONFIG_CRC_ITU_T is not set CONFIG_CRC32=y # CONFIG_CRC7 is not set CONFIG_LIBCRC32C=y CONFIG_ZLIB_INFLATE=y CONFIG_ZLIB_DEFLATE=y CONFIG_TEXTSEARCH=y CONFIG_TEXTSEARCH_KMP=y CONFIG_TEXTSEARCH_BM=y CONFIG_TEXTSEARCH_FSM=y CONFIG_HAS_DMA=y CONFIG_NLATTR=y # # SCSI device support # # CONFIG_RAID_ATTRS is not set # CONFIG_SCSI is not set # CONFIG_SCSI_DMA is not set # CONFIG_SCSI_NETLINK is not set CONFIG_MD=y # CONFIG_BLK_DEV_MD is not set CONFIG_BLK_DEV_DM=y # CONFIG_DM_DEBUG is not set CONFIG_DM_CRYPT=y CONFIG_DM_SNAPSHOT=y CONFIG_DM_MIRROR=y # CONFIG_DM_ZERO is not set # CONFIG_DM_MULTIPATH is not set # CONFIG_DM_DELAY is not set # CONFIG_DM_UEVENT is not set # CONFIG_NEW_LEDS is not set # CONFIG_INPUT is not set # # Kernel hacking # # CONFIG_PRINTK_TIME is not set # CONFIG_ENABLE_WARN_DEPRECATED is not set CONFIG_ENABLE_MUST_CHECK=y CONFIG_FRAME_WARN=1024 # CONFIG_UNUSED_SYMBOLS is not set # CONFIG_DEBUG_FS is not set # CONFIG_DEBUG_KERNEL is not set CONFIG_DEBUG_BUGVERBOSE=y CONFIG_DEBUG_MEMORY_INIT=y # CONFIG_RCU_CPU_STALL_DETECTOR is not set CONFIG_SYSCTL_SYSCALL_CHECK=y # CONFIG_SAMPLES is not set # CONFIG_DEBUG_STACK_USAGE is not set marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/CONFIG-2.6.320000644000175000017500000005730713175722671023264 0ustar lucaslucas# # Automatically generated make config: don't edit # Linux kernel version: 2.6.32 # Sat Dec 5 13:08:27 2009 # CONFIG_DEFCONFIG_LIST="arch/$ARCH/defconfig" CONFIG_GENERIC_HARDIRQS=y CONFIG_UML=y CONFIG_MMU=y CONFIG_NO_IOMEM=y # CONFIG_TRACE_IRQFLAGS_SUPPORT is not set CONFIG_LOCKDEP_SUPPORT=y # CONFIG_STACKTRACE_SUPPORT is not set CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_TIME=y CONFIG_GENERIC_CLOCKEVENTS=y CONFIG_IRQ_RELEASE_METHOD=y CONFIG_HZ=100 # # UML-specific options # # # Host processor type and features # # CONFIG_M386 is not set # CONFIG_M486 is not set # CONFIG_M586 is not set # CONFIG_M586TSC is not set # CONFIG_M586MMX is not set CONFIG_M686=y # CONFIG_MPENTIUMII is not set # CONFIG_MPENTIUMIII is not set # CONFIG_MPENTIUMM is not set # CONFIG_MPENTIUM4 is not set # CONFIG_MK6 is not set # CONFIG_MK7 is not set # CONFIG_MK8 is not set # CONFIG_MCRUSOE is not set # CONFIG_MEFFICEON is not set # CONFIG_MWINCHIPC6 is not set # CONFIG_MWINCHIP3D is not set # CONFIG_MGEODEGX1 is not set # CONFIG_MGEODE_LX is not set # CONFIG_MCYRIXIII is not set # CONFIG_MVIAC3_2 is not set # CONFIG_MVIAC7 is not set # CONFIG_MPSC is not set # CONFIG_MCORE2 is not set # CONFIG_MATOM is not set # CONFIG_GENERIC_CPU is not set CONFIG_X86_GENERIC=y CONFIG_X86_CPU=y CONFIG_X86_L1_CACHE_BYTES=64 CONFIG_X86_INTERNODE_CACHE_BYTES=64 CONFIG_X86_CMPXCHG=y CONFIG_X86_L1_CACHE_SHIFT=5 CONFIG_X86_XADD=y CONFIG_X86_PPRO_FENCE=y CONFIG_X86_WP_WORKS_OK=y CONFIG_X86_INVLPG=y CONFIG_X86_BSWAP=y CONFIG_X86_POPAD_OK=y CONFIG_X86_INTEL_USERCOPY=y CONFIG_X86_USE_PPRO_CHECKSUM=y CONFIG_X86_TSC=y CONFIG_X86_CMPXCHG64=y CONFIG_X86_CMOV=y CONFIG_X86_MINIMUM_CPU_FAMILY=5 CONFIG_CPU_SUP_INTEL=y CONFIG_CPU_SUP_CYRIX_32=y CONFIG_CPU_SUP_AMD=y CONFIG_CPU_SUP_CENTAUR=y CONFIG_CPU_SUP_TRANSMETA_32=y CONFIG_CPU_SUP_UMC_32=y CONFIG_UML_X86=y # CONFIG_64BIT is not set CONFIG_X86_32=y CONFIG_RWSEM_XCHGADD_ALGORITHM=y # CONFIG_RWSEM_GENERIC_SPINLOCK is not set # CONFIG_3_LEVEL_PGTABLES is not set CONFIG_ARCH_HAS_SC_SIGNALS=y CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA=y # CONFIG_SMP_BROKEN is not set CONFIG_GENERIC_HWEIGHT=y # CONFIG_STATIC_LINK is not set CONFIG_SELECT_MEMORY_MODEL=y CONFIG_FLATMEM_MANUAL=y # CONFIG_DISCONTIGMEM_MANUAL is not set # CONFIG_SPARSEMEM_MANUAL is not set CONFIG_FLATMEM=y CONFIG_FLAT_NODE_MEM_MAP=y CONFIG_PAGEFLAGS_EXTENDED=y CONFIG_SPLIT_PTLOCK_CPUS=4 # CONFIG_PHYS_ADDR_T_64BIT is not set CONFIG_ZONE_DMA_FLAG=0 CONFIG_VIRT_TO_BUS=y CONFIG_HAVE_MLOCK=y CONFIG_HAVE_MLOCKED_PAGE_BIT=y # CONFIG_KSM is not set CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 CONFIG_TICK_ONESHOT=y CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y CONFIG_GENERIC_CLOCKEVENTS_BUILD=y CONFIG_LD_SCRIPT_DYN=y CONFIG_BINFMT_ELF=y # CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS is not set CONFIG_HAVE_AOUT=y # CONFIG_BINFMT_AOUT is not set CONFIG_BINFMT_MISC=y CONFIG_HOSTFS=y # CONFIG_HPPFS is not set CONFIG_MCONSOLE=y CONFIG_MAGIC_SYSRQ=y # CONFIG_HIGHMEM is not set CONFIG_KERNEL_STACK_ORDER=0 # # General setup # CONFIG_EXPERIMENTAL=y CONFIG_BROKEN_ON_SMP=y CONFIG_INIT_ENV_ARG_LIMIT=128 CONFIG_LOCALVERSION="-marionnet-ghost" CONFIG_LOCALVERSION_AUTO=y CONFIG_SWAP=y CONFIG_SYSVIPC=y CONFIG_SYSVIPC_SYSCTL=y CONFIG_POSIX_MQUEUE=y CONFIG_POSIX_MQUEUE_SYSCTL=y CONFIG_BSD_PROCESS_ACCT=y # CONFIG_BSD_PROCESS_ACCT_V3 is not set # CONFIG_TASKSTATS is not set # CONFIG_AUDIT is not set # # RCU Subsystem # CONFIG_TREE_RCU=y # CONFIG_TREE_PREEMPT_RCU is not set # CONFIG_RCU_TRACE is not set CONFIG_RCU_FANOUT=32 # CONFIG_RCU_FANOUT_EXACT is not set # CONFIG_TREE_RCU_TRACE is not set CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y CONFIG_LOG_BUF_SHIFT=14 # CONFIG_GROUP_SCHED is not set # CONFIG_CGROUPS is not set CONFIG_SYSFS_DEPRECATED=y CONFIG_SYSFS_DEPRECATED_V2=y # CONFIG_RELAY is not set CONFIG_NAMESPACES=y # CONFIG_UTS_NS is not set # CONFIG_IPC_NS is not set # CONFIG_USER_NS is not set # CONFIG_PID_NS is not set # CONFIG_NET_NS is not set # CONFIG_BLK_DEV_INITRD is not set CONFIG_CC_OPTIMIZE_FOR_SIZE=y CONFIG_SYSCTL=y CONFIG_ANON_INODES=y # CONFIG_EMBEDDED is not set CONFIG_UID16=y CONFIG_SYSCTL_SYSCALL=y CONFIG_KALLSYMS=y CONFIG_KALLSYMS_EXTRA_PASS=y CONFIG_HOTPLUG=y CONFIG_PRINTK=y CONFIG_BUG=y CONFIG_ELF_CORE=y CONFIG_BASE_FULL=y CONFIG_FUTEX=y CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_SHMEM=y CONFIG_AIO=y # # Kernel Performance Events And Counters # CONFIG_VM_EVENT_COUNTERS=y CONFIG_COMPAT_BRK=y CONFIG_SLAB=y # CONFIG_SLUB is not set # CONFIG_SLOB is not set # CONFIG_PROFILING is not set # # GCOV-based kernel profiling # CONFIG_SLOW_WORK=y # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set CONFIG_SLABINFO=y CONFIG_RT_MUTEXES=y CONFIG_BASE_SMALL=0 # CONFIG_MODULES is not set CONFIG_BLOCK=y CONFIG_LBDAF=y # CONFIG_BLK_DEV_BSG is not set # CONFIG_BLK_DEV_INTEGRITY is not set # # IO Schedulers # CONFIG_IOSCHED_NOOP=y CONFIG_IOSCHED_AS=y CONFIG_IOSCHED_DEADLINE=y CONFIG_IOSCHED_CFQ=y CONFIG_DEFAULT_AS=y # CONFIG_DEFAULT_DEADLINE is not set # CONFIG_DEFAULT_CFQ is not set # CONFIG_DEFAULT_NOOP is not set CONFIG_DEFAULT_IOSCHED="anticipatory" # CONFIG_FREEZER is not set CONFIG_BLK_DEV=y CONFIG_BLK_DEV_UBD=y # CONFIG_BLK_DEV_UBD_SYNC is not set CONFIG_BLK_DEV_COW_COMMON=y CONFIG_BLK_DEV_LOOP=y # CONFIG_BLK_DEV_CRYPTOLOOP is not set CONFIG_BLK_DEV_NBD=y # CONFIG_BLK_DEV_RAM is not set # CONFIG_ATA_OVER_ETH is not set # # Character Devices # CONFIG_STDERR_CONSOLE=y CONFIG_STDIO_CONSOLE=y CONFIG_SSL=y CONFIG_NULL_CHAN=y CONFIG_PORT_CHAN=y CONFIG_PTY_CHAN=y CONFIG_TTY_CHAN=y CONFIG_XTERM_CHAN=y # CONFIG_NOCONFIG_CHAN is not set CONFIG_CON_ZERO_CHAN="fd:0,fd:1" CONFIG_CON_CHAN="xterm" CONFIG_SSL_CHAN="pts" CONFIG_UNIX98_PTYS=y CONFIG_LEGACY_PTYS=y # CONFIG_RAW_DRIVER is not set CONFIG_LEGACY_PTY_COUNT=32 # CONFIG_WATCHDOG is not set CONFIG_UML_SOUND=y CONFIG_SOUND=y CONFIG_SOUND_OSS_CORE=y CONFIG_HOSTAUDIO=y # CONFIG_HW_RANDOM is not set CONFIG_UML_RANDOM=y # CONFIG_MMAPPER is not set # # Generic Driver Options # CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" # CONFIG_DEVTMPFS is not set CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y CONFIG_FW_LOADER=y CONFIG_FIRMWARE_IN_KERNEL=y CONFIG_EXTRA_FIRMWARE="" # CONFIG_SYS_HYPERVISOR is not set CONFIG_NET=y # # Networking options # CONFIG_PACKET=y CONFIG_PACKET_MMAP=y CONFIG_UNIX=y CONFIG_XFRM=y CONFIG_XFRM_USER=y # CONFIG_XFRM_SUB_POLICY is not set # CONFIG_XFRM_MIGRATE is not set # CONFIG_XFRM_STATISTICS is not set CONFIG_XFRM_IPCOMP=y CONFIG_NET_KEY=y # CONFIG_NET_KEY_MIGRATE is not set CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_ASK_IP_FIB_HASH=y # CONFIG_IP_FIB_TRIE is not set CONFIG_IP_FIB_HASH=y CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_VERBOSE=y # CONFIG_IP_PNP is not set CONFIG_NET_IPIP=y CONFIG_NET_IPGRE=y CONFIG_NET_IPGRE_BROADCAST=y CONFIG_IP_MROUTE=y # CONFIG_IP_PIMSM_V1 is not set CONFIG_IP_PIMSM_V2=y CONFIG_ARPD=y CONFIG_SYN_COOKIES=y CONFIG_INET_AH=y CONFIG_INET_ESP=y CONFIG_INET_IPCOMP=y CONFIG_INET_XFRM_TUNNEL=y CONFIG_INET_TUNNEL=y CONFIG_INET_XFRM_MODE_TRANSPORT=y CONFIG_INET_XFRM_MODE_TUNNEL=y CONFIG_INET_XFRM_MODE_BEET=y # CONFIG_INET_LRO is not set CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y # CONFIG_TCP_CONG_ADVANCED is not set CONFIG_TCP_CONG_CUBIC=y CONFIG_DEFAULT_TCP_CONG="cubic" # CONFIG_TCP_MD5SIG is not set CONFIG_IPV6=y # CONFIG_IPV6_PRIVACY is not set # CONFIG_IPV6_ROUTER_PREF is not set # CONFIG_IPV6_OPTIMISTIC_DAD is not set # CONFIG_INET6_AH is not set # CONFIG_INET6_ESP is not set # CONFIG_INET6_IPCOMP is not set # CONFIG_IPV6_MIP6 is not set # CONFIG_INET6_XFRM_TUNNEL is not set # CONFIG_INET6_TUNNEL is not set CONFIG_INET6_XFRM_MODE_TRANSPORT=y CONFIG_INET6_XFRM_MODE_TUNNEL=y CONFIG_INET6_XFRM_MODE_BEET=y # CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set CONFIG_IPV6_SIT=y CONFIG_IPV6_NDISC_NODETYPE=y # CONFIG_IPV6_TUNNEL is not set # CONFIG_IPV6_MULTIPLE_TABLES is not set # CONFIG_IPV6_MROUTE is not set # CONFIG_NETWORK_SECMARK is not set CONFIG_NETFILTER=y # CONFIG_NETFILTER_DEBUG is not set CONFIG_NETFILTER_ADVANCED=y CONFIG_BRIDGE_NETFILTER=y # # Core Netfilter Configuration # CONFIG_NETFILTER_NETLINK=y CONFIG_NETFILTER_NETLINK_QUEUE=y CONFIG_NETFILTER_NETLINK_LOG=y CONFIG_NF_CONNTRACK=y CONFIG_NF_CT_ACCT=y CONFIG_NF_CONNTRACK_MARK=y CONFIG_NF_CONNTRACK_EVENTS=y CONFIG_NF_CT_PROTO_DCCP=y CONFIG_NF_CT_PROTO_GRE=y CONFIG_NF_CT_PROTO_SCTP=y CONFIG_NF_CT_PROTO_UDPLITE=y CONFIG_NF_CONNTRACK_AMANDA=y CONFIG_NF_CONNTRACK_FTP=y CONFIG_NF_CONNTRACK_H323=y CONFIG_NF_CONNTRACK_IRC=y CONFIG_NF_CONNTRACK_NETBIOS_NS=y CONFIG_NF_CONNTRACK_PPTP=y CONFIG_NF_CONNTRACK_SANE=y CONFIG_NF_CONNTRACK_SIP=y CONFIG_NF_CONNTRACK_TFTP=y CONFIG_NF_CT_NETLINK=y # CONFIG_NETFILTER_TPROXY is not set CONFIG_NETFILTER_XTABLES=y CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y CONFIG_NETFILTER_XT_TARGET_CONNMARK=y CONFIG_NETFILTER_XT_TARGET_DSCP=y CONFIG_NETFILTER_XT_TARGET_HL=y CONFIG_NETFILTER_XT_TARGET_MARK=y CONFIG_NETFILTER_XT_TARGET_NFLOG=y CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y CONFIG_NETFILTER_XT_TARGET_NOTRACK=y CONFIG_NETFILTER_XT_TARGET_RATEEST=y CONFIG_NETFILTER_XT_TARGET_TRACE=y CONFIG_NETFILTER_XT_TARGET_TCPMSS=y CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=y # CONFIG_NETFILTER_XT_MATCH_CLUSTER is not set CONFIG_NETFILTER_XT_MATCH_COMMENT=y CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y CONFIG_NETFILTER_XT_MATCH_CONNMARK=y CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y CONFIG_NETFILTER_XT_MATCH_DCCP=y CONFIG_NETFILTER_XT_MATCH_DSCP=y CONFIG_NETFILTER_XT_MATCH_ESP=y CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y CONFIG_NETFILTER_XT_MATCH_HELPER=y CONFIG_NETFILTER_XT_MATCH_HL=y CONFIG_NETFILTER_XT_MATCH_IPRANGE=y CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y CONFIG_NETFILTER_XT_MATCH_MAC=y CONFIG_NETFILTER_XT_MATCH_MARK=y CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y CONFIG_NETFILTER_XT_MATCH_OWNER=y CONFIG_NETFILTER_XT_MATCH_POLICY=y CONFIG_NETFILTER_XT_MATCH_PHYSDEV=y CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y CONFIG_NETFILTER_XT_MATCH_QUOTA=y CONFIG_NETFILTER_XT_MATCH_RATEEST=y CONFIG_NETFILTER_XT_MATCH_REALM=y # CONFIG_NETFILTER_XT_MATCH_RECENT is not set CONFIG_NETFILTER_XT_MATCH_SCTP=y CONFIG_NETFILTER_XT_MATCH_STATE=y CONFIG_NETFILTER_XT_MATCH_STATISTIC=y CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y CONFIG_NETFILTER_XT_MATCH_TIME=y CONFIG_NETFILTER_XT_MATCH_U32=y # CONFIG_NETFILTER_XT_MATCH_OSF is not set # CONFIG_IP_VS is not set # # IP: Netfilter Configuration # CONFIG_NF_DEFRAG_IPV4=y CONFIG_NF_CONNTRACK_IPV4=y CONFIG_NF_CONNTRACK_PROC_COMPAT=y CONFIG_IP_NF_QUEUE=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_ADDRTYPE=y CONFIG_IP_NF_MATCH_AH=y CONFIG_IP_NF_MATCH_ECN=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_TARGET_LOG=y CONFIG_IP_NF_TARGET_ULOG=y CONFIG_NF_NAT=y CONFIG_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=y CONFIG_IP_NF_TARGET_NETMAP=y CONFIG_IP_NF_TARGET_REDIRECT=y CONFIG_NF_NAT_SNMP_BASIC=y CONFIG_NF_NAT_PROTO_DCCP=y CONFIG_NF_NAT_PROTO_GRE=y CONFIG_NF_NAT_PROTO_UDPLITE=y CONFIG_NF_NAT_PROTO_SCTP=y CONFIG_NF_NAT_FTP=y CONFIG_NF_NAT_IRC=y CONFIG_NF_NAT_TFTP=y CONFIG_NF_NAT_AMANDA=y CONFIG_NF_NAT_PPTP=y CONFIG_NF_NAT_H323=y CONFIG_NF_NAT_SIP=y CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_TARGET_CLUSTERIP=y CONFIG_IP_NF_TARGET_ECN=y CONFIG_IP_NF_TARGET_TTL=y CONFIG_IP_NF_RAW=y CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_ARPFILTER=y CONFIG_IP_NF_ARP_MANGLE=y # # IPv6: Netfilter Configuration # CONFIG_NF_CONNTRACK_IPV6=y CONFIG_IP6_NF_QUEUE=y CONFIG_IP6_NF_IPTABLES=y CONFIG_IP6_NF_MATCH_AH=y CONFIG_IP6_NF_MATCH_EUI64=y CONFIG_IP6_NF_MATCH_FRAG=y CONFIG_IP6_NF_MATCH_OPTS=y CONFIG_IP6_NF_MATCH_HL=y CONFIG_IP6_NF_MATCH_IPV6HEADER=y CONFIG_IP6_NF_MATCH_MH=y CONFIG_IP6_NF_MATCH_RT=y CONFIG_IP6_NF_TARGET_HL=y CONFIG_IP6_NF_TARGET_LOG=y CONFIG_IP6_NF_FILTER=y CONFIG_IP6_NF_TARGET_REJECT=y CONFIG_IP6_NF_MANGLE=y CONFIG_IP6_NF_RAW=y CONFIG_BRIDGE_NF_EBTABLES=y CONFIG_BRIDGE_EBT_BROUTE=y CONFIG_BRIDGE_EBT_T_FILTER=y CONFIG_BRIDGE_EBT_T_NAT=y CONFIG_BRIDGE_EBT_802_3=y CONFIG_BRIDGE_EBT_AMONG=y CONFIG_BRIDGE_EBT_ARP=y CONFIG_BRIDGE_EBT_IP=y CONFIG_BRIDGE_EBT_IP6=y CONFIG_BRIDGE_EBT_LIMIT=y CONFIG_BRIDGE_EBT_MARK=y CONFIG_BRIDGE_EBT_PKTTYPE=y CONFIG_BRIDGE_EBT_STP=y CONFIG_BRIDGE_EBT_VLAN=y CONFIG_BRIDGE_EBT_ARPREPLY=y CONFIG_BRIDGE_EBT_DNAT=y CONFIG_BRIDGE_EBT_MARK_T=y CONFIG_BRIDGE_EBT_REDIRECT=y CONFIG_BRIDGE_EBT_SNAT=y CONFIG_BRIDGE_EBT_LOG=y CONFIG_BRIDGE_EBT_ULOG=y CONFIG_BRIDGE_EBT_NFLOG=y CONFIG_GHOSTIFICATION_NETFILTER=y CONFIG_GHOSTIFICATION_NETFILTER_ALL=y # CONFIG_IP_DCCP is not set # CONFIG_IP_SCTP is not set # CONFIG_RDS is not set # CONFIG_TIPC is not set # CONFIG_ATM is not set CONFIG_STP=y CONFIG_GARP=y CONFIG_BRIDGE=y # CONFIG_NET_DSA is not set CONFIG_VLAN_8021Q=y CONFIG_VLAN_8021Q_GVRP=y # CONFIG_DECNET is not set CONFIG_LLC=y CONFIG_LLC2=y # CONFIG_IPX is not set # CONFIG_ATALK is not set # CONFIG_X25 is not set # CONFIG_LAPB is not set # CONFIG_ECONET is not set # CONFIG_WAN_ROUTER is not set # CONFIG_PHONET is not set # CONFIG_IEEE802154 is not set CONFIG_NET_SCHED=y # # Queueing/Scheduling # CONFIG_NET_SCH_CBQ=y CONFIG_NET_SCH_HTB=y CONFIG_NET_SCH_HFSC=y CONFIG_NET_SCH_PRIO=y # CONFIG_NET_SCH_MULTIQ is not set CONFIG_NET_SCH_RED=y CONFIG_NET_SCH_SFQ=y CONFIG_NET_SCH_TEQL=y CONFIG_NET_SCH_TBF=y CONFIG_NET_SCH_GRED=y CONFIG_NET_SCH_DSMARK=y CONFIG_NET_SCH_NETEM=y # CONFIG_NET_SCH_DRR is not set # CONFIG_NET_SCH_INGRESS is not set # # Classification # CONFIG_NET_CLS=y CONFIG_NET_CLS_BASIC=y CONFIG_NET_CLS_TCINDEX=y CONFIG_NET_CLS_ROUTE4=y CONFIG_NET_CLS_ROUTE=y CONFIG_NET_CLS_FW=y CONFIG_NET_CLS_U32=y CONFIG_CLS_U32_PERF=y CONFIG_CLS_U32_MARK=y CONFIG_NET_CLS_RSVP=y CONFIG_NET_CLS_RSVP6=y CONFIG_NET_CLS_FLOW=y CONFIG_NET_EMATCH=y CONFIG_NET_EMATCH_STACK=32 CONFIG_NET_EMATCH_CMP=y CONFIG_NET_EMATCH_NBYTE=y CONFIG_NET_EMATCH_U32=y CONFIG_NET_EMATCH_META=y CONFIG_NET_EMATCH_TEXT=y CONFIG_NET_CLS_ACT=y CONFIG_NET_ACT_POLICE=y CONFIG_NET_ACT_GACT=y CONFIG_GACT_PROB=y CONFIG_NET_ACT_MIRRED=y CONFIG_NET_ACT_IPT=y CONFIG_NET_ACT_NAT=y CONFIG_NET_ACT_PEDIT=y # CONFIG_NET_ACT_SIMP is not set # CONFIG_NET_ACT_SKBEDIT is not set CONFIG_NET_CLS_IND=y CONFIG_NET_SCH_FIFO=y # CONFIG_DCB is not set # # Network testing # # CONFIG_NET_PKTGEN is not set # CONFIG_HAMRADIO is not set # CONFIG_CAN is not set # CONFIG_IRDA is not set # CONFIG_BT is not set # CONFIG_AF_RXRPC is not set CONFIG_FIB_RULES=y # CONFIG_WIRELESS is not set # CONFIG_WIMAX is not set # CONFIG_RFKILL is not set # CONFIG_NET_9P is not set CONFIG_GHOSTIFICATION=y CONFIG_GHOSTIFICATION_NUM=9 CONFIG_GHOSTIFICATION_MESG=y CONFIG_GHOSTIFICATION_PRINTK=y # CONFIG_GHOSTIFICATION_DEBUG is not set # CONFIG_GHOSTIFICATION_DEVEL is not set # # UML Network Devices # CONFIG_UML_NET=y CONFIG_UML_NET_ETHERTAP=y CONFIG_UML_NET_TUNTAP=y CONFIG_UML_NET_SLIP=y CONFIG_UML_NET_DAEMON=y CONFIG_UML_NET_VDE=y CONFIG_UML_NET_MCAST=y CONFIG_UML_NET_PCAP=y CONFIG_UML_NET_SLIRP=y CONFIG_NETDEVICES=y # CONFIG_IFB is not set CONFIG_DUMMY=y CONFIG_BONDING=y CONFIG_MACVLAN=y # CONFIG_EQUALIZER is not set CONFIG_TUN=y # CONFIG_VETH is not set # CONFIG_WLAN is not set # # Enable WiMAX (Networking options) to see the WiMAX drivers # # CONFIG_WAN is not set CONFIG_PPP=y # CONFIG_PPP_MULTILINK is not set # CONFIG_PPP_FILTER is not set # CONFIG_PPP_ASYNC is not set # CONFIG_PPP_SYNC_TTY is not set # CONFIG_PPP_DEFLATE is not set # CONFIG_PPP_BSDCOMP is not set # CONFIG_PPP_MPPE is not set # CONFIG_PPPOE is not set # CONFIG_PPPOL2TP is not set CONFIG_SLIP=y # CONFIG_SLIP_COMPRESSED is not set CONFIG_SLHC=y # CONFIG_SLIP_SMART is not set # CONFIG_SLIP_MODE_SLIP6 is not set # CONFIG_NETCONSOLE is not set # CONFIG_NETPOLL is not set # CONFIG_NET_POLL_CONTROLLER is not set # CONFIG_CONNECTOR is not set # # File systems # CONFIG_EXT2_FS=y CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_POSIX_ACL=y # CONFIG_EXT2_FS_SECURITY is not set # CONFIG_EXT2_FS_XIP is not set CONFIG_EXT3_FS=y CONFIG_EXT3_DEFAULTS_TO_ORDERED=y CONFIG_EXT3_FS_XATTR=y CONFIG_EXT3_FS_POSIX_ACL=y CONFIG_EXT3_FS_SECURITY=y # CONFIG_EXT4_FS is not set CONFIG_JBD=y CONFIG_FS_MBCACHE=y # CONFIG_REISERFS_FS is not set # CONFIG_JFS_FS is not set CONFIG_FS_POSIX_ACL=y # CONFIG_XFS_FS is not set # CONFIG_GFS2_FS is not set # CONFIG_OCFS2_FS is not set # CONFIG_BTRFS_FS is not set # CONFIG_NILFS2_FS is not set CONFIG_FILE_LOCKING=y CONFIG_FSNOTIFY=y CONFIG_DNOTIFY=y CONFIG_INOTIFY=y CONFIG_INOTIFY_USER=y CONFIG_QUOTA=y # CONFIG_QUOTA_NETLINK_INTERFACE is not set CONFIG_PRINT_QUOTA_WARNING=y # CONFIG_QFMT_V1 is not set # CONFIG_QFMT_V2 is not set CONFIG_QUOTACTL=y CONFIG_AUTOFS_FS=y CONFIG_AUTOFS4_FS=y # CONFIG_FUSE_FS is not set # # Caches # # CONFIG_FSCACHE is not set # # CD-ROM/DVD Filesystems # # CONFIG_ISO9660_FS is not set # CONFIG_UDF_FS is not set # # DOS/FAT/NT Filesystems # # CONFIG_MSDOS_FS is not set # CONFIG_VFAT_FS is not set # CONFIG_NTFS_FS is not set # # Pseudo filesystems # CONFIG_PROC_FS=y CONFIG_PROC_KCORE=y CONFIG_PROC_SYSCTL=y CONFIG_PROC_PAGE_MONITOR=y CONFIG_SYSFS=y CONFIG_TMPFS=y # CONFIG_TMPFS_POSIX_ACL is not set # CONFIG_HUGETLB_PAGE is not set # CONFIG_CONFIGFS_FS is not set CONFIG_MISC_FILESYSTEMS=y # CONFIG_ADFS_FS is not set # CONFIG_AFFS_FS is not set # CONFIG_HFS_FS is not set # CONFIG_HFSPLUS_FS is not set # CONFIG_BEFS_FS is not set # CONFIG_BFS_FS is not set # CONFIG_EFS_FS is not set # CONFIG_CRAMFS is not set # CONFIG_SQUASHFS is not set # CONFIG_VXFS_FS is not set # CONFIG_MINIX_FS is not set # CONFIG_OMFS_FS is not set # CONFIG_HPFS_FS is not set # CONFIG_QNX4FS_FS is not set # CONFIG_ROMFS_FS is not set # CONFIG_SYSV_FS is not set # CONFIG_UFS_FS is not set CONFIG_NETWORK_FILESYSTEMS=y CONFIG_NFS_FS=y CONFIG_NFS_V3=y CONFIG_NFS_V3_ACL=y CONFIG_NFS_V4=y # CONFIG_NFS_V4_1 is not set CONFIG_NFSD=y CONFIG_NFSD_V2_ACL=y CONFIG_NFSD_V3=y CONFIG_NFSD_V3_ACL=y CONFIG_NFSD_V4=y CONFIG_LOCKD=y CONFIG_LOCKD_V4=y CONFIG_EXPORTFS=y CONFIG_NFS_ACL_SUPPORT=y CONFIG_NFS_COMMON=y CONFIG_SUNRPC=y CONFIG_SUNRPC_GSS=y CONFIG_RPCSEC_GSS_KRB5=y CONFIG_RPCSEC_GSS_SPKM3=y # CONFIG_SMB_FS is not set CONFIG_CIFS=y # CONFIG_CIFS_STATS is not set # CONFIG_CIFS_WEAK_PW_HASH is not set CONFIG_CIFS_XATTR=y CONFIG_CIFS_POSIX=y CONFIG_CIFS_DEBUG2=y # CONFIG_CIFS_EXPERIMENTAL is not set # CONFIG_NCP_FS is not set # CONFIG_CODA_FS is not set # CONFIG_AFS_FS is not set # # Partition Types # CONFIG_PARTITION_ADVANCED=y # CONFIG_ACORN_PARTITION is not set # CONFIG_OSF_PARTITION is not set # CONFIG_AMIGA_PARTITION is not set # CONFIG_ATARI_PARTITION is not set # CONFIG_MAC_PARTITION is not set CONFIG_MSDOS_PARTITION=y # CONFIG_BSD_DISKLABEL is not set # CONFIG_MINIX_SUBPARTITION is not set # CONFIG_SOLARIS_X86_PARTITION is not set # CONFIG_UNIXWARE_DISKLABEL is not set # CONFIG_LDM_PARTITION is not set # CONFIG_SGI_PARTITION is not set # CONFIG_ULTRIX_PARTITION is not set # CONFIG_SUN_PARTITION is not set # CONFIG_KARMA_PARTITION is not set # CONFIG_EFI_PARTITION is not set # CONFIG_SYSV68_PARTITION is not set CONFIG_NLS=y CONFIG_NLS_DEFAULT="iso8859-1" # CONFIG_NLS_CODEPAGE_437 is not set # CONFIG_NLS_CODEPAGE_737 is not set # CONFIG_NLS_CODEPAGE_775 is not set # CONFIG_NLS_CODEPAGE_850 is not set # CONFIG_NLS_CODEPAGE_852 is not set # CONFIG_NLS_CODEPAGE_855 is not set # CONFIG_NLS_CODEPAGE_857 is not set # CONFIG_NLS_CODEPAGE_860 is not set # CONFIG_NLS_CODEPAGE_861 is not set # CONFIG_NLS_CODEPAGE_862 is not set # CONFIG_NLS_CODEPAGE_863 is not set # CONFIG_NLS_CODEPAGE_864 is not set # CONFIG_NLS_CODEPAGE_865 is not set # CONFIG_NLS_CODEPAGE_866 is not set # CONFIG_NLS_CODEPAGE_869 is not set # CONFIG_NLS_CODEPAGE_936 is not set # CONFIG_NLS_CODEPAGE_950 is not set # CONFIG_NLS_CODEPAGE_932 is not set # CONFIG_NLS_CODEPAGE_949 is not set # CONFIG_NLS_CODEPAGE_874 is not set # CONFIG_NLS_ISO8859_8 is not set # CONFIG_NLS_CODEPAGE_1250 is not set # CONFIG_NLS_CODEPAGE_1251 is not set # CONFIG_NLS_ASCII is not set # CONFIG_NLS_ISO8859_1 is not set # CONFIG_NLS_ISO8859_2 is not set # CONFIG_NLS_ISO8859_3 is not set # CONFIG_NLS_ISO8859_4 is not set # CONFIG_NLS_ISO8859_5 is not set # CONFIG_NLS_ISO8859_6 is not set # CONFIG_NLS_ISO8859_7 is not set # CONFIG_NLS_ISO8859_9 is not set # CONFIG_NLS_ISO8859_13 is not set # CONFIG_NLS_ISO8859_14 is not set # CONFIG_NLS_ISO8859_15 is not set # CONFIG_NLS_KOI8_R is not set # CONFIG_NLS_KOI8_U is not set # CONFIG_NLS_UTF8 is not set # CONFIG_DLM is not set # # Security options # # CONFIG_KEYS is not set # CONFIG_SECURITY is not set # CONFIG_SECURITYFS is not set # CONFIG_SECURITY_FILE_CAPABILITIES is not set CONFIG_CRYPTO=y # # Crypto core or helper # CONFIG_CRYPTO_ALGAPI=y CONFIG_CRYPTO_ALGAPI2=y CONFIG_CRYPTO_AEAD=y CONFIG_CRYPTO_AEAD2=y CONFIG_CRYPTO_BLKCIPHER=y CONFIG_CRYPTO_BLKCIPHER2=y CONFIG_CRYPTO_HASH=y CONFIG_CRYPTO_HASH2=y CONFIG_CRYPTO_RNG2=y CONFIG_CRYPTO_PCOMP=y CONFIG_CRYPTO_MANAGER=y CONFIG_CRYPTO_MANAGER2=y # CONFIG_CRYPTO_GF128MUL is not set # CONFIG_CRYPTO_NULL is not set CONFIG_CRYPTO_WORKQUEUE=y # CONFIG_CRYPTO_CRYPTD is not set CONFIG_CRYPTO_AUTHENC=y # # Authenticated Encryption with Associated Data # # CONFIG_CRYPTO_CCM is not set # CONFIG_CRYPTO_GCM is not set # CONFIG_CRYPTO_SEQIV is not set # # Block modes # CONFIG_CRYPTO_CBC=y # CONFIG_CRYPTO_CTR is not set # CONFIG_CRYPTO_CTS is not set # CONFIG_CRYPTO_ECB is not set # CONFIG_CRYPTO_LRW is not set # CONFIG_CRYPTO_PCBC is not set # CONFIG_CRYPTO_XTS is not set # # Hash modes # CONFIG_CRYPTO_HMAC=y # CONFIG_CRYPTO_XCBC is not set # CONFIG_CRYPTO_VMAC is not set # # Digest # CONFIG_CRYPTO_CRC32C=y # CONFIG_CRYPTO_GHASH is not set # CONFIG_CRYPTO_MD4 is not set CONFIG_CRYPTO_MD5=y # CONFIG_CRYPTO_MICHAEL_MIC is not set # CONFIG_CRYPTO_RMD128 is not set # CONFIG_CRYPTO_RMD160 is not set # CONFIG_CRYPTO_RMD256 is not set # CONFIG_CRYPTO_RMD320 is not set CONFIG_CRYPTO_SHA1=y # CONFIG_CRYPTO_SHA256 is not set # CONFIG_CRYPTO_SHA512 is not set # CONFIG_CRYPTO_TGR192 is not set # CONFIG_CRYPTO_WP512 is not set # # Ciphers # # CONFIG_CRYPTO_AES is not set # CONFIG_CRYPTO_AES_586 is not set # CONFIG_CRYPTO_ANUBIS is not set # CONFIG_CRYPTO_ARC4 is not set # CONFIG_CRYPTO_BLOWFISH is not set # CONFIG_CRYPTO_CAMELLIA is not set CONFIG_CRYPTO_CAST5=y # CONFIG_CRYPTO_CAST6 is not set CONFIG_CRYPTO_DES=y # CONFIG_CRYPTO_FCRYPT is not set # CONFIG_CRYPTO_KHAZAD is not set # CONFIG_CRYPTO_SALSA20 is not set # CONFIG_CRYPTO_SALSA20_586 is not set # CONFIG_CRYPTO_SEED is not set # CONFIG_CRYPTO_SERPENT is not set # CONFIG_CRYPTO_TEA is not set # CONFIG_CRYPTO_TWOFISH is not set # CONFIG_CRYPTO_TWOFISH_586 is not set # # Compression # CONFIG_CRYPTO_DEFLATE=y # CONFIG_CRYPTO_ZLIB is not set # CONFIG_CRYPTO_LZO is not set # # Random Number Generation # # CONFIG_CRYPTO_ANSI_CPRNG is not set CONFIG_CRYPTO_HW=y # CONFIG_BINARY_PRINTF is not set # # Library routines # CONFIG_BITREVERSE=y CONFIG_GENERIC_FIND_FIRST_BIT=y CONFIG_GENERIC_FIND_NEXT_BIT=y CONFIG_GENERIC_FIND_LAST_BIT=y # CONFIG_CRC_CCITT is not set CONFIG_CRC16=y # CONFIG_CRC_T10DIF is not set # CONFIG_CRC_ITU_T is not set CONFIG_CRC32=y # CONFIG_CRC7 is not set CONFIG_LIBCRC32C=y CONFIG_ZLIB_INFLATE=y CONFIG_ZLIB_DEFLATE=y CONFIG_TEXTSEARCH=y CONFIG_TEXTSEARCH_KMP=y CONFIG_TEXTSEARCH_BM=y CONFIG_TEXTSEARCH_FSM=y CONFIG_HAS_DMA=y CONFIG_NLATTR=y # # SCSI device support # # CONFIG_RAID_ATTRS is not set # CONFIG_SCSI is not set # CONFIG_SCSI_DMA is not set # CONFIG_SCSI_NETLINK is not set CONFIG_MD=y # CONFIG_BLK_DEV_MD is not set CONFIG_BLK_DEV_DM=y # CONFIG_DM_DEBUG is not set CONFIG_DM_CRYPT=y CONFIG_DM_SNAPSHOT=y CONFIG_DM_MIRROR=y # CONFIG_DM_LOG_USERSPACE is not set # CONFIG_DM_ZERO is not set # CONFIG_DM_MULTIPATH is not set # CONFIG_DM_DELAY is not set # CONFIG_DM_UEVENT is not set # CONFIG_NEW_LEDS is not set # CONFIG_INPUT is not set # # Kernel hacking # # CONFIG_PRINTK_TIME is not set # CONFIG_ENABLE_WARN_DEPRECATED is not set CONFIG_ENABLE_MUST_CHECK=y CONFIG_FRAME_WARN=1024 # CONFIG_STRIP_ASM_SYMS is not set # CONFIG_UNUSED_SYMBOLS is not set # CONFIG_DEBUG_FS is not set # CONFIG_DEBUG_KERNEL is not set CONFIG_DEBUG_BUGVERBOSE=y CONFIG_DEBUG_MEMORY_INIT=y # CONFIG_RCU_CPU_STALL_DETECTOR is not set CONFIG_SYSCTL_SYSCALL_CHECK=y # CONFIG_SAMPLES is not set # CONFIG_DEBUG_STACK_USAGE is not set marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/CONFIG-2.6.27_x86_640000644000175000017500000005411113175722671024274 0ustar lucaslucas# # Automatically generated make config: don't edit # Linux kernel version: 2.6.27 # Fri Nov 27 10:03:13 2009 # CONFIG_DEFCONFIG_LIST="arch/$ARCH/defconfig" CONFIG_GENERIC_HARDIRQS=y CONFIG_UML=y CONFIG_MMU=y CONFIG_NO_IOMEM=y # CONFIG_TRACE_IRQFLAGS_SUPPORT is not set CONFIG_LOCKDEP_SUPPORT=y # CONFIG_STACKTRACE_SUPPORT is not set CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_TIME=y CONFIG_GENERIC_CLOCKEVENTS=y CONFIG_IRQ_RELEASE_METHOD=y CONFIG_HZ=100 # # UML-specific options # # CONFIG_STATIC_LINK is not set # # Host processor type and features # # CONFIG_M386 is not set # CONFIG_M486 is not set # CONFIG_M586 is not set # CONFIG_M586TSC is not set # CONFIG_M586MMX is not set # CONFIG_M686 is not set # CONFIG_MPENTIUMII is not set # CONFIG_MPENTIUMIII is not set # CONFIG_MPENTIUMM is not set # CONFIG_MPENTIUM4 is not set # CONFIG_MK6 is not set # CONFIG_MK7 is not set CONFIG_MK8=y # CONFIG_MCRUSOE is not set # CONFIG_MEFFICEON is not set # CONFIG_MWINCHIPC6 is not set # CONFIG_MWINCHIP2 is not set # CONFIG_MWINCHIP3D is not set # CONFIG_MGEODEGX1 is not set # CONFIG_MGEODE_LX is not set # CONFIG_MCYRIXIII is not set # CONFIG_MVIAC3_2 is not set # CONFIG_MVIAC7 is not set # CONFIG_MPSC is not set # CONFIG_MCORE2 is not set # CONFIG_GENERIC_CPU is not set CONFIG_X86_CPU=y # CONFIG_X86_CMPXCHG is not set CONFIG_X86_L1_CACHE_SHIFT=6 CONFIG_X86_WP_WORKS_OK=y CONFIG_X86_INTEL_USERCOPY=y CONFIG_X86_USE_PPRO_CHECKSUM=y CONFIG_X86_TSC=y CONFIG_X86_MINIMUM_CPU_FAMILY=3 CONFIG_X86_DEBUGCTLMSR=y CONFIG_UML_X86=y CONFIG_64BIT=y CONFIG_RWSEM_GENERIC_SPINLOCK=y CONFIG_3_LEVEL_PGTABLES=y # CONFIG_ARCH_HAS_SC_SIGNALS is not set # CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA is not set CONFIG_SMP_BROKEN=y CONFIG_GENERIC_HWEIGHT=y CONFIG_ARCH_SUPPORTS_AOUT=y CONFIG_SELECT_MEMORY_MODEL=y CONFIG_FLATMEM_MANUAL=y # CONFIG_DISCONTIGMEM_MANUAL is not set # CONFIG_SPARSEMEM_MANUAL is not set CONFIG_FLATMEM=y CONFIG_FLAT_NODE_MEM_MAP=y # CONFIG_SPARSEMEM_STATIC is not set # CONFIG_SPARSEMEM_VMEMMAP_ENABLE is not set CONFIG_PAGEFLAGS_EXTENDED=y CONFIG_SPLIT_PTLOCK_CPUS=4 CONFIG_RESOURCES_64BIT=y CONFIG_ZONE_DMA_FLAG=0 CONFIG_VIRT_TO_BUS=y CONFIG_TICK_ONESHOT=y CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y CONFIG_GENERIC_CLOCKEVENTS_BUILD=y CONFIG_LD_SCRIPT_DYN=y CONFIG_BINFMT_ELF=y CONFIG_BINFMT_MISC=y CONFIG_HOSTFS=y # CONFIG_HPPFS is not set CONFIG_MCONSOLE=y CONFIG_MAGIC_SYSRQ=y CONFIG_KERNEL_STACK_ORDER=1 # # General setup # CONFIG_EXPERIMENTAL=y CONFIG_BROKEN_ON_SMP=y CONFIG_INIT_ENV_ARG_LIMIT=128 CONFIG_LOCALVERSION="-marionnet-ghost" CONFIG_LOCALVERSION_AUTO=y CONFIG_SWAP=y CONFIG_SYSVIPC=y CONFIG_SYSVIPC_SYSCTL=y CONFIG_POSIX_MQUEUE=y CONFIG_BSD_PROCESS_ACCT=y # CONFIG_BSD_PROCESS_ACCT_V3 is not set # CONFIG_TASKSTATS is not set # CONFIG_AUDIT is not set CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y CONFIG_LOG_BUF_SHIFT=14 # CONFIG_CGROUPS is not set # CONFIG_GROUP_SCHED is not set CONFIG_SYSFS_DEPRECATED=y CONFIG_SYSFS_DEPRECATED_V2=y # CONFIG_RELAY is not set CONFIG_NAMESPACES=y # CONFIG_UTS_NS is not set # CONFIG_IPC_NS is not set # CONFIG_USER_NS is not set # CONFIG_PID_NS is not set # CONFIG_BLK_DEV_INITRD is not set CONFIG_CC_OPTIMIZE_FOR_SIZE=y CONFIG_SYSCTL=y # CONFIG_EMBEDDED is not set CONFIG_UID16=y CONFIG_SYSCTL_SYSCALL=y CONFIG_KALLSYMS=y CONFIG_KALLSYMS_EXTRA_PASS=y CONFIG_HOTPLUG=y CONFIG_PRINTK=y CONFIG_BUG=y CONFIG_ELF_CORE=y CONFIG_COMPAT_BRK=y CONFIG_BASE_FULL=y CONFIG_FUTEX=y CONFIG_ANON_INODES=y CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_SHMEM=y CONFIG_VM_EVENT_COUNTERS=y CONFIG_SLAB=y # CONFIG_SLUB is not set # CONFIG_SLOB is not set # CONFIG_PROFILING is not set # CONFIG_MARKERS is not set # CONFIG_HAVE_OPROFILE is not set # CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS is not set # CONFIG_HAVE_IOREMAP_PROT is not set # CONFIG_HAVE_KPROBES is not set # CONFIG_HAVE_KRETPROBES is not set # CONFIG_HAVE_ARCH_TRACEHOOK is not set # CONFIG_HAVE_DMA_ATTRS is not set # CONFIG_USE_GENERIC_SMP_HELPERS is not set # CONFIG_HAVE_CLK is not set CONFIG_PROC_PAGE_MONITOR=y # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set CONFIG_SLABINFO=y CONFIG_RT_MUTEXES=y # CONFIG_TINY_SHMEM is not set CONFIG_BASE_SMALL=0 # CONFIG_MODULES is not set CONFIG_BLOCK=y # CONFIG_BLK_DEV_IO_TRACE is not set # CONFIG_BLK_DEV_BSG is not set # CONFIG_BLK_DEV_INTEGRITY is not set # # IO Schedulers # CONFIG_IOSCHED_NOOP=y CONFIG_IOSCHED_AS=y CONFIG_IOSCHED_DEADLINE=y CONFIG_IOSCHED_CFQ=y CONFIG_DEFAULT_AS=y # CONFIG_DEFAULT_DEADLINE is not set # CONFIG_DEFAULT_CFQ is not set # CONFIG_DEFAULT_NOOP is not set CONFIG_DEFAULT_IOSCHED="anticipatory" CONFIG_CLASSIC_RCU=y CONFIG_BLK_DEV=y CONFIG_BLK_DEV_UBD=y # CONFIG_BLK_DEV_UBD_SYNC is not set CONFIG_BLK_DEV_COW_COMMON=y CONFIG_BLK_DEV_LOOP=y # CONFIG_BLK_DEV_CRYPTOLOOP is not set CONFIG_BLK_DEV_NBD=y # CONFIG_BLK_DEV_RAM is not set # CONFIG_ATA_OVER_ETH is not set # # Character Devices # CONFIG_STDERR_CONSOLE=y CONFIG_STDIO_CONSOLE=y CONFIG_SSL=y CONFIG_NULL_CHAN=y CONFIG_PORT_CHAN=y CONFIG_PTY_CHAN=y CONFIG_TTY_CHAN=y CONFIG_XTERM_CHAN=y # CONFIG_NOCONFIG_CHAN is not set CONFIG_CON_ZERO_CHAN="fd:0,fd:1" CONFIG_CON_CHAN="xterm" CONFIG_SSL_CHAN="pts" CONFIG_UNIX98_PTYS=y CONFIG_LEGACY_PTYS=y # CONFIG_RAW_DRIVER is not set CONFIG_LEGACY_PTY_COUNT=32 # CONFIG_WATCHDOG is not set CONFIG_UML_SOUND=y CONFIG_SOUND=y CONFIG_HOSTAUDIO=y # CONFIG_HW_RANDOM is not set CONFIG_UML_RANDOM=y # CONFIG_MMAPPER is not set # # Generic Driver Options # CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y CONFIG_FW_LOADER=y CONFIG_FIRMWARE_IN_KERNEL=y CONFIG_EXTRA_FIRMWARE="" # CONFIG_SYS_HYPERVISOR is not set CONFIG_NET=y # # Networking options # CONFIG_PACKET=y CONFIG_PACKET_MMAP=y CONFIG_UNIX=y CONFIG_XFRM=y CONFIG_XFRM_USER=y # CONFIG_XFRM_SUB_POLICY is not set # CONFIG_XFRM_MIGRATE is not set # CONFIG_XFRM_STATISTICS is not set CONFIG_XFRM_IPCOMP=y CONFIG_NET_KEY=y # CONFIG_NET_KEY_MIGRATE is not set CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_ASK_IP_FIB_HASH=y # CONFIG_IP_FIB_TRIE is not set CONFIG_IP_FIB_HASH=y CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_VERBOSE=y # CONFIG_IP_PNP is not set CONFIG_NET_IPIP=y CONFIG_NET_IPGRE=y CONFIG_NET_IPGRE_BROADCAST=y CONFIG_IP_MROUTE=y # CONFIG_IP_PIMSM_V1 is not set CONFIG_IP_PIMSM_V2=y CONFIG_ARPD=y CONFIG_SYN_COOKIES=y CONFIG_INET_AH=y CONFIG_INET_ESP=y CONFIG_INET_IPCOMP=y CONFIG_INET_XFRM_TUNNEL=y CONFIG_INET_TUNNEL=y CONFIG_INET_XFRM_MODE_TRANSPORT=y CONFIG_INET_XFRM_MODE_TUNNEL=y CONFIG_INET_XFRM_MODE_BEET=y # CONFIG_INET_LRO is not set CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y # CONFIG_TCP_CONG_ADVANCED is not set CONFIG_TCP_CONG_CUBIC=y CONFIG_DEFAULT_TCP_CONG="cubic" # CONFIG_TCP_MD5SIG is not set # CONFIG_IP_VS is not set CONFIG_IPV6=y # CONFIG_IPV6_PRIVACY is not set # CONFIG_IPV6_ROUTER_PREF is not set # CONFIG_IPV6_OPTIMISTIC_DAD is not set # CONFIG_INET6_AH is not set # CONFIG_INET6_ESP is not set # CONFIG_INET6_IPCOMP is not set # CONFIG_IPV6_MIP6 is not set # CONFIG_INET6_XFRM_TUNNEL is not set # CONFIG_INET6_TUNNEL is not set CONFIG_INET6_XFRM_MODE_TRANSPORT=y CONFIG_INET6_XFRM_MODE_TUNNEL=y CONFIG_INET6_XFRM_MODE_BEET=y # CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set CONFIG_IPV6_SIT=y CONFIG_IPV6_NDISC_NODETYPE=y # CONFIG_IPV6_TUNNEL is not set # CONFIG_IPV6_MULTIPLE_TABLES is not set # CONFIG_IPV6_MROUTE is not set # CONFIG_NETWORK_SECMARK is not set CONFIG_NETFILTER=y # CONFIG_NETFILTER_DEBUG is not set CONFIG_NETFILTER_ADVANCED=y CONFIG_BRIDGE_NETFILTER=y # # Core Netfilter Configuration # CONFIG_NETFILTER_NETLINK=y CONFIG_NETFILTER_NETLINK_QUEUE=y CONFIG_NETFILTER_NETLINK_LOG=y CONFIG_NF_CONNTRACK=y CONFIG_NF_CT_ACCT=y CONFIG_NF_CONNTRACK_MARK=y CONFIG_NF_CONNTRACK_EVENTS=y CONFIG_NF_CT_PROTO_DCCP=y CONFIG_NF_CT_PROTO_GRE=y CONFIG_NF_CT_PROTO_SCTP=y CONFIG_NF_CT_PROTO_UDPLITE=y CONFIG_NF_CONNTRACK_AMANDA=y CONFIG_NF_CONNTRACK_FTP=y CONFIG_NF_CONNTRACK_H323=y CONFIG_NF_CONNTRACK_IRC=y CONFIG_NF_CONNTRACK_NETBIOS_NS=y CONFIG_NF_CONNTRACK_PPTP=y CONFIG_NF_CONNTRACK_SANE=y CONFIG_NF_CONNTRACK_SIP=y CONFIG_NF_CONNTRACK_TFTP=y CONFIG_NF_CT_NETLINK=y CONFIG_NETFILTER_XTABLES=y CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y CONFIG_NETFILTER_XT_TARGET_CONNMARK=y CONFIG_NETFILTER_XT_TARGET_DSCP=y CONFIG_NETFILTER_XT_TARGET_MARK=y CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y CONFIG_NETFILTER_XT_TARGET_NFLOG=y CONFIG_NETFILTER_XT_TARGET_NOTRACK=y CONFIG_NETFILTER_XT_TARGET_RATEEST=y CONFIG_NETFILTER_XT_TARGET_TRACE=y CONFIG_NETFILTER_XT_TARGET_TCPMSS=y CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=y CONFIG_NETFILTER_XT_MATCH_COMMENT=y CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y CONFIG_NETFILTER_XT_MATCH_CONNMARK=y CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y CONFIG_NETFILTER_XT_MATCH_DCCP=y CONFIG_NETFILTER_XT_MATCH_DSCP=y CONFIG_NETFILTER_XT_MATCH_ESP=y CONFIG_NETFILTER_XT_MATCH_HELPER=y CONFIG_NETFILTER_XT_MATCH_IPRANGE=y CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y CONFIG_NETFILTER_XT_MATCH_MAC=y CONFIG_NETFILTER_XT_MATCH_MARK=y CONFIG_NETFILTER_XT_MATCH_OWNER=y CONFIG_NETFILTER_XT_MATCH_POLICY=y CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y CONFIG_NETFILTER_XT_MATCH_PHYSDEV=y CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y CONFIG_NETFILTER_XT_MATCH_QUOTA=y CONFIG_NETFILTER_XT_MATCH_RATEEST=y CONFIG_NETFILTER_XT_MATCH_REALM=y CONFIG_NETFILTER_XT_MATCH_SCTP=y CONFIG_NETFILTER_XT_MATCH_STATE=y CONFIG_NETFILTER_XT_MATCH_STATISTIC=y CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y CONFIG_NETFILTER_XT_MATCH_TIME=y CONFIG_NETFILTER_XT_MATCH_U32=y CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y # # IP: Netfilter Configuration # CONFIG_NF_CONNTRACK_IPV4=y CONFIG_NF_CONNTRACK_PROC_COMPAT=y CONFIG_IP_NF_QUEUE=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_RECENT=y CONFIG_IP_NF_MATCH_ECN=y CONFIG_IP_NF_MATCH_AH=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_MATCH_ADDRTYPE=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_TARGET_LOG=y CONFIG_IP_NF_TARGET_ULOG=y CONFIG_NF_NAT=y CONFIG_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=y CONFIG_IP_NF_TARGET_REDIRECT=y CONFIG_IP_NF_TARGET_NETMAP=y CONFIG_NF_NAT_SNMP_BASIC=y CONFIG_NF_NAT_PROTO_DCCP=y CONFIG_NF_NAT_PROTO_GRE=y CONFIG_NF_NAT_PROTO_UDPLITE=y CONFIG_NF_NAT_PROTO_SCTP=y CONFIG_NF_NAT_FTP=y CONFIG_NF_NAT_IRC=y CONFIG_NF_NAT_TFTP=y CONFIG_NF_NAT_AMANDA=y CONFIG_NF_NAT_PPTP=y CONFIG_NF_NAT_H323=y CONFIG_NF_NAT_SIP=y CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_TARGET_ECN=y CONFIG_IP_NF_TARGET_TTL=y CONFIG_IP_NF_TARGET_CLUSTERIP=y CONFIG_IP_NF_RAW=y CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_ARPFILTER=y CONFIG_IP_NF_ARP_MANGLE=y # # IPv6: Netfilter Configuration # CONFIG_NF_CONNTRACK_IPV6=y CONFIG_IP6_NF_QUEUE=y CONFIG_IP6_NF_IPTABLES=y CONFIG_IP6_NF_MATCH_RT=y CONFIG_IP6_NF_MATCH_OPTS=y CONFIG_IP6_NF_MATCH_FRAG=y CONFIG_IP6_NF_MATCH_HL=y CONFIG_IP6_NF_MATCH_IPV6HEADER=y CONFIG_IP6_NF_MATCH_AH=y CONFIG_IP6_NF_MATCH_MH=y CONFIG_IP6_NF_MATCH_EUI64=y CONFIG_IP6_NF_FILTER=y CONFIG_IP6_NF_TARGET_LOG=y CONFIG_IP6_NF_TARGET_REJECT=y CONFIG_IP6_NF_MANGLE=y CONFIG_IP6_NF_TARGET_HL=y CONFIG_IP6_NF_RAW=y # # Bridge: Netfilter Configuration # CONFIG_BRIDGE_NF_EBTABLES=y CONFIG_BRIDGE_EBT_BROUTE=y CONFIG_BRIDGE_EBT_T_FILTER=y CONFIG_BRIDGE_EBT_T_NAT=y CONFIG_BRIDGE_EBT_802_3=y CONFIG_BRIDGE_EBT_AMONG=y CONFIG_BRIDGE_EBT_ARP=y CONFIG_BRIDGE_EBT_IP=y CONFIG_BRIDGE_EBT_IP6=y CONFIG_BRIDGE_EBT_LIMIT=y CONFIG_BRIDGE_EBT_MARK=y CONFIG_BRIDGE_EBT_PKTTYPE=y CONFIG_BRIDGE_EBT_STP=y CONFIG_BRIDGE_EBT_VLAN=y CONFIG_BRIDGE_EBT_ARPREPLY=y CONFIG_BRIDGE_EBT_DNAT=y CONFIG_BRIDGE_EBT_MARK_T=y CONFIG_BRIDGE_EBT_REDIRECT=y CONFIG_BRIDGE_EBT_SNAT=y CONFIG_BRIDGE_EBT_LOG=y CONFIG_BRIDGE_EBT_ULOG=y CONFIG_BRIDGE_EBT_NFLOG=y CONFIG_GHOSTIFICATION_NETFILTER=y CONFIG_GHOSTIFICATION_NETFILTER_ALL=y # CONFIG_IP_DCCP is not set # CONFIG_IP_SCTP is not set # CONFIG_TIPC is not set # CONFIG_ATM is not set CONFIG_STP=y CONFIG_GARP=y CONFIG_BRIDGE=y CONFIG_VLAN_8021Q=y CONFIG_VLAN_8021Q_GVRP=y # CONFIG_DECNET is not set CONFIG_LLC=y CONFIG_LLC2=y # CONFIG_IPX is not set # CONFIG_ATALK is not set # CONFIG_X25 is not set # CONFIG_LAPB is not set # CONFIG_ECONET is not set # CONFIG_WAN_ROUTER is not set CONFIG_NET_SCHED=y # # Queueing/Scheduling # CONFIG_NET_SCH_CBQ=y CONFIG_NET_SCH_HTB=y CONFIG_NET_SCH_HFSC=y CONFIG_NET_SCH_PRIO=y CONFIG_NET_SCH_RED=y CONFIG_NET_SCH_SFQ=y CONFIG_NET_SCH_TEQL=y CONFIG_NET_SCH_TBF=y CONFIG_NET_SCH_GRED=y CONFIG_NET_SCH_DSMARK=y CONFIG_NET_SCH_NETEM=y # CONFIG_NET_SCH_INGRESS is not set # # Classification # CONFIG_NET_CLS=y CONFIG_NET_CLS_BASIC=y CONFIG_NET_CLS_TCINDEX=y CONFIG_NET_CLS_ROUTE4=y CONFIG_NET_CLS_ROUTE=y CONFIG_NET_CLS_FW=y CONFIG_NET_CLS_U32=y CONFIG_CLS_U32_PERF=y CONFIG_CLS_U32_MARK=y CONFIG_NET_CLS_RSVP=y CONFIG_NET_CLS_RSVP6=y CONFIG_NET_CLS_FLOW=y CONFIG_NET_EMATCH=y CONFIG_NET_EMATCH_STACK=32 CONFIG_NET_EMATCH_CMP=y CONFIG_NET_EMATCH_NBYTE=y CONFIG_NET_EMATCH_U32=y CONFIG_NET_EMATCH_META=y CONFIG_NET_EMATCH_TEXT=y CONFIG_NET_CLS_ACT=y CONFIG_NET_ACT_POLICE=y CONFIG_NET_ACT_GACT=y CONFIG_GACT_PROB=y CONFIG_NET_ACT_MIRRED=y CONFIG_NET_ACT_IPT=y CONFIG_NET_ACT_NAT=y CONFIG_NET_ACT_PEDIT=y # CONFIG_NET_ACT_SIMP is not set CONFIG_NET_CLS_IND=y CONFIG_NET_SCH_FIFO=y # # Network testing # # CONFIG_NET_PKTGEN is not set # CONFIG_HAMRADIO is not set # CONFIG_CAN is not set # CONFIG_IRDA is not set # CONFIG_BT is not set # CONFIG_AF_RXRPC is not set CONFIG_FIB_RULES=y # # Wireless # # CONFIG_CFG80211 is not set # CONFIG_WIRELESS_EXT is not set # CONFIG_MAC80211 is not set # CONFIG_IEEE80211 is not set # CONFIG_RFKILL is not set # CONFIG_NET_9P is not set CONFIG_GHOSTIFICATION=y CONFIG_GHOSTIFICATION_NUM=9 CONFIG_GHOSTIFICATION_MESG=y CONFIG_GHOSTIFICATION_PRINTK=y # CONFIG_GHOSTIFICATION_DEBUG is not set # CONFIG_GHOSTIFICATION_DEVEL is not set # # UML Network Devices # CONFIG_UML_NET=y CONFIG_UML_NET_ETHERTAP=y CONFIG_UML_NET_TUNTAP=y CONFIG_UML_NET_SLIP=y CONFIG_UML_NET_DAEMON=y CONFIG_UML_NET_VDE=y CONFIG_UML_NET_MCAST=y CONFIG_UML_NET_PCAP=y CONFIG_UML_NET_SLIRP=y CONFIG_NETDEVICES=y # CONFIG_IFB is not set CONFIG_DUMMY=y CONFIG_BONDING=y CONFIG_MACVLAN=y # CONFIG_EQUALIZER is not set CONFIG_TUN=y # CONFIG_VETH is not set # # Wireless LAN # # CONFIG_WLAN_PRE80211 is not set # CONFIG_WLAN_80211 is not set # CONFIG_IWLWIFI_LEDS is not set # CONFIG_WAN is not set CONFIG_PPP=y # CONFIG_PPP_MULTILINK is not set # CONFIG_PPP_FILTER is not set # CONFIG_PPP_ASYNC is not set # CONFIG_PPP_SYNC_TTY is not set # CONFIG_PPP_DEFLATE is not set # CONFIG_PPP_BSDCOMP is not set # CONFIG_PPP_MPPE is not set # CONFIG_PPPOE is not set # CONFIG_PPPOL2TP is not set CONFIG_SLIP=y # CONFIG_SLIP_COMPRESSED is not set CONFIG_SLHC=y # CONFIG_SLIP_SMART is not set # CONFIG_SLIP_MODE_SLIP6 is not set # CONFIG_NETCONSOLE is not set # CONFIG_NETPOLL is not set # CONFIG_NET_POLL_CONTROLLER is not set # CONFIG_CONNECTOR is not set # # File systems # CONFIG_EXT2_FS=y CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_POSIX_ACL=y # CONFIG_EXT2_FS_SECURITY is not set # CONFIG_EXT2_FS_XIP is not set CONFIG_EXT3_FS=y CONFIG_EXT3_FS_XATTR=y CONFIG_EXT3_FS_POSIX_ACL=y CONFIG_EXT3_FS_SECURITY=y # CONFIG_EXT4DEV_FS is not set CONFIG_JBD=y CONFIG_FS_MBCACHE=y # CONFIG_REISERFS_FS is not set # CONFIG_JFS_FS is not set CONFIG_FS_POSIX_ACL=y # CONFIG_XFS_FS is not set # CONFIG_GFS2_FS is not set # CONFIG_OCFS2_FS is not set CONFIG_DNOTIFY=y CONFIG_INOTIFY=y CONFIG_INOTIFY_USER=y CONFIG_QUOTA=y # CONFIG_QUOTA_NETLINK_INTERFACE is not set CONFIG_PRINT_QUOTA_WARNING=y # CONFIG_QFMT_V1 is not set # CONFIG_QFMT_V2 is not set CONFIG_QUOTACTL=y CONFIG_AUTOFS_FS=y CONFIG_AUTOFS4_FS=y # CONFIG_FUSE_FS is not set # # CD-ROM/DVD Filesystems # # CONFIG_ISO9660_FS is not set # CONFIG_UDF_FS is not set # # DOS/FAT/NT Filesystems # # CONFIG_MSDOS_FS is not set # CONFIG_VFAT_FS is not set # CONFIG_NTFS_FS is not set # # Pseudo filesystems # CONFIG_PROC_FS=y CONFIG_PROC_KCORE=y CONFIG_PROC_SYSCTL=y CONFIG_SYSFS=y CONFIG_TMPFS=y # CONFIG_TMPFS_POSIX_ACL is not set # CONFIG_HUGETLB_PAGE is not set # CONFIG_CONFIGFS_FS is not set # # Miscellaneous filesystems # # CONFIG_ADFS_FS is not set # CONFIG_AFFS_FS is not set # CONFIG_HFS_FS is not set # CONFIG_HFSPLUS_FS is not set # CONFIG_BEFS_FS is not set # CONFIG_BFS_FS is not set # CONFIG_EFS_FS is not set # CONFIG_CRAMFS is not set # CONFIG_VXFS_FS is not set # CONFIG_MINIX_FS is not set # CONFIG_OMFS_FS is not set # CONFIG_HPFS_FS is not set # CONFIG_QNX4FS_FS is not set # CONFIG_ROMFS_FS is not set # CONFIG_SYSV_FS is not set # CONFIG_UFS_FS is not set CONFIG_NETWORK_FILESYSTEMS=y CONFIG_NFS_FS=y CONFIG_NFS_V3=y CONFIG_NFS_V3_ACL=y CONFIG_NFS_V4=y CONFIG_NFSD=y CONFIG_NFSD_V2_ACL=y CONFIG_NFSD_V3=y CONFIG_NFSD_V3_ACL=y CONFIG_NFSD_V4=y CONFIG_LOCKD=y CONFIG_LOCKD_V4=y CONFIG_EXPORTFS=y CONFIG_NFS_ACL_SUPPORT=y CONFIG_NFS_COMMON=y CONFIG_SUNRPC=y CONFIG_SUNRPC_GSS=y CONFIG_RPCSEC_GSS_KRB5=y CONFIG_RPCSEC_GSS_SPKM3=y # CONFIG_SMB_FS is not set CONFIG_CIFS=y # CONFIG_CIFS_STATS is not set # CONFIG_CIFS_WEAK_PW_HASH is not set CONFIG_CIFS_XATTR=y CONFIG_CIFS_POSIX=y CONFIG_CIFS_DEBUG2=y # CONFIG_CIFS_EXPERIMENTAL is not set # CONFIG_NCP_FS is not set # CONFIG_CODA_FS is not set # CONFIG_AFS_FS is not set # # Partition Types # CONFIG_PARTITION_ADVANCED=y # CONFIG_ACORN_PARTITION is not set # CONFIG_OSF_PARTITION is not set # CONFIG_AMIGA_PARTITION is not set # CONFIG_ATARI_PARTITION is not set # CONFIG_MAC_PARTITION is not set CONFIG_MSDOS_PARTITION=y # CONFIG_BSD_DISKLABEL is not set # CONFIG_MINIX_SUBPARTITION is not set # CONFIG_SOLARIS_X86_PARTITION is not set # CONFIG_UNIXWARE_DISKLABEL is not set # CONFIG_LDM_PARTITION is not set # CONFIG_SGI_PARTITION is not set # CONFIG_ULTRIX_PARTITION is not set # CONFIG_SUN_PARTITION is not set # CONFIG_KARMA_PARTITION is not set # CONFIG_EFI_PARTITION is not set # CONFIG_SYSV68_PARTITION is not set CONFIG_NLS=y CONFIG_NLS_DEFAULT="iso8859-1" # CONFIG_NLS_CODEPAGE_437 is not set # CONFIG_NLS_CODEPAGE_737 is not set # CONFIG_NLS_CODEPAGE_775 is not set # CONFIG_NLS_CODEPAGE_850 is not set # CONFIG_NLS_CODEPAGE_852 is not set # CONFIG_NLS_CODEPAGE_855 is not set # CONFIG_NLS_CODEPAGE_857 is not set # CONFIG_NLS_CODEPAGE_860 is not set # CONFIG_NLS_CODEPAGE_861 is not set # CONFIG_NLS_CODEPAGE_862 is not set # CONFIG_NLS_CODEPAGE_863 is not set # CONFIG_NLS_CODEPAGE_864 is not set # CONFIG_NLS_CODEPAGE_865 is not set # CONFIG_NLS_CODEPAGE_866 is not set # CONFIG_NLS_CODEPAGE_869 is not set # CONFIG_NLS_CODEPAGE_936 is not set # CONFIG_NLS_CODEPAGE_950 is not set # CONFIG_NLS_CODEPAGE_932 is not set # CONFIG_NLS_CODEPAGE_949 is not set # CONFIG_NLS_CODEPAGE_874 is not set # CONFIG_NLS_ISO8859_8 is not set # CONFIG_NLS_CODEPAGE_1250 is not set # CONFIG_NLS_CODEPAGE_1251 is not set # CONFIG_NLS_ASCII is not set # CONFIG_NLS_ISO8859_1 is not set # CONFIG_NLS_ISO8859_2 is not set # CONFIG_NLS_ISO8859_3 is not set # CONFIG_NLS_ISO8859_4 is not set # CONFIG_NLS_ISO8859_5 is not set # CONFIG_NLS_ISO8859_6 is not set # CONFIG_NLS_ISO8859_7 is not set # CONFIG_NLS_ISO8859_9 is not set # CONFIG_NLS_ISO8859_13 is not set # CONFIG_NLS_ISO8859_14 is not set # CONFIG_NLS_ISO8859_15 is not set # CONFIG_NLS_KOI8_R is not set # CONFIG_NLS_KOI8_U is not set # CONFIG_NLS_UTF8 is not set # CONFIG_DLM is not set # # Security options # # CONFIG_KEYS is not set # CONFIG_SECURITY is not set # CONFIG_SECURITY_FILE_CAPABILITIES is not set CONFIG_CRYPTO=y # # Crypto core or helper # CONFIG_CRYPTO_ALGAPI=y CONFIG_CRYPTO_AEAD=y CONFIG_CRYPTO_BLKCIPHER=y CONFIG_CRYPTO_HASH=y CONFIG_CRYPTO_MANAGER=y # CONFIG_CRYPTO_GF128MUL is not set # CONFIG_CRYPTO_NULL is not set # CONFIG_CRYPTO_CRYPTD is not set CONFIG_CRYPTO_AUTHENC=y # # Authenticated Encryption with Associated Data # # CONFIG_CRYPTO_CCM is not set # CONFIG_CRYPTO_GCM is not set # CONFIG_CRYPTO_SEQIV is not set # # Block modes # CONFIG_CRYPTO_CBC=y # CONFIG_CRYPTO_CTR is not set # CONFIG_CRYPTO_CTS is not set # CONFIG_CRYPTO_ECB is not set # CONFIG_CRYPTO_LRW is not set # CONFIG_CRYPTO_PCBC is not set # CONFIG_CRYPTO_XTS is not set # # Hash modes # CONFIG_CRYPTO_HMAC=y # CONFIG_CRYPTO_XCBC is not set # # Digest # # CONFIG_CRYPTO_CRC32C is not set # CONFIG_CRYPTO_MD4 is not set CONFIG_CRYPTO_MD5=y # CONFIG_CRYPTO_MICHAEL_MIC is not set # CONFIG_CRYPTO_RMD128 is not set # CONFIG_CRYPTO_RMD160 is not set # CONFIG_CRYPTO_RMD256 is not set # CONFIG_CRYPTO_RMD320 is not set CONFIG_CRYPTO_SHA1=y # CONFIG_CRYPTO_SHA256 is not set # CONFIG_CRYPTO_SHA512 is not set # CONFIG_CRYPTO_TGR192 is not set # CONFIG_CRYPTO_WP512 is not set # # Ciphers # CONFIG_CRYPTO_AES=y CONFIG_CRYPTO_AES_X86_64=y # CONFIG_CRYPTO_ANUBIS is not set # CONFIG_CRYPTO_ARC4 is not set # CONFIG_CRYPTO_BLOWFISH is not set # CONFIG_CRYPTO_CAMELLIA is not set CONFIG_CRYPTO_CAST5=y # CONFIG_CRYPTO_CAST6 is not set CONFIG_CRYPTO_DES=y # CONFIG_CRYPTO_FCRYPT is not set # CONFIG_CRYPTO_KHAZAD is not set # CONFIG_CRYPTO_SALSA20 is not set CONFIG_CRYPTO_SALSA20_X86_64=y # CONFIG_CRYPTO_SEED is not set # CONFIG_CRYPTO_SERPENT is not set # CONFIG_CRYPTO_TEA is not set # CONFIG_CRYPTO_TWOFISH is not set CONFIG_CRYPTO_TWOFISH_COMMON=y CONFIG_CRYPTO_TWOFISH_X86_64=y # # Compression # CONFIG_CRYPTO_DEFLATE=y # CONFIG_CRYPTO_LZO is not set CONFIG_CRYPTO_HW=y # # Library routines # CONFIG_BITREVERSE=y CONFIG_GENERIC_FIND_FIRST_BIT=y CONFIG_GENERIC_FIND_NEXT_BIT=y # CONFIG_CRC_CCITT is not set CONFIG_CRC16=y # CONFIG_CRC_T10DIF is not set # CONFIG_CRC_ITU_T is not set CONFIG_CRC32=y # CONFIG_CRC7 is not set CONFIG_LIBCRC32C=y CONFIG_ZLIB_INFLATE=y CONFIG_ZLIB_DEFLATE=y CONFIG_TEXTSEARCH=y CONFIG_TEXTSEARCH_KMP=y CONFIG_TEXTSEARCH_BM=y CONFIG_TEXTSEARCH_FSM=y CONFIG_PLIST=y CONFIG_HAS_DMA=y # # SCSI device support # # CONFIG_RAID_ATTRS is not set # CONFIG_SCSI is not set # CONFIG_SCSI_DMA is not set # CONFIG_SCSI_NETLINK is not set CONFIG_MD=y # CONFIG_BLK_DEV_MD is not set CONFIG_BLK_DEV_DM=y # CONFIG_DM_DEBUG is not set CONFIG_DM_CRYPT=y CONFIG_DM_SNAPSHOT=y CONFIG_DM_MIRROR=y # CONFIG_DM_ZERO is not set # CONFIG_DM_MULTIPATH is not set # CONFIG_DM_DELAY is not set # CONFIG_DM_UEVENT is not set # CONFIG_NEW_LEDS is not set # CONFIG_INPUT is not set # # Kernel hacking # # CONFIG_PRINTK_TIME is not set # CONFIG_ENABLE_WARN_DEPRECATED is not set CONFIG_ENABLE_MUST_CHECK=y CONFIG_FRAME_WARN=1024 # CONFIG_UNUSED_SYMBOLS is not set # CONFIG_DEBUG_FS is not set # CONFIG_DEBUG_KERNEL is not set CONFIG_DEBUG_BUGVERBOSE=y CONFIG_DEBUG_MEMORY_INIT=y CONFIG_SYSCTL_SYSCALL_CHECK=y # CONFIG_SAMPLES is not set # CONFIG_DEBUG_STACK_USAGE is not set marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/linux-2.6.18-ghost_debian.patch0000644000175000017500000010173513175722671027177 0ustar lucaslucasdiff -rNuadEb linux-source-2.6.18/arch/um/sys-i386/user-offsets.c linux-source-2.6.18-ghost/arch/um/sys-i386/user-offsets.c --- linux-source-2.6.18/arch/um/sys-i386/user-offsets.c 2006-09-20 05:42:06.000000000 +0200 +++ linux-source-2.6.18-ghost/arch/um/sys-i386/user-offsets.c 2009-11-29 20:04:05.000000000 +0100 @@ -2,7 +2,8 @@ #include #include #include -#include +#include +//#include #include #define DEFINE(sym, val) \ @@ -11,6 +12,10 @@ #define DEFINE_LONGS(sym, val) \ asm volatile("\n->" #sym " %0 " #val : : "i" (val/sizeof(unsigned long))) +//#define offsetof(TYPE,MEMBER) ((size_t)&((TYPE*)0)->MEMBER) +#define offsetof(TYPE, MEMBER) __builtin_offsetof (TYPE, MEMBER) + + #define OFFSET(sym, str, mem) \ DEFINE(sym, offsetof(struct str, mem)); diff -rNuadEb linux-source-2.6.18/include/linux/netdevice.h linux-source-2.6.18-ghost/include/linux/netdevice.h --- linux-source-2.6.18/include/linux/netdevice.h 2006-09-20 05:42:06.000000000 +0200 +++ linux-source-2.6.18-ghost/include/linux/netdevice.h 2009-11-29 20:04:05.000000000 +0100 @@ -14,6 +14,8 @@ * Alan Cox, * Bjorn Ekwall. * Pekka Riikonen + * Luca Saiu (trivial changes + * for ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -1041,4 +1043,7 @@ #endif /* __KERNEL__ */ +/* Just check whether the given name belongs to the ghost interface: */ +int is_a_ghost_interface_name(const char *interface_name); + #endif /* _LINUX_DEV_H */ diff -rNuadEb linux-source-2.6.18/include/linux/sockios.h linux-source-2.6.18-ghost/include/linux/sockios.h --- linux-source-2.6.18/include/linux/sockios.h 2006-09-20 05:42:06.000000000 +0200 +++ linux-source-2.6.18-ghost/include/linux/sockios.h 2009-11-29 20:04:05.000000000 +0100 @@ -9,6 +9,8 @@ * * Authors: Ross Biro * Fred N. van Kempen, + * Luca Saiu (trivial changes + * for ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -83,6 +85,10 @@ #define SIOCWANDEV 0x894A /* get/set netdev parameters */ +#define SIOKLOG 0x894D /* Write a string to the log */ +#define SIOCGIFGHOSTIFY 0x894E /* Make a network device 'ghost' */ +#define SIOCGIFUNGHOSTIFY 0x894F /* Make a network device 'ghost' */ + /* ARP cache control calls. */ /* 0x8950 - 0x8952 * obsolete calls, don't re-use */ #define SIOCDARP 0x8953 /* delete ARP table entry */ diff -rNuadEb linux-source-2.6.18/net/core/dev.c linux-source-2.6.18-ghost/net/core/dev.c --- linux-source-2.6.18/net/core/dev.c 2009-11-05 04:47:10.000000000 +0100 +++ linux-source-2.6.18-ghost/net/core/dev.c 2009-11-29 20:04:05.000000000 +0100 @@ -18,6 +18,7 @@ * Alexey Kuznetsov * Adam Sulmicki * Pekka Riikonen + * Luca Saiu (ghostification support) * * Changes: * D.J. Barrow : Fixed bug where dev->refcnt gets set @@ -118,6 +119,179 @@ #include #include + +/* The maximum number of ghost interfaces allowed at any given + time: */ +#define MAX_GHOST_INTERFACES_NO 8 + +/* A crude unsorted array of unique names, where "" stands for an + empty slot. Elements are so few that an hash table would be + overkill, and possibly also less efficient than this solution: */ +static char ghost_interface_names[MAX_GHOST_INTERFACES_NO][IFNAMSIZ]; + +/* A lock protecting the ghost interfaces' support structure: */ +//static DEFINE_SPINLOCK(ghostification_spin_lock); +static rwlock_t ghostification_spin_lock = RW_LOCK_UNLOCKED; + +/* Lock disabling local interrupts and saving flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + unsigned long flags; write_lock_irqsave(&ghostification_spin_lock, flags) +/* Unlock re-enabling interrupts and restoring flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + write_unlock_irqrestore(&ghostification_spin_lock, flags) + +/* Lock disabling local interrupts and saving flags. This is for readers, + which are allowed to execute concurrently: */ +#define LOCK_GHOSTIFICATION_FOR_READING \ + unsigned long flags; read_lock_irqsave(&ghostification_spin_lock, flags) +/* Lock re-enabling interrupts and restoring flags. This is for readers, + which are allowed to execute concurrently: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING \ + read_unlock_irqrestore(&ghostification_spin_lock, flags) + +/* Defined in net/ipv6/addrconf.c: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); + +/* Return the index of the given element (which may be "") within + ghost_interface_names, or -1 on failure. Note that this must be + executed in a critical section: */ +static int __lookup_ghost_interface_names(const char *interface_name){ + int i; + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(!strcmp(interface_name, ghost_interface_names[i])) + return i; // we found the given name in the i-th element + return -1; // we didn't find the given name in the array +} + +/* This is useful for debugging. It must be called in a critical + section. */ +static void __dump_ghost_interfaces(void){ + int i, number_of_ghost_interfaces = 0; + printk(KERN_DEBUG + "Ghost interfaces are now:\n"); + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(strcmp(ghost_interface_names[i], "")){ + number_of_ghost_interfaces++; + printk(KERN_DEBUG "%i. %s\n", + number_of_ghost_interfaces, + ghost_interface_names[i]); + } + printk(KERN_DEBUG "There are now %i ghost interfaces. A maximum of %i can exist at any given time.\n", + number_of_ghost_interfaces, + MAX_GHOST_INTERFACES_NO); +} + +/* Just check whether the given name belongs to a ghost interface. + This must be called in a critical section: */ +int __is_a_ghost_interface_name(const char *interface_name){ + /* Particular case: "" is *not* a ghost interface name, even if + it's in the ghost interfaces array (we use it just to mark + an empty slot): */ + if(interface_name[0] == '\0') + return 0; + /* Just check whether interface_name is an element of the array: */ + return __lookup_ghost_interface_names(interface_name) >= 0; +} + +/* Just check whether the given name belongs to a ghost interface: */ +int is_a_ghost_interface_name(const char *interface_name){ + int result; + LOCK_GHOSTIFICATION_FOR_READING; + /* Just check whether interface_name is an element of the array: */ + result = __is_a_ghost_interface_name(interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING; + return result; +} + +/* Make the given interface ghost. Return 0 on success, nonzero on + failure. Failure occours when the interface is already ghost or + does not exist: */ +static int ghostify_interface(char *interface_name){ + int a_free_element_index; + const size_t name_length = strlen(interface_name); + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + /* Let's avoid buffer overflows... This could possibly be exploited: */ + if((name_length >= IFNAMSIZ) || (name_length == 0)){ + printk(KERN_DEBUG + "The user asked to ghostify the interface %s, which has a name of length %i. Failing.\n", + interface_name, + name_length); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EINVAL; + } // if + + /* Fail if the interface is already ghostified. In particular we + want *no* duplicates in the array. Note that we're already in + a critical section here, so there's no need for locking: */ + if(__is_a_ghost_interface_name(interface_name)){ + printk(KERN_DEBUG + "Could not ghostify the interface %s, because it\'s already ghost.\n", + interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EINVAL; + } // if + + /* Look for a free spot: */ + a_free_element_index = __lookup_ghost_interface_names(""); + if(a_free_element_index < 0){ + printk(KERN_DEBUG + "Could not ghostify the interface %s, because %i interfaces are already ghostified. Sorry.\n", + interface_name, + MAX_GHOST_INTERFACES_NO); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENOMEM; + } // if + + /* Ok, we found a free spot; just copy the interface name: */ + strcpy(ghost_interface_names[a_free_element_index], + interface_name); + + /* Hide /proc/net/dev_snmp6/DEVICE for the new ghost DEVICE: */ + hide_proc_net_dev_snmp6_DEVICE_if_needed( + ghost_interface_names[a_free_element_index]); + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} + +/* Make the given interface, which should be ghost, non-ghost. + Return 0 on success, nonzero on failure. Failure occours when + the given interface is non-ghost or does not exist: */ +static int unghostify_interface(char *ghost_interface_name){ + int the_interface_index; + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + /* Look for the given interface: */ + the_interface_index = + __lookup_ghost_interface_names(ghost_interface_name); + if(the_interface_index < 0){ + printk(KERN_DEBUG + "Could not unghostify the interface %s, because it's non-ghost or not existing.\n", + ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EINVAL; + } // if + + /* Ok, we found the interface: just "remove" its name from the array: */ + ghost_interface_names[the_interface_index][0] = '\0'; + + /* Show again /proc/net/dev_snmp6/DEVICE for the now non-ghost DEVICE: */ + show_proc_net_dev_snmp6_DEVICE_if_needed( + ghost_interface_name); + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} + +EXPORT_SYMBOL(is_a_ghost_interface_name); + + /* * The list of packet types we will receive (as opposed to discard) * and the routines to invoke. @@ -433,8 +607,13 @@ int __init netdev_boot_setup(char *str) { int ints[5]; + int i; struct ifmap map; + /* There are no ghost interfaces by default: */ + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + ghost_interface_names[i][0] = '\0'; + str = get_options(str, ARRAY_SIZE(ints), ints); if (!str || !*str) return 0; @@ -2044,11 +2223,16 @@ len = ifc.ifc_len; /* - * Loop over the interfaces, and write an info block for each. + * Loop over the interfaces, and write an info block for each, + * unless they are ghostified. */ - total = 0; - for (dev = dev_base; dev; dev = dev->next) { + for (dev = dev_base; dev; dev = dev->next){ + /* Don't tell the user about ghost interfaces: just skip them: */ + if(is_a_ghost_interface_name(dev->name)){ + // printk(KERN_DEBUG "Skipping the ghost interface %s in SIOCGIFCONF\n", dev->name); + continue; + } for (i = 0; i < NPROTO; i++) { if (gifconf_list[i]) { int done; @@ -2111,7 +2295,7 @@ { if (dev->get_stats) { struct net_device_stats *stats = dev->get_stats(dev); - + if(! is_a_ghost_interface_name(dev->name)) seq_printf(seq, "%6s:%8lu %7lu %4lu %4lu %4lu %5lu %10lu %9lu " "%8lu %7lu %4lu %4lu %4lu %5lu %7lu %10lu\n", dev->name, stats->rx_bytes, stats->rx_packets, @@ -2492,6 +2676,10 @@ if (!dev) return -ENODEV; + if(is_a_ghost_interface_name(dev->name)){ + //printk(KERN_DEBUG "The user is performing a SIOCxIFxxx ioctl() on the ghost interface %s here; we make the call fail with -ENODEV\n", dev->name); + return -ENODEV; + } switch (cmd) { case SIOCGIFFLAGS: /* Get interface flags */ @@ -2675,6 +2863,48 @@ */ switch (cmd) { + case SIOKLOG:{ + char text[1000]; + if(copy_from_user(text, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + text[IFNAMSIZ] = '\0'; + printk(KERN_DEBUG "%s\n", text); + return 0; + } + case SIOCGIFGHOSTIFY:{ + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + printk(KERN_DEBUG + "The user asked to ghostify the interface %s.\n", + interface_name); + if((failure = ghostify_interface(interface_name)) == 0) + printk(KERN_DEBUG "Ok, %s was ghostified.\n", + interface_name); + else + printk(KERN_DEBUG "Failure in ghostification of %s\n", + interface_name); + return failure; + } + case SIOCGIFUNGHOSTIFY:{ + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + printk(KERN_DEBUG + "The user asked to unghostify the interface %s.\n", + interface_name); + if((failure = unghostify_interface(interface_name)) == 0) + printk(KERN_DEBUG "Ok, %s was unghostified.\n", + interface_name); + else + printk(KERN_DEBUG "Failure in unghostification of %s\n", + interface_name); + return failure; + } /* * These ioctl calls: * - can be done by all. diff -rNuadEb linux-source-2.6.18/net/core/dev_mcast.c linux-source-2.6.18-ghost/net/core/dev_mcast.c --- linux-source-2.6.18/net/core/dev_mcast.c 2006-09-20 05:42:06.000000000 +0200 +++ linux-source-2.6.18-ghost/net/core/dev_mcast.c 2009-11-29 20:04:05.000000000 +0100 @@ -14,6 +14,8 @@ * Alan Cox : IFF_ALLMULTI support. * Alan Cox : New format set_multicast_list() calls. * Gleb Natapov : Remove dev_mc_lock. + * Luca Saiu : trivial changes + * for ghostification support * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -254,6 +256,9 @@ for (m = dev->mc_list; m; m = m->next) { int i; + /* Don't show information about ghost interfaces: */ + if(is_a_ghost_interface_name(dev->name)) + continue; seq_printf(seq, "%-4d %-15s %-5d %-5d ", dev->ifindex, dev->name, m->dmi_users, m->dmi_gusers); diff -rNuadEb linux-source-2.6.18/net/ipv4/arp.c linux-source-2.6.18-ghost/net/ipv4/arp.c --- linux-source-2.6.18/net/ipv4/arp.c 2006-09-20 05:42:06.000000000 +0200 +++ linux-source-2.6.18-ghost/net/ipv4/arp.c 2009-11-29 20:04:05.000000000 +0100 @@ -72,6 +72,8 @@ * bonding can change the skb before * sending (e.g. insert 8021q tag). * Harald Welte : convert to make use of jenkins hash + * Luca Saiu @@ -1316,6 +1318,9 @@ } #endif sprintf(tbuf, "%u.%u.%u.%u", NIPQUAD(*(u32*)n->primary_key)); + /* Don't show anything in /proc if it involves ghost + interfaces: */ + if(! is_a_ghost_interface_name(dev->name)) seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); read_unlock(&n->lock); @@ -1329,6 +1334,9 @@ char tbuf[16]; sprintf(tbuf, "%u.%u.%u.%u", NIPQUAD(*(u32*)n->key)); + /* Don't show anything in /proc if it involves ghost + interfaces: */ + if(! is_a_ghost_interface_name(dev->name)) seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", dev ? dev->name : "*"); diff -rNuadEb linux-source-2.6.18/net/ipv4/fib_frontend.c linux-source-2.6.18-ghost/net/ipv4/fib_frontend.c --- linux-source-2.6.18/net/ipv4/fib_frontend.c 2009-11-05 04:47:11.000000000 +0100 +++ linux-source-2.6.18-ghost/net/ipv4/fib_frontend.c 2009-11-29 20:04:05.000000000 +0100 @@ -8,6 +8,8 @@ * Version: $Id: fib_frontend.c,v 1.26 2001/10/31 21:55:54 davem Exp $ * * Authors: Alexey Kuznetsov, + * Luca Saiu (simple changes + * for ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -236,6 +238,9 @@ * Handle IP routing ioctl calls. These are used to manipulate the routing tables */ +/* A function implemented in net/core/dev.c: */ +int is_a_ghost_interface_name(const char *interface_name); + int ip_rt_ioctl(unsigned int cmd, void __user *arg) { int err; @@ -253,12 +258,27 @@ return -EPERM; if (copy_from_user(&r, arg, sizeof(struct rtentry))) return -EFAULT; + /* Forbid any action involving a ghost interface: */ + if(r.rt_dev != (char __user*)NULL){ + /* We need to have this name in kernel space to check + for ghostification: */ + char interface_name[1000]; + if(copy_from_user(interface_name, r.rt_dev, IFNAMSIZ + 1)) + return -EFAULT; + if(is_a_ghost_interface_name(interface_name)){ + printk(KERN_DEBUG "The user aked to add a route involving the ghost interface %s. We make this operation fail\n", interface_name); + return -ENODEV; + } // if + } // block rtnl_lock(); err = fib_convert_rtentry(cmd, &req.nlh, &req.rtm, &rta, &r); if (err == 0) { if (cmd == SIOCDELRT) { struct fib_table *tb = fib_get_table(req.rtm.rtm_table); err = -ESRCH; + /* The function pointed by tb->tb_delete was also modified to deal + with ghost interfaces. Such function may be either + fn_hash_delete() or fn_trie_delete() */ if (tb) err = tb->tb_delete(tb, &req.rtm, &rta, &req.nlh, NULL); } else { diff -rNuadEb linux-source-2.6.18/net/ipv4/fib_hash.c linux-source-2.6.18-ghost/net/ipv4/fib_hash.c --- linux-source-2.6.18/net/ipv4/fib_hash.c 2006-09-20 05:42:06.000000000 +0200 +++ linux-source-2.6.18-ghost/net/ipv4/fib_hash.c 2009-11-29 20:04:05.000000000 +0100 @@ -8,6 +8,8 @@ * Version: $Id: fib_hash.c,v 1.13 2001/10/31 21:55:54 davem Exp $ * * Authors: Alexey Kuznetsov, + * Luca Saiu (trivial changes + * for ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -576,6 +578,10 @@ fa = list_entry(fa->fa_list.prev, struct fib_alias, fa_list); list_for_each_entry_continue(fa, &f->fn_alias, fa_list) { struct fib_info *fi = fa->fa_info; + if(is_a_ghost_interface_name(fi->fib_dev->name)){ + printk(KERN_DEBUG "Trying to delete a route involving the ghost device %s: we make this operation fail.\n", fi->fib_dev->name); + return -ENODEV; + } // if if (fa->fa_tos != tos) break; @@ -1018,6 +1024,8 @@ mask = FZ_MASK(iter->zone); flags = fib_flag_trans(fa->fa_type, mask, fi); if (fi) + { + if (! is_a_ghost_interface_name((const char*)fi->fib_dev)){ snprintf(bf, sizeof(bf), "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u", fi->fib_dev ? fi->fib_dev->name : "*", prefix, @@ -1025,11 +1033,16 @@ mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), fi->fib_window, fi->fib_rtt >> 3); - else + seq_printf(seq, "%-127s\n", bf); + } // inner if + } // block + else{ snprintf(bf, sizeof(bf), "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u", prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0); seq_printf(seq, "%-127s\n", bf); + } + //seq_printf(seq, "%-127s\n", bf); out: return 0; } diff -rNuadEb linux-source-2.6.18/net/ipv4/fib_trie.c linux-source-2.6.18-ghost/net/ipv4/fib_trie.c --- linux-source-2.6.18/net/ipv4/fib_trie.c 2006-09-20 05:42:06.000000000 +0200 +++ linux-source-2.6.18-ghost/net/ipv4/fib_trie.c 2009-11-29 20:04:05.000000000 +0100 @@ -12,6 +12,9 @@ * * Hans Liss Uppsala Universitet * + * Luca Saiu (trivial changes + * for ghostification support) + * * This work is based on the LPC-trie which is originally descibed in: * * An experimental study of compression methods for dynamic tries @@ -1594,7 +1597,10 @@ list_for_each_entry(fa, fa_head, fa_list) { struct fib_info *fi = fa->fa_info; - + if(is_a_ghost_interface_name(fi->fib_dev->name)){ + printk(KERN_DEBUG "Trying to delete a route involving the ghost device %s: we make this operation fail.\n", fi->fib_dev->name); + return -ENODEV; + } // if if (fa->fa_tos != tos) break; @@ -2432,6 +2438,9 @@ continue; if (fi) + { + if (! is_a_ghost_interface_name((const char*) + fi->fib_dev)) snprintf(bf, sizeof(bf), "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u", fi->fib_dev ? fi->fib_dev->name : "*", @@ -2442,6 +2451,7 @@ (fi->fib_advmss ? fi->fib_advmss + 40 : 0), fi->fib_window, fi->fib_rtt >> 3); + } else snprintf(bf, sizeof(bf), "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u", diff -rNuadEb linux-source-2.6.18/net/ipv4/igmp.c linux-source-2.6.18-ghost/net/ipv4/igmp.c --- linux-source-2.6.18/net/ipv4/igmp.c 2006-09-20 05:42:06.000000000 +0200 +++ linux-source-2.6.18-ghost/net/ipv4/igmp.c 2009-11-29 20:04:05.000000000 +0100 @@ -70,6 +70,8 @@ * Alexey Kuznetsov: Accordance to igmp-v2-06 draft. * David L Stevens: IGMPv3 support, with help from * Vinay Kulkarni + * Luca Saiu : trivial changes + * for ghostification support */ #include @@ -2359,6 +2361,8 @@ #endif if (state->in_dev->mc_list == im) { + /* Don't show any info about ghost interfaces: */ + if(! is_a_ghost_interface_name(state->dev->name)) seq_printf(seq, "%d\t%-10s: %5d %7s\n", state->dev->ifindex, state->dev->name, state->dev->mc_count, querier); } @@ -2535,6 +2539,8 @@ "Device", "MCA", "SRC", "INC", "EXC"); } else { + /* Don't show any info about ghost interfaces: */ + if(! is_a_ghost_interface_name(state->dev->name)) seq_printf(seq, "%3d %6.6s 0x%08x " "0x%08x %6lu %6lu\n", diff -rNuadEb linux-source-2.6.18/net/ipv4/route.c linux-source-2.6.18-ghost/net/ipv4/route.c --- linux-source-2.6.18/net/ipv4/route.c 2009-11-05 04:47:10.000000000 +0100 +++ linux-source-2.6.18-ghost/net/ipv4/route.c 2009-11-29 20:04:05.000000000 +0100 @@ -57,6 +57,8 @@ * Eric Dumazet : hashed spinlocks and rt_check_expire() fixes. * Ilia Sotnikov : Ignore TOS on PMTUD and Redirect * Ilia Sotnikov : Removed TOS from hash calculations + * Luca Saiu : Trivial changes for ghostification + * support * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -336,7 +338,10 @@ "Iface\tDestination\tGateway \tFlags\t\tRefCnt\tUse\t" "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t" "HHUptod\tSpecDst"); - else { + else + if(! is_a_ghost_interface_name((const char*) + ((struct rtable*)v)->u.dst.dev)) + { struct rtable *r = v; char temp[256]; diff -rNuadEb linux-source-2.6.18/net/ipv6/addrconf.c linux-source-2.6.18-ghost/net/ipv6/addrconf.c --- linux-source-2.6.18/net/ipv6/addrconf.c 2009-11-05 04:47:11.000000000 +0100 +++ linux-source-2.6.18-ghost/net/ipv6/addrconf.c 2009-11-29 20:04:05.000000000 +0100 @@ -38,6 +38,7 @@ * YOSHIFUJI Hideaki @USAGI : improved source address * selection; consider scope, * status etc. + * Luca Saiu : ghostification support */ #include @@ -442,6 +443,77 @@ return idev; } +/* Utility procedure, needed for + {show,hide}_proc_net_dev_snmp6_DEVICE_if_needed(). Return a pointer + to a valid inet6_dev structure on success, NULL on failure: */ +static struct inet6_dev* lookup_snmp6_device(const char *interface_name){ + struct net_device *device; + struct inet6_dev *idev; + + /* Lookup the device by name, obtaining an inet6_dev structure: */ + device = dev_get_by_name(interface_name); + if(device == NULL) + return NULL; + rtnl_lock(); + idev = ipv6_find_idev(device); + rtnl_unlock(); + return idev; +} + +/* These are defined in net/ipv6/proc.c: */ +extern struct proc_dir_entry *proc_net_devsnmp6; +extern struct file_operations snmp6_seq_fops; +/* Remove the virtual file /proc/net/dev_snmp6/DEVICE, unless it's + already hidden. Return 0 on success, nonzero on error: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name){ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + printk(KERN_DEBUG "Hiding /proc/net/dev_snmp6/%s...\n", + interface_name); + if(idev == NULL) // lookup failed + return -EINVAL; + + /* Remove the proc/ entry, if any. If there was no entry then + remove_proc_entry() will fail, but it's ok for us: */ +#ifdef CONFIG_PROC_FS + if (!proc_net_devsnmp6) + return -ENOENT; + if (idev->stats.proc_dir_entry == NULL) + return -EINVAL; + remove_proc_entry(interface_name, + proc_net_devsnmp6); +#endif // #ifdef CONFIG_PROC_FS + return 0; + // return snmp6_unregister_dev(idev); +} + +/* Create the virtual file /proc/net/dev_snmp6/DEVICE, unless it's + already shown. Return 0 on success, nonzero on error: */ +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name){ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + struct proc_dir_entry *proc_directory_entry; + printk(KERN_DEBUG "Showing /proc/net/dev_snmp6/%s...\n", + interface_name); + if(idev == NULL) // lookup failed + return -EINVAL; + if(idev->dev == NULL) // I doubt this may happen... + return -EINVAL; +#ifdef CONFIG_PROC_FS + if(!proc_net_devsnmp6) // there isn't any /proc/net/dev_snmp6 + return -ENOENT; + if((proc_directory_entry = + create_proc_entry(interface_name, S_IRUGO, proc_net_devsnmp6)) + == NULL) + return -ENOMEM; + proc_directory_entry->data = idev; + proc_directory_entry->proc_fops = &snmp6_seq_fops; + idev->stats.proc_dir_entry = proc_directory_entry; +#endif // #ifdef CONFIG_PROC_FS + return 0; + // return snmp6_register_dev(idev); +} +EXPORT_SYMBOL(show_proc_net_dev_snmp6_DEVICE_if_needed); +EXPORT_SYMBOL(hide_proc_net_dev_snmp6_DEVICE_if_needed); + #ifdef CONFIG_SYSCTL static void dev_forward_change(struct inet6_dev *idev) { @@ -2704,6 +2776,8 @@ static int if6_seq_show(struct seq_file *seq, void *v) { struct inet6_ifaddr *ifp = (struct inet6_ifaddr *)v; + /* Don't show information about ghost interfaces: */ + if(! is_a_ghost_interface_name(ifp->idev->dev->name)) seq_printf(seq, NIP6_SEQFMT " %02x %02x %02x %02x %8s\n", NIP6(ifp->addr), diff -rNuadEb linux-source-2.6.18/net/ipv6/mcast.c linux-source-2.6.18-ghost/net/ipv6/mcast.c --- linux-source-2.6.18/net/ipv6/mcast.c 2009-11-05 04:47:11.000000000 +0100 +++ linux-source-2.6.18-ghost/net/ipv6/mcast.c 2009-11-29 20:04:05.000000000 +0100 @@ -26,6 +26,8 @@ * - MLD for link-local addresses. * David L Stevens : * - MLDv2 support + * Luca Saiu : + * - trivial changes for ghostification support */ #include @@ -2404,6 +2406,8 @@ struct ifmcaddr6 *im = (struct ifmcaddr6 *)v; struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq); + /* Don't show information about ghost interfaces: */ + if(! is_a_ghost_interface_name(state->dev->name)) seq_printf(seq, "%-4d %-15s " NIP6_SEQFMT " %5d %08X %ld\n", state->dev->ifindex, state->dev->name, diff -rNuadEb linux-source-2.6.18/net/ipv6/proc.c linux-source-2.6.18-ghost/net/ipv6/proc.c --- linux-source-2.6.18/net/ipv6/proc.c 2006-09-20 05:42:06.000000000 +0200 +++ linux-source-2.6.18-ghost/net/ipv6/proc.c 2009-11-29 20:04:05.000000000 +0100 @@ -11,6 +11,8 @@ * * Authors: David S. Miller (davem@caip.rutgers.edu) * YOSHIFUJI Hideaki + * Luca Saiu (trivial changes + * for ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -30,7 +32,11 @@ #include #ifdef CONFIG_PROC_FS -static struct proc_dir_entry *proc_net_devsnmp6; + +/* We don't want this to be static, as it has to be read at ghostifying + and unghostifying time: */ +struct proc_dir_entry *proc_net_devsnmp6; +EXPORT_SYMBOL(proc_net_devsnmp6); static int fold_prot_inuse(struct proto *proto) { @@ -188,13 +194,16 @@ return single_open(file, snmp6_seq_show, PDE(inode)->data); } -static struct file_operations snmp6_seq_fops = { +/* This was originally static, but we need to make it + visible: */ +struct file_operations snmp6_seq_fops = { .owner = THIS_MODULE, .open = snmp6_seq_open, .read = seq_read, .llseek = seq_lseek, .release = single_release, }; +EXPORT_SYMBOL(snmp6_seq_fops); int snmp6_register_dev(struct inet6_dev *idev) { diff -rNuadEb linux-source-2.6.18/net/ipv6/route.c linux-source-2.6.18-ghost/net/ipv6/route.c --- linux-source-2.6.18/net/ipv6/route.c 2006-09-20 05:42:06.000000000 +0200 +++ linux-source-2.6.18-ghost/net/ipv6/route.c 2009-11-29 20:04:05.000000000 +0100 @@ -22,6 +22,8 @@ * routers in REACHABLE, STALE, DELAY or PROBE states). * - always select the same router if it is (probably) * reachable. otherwise, round-robin the list. + * Luca Saiu + * trivial changes for ghostification support */ #include @@ -2045,6 +2047,11 @@ struct rt6_proc_arg *arg = (struct rt6_proc_arg *) p_arg; int i; + /* Do nothing is this route involves a ghost interface: */ + if(rt->rt6i_dev != NULL) // can't use &&: evaluation order is undefined + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) + return 0; + if (arg->skip < arg->offset / RT6_INFO_LEN) { arg->skip++; return 0; diff -rNuadEb linux-source-2.6.18/net/packet/af_packet.c linux-source-2.6.18-ghost/net/packet/af_packet.c --- linux-source-2.6.18/net/packet/af_packet.c 2006-09-20 05:42:06.000000000 +0200 +++ linux-source-2.6.18-ghost/net/packet/af_packet.c 2009-11-29 20:04:05.000000000 +0100 @@ -41,6 +41,8 @@ * will simply extend the hardware address * byte arrays at the end of sockaddr_ll * and packet_mreq. + * Luca Saiu : Trivial changes for ghostification + * support * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -468,6 +470,12 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; + /* Drop packets involving ghost interfaces: we don't want the user + to be able to sniff them: */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) + goto drop; + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -576,6 +584,11 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; + /* Drop packets involving ghost interfaces: we don't want the user + to be able to sniff them: */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) + goto drop; sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -1875,6 +1888,9 @@ struct sock *s = v; const struct packet_sock *po = pkt_sk(s); + /* Don't show packets involving ghost devices: */ + struct net_device *net_device = dev_get_by_index(po->ifindex); + if(! is_a_ghost_interface_name(net_device->name)) seq_printf(seq, "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", s, marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/CONFIG-2.6.280000644000175000017500000005536213175722671023270 0ustar lucaslucas# # Automatically generated make config: don't edit # Linux kernel version: 2.6.28 # Fri Nov 27 12:32:27 2009 # CONFIG_DEFCONFIG_LIST="arch/$ARCH/defconfig" CONFIG_GENERIC_HARDIRQS=y CONFIG_UML=y CONFIG_MMU=y CONFIG_NO_IOMEM=y # CONFIG_TRACE_IRQFLAGS_SUPPORT is not set CONFIG_LOCKDEP_SUPPORT=y # CONFIG_STACKTRACE_SUPPORT is not set CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_TIME=y CONFIG_GENERIC_CLOCKEVENTS=y CONFIG_IRQ_RELEASE_METHOD=y CONFIG_HZ=100 # # UML-specific options # # # Host processor type and features # # CONFIG_M386 is not set # CONFIG_M486 is not set # CONFIG_M586 is not set # CONFIG_M586TSC is not set # CONFIG_M586MMX is not set CONFIG_M686=y # CONFIG_MPENTIUMII is not set # CONFIG_MPENTIUMIII is not set # CONFIG_MPENTIUMM is not set # CONFIG_MPENTIUM4 is not set # CONFIG_MK6 is not set # CONFIG_MK7 is not set # CONFIG_MK8 is not set # CONFIG_MCRUSOE is not set # CONFIG_MEFFICEON is not set # CONFIG_MWINCHIPC6 is not set # CONFIG_MWINCHIP3D is not set # CONFIG_MGEODEGX1 is not set # CONFIG_MGEODE_LX is not set # CONFIG_MCYRIXIII is not set # CONFIG_MVIAC3_2 is not set # CONFIG_MVIAC7 is not set # CONFIG_MPSC is not set # CONFIG_MCORE2 is not set # CONFIG_GENERIC_CPU is not set CONFIG_X86_GENERIC=y CONFIG_X86_CPU=y CONFIG_X86_CMPXCHG=y CONFIG_X86_L1_CACHE_SHIFT=7 CONFIG_X86_XADD=y CONFIG_X86_PPRO_FENCE=y CONFIG_X86_WP_WORKS_OK=y CONFIG_X86_INVLPG=y CONFIG_X86_BSWAP=y CONFIG_X86_POPAD_OK=y CONFIG_X86_INTEL_USERCOPY=y CONFIG_X86_USE_PPRO_CHECKSUM=y CONFIG_X86_TSC=y CONFIG_X86_CMOV=y CONFIG_X86_MINIMUM_CPU_FAMILY=4 CONFIG_X86_DEBUGCTLMSR=y CONFIG_CPU_SUP_INTEL=y CONFIG_CPU_SUP_CYRIX_32=y CONFIG_CPU_SUP_AMD=y CONFIG_CPU_SUP_CENTAUR_32=y CONFIG_CPU_SUP_TRANSMETA_32=y CONFIG_CPU_SUP_UMC_32=y # CONFIG_X86_DS is not set CONFIG_UML_X86=y # CONFIG_64BIT is not set CONFIG_X86_32=y CONFIG_RWSEM_XCHGADD_ALGORITHM=y # CONFIG_RWSEM_GENERIC_SPINLOCK is not set # CONFIG_3_LEVEL_PGTABLES is not set CONFIG_ARCH_HAS_SC_SIGNALS=y CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA=y # CONFIG_SMP_BROKEN is not set CONFIG_GENERIC_HWEIGHT=y # CONFIG_STATIC_LINK is not set CONFIG_SELECT_MEMORY_MODEL=y CONFIG_FLATMEM_MANUAL=y # CONFIG_DISCONTIGMEM_MANUAL is not set # CONFIG_SPARSEMEM_MANUAL is not set CONFIG_FLATMEM=y CONFIG_FLAT_NODE_MEM_MAP=y CONFIG_PAGEFLAGS_EXTENDED=y CONFIG_SPLIT_PTLOCK_CPUS=4 # CONFIG_RESOURCES_64BIT is not set # CONFIG_PHYS_ADDR_T_64BIT is not set CONFIG_ZONE_DMA_FLAG=0 CONFIG_VIRT_TO_BUS=y CONFIG_UNEVICTABLE_LRU=y CONFIG_TICK_ONESHOT=y CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y CONFIG_GENERIC_CLOCKEVENTS_BUILD=y CONFIG_LD_SCRIPT_DYN=y CONFIG_BINFMT_ELF=y # CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS is not set CONFIG_HAVE_AOUT=y # CONFIG_BINFMT_AOUT is not set CONFIG_BINFMT_MISC=y CONFIG_HOSTFS=y # CONFIG_HPPFS is not set CONFIG_MCONSOLE=y CONFIG_MAGIC_SYSRQ=y # CONFIG_HIGHMEM is not set CONFIG_KERNEL_STACK_ORDER=0 # # General setup # CONFIG_EXPERIMENTAL=y CONFIG_BROKEN_ON_SMP=y CONFIG_INIT_ENV_ARG_LIMIT=128 CONFIG_LOCALVERSION="-marionnet-ghost" CONFIG_LOCALVERSION_AUTO=y CONFIG_SWAP=y CONFIG_SYSVIPC=y CONFIG_SYSVIPC_SYSCTL=y CONFIG_POSIX_MQUEUE=y CONFIG_BSD_PROCESS_ACCT=y # CONFIG_BSD_PROCESS_ACCT_V3 is not set # CONFIG_TASKSTATS is not set # CONFIG_AUDIT is not set CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y CONFIG_LOG_BUF_SHIFT=14 # CONFIG_CGROUPS is not set # CONFIG_GROUP_SCHED is not set CONFIG_SYSFS_DEPRECATED=y CONFIG_SYSFS_DEPRECATED_V2=y # CONFIG_RELAY is not set CONFIG_NAMESPACES=y # CONFIG_UTS_NS is not set # CONFIG_IPC_NS is not set # CONFIG_USER_NS is not set # CONFIG_PID_NS is not set # CONFIG_BLK_DEV_INITRD is not set CONFIG_CC_OPTIMIZE_FOR_SIZE=y CONFIG_SYSCTL=y # CONFIG_EMBEDDED is not set CONFIG_UID16=y CONFIG_SYSCTL_SYSCALL=y CONFIG_KALLSYMS=y CONFIG_KALLSYMS_EXTRA_PASS=y CONFIG_HOTPLUG=y CONFIG_PRINTK=y CONFIG_BUG=y CONFIG_ELF_CORE=y CONFIG_COMPAT_BRK=y CONFIG_BASE_FULL=y CONFIG_FUTEX=y CONFIG_ANON_INODES=y CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_SHMEM=y CONFIG_AIO=y CONFIG_VM_EVENT_COUNTERS=y CONFIG_SLAB=y # CONFIG_SLUB is not set # CONFIG_SLOB is not set # CONFIG_PROFILING is not set # CONFIG_MARKERS is not set # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set CONFIG_SLABINFO=y CONFIG_RT_MUTEXES=y # CONFIG_TINY_SHMEM is not set CONFIG_BASE_SMALL=0 # CONFIG_MODULES is not set CONFIG_BLOCK=y # CONFIG_LBD is not set # CONFIG_BLK_DEV_IO_TRACE is not set # CONFIG_LSF is not set # CONFIG_BLK_DEV_BSG is not set # CONFIG_BLK_DEV_INTEGRITY is not set # # IO Schedulers # CONFIG_IOSCHED_NOOP=y CONFIG_IOSCHED_AS=y CONFIG_IOSCHED_DEADLINE=y CONFIG_IOSCHED_CFQ=y CONFIG_DEFAULT_AS=y # CONFIG_DEFAULT_DEADLINE is not set # CONFIG_DEFAULT_CFQ is not set # CONFIG_DEFAULT_NOOP is not set CONFIG_DEFAULT_IOSCHED="anticipatory" CONFIG_CLASSIC_RCU=y # CONFIG_FREEZER is not set CONFIG_BLK_DEV=y CONFIG_BLK_DEV_UBD=y # CONFIG_BLK_DEV_UBD_SYNC is not set CONFIG_BLK_DEV_COW_COMMON=y CONFIG_BLK_DEV_LOOP=y # CONFIG_BLK_DEV_CRYPTOLOOP is not set CONFIG_BLK_DEV_NBD=y # CONFIG_BLK_DEV_RAM is not set # CONFIG_ATA_OVER_ETH is not set # # Character Devices # CONFIG_STDERR_CONSOLE=y CONFIG_STDIO_CONSOLE=y CONFIG_SSL=y CONFIG_NULL_CHAN=y CONFIG_PORT_CHAN=y CONFIG_PTY_CHAN=y CONFIG_TTY_CHAN=y CONFIG_XTERM_CHAN=y # CONFIG_NOCONFIG_CHAN is not set CONFIG_CON_ZERO_CHAN="fd:0,fd:1" CONFIG_CON_CHAN="xterm" CONFIG_SSL_CHAN="pts" CONFIG_UNIX98_PTYS=y CONFIG_LEGACY_PTYS=y # CONFIG_RAW_DRIVER is not set CONFIG_LEGACY_PTY_COUNT=32 # CONFIG_WATCHDOG is not set CONFIG_UML_SOUND=y CONFIG_SOUND=y CONFIG_SOUND_OSS_CORE=y CONFIG_HOSTAUDIO=y # CONFIG_HW_RANDOM is not set CONFIG_UML_RANDOM=y # CONFIG_MMAPPER is not set # # Generic Driver Options # CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y CONFIG_FW_LOADER=y CONFIG_FIRMWARE_IN_KERNEL=y CONFIG_EXTRA_FIRMWARE="" # CONFIG_SYS_HYPERVISOR is not set CONFIG_NET=y # # Networking options # CONFIG_PACKET=y CONFIG_PACKET_MMAP=y CONFIG_UNIX=y CONFIG_XFRM=y CONFIG_XFRM_USER=y # CONFIG_XFRM_SUB_POLICY is not set # CONFIG_XFRM_MIGRATE is not set # CONFIG_XFRM_STATISTICS is not set CONFIG_XFRM_IPCOMP=y CONFIG_NET_KEY=y # CONFIG_NET_KEY_MIGRATE is not set CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_ASK_IP_FIB_HASH=y # CONFIG_IP_FIB_TRIE is not set CONFIG_IP_FIB_HASH=y CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_VERBOSE=y # CONFIG_IP_PNP is not set CONFIG_NET_IPIP=y CONFIG_NET_IPGRE=y CONFIG_NET_IPGRE_BROADCAST=y CONFIG_IP_MROUTE=y # CONFIG_IP_PIMSM_V1 is not set CONFIG_IP_PIMSM_V2=y CONFIG_ARPD=y CONFIG_SYN_COOKIES=y CONFIG_INET_AH=y CONFIG_INET_ESP=y CONFIG_INET_IPCOMP=y CONFIG_INET_XFRM_TUNNEL=y CONFIG_INET_TUNNEL=y CONFIG_INET_XFRM_MODE_TRANSPORT=y CONFIG_INET_XFRM_MODE_TUNNEL=y CONFIG_INET_XFRM_MODE_BEET=y # CONFIG_INET_LRO is not set CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y # CONFIG_TCP_CONG_ADVANCED is not set CONFIG_TCP_CONG_CUBIC=y CONFIG_DEFAULT_TCP_CONG="cubic" # CONFIG_TCP_MD5SIG is not set CONFIG_IPV6=y # CONFIG_IPV6_PRIVACY is not set # CONFIG_IPV6_ROUTER_PREF is not set # CONFIG_IPV6_OPTIMISTIC_DAD is not set # CONFIG_INET6_AH is not set # CONFIG_INET6_ESP is not set # CONFIG_INET6_IPCOMP is not set # CONFIG_IPV6_MIP6 is not set # CONFIG_INET6_XFRM_TUNNEL is not set # CONFIG_INET6_TUNNEL is not set CONFIG_INET6_XFRM_MODE_TRANSPORT=y CONFIG_INET6_XFRM_MODE_TUNNEL=y CONFIG_INET6_XFRM_MODE_BEET=y # CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set CONFIG_IPV6_SIT=y CONFIG_IPV6_NDISC_NODETYPE=y # CONFIG_IPV6_TUNNEL is not set # CONFIG_IPV6_MULTIPLE_TABLES is not set # CONFIG_IPV6_MROUTE is not set # CONFIG_NETWORK_SECMARK is not set CONFIG_NETFILTER=y # CONFIG_NETFILTER_DEBUG is not set CONFIG_NETFILTER_ADVANCED=y CONFIG_BRIDGE_NETFILTER=y # # Core Netfilter Configuration # CONFIG_NETFILTER_NETLINK=y CONFIG_NETFILTER_NETLINK_QUEUE=y CONFIG_NETFILTER_NETLINK_LOG=y CONFIG_NF_CONNTRACK=y CONFIG_NF_CT_ACCT=y CONFIG_NF_CONNTRACK_MARK=y CONFIG_NF_CONNTRACK_EVENTS=y CONFIG_NF_CT_PROTO_DCCP=y CONFIG_NF_CT_PROTO_GRE=y CONFIG_NF_CT_PROTO_SCTP=y CONFIG_NF_CT_PROTO_UDPLITE=y CONFIG_NF_CONNTRACK_AMANDA=y CONFIG_NF_CONNTRACK_FTP=y CONFIG_NF_CONNTRACK_H323=y CONFIG_NF_CONNTRACK_IRC=y CONFIG_NF_CONNTRACK_NETBIOS_NS=y CONFIG_NF_CONNTRACK_PPTP=y CONFIG_NF_CONNTRACK_SANE=y CONFIG_NF_CONNTRACK_SIP=y CONFIG_NF_CONNTRACK_TFTP=y CONFIG_NF_CT_NETLINK=y # CONFIG_NETFILTER_TPROXY is not set CONFIG_NETFILTER_XTABLES=y CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y CONFIG_NETFILTER_XT_TARGET_CONNMARK=y CONFIG_NETFILTER_XT_TARGET_DSCP=y CONFIG_NETFILTER_XT_TARGET_MARK=y CONFIG_NETFILTER_XT_TARGET_NFLOG=y CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y CONFIG_NETFILTER_XT_TARGET_NOTRACK=y CONFIG_NETFILTER_XT_TARGET_RATEEST=y CONFIG_NETFILTER_XT_TARGET_TRACE=y CONFIG_NETFILTER_XT_TARGET_TCPMSS=y CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=y CONFIG_NETFILTER_XT_MATCH_COMMENT=y CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y CONFIG_NETFILTER_XT_MATCH_CONNMARK=y CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y CONFIG_NETFILTER_XT_MATCH_DCCP=y CONFIG_NETFILTER_XT_MATCH_DSCP=y CONFIG_NETFILTER_XT_MATCH_ESP=y CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y CONFIG_NETFILTER_XT_MATCH_HELPER=y CONFIG_NETFILTER_XT_MATCH_IPRANGE=y CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y CONFIG_NETFILTER_XT_MATCH_MAC=y CONFIG_NETFILTER_XT_MATCH_MARK=y CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y CONFIG_NETFILTER_XT_MATCH_OWNER=y CONFIG_NETFILTER_XT_MATCH_POLICY=y CONFIG_NETFILTER_XT_MATCH_PHYSDEV=y CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y CONFIG_NETFILTER_XT_MATCH_QUOTA=y CONFIG_NETFILTER_XT_MATCH_RATEEST=y CONFIG_NETFILTER_XT_MATCH_REALM=y # CONFIG_NETFILTER_XT_MATCH_RECENT is not set CONFIG_NETFILTER_XT_MATCH_SCTP=y CONFIG_NETFILTER_XT_MATCH_STATE=y CONFIG_NETFILTER_XT_MATCH_STATISTIC=y CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y CONFIG_NETFILTER_XT_MATCH_TIME=y CONFIG_NETFILTER_XT_MATCH_U32=y # CONFIG_IP_VS is not set # # IP: Netfilter Configuration # CONFIG_NF_DEFRAG_IPV4=y CONFIG_NF_CONNTRACK_IPV4=y CONFIG_NF_CONNTRACK_PROC_COMPAT=y CONFIG_IP_NF_QUEUE=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_ADDRTYPE=y CONFIG_IP_NF_MATCH_AH=y CONFIG_IP_NF_MATCH_ECN=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_TARGET_LOG=y CONFIG_IP_NF_TARGET_ULOG=y CONFIG_NF_NAT=y CONFIG_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=y CONFIG_IP_NF_TARGET_NETMAP=y CONFIG_IP_NF_TARGET_REDIRECT=y CONFIG_NF_NAT_SNMP_BASIC=y CONFIG_NF_NAT_PROTO_DCCP=y CONFIG_NF_NAT_PROTO_GRE=y CONFIG_NF_NAT_PROTO_UDPLITE=y CONFIG_NF_NAT_PROTO_SCTP=y CONFIG_NF_NAT_FTP=y CONFIG_NF_NAT_IRC=y CONFIG_NF_NAT_TFTP=y CONFIG_NF_NAT_AMANDA=y CONFIG_NF_NAT_PPTP=y CONFIG_NF_NAT_H323=y CONFIG_NF_NAT_SIP=y CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_TARGET_CLUSTERIP=y CONFIG_IP_NF_TARGET_ECN=y CONFIG_IP_NF_TARGET_TTL=y CONFIG_IP_NF_RAW=y CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_ARPFILTER=y CONFIG_IP_NF_ARP_MANGLE=y # # IPv6: Netfilter Configuration # CONFIG_NF_CONNTRACK_IPV6=y CONFIG_IP6_NF_QUEUE=y CONFIG_IP6_NF_IPTABLES=y CONFIG_IP6_NF_MATCH_AH=y CONFIG_IP6_NF_MATCH_EUI64=y CONFIG_IP6_NF_MATCH_FRAG=y CONFIG_IP6_NF_MATCH_OPTS=y CONFIG_IP6_NF_MATCH_HL=y CONFIG_IP6_NF_MATCH_IPV6HEADER=y CONFIG_IP6_NF_MATCH_MH=y CONFIG_IP6_NF_MATCH_RT=y CONFIG_IP6_NF_TARGET_LOG=y CONFIG_IP6_NF_FILTER=y CONFIG_IP6_NF_TARGET_REJECT=y CONFIG_IP6_NF_MANGLE=y CONFIG_IP6_NF_TARGET_HL=y CONFIG_IP6_NF_RAW=y CONFIG_BRIDGE_NF_EBTABLES=y CONFIG_BRIDGE_EBT_BROUTE=y CONFIG_BRIDGE_EBT_T_FILTER=y CONFIG_BRIDGE_EBT_T_NAT=y CONFIG_BRIDGE_EBT_802_3=y CONFIG_BRIDGE_EBT_AMONG=y CONFIG_BRIDGE_EBT_ARP=y CONFIG_BRIDGE_EBT_IP=y CONFIG_BRIDGE_EBT_IP6=y CONFIG_BRIDGE_EBT_LIMIT=y CONFIG_BRIDGE_EBT_MARK=y CONFIG_BRIDGE_EBT_PKTTYPE=y CONFIG_BRIDGE_EBT_STP=y CONFIG_BRIDGE_EBT_VLAN=y CONFIG_BRIDGE_EBT_ARPREPLY=y CONFIG_BRIDGE_EBT_DNAT=y CONFIG_BRIDGE_EBT_MARK_T=y CONFIG_BRIDGE_EBT_REDIRECT=y CONFIG_BRIDGE_EBT_SNAT=y CONFIG_BRIDGE_EBT_LOG=y CONFIG_BRIDGE_EBT_ULOG=y CONFIG_BRIDGE_EBT_NFLOG=y CONFIG_GHOSTIFICATION_NETFILTER=y CONFIG_GHOSTIFICATION_NETFILTER_ALL=y # CONFIG_IP_DCCP is not set # CONFIG_IP_SCTP is not set # CONFIG_TIPC is not set # CONFIG_ATM is not set CONFIG_STP=y CONFIG_GARP=y CONFIG_BRIDGE=y # CONFIG_NET_DSA is not set CONFIG_VLAN_8021Q=y CONFIG_VLAN_8021Q_GVRP=y # CONFIG_DECNET is not set CONFIG_LLC=y CONFIG_LLC2=y # CONFIG_IPX is not set # CONFIG_ATALK is not set # CONFIG_X25 is not set # CONFIG_LAPB is not set # CONFIG_ECONET is not set # CONFIG_WAN_ROUTER is not set CONFIG_NET_SCHED=y # # Queueing/Scheduling # CONFIG_NET_SCH_CBQ=y CONFIG_NET_SCH_HTB=y CONFIG_NET_SCH_HFSC=y CONFIG_NET_SCH_PRIO=y # CONFIG_NET_SCH_MULTIQ is not set CONFIG_NET_SCH_RED=y CONFIG_NET_SCH_SFQ=y CONFIG_NET_SCH_TEQL=y CONFIG_NET_SCH_TBF=y CONFIG_NET_SCH_GRED=y CONFIG_NET_SCH_DSMARK=y CONFIG_NET_SCH_NETEM=y # CONFIG_NET_SCH_INGRESS is not set # # Classification # CONFIG_NET_CLS=y CONFIG_NET_CLS_BASIC=y CONFIG_NET_CLS_TCINDEX=y CONFIG_NET_CLS_ROUTE4=y CONFIG_NET_CLS_ROUTE=y CONFIG_NET_CLS_FW=y CONFIG_NET_CLS_U32=y CONFIG_CLS_U32_PERF=y CONFIG_CLS_U32_MARK=y CONFIG_NET_CLS_RSVP=y CONFIG_NET_CLS_RSVP6=y CONFIG_NET_CLS_FLOW=y CONFIG_NET_EMATCH=y CONFIG_NET_EMATCH_STACK=32 CONFIG_NET_EMATCH_CMP=y CONFIG_NET_EMATCH_NBYTE=y CONFIG_NET_EMATCH_U32=y CONFIG_NET_EMATCH_META=y CONFIG_NET_EMATCH_TEXT=y CONFIG_NET_CLS_ACT=y CONFIG_NET_ACT_POLICE=y CONFIG_NET_ACT_GACT=y CONFIG_GACT_PROB=y CONFIG_NET_ACT_MIRRED=y CONFIG_NET_ACT_IPT=y CONFIG_NET_ACT_NAT=y CONFIG_NET_ACT_PEDIT=y # CONFIG_NET_ACT_SIMP is not set # CONFIG_NET_ACT_SKBEDIT is not set CONFIG_NET_CLS_IND=y CONFIG_NET_SCH_FIFO=y # # Network testing # # CONFIG_NET_PKTGEN is not set # CONFIG_HAMRADIO is not set # CONFIG_CAN is not set # CONFIG_IRDA is not set # CONFIG_BT is not set # CONFIG_AF_RXRPC is not set # CONFIG_PHONET is not set CONFIG_FIB_RULES=y # CONFIG_WIRELESS is not set # CONFIG_RFKILL is not set # CONFIG_NET_9P is not set CONFIG_GHOSTIFICATION=y CONFIG_GHOSTIFICATION_NUM=9 CONFIG_GHOSTIFICATION_MESG=y CONFIG_GHOSTIFICATION_PRINTK=y # CONFIG_GHOSTIFICATION_DEBUG is not set # CONFIG_GHOSTIFICATION_DEVEL is not set # # UML Network Devices # CONFIG_UML_NET=y CONFIG_UML_NET_ETHERTAP=y CONFIG_UML_NET_TUNTAP=y CONFIG_UML_NET_SLIP=y CONFIG_UML_NET_DAEMON=y CONFIG_UML_NET_VDE=y CONFIG_UML_NET_MCAST=y CONFIG_UML_NET_PCAP=y CONFIG_UML_NET_SLIRP=y CONFIG_NETDEVICES=y # CONFIG_IFB is not set CONFIG_DUMMY=y CONFIG_BONDING=y CONFIG_MACVLAN=y # CONFIG_EQUALIZER is not set CONFIG_TUN=y # CONFIG_VETH is not set # # Wireless LAN # # CONFIG_WLAN_PRE80211 is not set # CONFIG_WLAN_80211 is not set # CONFIG_IWLWIFI_LEDS is not set # CONFIG_WAN is not set CONFIG_PPP=y # CONFIG_PPP_MULTILINK is not set # CONFIG_PPP_FILTER is not set # CONFIG_PPP_ASYNC is not set # CONFIG_PPP_SYNC_TTY is not set # CONFIG_PPP_DEFLATE is not set # CONFIG_PPP_BSDCOMP is not set # CONFIG_PPP_MPPE is not set # CONFIG_PPPOE is not set # CONFIG_PPPOL2TP is not set CONFIG_SLIP=y # CONFIG_SLIP_COMPRESSED is not set CONFIG_SLHC=y # CONFIG_SLIP_SMART is not set # CONFIG_SLIP_MODE_SLIP6 is not set # CONFIG_NETCONSOLE is not set # CONFIG_NETPOLL is not set # CONFIG_NET_POLL_CONTROLLER is not set # CONFIG_CONNECTOR is not set # # File systems # CONFIG_EXT2_FS=y CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_POSIX_ACL=y # CONFIG_EXT2_FS_SECURITY is not set # CONFIG_EXT2_FS_XIP is not set CONFIG_EXT3_FS=y CONFIG_EXT3_FS_XATTR=y CONFIG_EXT3_FS_POSIX_ACL=y CONFIG_EXT3_FS_SECURITY=y # CONFIG_EXT4_FS is not set CONFIG_JBD=y CONFIG_FS_MBCACHE=y # CONFIG_REISERFS_FS is not set # CONFIG_JFS_FS is not set CONFIG_FS_POSIX_ACL=y CONFIG_FILE_LOCKING=y # CONFIG_XFS_FS is not set # CONFIG_OCFS2_FS is not set CONFIG_DNOTIFY=y CONFIG_INOTIFY=y CONFIG_INOTIFY_USER=y CONFIG_QUOTA=y # CONFIG_QUOTA_NETLINK_INTERFACE is not set CONFIG_PRINT_QUOTA_WARNING=y # CONFIG_QFMT_V1 is not set # CONFIG_QFMT_V2 is not set CONFIG_QUOTACTL=y CONFIG_AUTOFS_FS=y CONFIG_AUTOFS4_FS=y # CONFIG_FUSE_FS is not set # # CD-ROM/DVD Filesystems # # CONFIG_ISO9660_FS is not set # CONFIG_UDF_FS is not set # # DOS/FAT/NT Filesystems # # CONFIG_MSDOS_FS is not set # CONFIG_VFAT_FS is not set # CONFIG_NTFS_FS is not set # # Pseudo filesystems # CONFIG_PROC_FS=y CONFIG_PROC_KCORE=y CONFIG_PROC_SYSCTL=y CONFIG_PROC_PAGE_MONITOR=y CONFIG_SYSFS=y CONFIG_TMPFS=y # CONFIG_TMPFS_POSIX_ACL is not set # CONFIG_HUGETLB_PAGE is not set # CONFIG_CONFIGFS_FS is not set # # Miscellaneous filesystems # # CONFIG_ADFS_FS is not set # CONFIG_AFFS_FS is not set # CONFIG_HFS_FS is not set # CONFIG_HFSPLUS_FS is not set # CONFIG_BEFS_FS is not set # CONFIG_BFS_FS is not set # CONFIG_EFS_FS is not set # CONFIG_CRAMFS is not set # CONFIG_VXFS_FS is not set # CONFIG_MINIX_FS is not set # CONFIG_OMFS_FS is not set # CONFIG_HPFS_FS is not set # CONFIG_QNX4FS_FS is not set # CONFIG_ROMFS_FS is not set # CONFIG_SYSV_FS is not set # CONFIG_UFS_FS is not set CONFIG_NETWORK_FILESYSTEMS=y CONFIG_NFS_FS=y CONFIG_NFS_V3=y CONFIG_NFS_V3_ACL=y CONFIG_NFS_V4=y CONFIG_NFSD=y CONFIG_NFSD_V2_ACL=y CONFIG_NFSD_V3=y CONFIG_NFSD_V3_ACL=y CONFIG_NFSD_V4=y CONFIG_LOCKD=y CONFIG_LOCKD_V4=y CONFIG_EXPORTFS=y CONFIG_NFS_ACL_SUPPORT=y CONFIG_NFS_COMMON=y CONFIG_SUNRPC=y CONFIG_SUNRPC_GSS=y # CONFIG_SUNRPC_REGISTER_V4 is not set CONFIG_RPCSEC_GSS_KRB5=y CONFIG_RPCSEC_GSS_SPKM3=y # CONFIG_SMB_FS is not set CONFIG_CIFS=y # CONFIG_CIFS_STATS is not set # CONFIG_CIFS_WEAK_PW_HASH is not set CONFIG_CIFS_XATTR=y CONFIG_CIFS_POSIX=y CONFIG_CIFS_DEBUG2=y # CONFIG_CIFS_EXPERIMENTAL is not set # CONFIG_NCP_FS is not set # CONFIG_CODA_FS is not set # CONFIG_AFS_FS is not set # # Partition Types # CONFIG_PARTITION_ADVANCED=y # CONFIG_ACORN_PARTITION is not set # CONFIG_OSF_PARTITION is not set # CONFIG_AMIGA_PARTITION is not set # CONFIG_ATARI_PARTITION is not set # CONFIG_MAC_PARTITION is not set CONFIG_MSDOS_PARTITION=y # CONFIG_BSD_DISKLABEL is not set # CONFIG_MINIX_SUBPARTITION is not set # CONFIG_SOLARIS_X86_PARTITION is not set # CONFIG_UNIXWARE_DISKLABEL is not set # CONFIG_LDM_PARTITION is not set # CONFIG_SGI_PARTITION is not set # CONFIG_ULTRIX_PARTITION is not set # CONFIG_SUN_PARTITION is not set # CONFIG_KARMA_PARTITION is not set # CONFIG_EFI_PARTITION is not set # CONFIG_SYSV68_PARTITION is not set CONFIG_NLS=y CONFIG_NLS_DEFAULT="iso8859-1" # CONFIG_NLS_CODEPAGE_437 is not set # CONFIG_NLS_CODEPAGE_737 is not set # CONFIG_NLS_CODEPAGE_775 is not set # CONFIG_NLS_CODEPAGE_850 is not set # CONFIG_NLS_CODEPAGE_852 is not set # CONFIG_NLS_CODEPAGE_855 is not set # CONFIG_NLS_CODEPAGE_857 is not set # CONFIG_NLS_CODEPAGE_860 is not set # CONFIG_NLS_CODEPAGE_861 is not set # CONFIG_NLS_CODEPAGE_862 is not set # CONFIG_NLS_CODEPAGE_863 is not set # CONFIG_NLS_CODEPAGE_864 is not set # CONFIG_NLS_CODEPAGE_865 is not set # CONFIG_NLS_CODEPAGE_866 is not set # CONFIG_NLS_CODEPAGE_869 is not set # CONFIG_NLS_CODEPAGE_936 is not set # CONFIG_NLS_CODEPAGE_950 is not set # CONFIG_NLS_CODEPAGE_932 is not set # CONFIG_NLS_CODEPAGE_949 is not set # CONFIG_NLS_CODEPAGE_874 is not set # CONFIG_NLS_ISO8859_8 is not set # CONFIG_NLS_CODEPAGE_1250 is not set # CONFIG_NLS_CODEPAGE_1251 is not set # CONFIG_NLS_ASCII is not set # CONFIG_NLS_ISO8859_1 is not set # CONFIG_NLS_ISO8859_2 is not set # CONFIG_NLS_ISO8859_3 is not set # CONFIG_NLS_ISO8859_4 is not set # CONFIG_NLS_ISO8859_5 is not set # CONFIG_NLS_ISO8859_6 is not set # CONFIG_NLS_ISO8859_7 is not set # CONFIG_NLS_ISO8859_9 is not set # CONFIG_NLS_ISO8859_13 is not set # CONFIG_NLS_ISO8859_14 is not set # CONFIG_NLS_ISO8859_15 is not set # CONFIG_NLS_KOI8_R is not set # CONFIG_NLS_KOI8_U is not set # CONFIG_NLS_UTF8 is not set # CONFIG_DLM is not set # # Security options # # CONFIG_KEYS is not set # CONFIG_SECURITY is not set # CONFIG_SECURITYFS is not set # CONFIG_SECURITY_FILE_CAPABILITIES is not set CONFIG_CRYPTO=y # # Crypto core or helper # # CONFIG_CRYPTO_FIPS is not set CONFIG_CRYPTO_ALGAPI=y CONFIG_CRYPTO_ALGAPI2=y CONFIG_CRYPTO_AEAD=y CONFIG_CRYPTO_AEAD2=y CONFIG_CRYPTO_BLKCIPHER=y CONFIG_CRYPTO_BLKCIPHER2=y CONFIG_CRYPTO_HASH=y CONFIG_CRYPTO_HASH2=y CONFIG_CRYPTO_RNG2=y CONFIG_CRYPTO_MANAGER=y CONFIG_CRYPTO_MANAGER2=y # CONFIG_CRYPTO_GF128MUL is not set # CONFIG_CRYPTO_NULL is not set # CONFIG_CRYPTO_CRYPTD is not set CONFIG_CRYPTO_AUTHENC=y # # Authenticated Encryption with Associated Data # # CONFIG_CRYPTO_CCM is not set # CONFIG_CRYPTO_GCM is not set # CONFIG_CRYPTO_SEQIV is not set # # Block modes # CONFIG_CRYPTO_CBC=y # CONFIG_CRYPTO_CTR is not set # CONFIG_CRYPTO_CTS is not set # CONFIG_CRYPTO_ECB is not set # CONFIG_CRYPTO_LRW is not set # CONFIG_CRYPTO_PCBC is not set # CONFIG_CRYPTO_XTS is not set # # Hash modes # CONFIG_CRYPTO_HMAC=y # CONFIG_CRYPTO_XCBC is not set # # Digest # # CONFIG_CRYPTO_CRC32C is not set # CONFIG_CRYPTO_MD4 is not set CONFIG_CRYPTO_MD5=y # CONFIG_CRYPTO_MICHAEL_MIC is not set # CONFIG_CRYPTO_RMD128 is not set # CONFIG_CRYPTO_RMD160 is not set # CONFIG_CRYPTO_RMD256 is not set # CONFIG_CRYPTO_RMD320 is not set CONFIG_CRYPTO_SHA1=y # CONFIG_CRYPTO_SHA256 is not set # CONFIG_CRYPTO_SHA512 is not set # CONFIG_CRYPTO_TGR192 is not set # CONFIG_CRYPTO_WP512 is not set # # Ciphers # # CONFIG_CRYPTO_AES is not set # CONFIG_CRYPTO_AES_586 is not set # CONFIG_CRYPTO_ANUBIS is not set # CONFIG_CRYPTO_ARC4 is not set # CONFIG_CRYPTO_BLOWFISH is not set # CONFIG_CRYPTO_CAMELLIA is not set CONFIG_CRYPTO_CAST5=y # CONFIG_CRYPTO_CAST6 is not set CONFIG_CRYPTO_DES=y # CONFIG_CRYPTO_FCRYPT is not set # CONFIG_CRYPTO_KHAZAD is not set # CONFIG_CRYPTO_SALSA20 is not set # CONFIG_CRYPTO_SALSA20_586 is not set # CONFIG_CRYPTO_SEED is not set # CONFIG_CRYPTO_SERPENT is not set # CONFIG_CRYPTO_TEA is not set # CONFIG_CRYPTO_TWOFISH is not set # CONFIG_CRYPTO_TWOFISH_586 is not set # # Compression # CONFIG_CRYPTO_DEFLATE=y # CONFIG_CRYPTO_LZO is not set # # Random Number Generation # # CONFIG_CRYPTO_ANSI_CPRNG is not set CONFIG_CRYPTO_HW=y # # Library routines # CONFIG_BITREVERSE=y CONFIG_GENERIC_FIND_FIRST_BIT=y CONFIG_GENERIC_FIND_NEXT_BIT=y # CONFIG_CRC_CCITT is not set CONFIG_CRC16=y # CONFIG_CRC_T10DIF is not set # CONFIG_CRC_ITU_T is not set CONFIG_CRC32=y # CONFIG_CRC7 is not set CONFIG_LIBCRC32C=y CONFIG_ZLIB_INFLATE=y CONFIG_ZLIB_DEFLATE=y CONFIG_TEXTSEARCH=y CONFIG_TEXTSEARCH_KMP=y CONFIG_TEXTSEARCH_BM=y CONFIG_TEXTSEARCH_FSM=y CONFIG_PLIST=y CONFIG_HAS_DMA=y # # SCSI device support # # CONFIG_RAID_ATTRS is not set # CONFIG_SCSI is not set # CONFIG_SCSI_DMA is not set # CONFIG_SCSI_NETLINK is not set CONFIG_MD=y # CONFIG_BLK_DEV_MD is not set CONFIG_BLK_DEV_DM=y # CONFIG_DM_DEBUG is not set CONFIG_DM_CRYPT=y CONFIG_DM_SNAPSHOT=y CONFIG_DM_MIRROR=y # CONFIG_DM_ZERO is not set # CONFIG_DM_MULTIPATH is not set # CONFIG_DM_DELAY is not set # CONFIG_DM_UEVENT is not set # CONFIG_NEW_LEDS is not set # CONFIG_INPUT is not set # # Kernel hacking # # CONFIG_PRINTK_TIME is not set # CONFIG_ENABLE_WARN_DEPRECATED is not set CONFIG_ENABLE_MUST_CHECK=y CONFIG_FRAME_WARN=1024 # CONFIG_UNUSED_SYMBOLS is not set # CONFIG_DEBUG_FS is not set # CONFIG_DEBUG_KERNEL is not set CONFIG_DEBUG_BUGVERBOSE=y CONFIG_DEBUG_MEMORY_INIT=y # CONFIG_RCU_CPU_STALL_DETECTOR is not set CONFIG_SYSCTL_SYSCALL_CHECK=y # # Tracers # # CONFIG_DYNAMIC_PRINTK_DEBUG is not set # CONFIG_SAMPLES is not set # CONFIG_DEBUG_STACK_USAGE is not set marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/linux-2.6.27-ghost.patch0000644000175000017500000030577313175722671025705 0ustar lucaslucasdiff -rNuad linux-2.6.27/arch/um/drivers/vde_user.c linux-2.6.27-ghost/arch/um/drivers/vde_user.c --- linux-2.6.27/arch/um/drivers/vde_user.c 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/arch/um/drivers/vde_user.c 2009-11-24 22:37:47.000000000 +0100 @@ -77,8 +77,8 @@ void vde_init_libstuff(struct vde_data *vpri, struct vde_init *init) { struct vde_open_args *args; - - vpri->args = kmalloc(sizeof(struct vde_open_args), UM_GFP_KERNEL); + /* (ghost support) kmalloc is used instead of uml_kmalloc */ + vpri->args = uml_kmalloc(sizeof(struct vde_open_args), UM_GFP_KERNEL); if (vpri->args == NULL) { printk(UM_KERN_ERR "vde_init_libstuff - vde_open_args " "allocation failed"); diff -rNuad linux-2.6.27/include/linux/netdevice.h linux-2.6.27-ghost/include/linux/netdevice.h --- linux-2.6.27/include/linux/netdevice.h 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/include/linux/netdevice.h 2009-11-24 22:37:47.000000000 +0100 @@ -14,6 +14,8 @@ * Alan Cox, * Bjorn Ekwall. * Pekka Riikonen + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -1728,4 +1730,12 @@ #endif /* __KERNEL__ */ +/* + * (ghost support) Just check whether the given name + * belongs to the ghost interface + */ +#ifdef CONFIG_GHOSTIFICATION +int is_a_ghost_interface_name(const char *interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + #endif /* _LINUX_DEV_H */ diff -rNuad linux-2.6.27/include/linux/sockios.h linux-2.6.27-ghost/include/linux/sockios.h --- linux-2.6.27/include/linux/sockios.h 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/include/linux/sockios.h 2009-11-24 22:37:47.000000000 +0100 @@ -9,6 +9,8 @@ * * Authors: Ross Biro * Fred N. van Kempen, + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -83,6 +85,13 @@ #define SIOCWANDEV 0x894A /* get/set netdev parameters */ +/* (ghost support) ghostification's ioctl */ +#ifdef CONFIG_GHOSTIFICATION +#define SIOKLOG 0x894D /* Write a string to the log */ +#define SIOCGIFGHOSTIFY 0x894E /* Make a network device 'ghost' */ +#define SIOCGIFUNGHOSTIFY 0x894F /* Make a network device 'ghost' */ +#endif /* CONFIG_GHOSTIFICATION */ + /* ARP cache control calls. */ /* 0x8950 - 0x8952 * obsolete calls, don't re-use */ #define SIOCDARP 0x8953 /* delete ARP table entry */ diff -rNuad linux-2.6.27/include/net/ghostdebug.h linux-2.6.27-ghost/include/net/ghostdebug.h --- linux-2.6.27/include/net/ghostdebug.h 1970-01-01 01:00:00.000000000 +0100 +++ linux-2.6.27-ghost/include/net/ghostdebug.h 2009-11-24 22:39:14.000000000 +0100 @@ -0,0 +1,93 @@ +/* + * Ghost support: + * Some trivials macros for display messages, trace ghost ops, + * debug and devel the ghostification kernel patch. + * + * Authors: Roudiere Jonathan, + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version + * 2 of the License, or (at your option) any later version. + */ + +#ifndef __GHOSTDEBUG__ +#define __GHOSTDEBUG__ + +#ifdef CONFIG_GHOSTIFICATION + +/* + * Ghost macros: there are three type of macros for three kind of + * information level : + * + * - the first one is ghost_ptk, that is a simple printk with the + * KERN_INFO log level, it is the standard type of display used + * by the ghostification kernel code to allow user to monitor + * ghost operations, if GHOSTIFICATION_PRINTK is not defined then + * user will not any information about the ghostified interfaces + * and the ghost engine (almost any infos ;-)), + * + * - ghost_debug and ghost_debugmsg are respectively used to show a + * calling card in a part of the code (function, files) and to show + * in plus informations additional (variable, etc ..), these two macros + * display messages with the level KERNEL_DEBUG, + * + * - ghost_devel and ghost_develmsg are very similar (redundant) + * in both previous ones, they are mainly used for the development + * of the patch to follow the stream of execution, activate + * GHOSTIFICATION_DEVEL has interest only for developers. + * +*/ + +/* + * Macro usable to debug during normal usage of the kernel. +*/ +#ifdef CONFIG_GHOSTIFICATION_DEBUG +#define ghost_debug \ + printk(KERN_DEBUG \ + "(ghost_debug): file(%s): funct(%s): line(%04d): -- info debug -- \n", \ + __FILE__, __FUNCTION__, __LINE__) +#define ghost_debugmsg(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost_debug): file(%s): funct(%s): line(%04d): " msg "\n", \ + __FILE__, __FUNCTION__, __LINE__, ##args) +#else +#define ghost_debug +#define ghost_debugmsg(msg,args...) +#endif + +/* + * A little bit redundant with the macro ghost_debug/debugmsg + * but allows a difference in the use, they are not used for the + * debugging, but to verify roads borrowed during the development. + * (note: certainly remove at next release of the patch) +*/ +#ifdef CONFIG_GHOSTIFICATION_DEVEL +#define ghost_devel \ + printk(KERN_DEBUG \ + "(ghost_devel): file(%s): funct(%s): line(%04d): -- info devel -- \n", \ + __FILE__, __FUNCTION__, __LINE__) +#define ghost_develmsg(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost_devel): file(%s): funct(%s): line(%04d): " msg "\n", \ + __FILE__, __FUNCTION__, __LINE__, ##args) +#else +#define ghost_devel +#define ghost_develmsg(msg,args...) +#endif + +/* + * Macro to display all message from chunk of code which has + * ghostification in charge (use macro to add debug level later). +*/ +#ifdef CONFIG_GHOSTIFICATION_PRINTK +#define ghost_ptk(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost) " msg "\n", ##args) +#else +#define ghost_ptk(msg,args...) +#endif + +#endif /* CONFIG_GHOSTIFICATION */ + +#endif /* __GHOSTDEBUG__ */ diff -rNuad linux-2.6.27/kernel/softirq.c linux-2.6.27-ghost/kernel/softirq.c --- linux-2.6.27/kernel/softirq.c 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/kernel/softirq.c 2009-11-24 22:43:09.000000000 +0100 @@ -121,8 +121,11 @@ */ void _local_bh_enable(void) { +/* (ghost support) we don't want disturbe user's console */ +#ifndef CONFIG_GHOSTIFICATION WARN_ON_ONCE(in_irq()); WARN_ON_ONCE(!irqs_disabled()); +#endif if (softirq_count() == SOFTIRQ_OFFSET) trace_softirqs_on((unsigned long)__builtin_return_address(0)); @@ -133,7 +136,10 @@ static inline void _local_bh_enable_ip(unsigned long ip) { +/* (ghost support) we don't want disturbe user's console */ +#ifndef CONFIG_GHOSTIFICATION WARN_ON_ONCE(in_irq() || irqs_disabled()); +#endif #ifdef CONFIG_TRACE_IRQFLAGS local_irq_disable(); #endif diff -rNuad linux-2.6.27/net/core/dev.c linux-2.6.27-ghost/net/core/dev.c --- linux-2.6.27/net/core/dev.c 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/net/core/dev.c 2009-11-24 22:37:47.000000000 +0100 @@ -18,6 +18,7 @@ * Alexey Kuznetsov * Adam Sulmicki * Pekka Riikonen + * Luca Saiu (ghostification support) * * Changes: * D.J. Barrow : Fixed bug where dev->refcnt gets set @@ -70,6 +71,8 @@ * indefinitely on dev->refcnt * J Hadi Salim : - Backlog queue sampling * - netif_rx() feedback + * Roudiere Jonathan : make some buxfix in ghostification engine + * verify CAP_NET_ADMIN before (un)ghost iface */ #include @@ -131,6 +134,230 @@ #include "net-sysfs.h" /* + * (ghost support) Chunk of code which has in charge + * the ghostification of network interfaces. + */ +#ifdef CONFIG_GHOSTIFICATION +#include + +/* The maximum number of ghost interfaces allowed at any given time: */ +#define MAX_GHOST_INTERFACES_NO CONFIG_GHOSTIFICATION_NUM + +/* + * A crude unsorted array of unique names, where "" stands for an + * empty slot. Elements are so few that an hash table would be overkill, + * and possibly also less efficient than this solution: + */ +static char ghost_interface_names[MAX_GHOST_INTERFACES_NO][IFNAMSIZ]; + +/* A lock protecting the ghost interfaces' support structure: */ +/* static DEFINE_SPINLOCK(ghostification_spin_lock); */ +static rwlock_t ghostification_spin_lock = RW_LOCK_UNLOCKED; + +/* Lock disabling local interrupts and saving flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + unsigned long flags; write_lock_irqsave(&ghostification_spin_lock, flags) + +/* Unlock re-enabling interrupts and restoring flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + write_unlock_irqrestore(&ghostification_spin_lock, flags) + +/* Lock disabling local interrupts and saving flags. This is for + readers, which are allowed to execute concurrently: */ +#define LOCK_GHOSTIFICATION_FOR_READING \ + unsigned long flags; read_lock_irqsave(&ghostification_spin_lock, flags) + +/* Lock re-enabling interrupts and restoring flags. This is for + readers, which are allowed to execute concurrently: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING \ + read_unlock_irqrestore(&ghostification_spin_lock, flags) + +#ifdef CONFIG_IPV6 +/* Defined in net/ipv6/addrconf.c: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +#endif /* CONFIG_IPV6 */ + +/* Return the index of the given element (which may be "") within + ghost_interface_names, or -1 on failure. Note that this must be + executed in a critical section: */ +static int __lookup_ghost_interface_names(const char *interface_name) +{ + int i; + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(!strcmp(interface_name, ghost_interface_names[i])) + return i; /* we found the given name in the i-th element */ + return -1; /* we didn't find the given name in the array */ +} + +/* This is useful for debugging. It must be called in a critical section. */ +static void __dump_ghost_interfaces(void) +{ + int i; + int number_of_ghost_interfaces = 0; + + ghost_ptk("Ghost interfaces are now: "); + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(strcmp(ghost_interface_names[i], "")) { + number_of_ghost_interfaces++; + ghost_ptk("%i. %s", number_of_ghost_interfaces, + ghost_interface_names[i]); + } + + ghost_ptk("There are now %i ghost interfaces. " + "A maximum of %i can exist at any given time.", + number_of_ghost_interfaces, MAX_GHOST_INTERFACES_NO); +} + +/* Just check whether the given name belongs to a ghost interface. + This must be called in a critical section: */ +int __is_a_ghost_interface_name(const char *interface_name) +{ + /* Particular case: "" is *not* a ghost interface name, even + if it's in the ghost interfaces array (we use it just to mark + an empty slot): */ + if(interface_name[0] == '\0') + return 0; + /* Just check whether interface_name is an element of the array: */ + return __lookup_ghost_interface_names(interface_name) >= 0; +} + +/* Just check whether the given name belongs to a ghost interface: */ +int is_a_ghost_interface_name(const char *interface_name) +{ + int result; + LOCK_GHOSTIFICATION_FOR_READING; + /* Just check whether interface_name is an element of the array: */ + result = __is_a_ghost_interface_name(interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING; + return result; +} + +/* Make the given interface ghost. Return 0 on success, nonzero on + failure. Failure occours when the interface is already ghost or + does not exist: */ +static int ghostify_interface(char *interface_name) +{ + int a_free_element_index; + const size_t name_length = strlen(interface_name); + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + + /* Let's avoid buffer overflows... This could possibly be exploited: */ + if((name_length >= IFNAMSIZ) || (name_length == 0)) + { + ghost_ptk("The user asked to ghostify the interface %s, " + "which has a name of length %i. Failing.", + interface_name, name_length); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EINVAL; + } + + /* Fail if the interface is already ghostified. In particular we + want *no* duplicates in the array. Note that we're already in + a critical section here, so there's no need for locking: */ + if(__is_a_ghost_interface_name(interface_name)) + { + ghost_ptk("Could not ghostify the interface %s, " + "because it\'s already ghost.", interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EEXIST; /* File exists, seems to be more appropriate */ + /* return -EINVAL; */ + } + + /* Fail if the interface is not found. We don't want add a + no-existing interface in our array */ + struct net_device *device; + device = dev_get_by_name(&init_net, interface_name); + if (device == NULL) { + ghost_ptk("Could not ghostify the interface %s which " + "doesn't exist. Try again.", interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENODEV; + } + + /* Look for a free spot: */ + a_free_element_index = __lookup_ghost_interface_names(""); + if(a_free_element_index < 0) + { + ghost_ptk("Could not ghostify the interface %s, " + "because %i interfaces are already ghostified. Sorry.", + interface_name, MAX_GHOST_INTERFACES_NO); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENOMEM; + } + + /* Ok, we found a free spot; just copy the interface name: */ + strcpy(ghost_interface_names[a_free_element_index], interface_name); + +#ifdef CONFIG_IPV6 + /* Hide /proc/net/dev_snmp6/DEVICE for the new ghost DEVICE: */ + hide_proc_net_dev_snmp6_DEVICE_if_needed( + ghost_interface_names[a_free_element_index]); +#endif /* CONFIG_IPV6 */ + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} + +/* Make the given interface, which should be ghost, non-ghost. + Return 0 on success, nonzero on failure. Failure occours when + the given interface is non-ghost or does not exist: */ +static int unghostify_interface(char *ghost_interface_name) +{ + int the_interface_index; + struct net_device *device; + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + + /* Fail if the interface is not found. It is not necessary + to search in the array a no-existing interface and allow + to return a more appropriate error code to the userspace. */ + device = dev_get_by_name(&init_net, ghost_interface_name); + if (device == NULL) { + ghost_ptk("Could not unghostify the interface %s " + "which doesn't exist. Try again.\n", ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENODEV; + } + + /* Look for the given interface: */ + the_interface_index = + __lookup_ghost_interface_names(ghost_interface_name); + if(the_interface_index < 0) + { + ghost_ptk("Could not unghostify the interface %s, \ + because it's non-ghost or not existing.\n", + ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ESRCH; /* No such device or address, seems to be more appropriate */ + /* return -EINVAL; */ + } + + /* Ok, we found the interface: just "remove" its name from the array: */ + ghost_interface_names[the_interface_index][0] = '\0'; + +#ifdef CONFIG_IPV6 + /* Show again /proc/net/dev_snmp6/DEVICE for the now non-ghost DEVICE: */ + show_proc_net_dev_snmp6_DEVICE_if_needed(ghost_interface_name); +#endif /* CONFIG_IPV6 */ + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} +EXPORT_SYMBOL(is_a_ghost_interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + +/* + * (ghost support) End of ghostification support + */ + + +/* * The list of packet types we will receive (as opposed to discard) * and the routines to invoke. * @@ -550,6 +777,13 @@ { int ints[5]; struct ifmap map; + /* (ghost support) There are no ghost interfaces by default */ +#ifdef CONFIG_GHOSTIFICATION + int i; + + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + ghost_interface_names[i][0] = '\0'; +#endif /* CONFIG_GHOSTIFICATION */ str = get_options(str, ARRAY_SIZE(ints), ints); if (!str || !*str) @@ -2510,11 +2744,20 @@ len = ifc.ifc_len; /* - * Loop over the interfaces, and write an info block for each. + * Loop over the interfaces, and write an info block for each, + * (ghost support) unless they are ghostified. */ total = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* Don't tell the user about ghost interfaces: just skip them */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Skipping the ghost interface %s in SIOCGIFCONF", + dev->name); + continue; + } +#endif /* CONFIG_GHOSTIFICATION */ for (i = 0; i < NPROTO; i++) { if (gifconf_list[i]) { int done; @@ -2582,24 +2825,27 @@ static void dev_seq_printf_stats(struct seq_file *seq, struct net_device *dev) { struct net_device_stats *stats = dev->get_stats(dev); - - seq_printf(seq, "%6s:%8lu %7lu %4lu %4lu %4lu %5lu %10lu %9lu " - "%8lu %7lu %4lu %4lu %4lu %5lu %7lu %10lu\n", - dev->name, stats->rx_bytes, stats->rx_packets, - stats->rx_errors, - stats->rx_dropped + stats->rx_missed_errors, - stats->rx_fifo_errors, - stats->rx_length_errors + stats->rx_over_errors + - stats->rx_crc_errors + stats->rx_frame_errors, - stats->rx_compressed, stats->multicast, - stats->tx_bytes, stats->tx_packets, - stats->tx_errors, stats->tx_dropped, - stats->tx_fifo_errors, stats->collisions, - stats->tx_carrier_errors + - stats->tx_aborted_errors + - stats->tx_window_errors + - stats->tx_heartbeat_errors, - stats->tx_compressed); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't show anything in /proc if iface is ghostified */ + if(! is_a_ghost_interface_name(dev->name)) +#endif /* CONFIG_GHOSTIFICATION */ + seq_printf(seq, "%6s:%8lu %7lu %4lu %4lu %4lu %5lu %10lu %9lu " + "%8lu %7lu %4lu %4lu %4lu %5lu %7lu %10lu\n", + dev->name, stats->rx_bytes, stats->rx_packets, + stats->rx_errors, + stats->rx_dropped + stats->rx_missed_errors, + stats->rx_fifo_errors, + stats->rx_length_errors + stats->rx_over_errors + + stats->rx_crc_errors + stats->rx_frame_errors, + stats->rx_compressed, stats->multicast, + stats->tx_bytes, stats->tx_packets, + stats->tx_errors, stats->tx_dropped, + stats->tx_fifo_errors, stats->collisions, + stats->tx_carrier_errors + + stats->tx_aborted_errors + + stats->tx_window_errors + + stats->tx_heartbeat_errors, + stats->tx_compressed); } /* @@ -3450,6 +3696,16 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) skip if it is a ghostified interface */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("The user is performing a SIOCxIFxxx ioctl() " + "on the ghost interface %s, Failing.", dev->name); + ghost_debugmsg("we make the SIOCxIFxxx ioctl's call fail with -ENODEV"); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + switch (cmd) { case SIOCGIFFLAGS: /* Get interface flags */ ifr->ifr_flags = dev_get_flags(dev); @@ -3517,6 +3773,17 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) skip if it is a ghostified interface */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("The user is performing a SIOCxIFxxx ioctl() on " + "the ghost interface %s, Failing.", dev->name); + ghost_debugmsg("we make the SIOCxIFxxx ioctl's call fail " + "with -ENODEV"); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + switch (cmd) { case SIOCSIFFLAGS: /* Set interface flags */ return dev_change_flags(dev, ifr->ifr_flags); @@ -3660,6 +3927,57 @@ */ switch (cmd) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) catch ghostification's ioctl */ + case SIOKLOG: { + char text[1000]; + if(copy_from_user(text, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + text[IFNAMSIZ] = '\0'; + printk(KERN_DEBUG "%s\n", text); + return 0; + } + /* (un)ghostification ops require superuser power */ + case SIOCGIFGHOSTIFY: { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, + (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + ghost_ptk("The user asked to ghostify the interface %s.", + interface_name); + if((failure = ghostify_interface(interface_name)) == 0) + ghost_ptk("Ok, %s was ghostified.", + interface_name); + else + ghost_ptk("Failure in ghostification of %s.", + interface_name); + return failure; + } + case SIOCGIFUNGHOSTIFY: { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + ghost_ptk("The user asked to unghostify the interface %s.", + interface_name); + if((failure = unghostify_interface(interface_name)) == 0) + ghost_ptk("Ok, %s was unghostified.", + interface_name); + else + ghost_ptk("Failure in unghostification of %s.", + interface_name); + return failure; + } + /* end of ghostficiation ioctl */ +#endif /* CONFIG_GHOSTIFICATION */ + /* * These ioctl calls: * - can be done by all. diff -rNuad linux-2.6.27/net/core/dev_mcast.c linux-2.6.27-ghost/net/core/dev_mcast.c --- linux-2.6.27/net/core/dev_mcast.c 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/net/core/dev_mcast.c 2009-11-24 22:37:47.000000000 +0100 @@ -14,6 +14,8 @@ * Alan Cox : IFF_ALLMULTI support. * Alan Cox : New format set_multicast_list() calls. * Gleb Natapov : Remove dev_mc_lock. + * Luca Saiu : trivial changes for + * ghostification support. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -48,6 +50,9 @@ #include #include +#ifdef CONFIG_GHOSTIFICATION +#include +#endif /* CONFIG_GHOSTIFICATION */ /* * Device multicast list maintenance. @@ -167,7 +172,15 @@ netif_addr_lock_bh(dev); for (m = dev->mc_list; m; m = m->next) { int i; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information + in /proc about ghost interfaces */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Don't show any information in /proc " + "about ghostified interface"); + continue; + } +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(seq, "%-4d %-15s %-5d %-5d ", dev->ifindex, dev->name, m->dmi_users, m->dmi_gusers); diff -rNuad linux-2.6.27/net/core/rtnetlink.c linux-2.6.27-ghost/net/core/rtnetlink.c --- linux-2.6.27/net/core/rtnetlink.c 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/net/core/rtnetlink.c 2009-11-24 22:37:47.000000000 +0100 @@ -12,8 +12,12 @@ * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * - * Fixes: + * Fixes: * Vitaly E. Lavrov RTA_OK arithmetics was wrong. + * + * Changes: + * Roudiere Jonathan Some changes + * to ghost support, to allow to hide ghost net interfaces */ #include @@ -53,6 +57,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + struct rtnl_link { rtnl_doit_func doit; @@ -106,7 +115,10 @@ static rtnl_doit_func rtnl_get_doit(int protocol, int msgindex) { struct rtnl_link *tab; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("protocol = %i and msgindex %i ",protocol, msgindex); +#endif tab = rtnl_msg_handlers[protocol]; if (tab == NULL || tab[msgindex].doit == NULL) tab = rtnl_msg_handlers[PF_UNSPEC]; @@ -117,7 +129,10 @@ static rtnl_dumpit_func rtnl_get_dumpit(int protocol, int msgindex) { struct rtnl_link *tab; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("protocol = %i and msgindex %i ",protocol, msgindex); +#endif tab = rtnl_msg_handlers[protocol]; if (tab == NULL || tab[msgindex].dumpit == NULL) tab = rtnl_msg_handlers[PF_UNSPEC]; @@ -460,6 +475,12 @@ { struct sock *rtnl = net->rtnl; int report = 0; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add inforation to devel patch */ + ghost_develmsg("pid = %i, nlh->nlmsg_pid = %i, nlh->nlmsg_type %i " + "and nlh->nlmsg_seq = %i", pid, nlh->nlmsg_pid, + nlh->nlmsg_type, nlh->nlmsg_seq); +#endif if (nlh) report = nlmsg_report(nlh); @@ -615,6 +636,20 @@ if (nlh == NULL) return -EMSGSIZE; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("pid = %i, nlh->nlmsg_pid = %i, nlh->nlmsg_type " + "= %i, seq = %i and nlh->nlmsg_seq = %i", + pid, nlh->nlmsg_pid, nlh->nlmsg_type, + seq, nlh->nlmsg_seq); + ghost_develmsg("dev->name = %s and dev->ifindex = %i", + dev->name, + dev->ifindex); + /* function whose call rtnl_fill_ifinfo has been modified, except + rtmsg_ifinfo so if it will be necessary to skip ghost iface here then + keep in your mind to test pid because if it is eq. to 0 then it is a + kernel request (else user request) and we don't want disturbe its work. */ +#endif ifm = nlmsg_data(nlh); ifm->ifi_family = AF_UNSPEC; ifm->__ifi_pad = 0; @@ -686,6 +721,24 @@ idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) function which encapsulates calls to + * rtnl_fill_ifinfo and which is call after rtnl_get_doit/dumpit, + * use to dump list of network interfaces (as used by "ip link") + */ + ghost_develmsg("for_each_netdev, current net_device is %s", + dev->name); + ghost_develmsg("netlink cb pid = %i, cb nlh->nlmsg_type = %i, " + "cb familly/proto = %i, cb nlh->nlmsg_pid %i", + NETLINK_CB(cb->skb).pid, cb->nlh->nlmsg_type, + cb->family, cb->nlh->nlmsg_pid); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Hide ghotified interface (%s) in the dump", + dev->name); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if (rtnl_fill_ifinfo(skb, dev, RTM_NEWLINK, @@ -925,6 +978,18 @@ err = -ENODEV; goto errout; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it + with user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change state/parameters of a ghotified " + "interface (%s), skip", dev->name); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ if ((err = validate_linkmsg(dev, tb)) < 0) goto errout_dev; @@ -963,6 +1028,17 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it + with user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change dell a ghotified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ ops = dev->rtnl_link_ops; if (!ops) @@ -1165,6 +1241,17 @@ dev = dev_get_by_index(net, ifm->ifi_index); if (dev == NULL) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it with + user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get infos about a ghotified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ } else return -EINVAL; @@ -1219,6 +1306,8 @@ struct sk_buff *skb; int err = -ENOBUFS; + /* (ghost support) call rtnl_fill_ifinfo so maybe it + is need here to modify, in order to skip ghost iface */ skb = nlmsg_new(if_nlmsg_size(dev), GFP_KERNEL); if (skb == NULL) goto errout; @@ -1253,6 +1342,11 @@ int err; type = nlh->nlmsg_type; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("Enter, nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i and nlh->nlmsg_seq = %i ", + nlh->nlmsg_pid, nlh->nlmsg_seq, nlh->nlmsg_seq); +#endif /* CONFIG_GHOSTIFICATION */ + if (type > RTM_MAX) return -EOPNOTSUPP; @@ -1272,14 +1366,21 @@ if (kind != 2 && security_netlink_recv(skb, CAP_NET_ADMIN)) return -EPERM; + /* (ghost support) kind = 2 then imply RTM_GETLINK has been used */ if (kind == 2 && nlh->nlmsg_flags&NLM_F_DUMP) { struct sock *rtnl; rtnl_dumpit_func dumpit; + /* (ghost support) then rtnl_get_dumpit return pointer to the appropriate + function for this family and this type take in rtnl_msg_handler[] */ dumpit = rtnl_get_dumpit(family, type); if (dumpit == NULL) return -EOPNOTSUPP; - +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("Part 1: rtnl_get_dumpit(family %i, type %i) " + "is used before call to netlink_dump_start", + family,type); +#endif /* CONFIG_GHOSTIFICATION */ __rtnl_unlock(); rtnl = net->rtnl; err = netlink_dump_start(rtnl, skb, nlh, dumpit, NULL); @@ -1311,6 +1412,11 @@ doit = rtnl_get_doit(family, type); if (doit == NULL) return -EOPNOTSUPP; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) rtnl_get_doit return pointer to the appropriate + function for this family and this type take in rtnl_msg_handler[] */ + ghost_develmsg("Part 2: rtnl_get_doit(family %i, type %i)", family, type); +#endif /* CONFIG_GHOSTIFICATION */ return doit(skb, nlh, (void *)&rta_buf[0]); } @@ -1326,6 +1432,10 @@ { struct net_device *dev = ptr; + /* (ghost support) if we want provide a ghost's way to modify + the state of a ghost iface, it will be necessary to skip event + reports involing ghost iface (actually any changes are possible + if the iface is ghostified so there is nothing to report) */ switch (event) { case NETDEV_UNREGISTER: rtmsg_ifinfo(RTM_DELLINK, dev, ~0U); diff -rNuad linux-2.6.27/net/ipv4/arp.c linux-2.6.27-ghost/net/ipv4/arp.c --- linux-2.6.27/net/ipv4/arp.c 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/net/ipv4/arp.c 2009-11-24 22:37:47.000000000 +0100 @@ -70,6 +70,8 @@ * bonding can change the skb before * sending (e.g. insert 8021q tag). * Harald Welte : convert to make use of jenkins hash + * Luca Saiu @@ -116,6 +118,11 @@ struct neigh_table *clip_tbl_hook; #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include #include @@ -1309,9 +1316,21 @@ } #endif sprintf(tbuf, NIPQUAD_FMT, NIPQUAD(*(u32*)n->primary_key)); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show anything in /proc if it involves + ghost interfaces: */ + if (! is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Don't show any arp information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", + tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); + read_unlock(&n->lock); + } +#else seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", - tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); + tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); read_unlock(&n->lock); +#endif /* CONFIG_GHOSTIFICATION */ } static void arp_format_pneigh_entry(struct seq_file *seq, @@ -1322,9 +1341,21 @@ char tbuf[16]; sprintf(tbuf, NIPQUAD_FMT, NIPQUAD(*(u32*)n->key)); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show anything in /proc if it involves + ghost interfaces */ + if (! is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Don't show any arp information in /proc " + "about ghostified interfaces (2)."); + seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", + tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", + dev ? dev->name : "*"); + } +#else seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", - tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", - dev ? dev->name : "*"); + tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", + dev ? dev->name : "*"); +#endif /* CONFIG_GHOSTIFICATION */ } static int arp_seq_show(struct seq_file *seq, void *v) diff -rNuad linux-2.6.27/net/ipv4/devinet.c linux-2.6.27-ghost/net/ipv4/devinet.c --- linux-2.6.27/net/ipv4/devinet.c 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/net/ipv4/devinet.c 2009-11-24 22:37:47.000000000 +0100 @@ -23,6 +23,9 @@ * address (4.4BSD alias style support), * fall back to comparing just the label * if no match found. + * Roudiere Jonathan : + * some changes to ghost support, skip + * request involving a ghostified iface. */ @@ -62,6 +65,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + static struct ipv4_devconf ipv4_devconf = { .data = { [NET_IPV4_CONF_ACCEPT_REDIRECTS - 1] = 1, @@ -455,6 +463,16 @@ err = -ENODEV; goto errout; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("in_dev->dev->name = %s", in_dev->dev->name); + if (is_a_ghost_interface_name(in_dev->dev->name)) { + ghost_ptk("Try to delete address on a ghostified interface (%s), skip", + (in_dev->dev->name)); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ __in_dev_put(in_dev); @@ -504,6 +522,17 @@ if (dev == NULL) goto errout; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("(dev->name) = %s ", (dev->name)); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change/modfy address on a ghostified interface (%s), skip", + (dev->name)); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ + in_dev = __in_dev_get_rtnl(dev); err = -ENOBUFS; if (in_dev == NULL) @@ -553,6 +582,12 @@ ASSERT_RTNL(); + /* (ghost support) don't modify this funct but directly + rtm_to_ifaddr, as for others funct, with user-levels tools + (as iproute) we normaly never arrive here (because a dump + all ifaces is perform before and func which make the dump + has been modified (but we want prevent user tool request + the ghost iface directly */ ifa = rtm_to_ifaddr(net, nlh); if (IS_ERR(ifa)) return PTR_ERR(ifa); @@ -1170,6 +1205,15 @@ s_ip_idx = ip_idx = cb->args[1]; idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION /* _VERIFICATION_NEED_ */ + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("dev->name = %s", dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get address on a ghostified interface (%s), skip", + (dev->name)); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if (idx > s_idx) diff -rNuad linux-2.6.27/net/ipv4/fib_frontend.c linux-2.6.27-ghost/net/ipv4/fib_frontend.c --- linux-2.6.27/net/ipv4/fib_frontend.c 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/net/ipv4/fib_frontend.c 2009-11-24 22:37:47.000000000 +0100 @@ -6,6 +6,10 @@ * IPv4 Forwarding Information Base: FIB frontend. * * Authors: Alexey Kuznetsov, + * Luca Saiu (simple changes for ghostification + * support). + * Roudiere Jonathan (some display + * and comment for ghostification in rtnetlink functions). * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -45,6 +49,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #ifndef CONFIG_IP_MULTIPLE_TABLES static int __net_init fib4_rules_init(struct net *net) @@ -451,6 +460,11 @@ * Handle IP routing ioctl calls. These are used to manipulate the routing tables */ +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) A function implemented in net/core/dev.c */ +int is_a_ghost_interface_name(const char *interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + int ip_rt_ioctl(struct net *net, unsigned int cmd, void __user *arg) { struct fib_config cfg; @@ -465,6 +479,22 @@ if (copy_from_user(&rt, arg, sizeof(rt))) return -EFAULT; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Forbid any action involving a ghost interface */ + if (rt.rt_dev != (char __user*)NULL) { + /* We need to have this name in kernel space to check + for ghostification: */ + char interface_name[1000]; /* [IFNAMSIZ+1] is certainly sufficient */ + if(copy_from_user(interface_name, rt.rt_dev, IFNAMSIZ + 1)) + return -EFAULT; + if(is_a_ghost_interface_name(interface_name)) { + ghost_ptk("The user aked to add a route involving the " + "ghost interface %s. We make this operation fail", + interface_name); + return -ENODEV; + } + } +#endif /* CONFIG_GHOSTIFICATION */ rtnl_lock(); err = rtentry_to_fib_config(net, cmd, &rt, &cfg); @@ -473,12 +503,18 @@ if (cmd == SIOCDELRT) { tb = fib_get_table(net, cfg.fc_table); + /* (ghost support) The function pointed by tb->tb_delete was + also modified to deal with ghost interfaces. Such function + may be either fn_hash_delete() or fn_trie_delete() */ if (tb) err = tb->tb_delete(tb, &cfg); else err = -ESRCH; } else { tb = fib_new_table(net, cfg.fc_table); + /* (ghost support) The function pointed by tb->tb_insert was + also modified to deal with ghost interfaces. Such function + may be either fn_hash_insert() or fn_trie_insert() */ if (tb) err = tb->tb_insert(tb, &cfg); else @@ -585,6 +621,16 @@ struct fib_table *tb; int err; + /* + * (ghost support) add infos for patch devel, we don't modify + * inet_rtm_newroute but instead functions pointed by tb->tb_delete, + * either fn_hash_delete() (in fib_hash.c) or fn_trie_delete() + * (in fib_trie.c) + */ + ghost_develmsg(" nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i " + "and nlh->nlmsg_type = %i", nlh->nlmsg_pid, + nlh->nlmsg_seq, nlh->nlmsg_type); + err = rtm_to_fib_config(net, skb, nlh, &cfg); if (err < 0) goto errout; @@ -607,6 +653,16 @@ struct fib_table *tb; int err; + /* + * (ghost support) add infos for patch devel, we don't modify + * inet_rtm_newroute but instead function pointed by tb->tb_insert, + * either fn_hash_insert() (in fib_hash.c) or fn_trie_insert() + * (in fib_trie.c) + */ + ghost_develmsg(" nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i " + "and nlh->nlmsg_type = %i", nlh->nlmsg_pid, + nlh->nlmsg_seq, nlh->nlmsg_type); + err = rtm_to_fib_config(net, skb, nlh, &cfg); if (err < 0) goto errout; @@ -622,6 +678,12 @@ return err; } +/* + * (ghost support) Fonction called through rtnetlink to dump + * all routes, we don't change anythings here, changes have + * been made in fib_semantics.c (in fib_dump_info which is + * called by fib_trie and fib_hash). + */ static int inet_dump_fib(struct sk_buff *skb, struct netlink_callback *cb) { struct net *net = sock_net(skb->sk); @@ -634,7 +696,7 @@ if (nlmsg_len(cb->nlh) >= sizeof(struct rtmsg) && ((struct rtmsg *) nlmsg_data(cb->nlh))->rtm_flags & RTM_F_CLONED) - return ip_rt_dump(skb, cb); + return ip_rt_dump(skb, cb); /* (ghost support) need modify this func */ s_h = cb->args[0]; s_e = cb->args[1]; @@ -659,6 +721,9 @@ cb->args[1] = e; cb->args[0] = h; + /* (ghost support) Length returned can be changed by + fib_dump_info when a route of a ghositifed iface is + lookup (skb length may be abnormal, diff of mod(240)) */ return skb->len; } diff -rNuad linux-2.6.27/net/ipv4/fib_hash.c linux-2.6.27-ghost/net/ipv4/fib_hash.c --- linux-2.6.27/net/ipv4/fib_hash.c 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/net/ipv4/fib_hash.c 2009-11-24 22:37:47.000000000 +0100 @@ -6,6 +6,11 @@ * IPv4 FIB: lookup engine and maintenance routines. * * Authors: Alexey Kuznetsov, + * Luca Saiu (simple changes for ghostification + * support). + * Roudiere Jonathan (bugfixes, + * forgetting ghost support in the function fn_hash_insert, bad + * field check in fib_seq_show). * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -41,6 +46,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "fib_lookup.h" static struct kmem_cache *fn_hash_kmem __read_mostly; @@ -397,6 +407,18 @@ if (IS_ERR(fi)) return PTR_ERR(fi); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for route involving + ghostified interface, current funct is pointed by tb->tb_insert */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + if (fz->fz_nent > (fz->fz_divisor<<1) && fz->fz_divisor < FZ_MAX_DIVISOR && (cfg->fc_dst_len == 32 || @@ -580,7 +602,17 @@ fa = list_entry(fa->fa_list.prev, struct fib_alias, fa_list); list_for_each_entry_continue(fa, &f->fn_alias, fa_list) { struct fib_info *fi = fa->fa_info; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for route involving + ghostified interface, current funct is pointed by tb->tb_delete */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ if (fa->fa_tos != cfg->fc_tos) break; @@ -1022,19 +1054,39 @@ prefix = f->fn_key; mask = FZ_MASK(iter->zone); flags = fib_flag_trans(fa->fa_type, mask, fi); - if (fi) + if (fi) + { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't display any informations about + ghostified interfaces under /proc/net/route, bf */ + if (! is_a_ghost_interface_name((const char*)fi->fib_dev->name)) + { + ghost_ptk("Don't display routes for a ghostified " + "interface (%s) /proc/net/route", + (const char*)fi->fib_dev->name); + seq_printf(seq, + "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", prefix, + fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, + mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); + } +#else seq_printf(seq, - "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", - fi->fib_dev ? fi->fib_dev->name : "*", prefix, - fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, - mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), - fi->fib_window, - fi->fib_rtt >> 3, &len); - else + "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", prefix, + fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, + mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); +#endif /* CONFIG_GHOSTIFICATION */ + } + else { seq_printf(seq, - "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", - prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); - + "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); + } seq_printf(seq, "%*s\n", 127 - len, ""); out: return 0; diff -rNuad linux-2.6.27/net/ipv4/fib_semantics.c linux-2.6.27-ghost/net/ipv4/fib_semantics.c --- linux-2.6.27/net/ipv4/fib_semantics.c 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/net/ipv4/fib_semantics.c 2009-11-24 22:37:47.000000000 +0100 @@ -11,6 +11,9 @@ * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. + * Changes: + * Roudiere Jonathan trivial + * change for ghostification. */ #include @@ -43,6 +46,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "fib_lookup.h" static DEFINE_SPINLOCK(fib_info_lock); @@ -953,6 +961,23 @@ if (nlh == NULL) return -EMSGSIZE; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) function call by fib_trie and fib_hash to dump route, + * in most case we won't arrive here with usertools (like iproute), because + * modification in rtnl_dump_ifinfo hide iface and modif here may be not really + * proper because put abnormal length in the skb->len return by inet_dump_fib + * (used without error..) if pid != 0 then user talks else that is the kernel; + */ + if (pid != 0) + if (is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Try to get route about ghost iface (%s), skip", + fi->fib_dev->name); + /* return -EMSGSIZE; don't use this because that stops evaluation */ + return nlmsg_end(skb, nlh); + } +#endif /* CONFIG_GHOSTIFICATION */ + rtm = nlmsg_data(nlh); rtm->rtm_family = AF_INET; rtm->rtm_dst_len = dst_len; diff -rNuad linux-2.6.27/net/ipv4/fib_trie.c linux-2.6.27-ghost/net/ipv4/fib_trie.c --- linux-2.6.27/net/ipv4/fib_trie.c 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/net/ipv4/fib_trie.c 2009-11-24 22:37:47.000000000 +0100 @@ -12,6 +12,12 @@ * * Hans Liss Uppsala Universitet * + * Luca Saiu (simple changes for ghostification + * support) + * Roudiere Jonathan (bugfixes, + * forgetting ghost support in the function fn_trie_insert, bad + * field check in fib_route_seq_show). + * * This work is based on the LPC-trie which is originally descibed in: * * An experimental study of compression methods for dynamic tries @@ -80,6 +86,11 @@ #include #include "fib_lookup.h" +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define MAX_STAT_DEPTH 32 #define KEYLENGTH (8*sizeof(t_key)) @@ -1195,6 +1206,18 @@ goto err; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for + route involving ghostified interface */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + l = fib_find_node(t, key); fa = NULL; @@ -1623,7 +1646,17 @@ fa = list_entry(fa->fa_list.prev, struct fib_alias, fa_list); list_for_each_entry_continue(fa, fa_head, fa_list) { struct fib_info *fi = fa->fa_info; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for + route involving ghostified interface */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ if (fa->fa_tos != tos) break; @@ -2583,7 +2616,28 @@ || fa->fa_type == RTN_MULTICAST) continue; - if (fi) + if (fi) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't display any informations about + ghostified interfaces under /proc/net/route, bf */ + if (! is_a_ghost_interface_name((const char*)fi->fib_dev->name)) { + ghost_ptk("Don't display routes for a ghostified " + "interface (%s) in /proc/net/route", + (const char*)fi->fib_dev->name); + seq_printf(seq, + "%s\t%08X\t%08X\t%04X\t%d\t%u\t" + "%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", + prefix, + fi->fib_nh->nh_gw, flags, 0, 0, + fi->fib_priority, + mask, + (fi->fib_advmss ? + fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); + } +#else seq_printf(seq, "%s\t%08X\t%08X\t%04X\t%d\t%u\t" "%d\t%08X\t%d\t%u\t%u%n", @@ -2596,13 +2650,14 @@ fi->fib_advmss + 40 : 0), fi->fib_window, fi->fib_rtt >> 3, &len); - else +#endif /* CONFIG_GHOSTIFICATION */ + } else { seq_printf(seq, "*\t%08X\t%08X\t%04X\t%d\t%u\t" "%d\t%08X\t%d\t%u\t%u%n", prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); - + } seq_printf(seq, "%*s\n", 127 - len, ""); } } diff -rNuad linux-2.6.27/net/ipv4/igmp.c linux-2.6.27-ghost/net/ipv4/igmp.c --- linux-2.6.27/net/ipv4/igmp.c 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/net/ipv4/igmp.c 2009-11-24 22:37:47.000000000 +0100 @@ -68,6 +68,8 @@ * Alexey Kuznetsov: Accordance to igmp-v2-06 draft. * David L Stevens: IGMPv3 support, with help from * Vinay Kulkarni + * Luca Saiu : trivial changes for ghostification + * support */ #include @@ -105,6 +107,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define IP_MAX_MEMBERSHIPS 20 #define IP_MAX_MSF 10 @@ -2382,8 +2389,18 @@ #endif if (state->in_dev->mc_list == im) { - seq_printf(seq, "%d\t%-10s: %5d %7s\n", - state->dev->ifindex, state->dev->name, state->dev->mc_count, querier); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if(! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, "%d\t%-10s: %5d %7s\n", state->dev->ifindex, + state->dev->name, state->dev->mc_count, querier); + } +#else + seq_printf(seq, "%d\t%-10s: %5d %7s\n", state->dev->ifindex, + state->dev->name, state->dev->mc_count, querier); +#endif /* CONFIG_GHOSTIFICATION */ } seq_printf(seq, @@ -2543,14 +2560,30 @@ "Device", "MCA", "SRC", "INC", "EXC"); } else { - seq_printf(seq, - "%3d %6.6s 0x%08x " - "0x%08x %6lu %6lu\n", - state->dev->ifindex, state->dev->name, - ntohl(state->im->multiaddr), - ntohl(psf->sf_inaddr), - psf->sf_count[MCAST_INCLUDE], - psf->sf_count[MCAST_EXCLUDE]); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if (! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp information in /proc " + "about ghostified interfaces (2)."); + seq_printf(seq, + "%3d %6.6s 0x%08x " + "0x%08x %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + ntohl(state->im->multiaddr), + ntohl(psf->sf_inaddr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); + } +#else + seq_printf(seq, + "%3d %6.6s 0x%08x " + "0x%08x %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + ntohl(state->im->multiaddr), + ntohl(psf->sf_inaddr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; } diff -rNuad linux-2.6.27/net/ipv4/route.c linux-2.6.27-ghost/net/ipv4/route.c --- linux-2.6.27/net/ipv4/route.c 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/net/ipv4/route.c 2009-11-24 22:37:47.000000000 +0100 @@ -55,6 +55,9 @@ * Eric Dumazet : hashed spinlocks and rt_check_expire() fixes. * Ilia Sotnikov : Ignore TOS on PMTUD and Redirect * Ilia Sotnikov : Removed TOS from hash calculations + * Luca Saiu : trivial changes for ghostification support + * Roudiere Jonathan : ghost support to rtnetlink + * function, ghost bugfix (field) in rt_cache_seq_show * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -108,6 +111,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define RT_FL_TOS(oldflp) \ ((u32)(oldflp->fl4_tos & (IPTOS_RT_MASK | RTO_ONLINK))) @@ -368,6 +376,14 @@ "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t" "HHUptod\tSpecDst"); else { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Dont't display informations about ghost ifaces, bf */ + if(is_a_ghost_interface_name((const char*)((struct rtable*)v)->u.dst.dev->name)) { + ghost_ptk("Don't display routing informations about ghost interface (%s)", + ((const char*)((struct rtable*)v)->u.dst.dev->name)); + return 0; + } +#endif /* CONFIG_GHOSTIFICATION */ struct rtable *r = v; int len; @@ -385,11 +401,11 @@ r->fl.fl4_tos, r->u.dst.hh ? atomic_read(&r->u.dst.hh->hh_refcnt) : -1, r->u.dst.hh ? (r->u.dst.hh->hh_output == - dev_queue_xmit) : 0, + dev_queue_xmit) : 0, r->rt_spec_dst, &len); seq_printf(seq, "%*s\n", 127 - len, ""); - } + } return 0; } @@ -2675,8 +2691,13 @@ r->rtm_src_len = 32; NLA_PUT_BE32(skb, RTA_SRC, rt->fl.fl4_src); } - if (rt->u.dst.dev) + if (rt->u.dst.dev) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) */ + ghost_develmsg("Net device is = %s ",rt->u.dst.dev->name); +#endif NLA_PUT_U32(skb, RTA_OIF, rt->u.dst.dev->ifindex); + } #ifdef CONFIG_NET_CLS_ROUTE if (rt->u.dst.tclassid) NLA_PUT_U32(skb, RTA_FLOW, rt->u.dst.tclassid); @@ -2759,7 +2780,7 @@ err = -ENOBUFS; goto errout; } - + /* Reserve room for dummy headers, this skb can pass through good chunk of routing engine. */ @@ -2781,6 +2802,17 @@ if (dev == NULL) { err = -ENODEV; goto errout_free; + +#ifdef CONFIG_GHOSTIFICATION + ghost_debugmsg("Net device is %s ", dev->name); + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get a route involving a ghostified " + "interface (%s), skip", dev->name); + err = -ENODEV; + goto errout_free; + } +#endif /* CONFIG_GHOSTIFICATION */ } skb->protocol = htons(ETH_P_IP); @@ -2806,13 +2838,31 @@ err = ip_route_output_key(net, &rt, &fl); } - if (err) + if (err) { goto errout_free; + } skb->rtable = rt; if (rtm->rtm_flags & RTM_F_NOTIFY) rt->rt_flags |= RTCF_NOTIFY; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't allow get ops for route + involving a ghostified interface, unnecessary test ..(rt) */ + if (rt) { + if (rt->u.dst.dev) { + ghost_debugmsg("Net device is %s ",rt->u.dst.dev->name); + if (is_a_ghost_interface_name(rt->u.dst.dev->name)) { + ghost_ptk("Try to get a route involving a ghostified " + "interface (%s), skip", + rt->u.dst.dev->name); + err = -ENETUNREACH; + goto errout_free; + } + } + } +#endif /* CONFIG_GHOSTIFICATION */ + err = rt_fill_info(skb, NETLINK_CB(in_skb).pid, nlh->nlmsg_seq, RTM_NEWROUTE, 0, 0); if (err <= 0) @@ -2827,6 +2877,8 @@ goto errout; } +/* (ghost support) maybe it will be necessary to modify +this func which is call in fib_frontend.c */ int ip_rt_dump(struct sk_buff *skb, struct netlink_callback *cb) { struct rtable *rt; diff -rNuad linux-2.6.27/net/ipv6/addrconf.c linux-2.6.27-ghost/net/ipv6/addrconf.c --- linux-2.6.27/net/ipv6/addrconf.c 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/net/ipv6/addrconf.c 2009-11-24 22:37:47.000000000 +0100 @@ -36,6 +36,9 @@ * YOSHIFUJI Hideaki @USAGI : improved source address * selection; consider scope, * status etc. + * Luca Saiu : ghostification support + * Roudiere Jonathan : ghost + * modify functions using (rt)netlink */ #include @@ -80,6 +83,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include #include @@ -445,6 +453,86 @@ return idev; } +/* + * (ghost support) Support to hide snmp6 proc infos. + */ +#ifdef CONFIG_GHOSTIFICATION +/* Utility procedure, needed for {show,hide}_proc_net_dev_snmp6_DEVICE_if_needed(). + Return a pointer to a valid inet6_dev structure on success, NULL on failure: */ +static struct inet6_dev* lookup_snmp6_device(const char *interface_name) +{ + struct net_device *device; + struct inet6_dev *idev; + + /* Lookup the device by name, obtaining an inet6_dev structure: */ + device = dev_get_by_name(&init_net, interface_name); + if(device == NULL) + return NULL; + rtnl_lock(); + idev = ipv6_find_idev(device); + rtnl_unlock(); + return idev; +} + +/* These are defined in net/ipv6/proc.c: */ +extern struct proc_dir_entry *proc_net_devsnmp6; +extern struct file_operations snmp6_seq_fops; + +/* Remove the virtual file /proc/net/dev_snmp6/DEVICE, unless + it's already hidden. Return 0 on success, nonzero on error: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name) +{ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + ghost_ptk("Hiding /proc/net/dev_snmp6/%s...", interface_name); + if(idev == NULL) /* lookup failed */ + return -EINVAL; + + /* Remove the proc/ entry, if any. If there was no entry + then remove_proc_entry() will fail, but it's ok for us: */ +#ifdef CONFIG_PROC_FS + if (!proc_net_devsnmp6) + return -ENOENT; + if (idev->stats.proc_dir_entry == NULL) + return -EINVAL; + remove_proc_entry(interface_name, proc_net_devsnmp6); +#endif /* CONFIG_PROC_FS */ + return 0; + //return snmp6_unregister_dev(idev); +} + +/* Create the virtual file /proc/net/dev_snmp6/DEVICE, unless + it's already shown. Return 0 on success, nonzero on error: */ +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name) +{ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + struct proc_dir_entry *proc_directory_entry; + ghost_ptk("Showing /proc/net/dev_snmp6/%s...", + interface_name); + if(idev == NULL) /* lookup failed */ + return -EINVAL; + if(idev->dev == NULL) /* I doubt this may happen... */ + return -EINVAL; +#ifdef CONFIG_PROC_FS + if(!proc_net_devsnmp6) /* there isn't any /proc/net/dev_snmp6 */ + return -ENOENT; + if((proc_directory_entry = create_proc_entry(interface_name, + S_IRUGO, proc_net_devsnmp6)) == NULL) + return -ENOMEM; + proc_directory_entry->data = idev; + proc_directory_entry->proc_fops = &snmp6_seq_fops; + idev->stats.proc_dir_entry = proc_directory_entry; +#endif /* CONFIG_PROC_FS */ + return 0; + /* return snmp6_register_dev(idev); */ +} +EXPORT_SYMBOL(show_proc_net_dev_snmp6_DEVICE_if_needed); +EXPORT_SYMBOL(hide_proc_net_dev_snmp6_DEVICE_if_needed); +#endif /* CONFIG_GHOSTIFICATION */ + +/* + * End of ghostification support + */ + #ifdef CONFIG_SYSCTL static void dev_forward_change(struct inet6_dev *idev) { @@ -2143,6 +2231,10 @@ return PTR_ERR(ifp); } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_addr_del(struct net *net, int ifindex, struct in6_addr *pfx, unsigned int plen) { @@ -2157,6 +2249,15 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to delete address on a ghostified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + if ((idev = __in6_dev_get(dev)) == NULL) return -ENXIO; @@ -2986,6 +3087,23 @@ static int if6_seq_show(struct seq_file *seq, void *v) { struct inet6_ifaddr *ifp = (struct inet6_ifaddr *)v; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information about ghost interfaces */ + if (is_a_ghost_interface_name(ifp->idev->dev->name)) { + ghost_ptk("Don't show informations about a ghostified " + "interface (%s) under /proc.", + ifp->idev->dev->name); + } else { + seq_printf(seq, + NIP6_SEQFMT " %02x %02x %02x %02x %8s\n", + NIP6(ifp->addr), + ifp->idev->dev->ifindex, + ifp->prefix_len, + ifp->scope, + ifp->flags, + ifp->idev->dev->name); + } +#else seq_printf(seq, NIP6_SEQFMT " %02x %02x %02x %02x %8s\n", NIP6(ifp->addr), @@ -2994,6 +3112,8 @@ ifp->scope, ifp->flags, ifp->idev->dev->name); +#endif /* CONFIG_GHOSTIFICATION */ + return 0; } @@ -3201,6 +3321,10 @@ [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) }, }; +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { @@ -3218,7 +3342,9 @@ pfx = extract_addr(tb[IFA_ADDRESS], tb[IFA_LOCAL]); if (pfx == NULL) return -EINVAL; - + /* (ghost support) we could/should stop here a request involving a + ghostified interface but inet6_addr_del already do a part of our work + (get dev etc ..) so instead we modify inet6_addr_del */ return inet6_addr_del(net, ifm->ifa_index, pfx, ifm->ifa_prefixlen); } @@ -3267,6 +3393,10 @@ return 0; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { @@ -3304,6 +3434,15 @@ if (dev == NULL) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to add a address to a ghostified interface (%s). Failing.", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + /* We ignore other flags so far. */ ifa_flags = ifm->ifa_flags & (IFA_F_NODAD | IFA_F_HOMEADDRESS); @@ -3469,6 +3608,12 @@ ANYCAST_ADDR, }; +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc; + * inet6_dump_addr is called by inet6_dump_{ifaddr,ifmcaddr,ifacaddr} + * and call the appropriate inet6_fill_* function. + */ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb, enum addr_type_t type) { @@ -3494,6 +3639,17 @@ ip_idx = 0; if ((idev = in6_dev_get(dev)) == NULL) goto cont; + +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get infos about addresses of a ghostified interface (%s), skip.", + dev->name); + goto cont; + /* return -ENODEV; don't use it */ + } +#endif /* CONFIG_GHOSTIFICATION */ + read_lock_bh(&idev->lock); switch (type) { case UNICAST_ADDR: @@ -3565,7 +3721,6 @@ return inet6_dump_addr(skb, cb, type); } - static int inet6_dump_ifacaddr(struct sk_buff *skb, struct netlink_callback *cb) { enum addr_type_t type = ANYCAST_ADDR; @@ -3573,6 +3728,10 @@ return inet6_dump_addr(skb, cb, type); } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_getaddr(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) { @@ -3599,6 +3758,17 @@ if (ifm->ifa_index) dev = __dev_get_by_index(net, ifm->ifa_index); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (dev) { + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get address of a ghostified interface (%s), skip.", + dev->name); + return -ENODEV; + } + } +#endif /* CONFIG_GHOSTIFICATION */ + if ((ifa = ipv6_get_ifaddr(net, addr, dev, 1)) == NULL) { err = -EADDRNOTAVAIL; goto errout; @@ -3806,6 +3976,10 @@ return -EMSGSIZE; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb) { struct net *net = sock_net(skb->sk); @@ -3817,6 +3991,14 @@ read_lock(&dev_base_lock); idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to dump address infos about a ghostified interface (%s), skip.", + dev->name); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if ((idev = in6_dev_get(dev)) == NULL) @@ -3844,7 +4026,6 @@ skb = nlmsg_new(inet6_if_nlmsg_size(), GFP_ATOMIC); if (skb == NULL) goto errout; - err = inet6_fill_ifinfo(skb, idev, 0, 0, event, 0); if (err < 0) { /* -EMSGSIZE implies BUG in inet6_if_nlmsg_size() */ diff -rNuad linux-2.6.27/net/ipv6/ip6_fib.c linux-2.6.27-ghost/net/ipv6/ip6_fib.c --- linux-2.6.27/net/ipv6/ip6_fib.c 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/net/ipv6/ip6_fib.c 2009-11-24 22:37:47.000000000 +0100 @@ -275,6 +275,8 @@ #endif +/* (ghost support) iterate on net device, don't modify this function, +we can return ENODEV here, user-space tools (as ip) dump iface list before */ static int fib6_dump_node(struct fib6_walker_t *w) { int res; @@ -316,7 +318,6 @@ { struct fib6_walker_t *w; int res; - w = (void *)cb->args[2]; w->root = &table->tb6_root; diff -rNuad linux-2.6.27/net/ipv6/Kconfig linux-2.6.27-ghost/net/ipv6/Kconfig --- linux-2.6.27/net/ipv6/Kconfig 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/net/ipv6/Kconfig 2009-11-24 22:37:47.000000000 +0100 @@ -4,8 +4,8 @@ # IPv6 as module will cause a CRASH if you try to unload it menuconfig IPV6 - tristate "The IPv6 protocol" - default m + bool "The IPv6 protocol" + default y ---help--- This is complemental support for the IP version 6. You will still be able to do traditional IPv4 networking as well. @@ -16,6 +16,10 @@ For specific information about IPv6 under Linux, read the HOWTO at . + Ghostification notes: + ===================== + IPV6 can not be built in module with ghost support. + To compile this protocol support as a module, choose M here: the module will be called ipv6. @@ -68,7 +72,7 @@ If unsure, say N. config INET6_AH - tristate "IPv6: AH transformation" + bool "IPv6: AH transformation" select XFRM select CRYPTO select CRYPTO_HMAC @@ -80,7 +84,7 @@ If unsure, say Y. config INET6_ESP - tristate "IPv6: ESP transformation" + bool "IPv6: ESP transformation" select XFRM select CRYPTO select CRYPTO_AUTHENC @@ -95,7 +99,7 @@ If unsure, say Y. config INET6_IPCOMP - tristate "IPv6: IPComp transformation" + bool "IPv6: IPComp transformation" select INET6_XFRM_TUNNEL select XFRM_IPCOMP ---help--- @@ -105,7 +109,7 @@ If unsure, say Y. config IPV6_MIP6 - tristate "IPv6: Mobility (EXPERIMENTAL)" + bool "IPv6: Mobility (EXPERIMENTAL)" depends on EXPERIMENTAL select XFRM ---help--- @@ -114,16 +118,16 @@ If unsure, say N. config INET6_XFRM_TUNNEL - tristate + bool select INET6_TUNNEL default n config INET6_TUNNEL - tristate + bool default n config INET6_XFRM_MODE_TRANSPORT - tristate "IPv6: IPsec transport mode" + bool "IPv6: IPsec transport mode" default IPV6 select XFRM ---help--- @@ -132,7 +136,7 @@ If unsure, say Y. config INET6_XFRM_MODE_TUNNEL - tristate "IPv6: IPsec tunnel mode" + bool "IPv6: IPsec tunnel mode" default IPV6 select XFRM ---help--- @@ -141,7 +145,7 @@ If unsure, say Y. config INET6_XFRM_MODE_BEET - tristate "IPv6: IPsec BEET mode" + bool "IPv6: IPsec BEET mode" default IPV6 select XFRM ---help--- @@ -150,14 +154,14 @@ If unsure, say Y. config INET6_XFRM_MODE_ROUTEOPTIMIZATION - tristate "IPv6: MIPv6 route optimization mode (EXPERIMENTAL)" + bool "IPv6: MIPv6 route optimization mode (EXPERIMENTAL)" depends on EXPERIMENTAL select XFRM ---help--- Support for MIPv6 route optimization mode. config IPV6_SIT - tristate "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" + bool "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" select INET_TUNNEL select IPV6_NDISC_NODETYPE default y @@ -174,7 +178,7 @@ bool config IPV6_TUNNEL - tristate "IPv6: IP-in-IPv6 tunnel (RFC2473)" + bool "IPv6: IP-in-IPv6 tunnel (RFC2473)" select INET6_TUNNEL ---help--- Support for IPv6-in-IPv6 and IPv4-in-IPv6 tunnels described in diff -rNuad linux-2.6.27/net/ipv6/mcast.c linux-2.6.27-ghost/net/ipv6/mcast.c --- linux-2.6.27/net/ipv6/mcast.c 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/net/ipv6/mcast.c 2009-11-24 22:37:47.000000000 +0100 @@ -24,6 +24,10 @@ * - MLD for link-local addresses. * David L Stevens : * - MLDv2 support + * Luca Saiu : + * - trivial changes for ghostification support + * Roudiere Jonathan + * - trivial changes to correct an forgetting */ #include @@ -61,6 +65,11 @@ #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Set to 3 to get tracing... */ #define MCAST_DEBUG 2 @@ -2429,6 +2438,20 @@ struct ifmcaddr6 *im = (struct ifmcaddr6 *)v; struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information about ghost interfaces */ + if(! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp6 information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, + "%-4d %-15s " NIP6_SEQFMT " %5d %08X %ld\n", + state->dev->ifindex, state->dev->name, + NIP6(im->mca_addr), + im->mca_users, im->mca_flags, + (im->mca_flags&MAF_TIMER_RUNNING) ? + jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); + } +#else seq_printf(seq, "%-4d %-15s " NIP6_SEQFMT " %5d %08X %ld\n", state->dev->ifindex, state->dev->name, @@ -2436,6 +2459,7 @@ im->mca_users, im->mca_flags, (im->mca_flags&MAF_TIMER_RUNNING) ? jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); +#endif /* CONFIG_GHOSTIFICATION */ return 0; } @@ -2590,6 +2614,20 @@ "Device", "Multicast Address", "Source Address", "INC", "EXC"); } else { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if (! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp6 information in /proc" + " about ghostified interfaces (2)."); + seq_printf(seq, + "%3d %6.6s " NIP6_SEQFMT " " NIP6_SEQFMT " %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + NIP6(state->im->mca_addr), + NIP6(psf->sf_addr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); + } +#else seq_printf(seq, "%3d %6.6s " NIP6_SEQFMT " " NIP6_SEQFMT " %6lu %6lu\n", state->dev->ifindex, state->dev->name, @@ -2597,6 +2635,7 @@ NIP6(psf->sf_addr), psf->sf_count[MCAST_INCLUDE], psf->sf_count[MCAST_EXCLUDE]); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; } diff -rNuad linux-2.6.27/net/ipv6/proc.c linux-2.6.27-ghost/net/ipv6/proc.c --- linux-2.6.27/net/ipv6/proc.c 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/net/ipv6/proc.c 2009-11-24 22:37:47.000000000 +0100 @@ -9,6 +9,8 @@ * * Authors: David S. Miller (davem@caip.rutgers.edu) * YOSHIFUJI Hideaki + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -29,7 +31,19 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + +/* (ghost support) We don't want this to be static, as it has to + be read at ghostifying and unghostifying time */ +#ifdef CONFIG_GHOSTIFICATION +struct proc_dir_entry *proc_net_devsnmp6; +EXPORT_SYMBOL(proc_net_devsnmp6); +#else static struct proc_dir_entry *proc_net_devsnmp6; +#endif /* CONFIG_GHOSTIFICATION */ static int sockstat6_seq_show(struct seq_file *seq, void *v) { @@ -199,6 +213,18 @@ return single_open(file, snmp6_seq_show, PDE(inode)->data); } +/* (ghost support) This was originally static, +but we need to make it visible */ +#ifdef CONFIG_GHOSTIFICATION +struct file_operations snmp6_seq_fops = { + .owner = THIS_MODULE, + .open = snmp6_seq_open, + .read = seq_read, + .llseek = seq_lseek, + .release = single_release, +}; +EXPORT_SYMBOL(snmp6_seq_fops); +#else static const struct file_operations snmp6_seq_fops = { .owner = THIS_MODULE, .open = snmp6_seq_open, @@ -206,6 +232,7 @@ .llseek = seq_lseek, .release = single_release, }; +#endif /* CONFIG_GHOSTIFICATION */ int snmp6_register_dev(struct inet6_dev *idev) { diff -rNuad linux-2.6.27/net/ipv6/route.c linux-2.6.27-ghost/net/ipv6/route.c --- linux-2.6.27/net/ipv6/route.c 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/net/ipv6/route.c 2009-11-24 22:37:47.000000000 +0100 @@ -22,6 +22,10 @@ * reachable. otherwise, round-robin the list. * Ville Nuorvala * Fixed routing subtrees. + * Luca Saiu + * trivial changes for ghostification support + * Roudiere Jonathan + * ghostification support update, modify functions using netlink */ #include @@ -60,6 +64,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Set to 3 to get tracing. */ #define RT6_DEBUG 2 @@ -1061,10 +1070,6 @@ return hoplimit; } -/* - * - */ - int ip6_route_add(struct fib6_config *cfg) { int err; @@ -1776,6 +1781,8 @@ struct in6_rtmsg rtmsg; int err; + /* (ghost support) don't make any change, changes + have been made later for ioctl request */ switch(cmd) { case SIOCADDRT: /* Add a route */ case SIOCDELRT: /* Delete a route */ @@ -2067,26 +2074,84 @@ return err; } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc. + */ static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) { struct fib6_config cfg; int err; - err = rtm_to_fib6_config(skb, nlh, &cfg); - if (err < 0) - return err; +#ifdef CONFIG_GHOSTIFICATION + struct net *net = NULL; + struct net_device *dev = NULL; + + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; + + /* (ghost support) get the net struct through sock struct */ + net = sock_net(skb->sk); + if(!net) + return ip6_route_del(&cfg); /* do that or exit on error ... */ + /* (ghost support) get the net_device struct through fib6_config */ + dev = dev_get_by_index(net, cfg.fc_ifindex); + if(!dev) + return ip6_route_del(&cfg); /* do that or exit on error ... */ + /* (ghost support) ok we know the device name so if it + is a ghostified interface, return device not exist */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to del route involving a ghostified interface (%s). Failing", + dev->name); + return -ENODEV; + } +#else + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; +#endif /* CONFIG_GHOSTIFICATION */ return ip6_route_del(&cfg); } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc. + */ static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) { struct fib6_config cfg; int err; +#ifdef CONFIG_GHOSTIFICATION + struct net *net = NULL; + struct net_device *dev = NULL; + err = rtm_to_fib6_config(skb, nlh, &cfg); if (err < 0) return err; + + /* (ghost support) get the net struct through sock struct */ + net = sock_net(skb->sk); + if(!net) + return ip6_route_add(&cfg); /* do that or exit on error ... */ + /* (ghost support) get the net_device struct through fib6_config */ + dev = dev_get_by_index(net, cfg.fc_ifindex); + if(!dev) + return ip6_route_add(&cfg); /* do that or exit on error ... */ + /* (ghost support) ok we know the device name so if it is + a ghostified interface, return device not exist */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to add route involving a ghostified interface (%s). Failing.", + dev->name); + return -ENODEV; + } +#else + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; +#endif /* CONFIG_GHOSTIFICATION */ return ip6_route_add(&cfg); } @@ -2106,6 +2171,10 @@ + nla_total_size(sizeof(struct rta_cacheinfo)); } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc + */ static int rt6_fill_node(struct net *net, struct sk_buff *skb, struct rt6_info *rt, struct in6_addr *dst, struct in6_addr *src, @@ -2117,6 +2186,19 @@ long expires; u32 table; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("rtnetlink msg type %i, pid %i and seq %i", + type, pid, seq); + /* (ghost support) this function is called by by rt6_dump_route, and + inet6_rtm_get_route and inet6_rt_notify, test if it is a kernel request*/ + if (rt->rt6i_dev->name) + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Try to get/notify route infos about a " + "ghostified interface (%s), skip.", + rt->rt6i_dev->name); + return 1; + } +#endif /* CONFIG_GHOSTIFICATION */ if (prefix) { /* user wants prefix routes only */ if (!(rt->rt6i_flags & RTF_PREFIX_RT)) { /* success since this is not a prefix route */ @@ -2224,10 +2306,26 @@ return -EMSGSIZE; } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc, + */ int rt6_dump_route(struct rt6_info *rt, void *p_arg) { struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg; int prefix; + +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg(" rtnetlink mesg %i, pid %i and seq %i", + arg->cb->nlh->nlmsg_type, arg->cb->nlh->nlmsg_pid, arg->cb->nlh->nlmsg_seq); + /* if (rt->rt6i_dev) + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Try to dump route infos about a ghostified interface (%s), skip", + rt->rt6i_dev->name); + return -ENODEV; errro maybe come from here, modify instead + rt6_fill_node which has multiple callers + } */ +#endif /* CONFIG_GHOSTIFICATION */ if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) { struct rtmsg *rtm = nlmsg_data(arg->cb->nlh); @@ -2241,6 +2339,8 @@ prefix, 0, NLM_F_MULTI); } +/* (ghost support) Don't make changes here, function +rt6_fill_node has been modified instead */ static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) { struct net *net = sock_net(in_skb->sk); @@ -2385,6 +2485,18 @@ { struct seq_file *m = p_arg; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Do nothing if this route involves a + ghostified interface */ + if(rt->rt6i_dev != NULL) /* can't use &&: evaluation order is undefined */ + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Don't show any informations under /proc/net" + "involving a ghostified interface (%s)", + rt->rt6i_dev->name); + return 0; + } +#endif /* CONFIG_GHOSTIFICATION */ + seq_printf(m, NIP6_SEQFMT " %02x ", NIP6(rt->rt6i_dst.addr), rt->rt6i_dst.plen); diff -rNuad linux-2.6.27/net/Kconfig linux-2.6.27-ghost/net/Kconfig --- linux-2.6.27/net/Kconfig 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/net/Kconfig 2009-11-24 22:37:47.000000000 +0100 @@ -172,6 +172,105 @@ source "net/decnet/netfilter/Kconfig" source "net/bridge/netfilter/Kconfig" +config GHOSTIFICATION_NETFILTER + bool "Ghostification support to netfilter" + depends on GHOSTIFICATION && NETFILTER_ADVANCED + default y + help + Ghostification support to Netfilter. Allow to bypass all + Netfilter's hooks (INPUT, OUTPUT, FORWARD, POSTROUTING and + PREROUTING (when available)) and that for all layer or protocol: + ARP, Bridge, IPv4, IPv6 (and Decnet) or just for one protocol + or layer. + If you choose to activate the Ghostification of Netfilter then + all the network packets which come from, or go to an ghostified + interface will not get through the hooks of Netfilter; so rules + which have been created with Iptables, Ip6tables, Arptables or + Ebtables will have no effect on these packets. + Note: This option allows you to have access to the options of + configuration of the Ghostification of Netfilter but it activates + no section of code; you will thus need to select one or some + among those this below. + +config GHOSTIFICATION_NETFILTER_ALL + bool "Ghostification support to netfilter, skip all hooks" + depends on GHOSTIFICATION_NETFILTER + default y + help + Netfiter Ghostification support for all protocols/layers. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass + Netfilter's hooks; thus any actions or rules which have been + created through Iptables, Ip6tables, Arptables or Ebtables + will not have any effect on this packets. + +config GHOSTIFICATION_NETFILTER_ARP + bool "Ghostification support to netfilter, skip ARP hooks" + depends on GHOSTIFICATION_NETFILTER && IP_NF_ARPTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the ARP protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass Arp + hooks of Netfilter; thus the rules which have been created + with the Arptables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_BRIDGE + bool "Ghostification support to netfilter, skip Bridge hooks" + depends on GHOSTIFICATION_NETFILTER && BRIDGE_NF_EBTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the Bridge protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass Bridge + hooks of Netfilter; thus the rules which have been created + with the Ebtables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_IPV4 + bool "Ghostification support to netfilter, skip IPv4 hooks" + depends on GHOSTIFICATION_NETFILTER && !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the IPv4 protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass IPv4 + hooks of Netfilter; thus the rules which have been created + with the Iptables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_IPV6 + bool "Ghostification support to netfilter, skip IPv6 hooks" + depends on GHOSTIFICATION_NETFILTER && IP6_NF_IPTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the IPv6 protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass IPv6 + hooks of Netfilter; thus the rules which have been created + with the Ip6tables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + endif source "net/dccp/Kconfig" @@ -248,4 +347,93 @@ source "net/rfkill/Kconfig" source "net/9p/Kconfig" +config GHOSTIFICATION + bool "Ghostification support" + depends on INET + default y + help + Ghostification support allow you to hide network interfaces + on your system. Ghostify and Unghostify are the actions which + make dynamically invisible and visible a network interface/cards + (eth0, lo, tun, ...) for the userspace. + When a network interface is ghostified, users of your system + can not see it with userspace tools like ifconfig, route, iproute, + netstat and/or have statistics about it. However even if a network + interface is ghostified it is always possible to open a socket + using the Ip address of this interface, ping this interface or + any host connected to the same network remains possible; has the + opposite, it is not possible to sniff packets on a ghostified + interface with userspace tools like tcpdump, wireshark, ... + Informations about a ghostified interface are hidden under /proc + but they can be find under /sys, it is a limit of the ghostification + patch. + For more informations about Ghostification patch and engine see + the README of the tarball that you have used or go to website of + the Marionnet project at . + + +config GHOSTIFICATION_NUM + int "Ghostification support : max number of possible ghostified interface" + depends on GHOSTIFICATION + range 4 32 + default 8 + help + Here you can choose the number of network interfaces that + you will be allowed to ghostify. This number must be between + 4 and 32. + +config GHOSTIFICATION_MESG + bool "Ghostification messages, display, debug and devel" + depends on GHOSTIFICATION + default y + help + Ghostification messages configuration. This option allow + you to have acces to the options which configure and control + the type of messages that you want the ghostification engine + diplay (visible through syslogd). + There are three options which make more or less verbose the + ghostification engine. You can choose to not select any + options below if you want to try to hide the ghostification + operations for the users of your system. + Note: This option allows you to have access to the options + which control the number of messages and the verbosity of + the Ghostification engine but it activates no section of + code; you will thus need to select one or some among those + this below. + +config GHOSTIFICATION_PRINTK + bool "Ghostification, messages to monitor ghost operations" + depends on GHOSTIFICATION_MESG + default y + help + This option allow you to activate normal messsages from the + ghostification engine, those messages are display through a + simple printk (visible through syslogd), this messages allow + to have informations about the ghost operations (like "the + interface ethX has been ghostified", "unghostified", "is already + ghostified", etc ...). If you really wish to hide ghostified + interfaces and ghost operations for the users of your system + don't select this option. + +config GHOSTIFICATION_DEBUG + bool "Ghostification, debugging messages to monitor ghost operations" + depends on GHOSTIFICATION_MESG + help + This option increase the verbosity of the ghostification engine, + allow to get more informations in order to debug the ghost ops. + This option is in general used to verify the result of a test or + to display the datas (interface name, pid of a calling process, ...) + which are treated by the ghost engine. + +config GHOSTIFICATION_DEVEL + bool "Ghostification, helping messages to trace ghost operations (devel)" + depends on GHOSTIFICATION_MESG + help + This option give more informations that the option above, it is use + by developer of the ghostification patch in order to control some + paths used in the kernel code and the datas which are manipulated. + This option is a little redundant with the debug option but allow + to have a better granularity, maybe it will be remove for the next + release of the ghostification patch. + endif # if NET diff -rNuad linux-2.6.27/net/netfilter/core.c linux-2.6.27-ghost/net/netfilter/core.c --- linux-2.6.27/net/netfilter/core.c 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/net/netfilter/core.c 2009-11-24 22:37:47.000000000 +0100 @@ -5,6 +5,8 @@ * way. * * Rusty Russell (C)2000 -- This code is GPL. + * Little change by Jonathan Roudiere to add + * Ghostification support (bypass netfilter for ghost interface). */ #include #include @@ -22,6 +24,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "nf_internals.h" static DEFINE_MUTEX(afinfo_mutex); @@ -59,7 +66,6 @@ { struct nf_hook_ops *elem; int err; - err = mutex_lock_interruptible(&nf_hook_mutex); if (err < 0) return err; @@ -177,7 +183,158 @@ rcu_read_lock(); elem = &nf_hooks[pf][hook]; + next_hook: + /* + * (ghost support) Netfilter ghostification support. + * Perform too much tests here is not a good idea because all + * network packets pass through this section but we have + * not other choice to skip netfilter hooks (per hook). + */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER + /* + * Bypass all Netfilter hooks (for ipv4/6, arp, bridge) for any + * ghostified interface (eq. to return NF_ACCEPT for each packet which + * go through an interface which is ghostified (do that at hook level + * in order to skip all chains's rules hang on the hooks)) + */ + + /* don't use ghost_debugmsg macro in this section + because it may introduce too much delay */ + ghost_develmsg("Enter in hook (pf=%i) (hook=%i) from indev->name = " + "%s to outdev->name = %s", pf, hook, indev->name, outdev->name); + +/* If we wish to skip all netfilter hooks for all PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ALL + /* + * outdev->name field is defined in OUTPUT, FORWARD and POSTROUTING hooks, + * if it is a ghostified interface then we must bypass netfilter hooks + * (and all rules chains), we start here (with outdev) to bypass netfilter's + * hooks in the case where we are in FORWARD. + */ + if ((outdev->name) != NULL) { + if (!is_a_ghost_interface_name(outdev->name)) { + ghost_develmsg("(outdev->name) = %s is not a ghostfied interface", + (outdev->name)); + goto apply_hook; + } else { + ghost_develmsg("(outdev->name) = %s is a ghostfied interface", + (outdev->name)); + ret = 1; + goto unlock; + } + } + /* + * indev->name field is defined in PREROUTING, FORWARD and INPUT hooks, + * if it is a ghostified interface then we must bypass netfilter hooks + * (and all rules chains), if we are in FORWARD hook and outdev/indev->name + * is not a ghostified interface then we can go towards hooks. + */ + if ((indev->name) != NULL) { + if (!is_a_ghost_interface_name(indev->name)) { + ghost_develmsg("(indev->name) = %s is not a ghostfied interface", + (indev->name)); + goto apply_hook; + } else { + ghost_develmsg("(indev->name) = %s is a ghostfied interface", + (indev->name)); + ret = 1; + goto unlock; + } + } + +/* + * If GHOSTIFICATION_NETFILTER_ALL is not defined neither any + * GHOSTIFICATION_NETFILTER_PF then we 'll skip all this code chunk. + * (about performance, choose to skip netfilter just for certains PF + * is the most bad things we can do, but ...) + */ +#elif (defined(CONFIG_GHOSTIFICATION_NETFILTER_IPV4) || defined(CONFIG_GHOSTIFICATION_NETFILTER_IPV6) || \ + defined(CONFIG_GHOSTIFICATION_NETFILTER_ARP) || defined(CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE)) + /* Here we have the same logic as previously (in GHOSTIFICATION_NETFILTER_ALL) + but with the ability to choose what are the PFs that we want to skip */ + if ((outdev->name) != NULL) { + if (!is_a_ghost_interface_name(outdev->name)) { + ghost_develmsg("(outdev->name) = %s is not a ghostfied interface", + (outdev->name)); + goto apply_hook; + } else { + ghost_develmsg("(outdev->name) = %s is a ghostfied interface", + (outdev->name)); + /* start with IPv4, IPv6 because they are the most current PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV4 + if (pf == PF_INET) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV4 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV6 + if (pf == PF_INET6) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV6 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ARP + if (pf == NF_ARP) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_ARP */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE + if (pf == PF_BRIDGE) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE */ + /* We arrive here that is because we are not in a PF + that we wish skip so we apply rules chain (for decnet) */ + goto apply_hook; + } + } + if ((indev->name) != NULL) { + if (!is_a_ghost_interface_name(indev->name)) { + ghost_develmsg("(indev->name) = %s is not a ghostfied interface", + (indev->name)); + goto apply_hook; + } else { + ghost_develmsg("(indev->name) = %s is a ghostfied interface", + (indev->name)); + /* start with IPv4, IPv6 because they are the most current PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV4 + if (pf == PF_INET) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV4 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV6 + if (pf == PF_INET6) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV6 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ARP + if (pf == NF_ARP) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_ARP */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE + if (pf == PF_BRIDGE) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE */ + /* We arrive here that is because we are not in a PF + that we wish skip so we apply rules chain (for decnet) */ + goto apply_hook; + } + } + +#endif /* CONFIG_GHOSTIFICATION_ALL */ +apply_hook: +#endif /* CONFIG_GHOSTIFICATION_NETFILTER */ +/* (ghost support) End of ghostification support */ + verdict = nf_iterate(&nf_hooks[pf][hook], skb, hook, indev, outdev, &elem, okfn, hook_thresh); if (verdict == NF_ACCEPT || verdict == NF_STOP) { diff -rNuad linux-2.6.27/net/packet/af_packet.c linux-2.6.27-ghost/net/packet/af_packet.c --- linux-2.6.27/net/packet/af_packet.c 2008-10-10 00:13:53.000000000 +0200 +++ linux-2.6.27-ghost/net/packet/af_packet.c 2009-11-24 22:37:47.000000000 +0100 @@ -39,6 +39,7 @@ * will simply extend the hardware address * byte arrays at the end of sockaddr_ll * and packet_mreq. + * Luca Saiu : Trivial changes for ghostification * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -82,6 +83,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Assumptions: - if device has no dev->hard_header routine, it adds and removes ll header @@ -487,6 +493,18 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Drop packets involving ghost interfaces: + * we don't want the user to be able to sniff them + */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Drop a packet which is going through a ghostified interface (rcv)"); + goto drop; + } +#endif /* CONFIG_GHOSTIFICATION */ + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -609,6 +627,18 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Drop packets involving ghost interfaces: + * we don't want the user to be able to sniff them. + */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Drop a packet which is going through a ghostified interface (trcv)"); + goto drop; + } +#endif /* CONFIG_GHOSTIFICATION */ + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -2042,17 +2072,38 @@ struct sock *s = v; const struct packet_sock *po = pkt_sk(s); +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Don't show packets involving ghost devices + */ + struct net_device *net_device = dev_get_by_index(sock_net(s), po->ifindex); + if(! is_a_ghost_interface_name(net_device->name)) { + ghost_debugmsg("Don't show packets involving ghostified interface"); + seq_printf(seq, + "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", + s, + atomic_read(&s->sk_refcnt), + s->sk_type, + ntohs(po->num), + po->ifindex, + po->running, + atomic_read(&s->sk_rmem_alloc), + sock_i_uid(s), + sock_i_ino(s) ); + } +#else seq_printf(seq, - "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", - s, - atomic_read(&s->sk_refcnt), - s->sk_type, - ntohs(po->num), - po->ifindex, - po->running, - atomic_read(&s->sk_rmem_alloc), - sock_i_uid(s), - sock_i_ino(s) ); + "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", + s, + atomic_read(&s->sk_refcnt), + s->sk_type, + ntohs(po->num), + po->ifindex, + po->running, + atomic_read(&s->sk_rmem_alloc), + sock_i_uid(s), + sock_i_ino(s) ); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/CONFIG-2.6.180000644000175000017500000004305113175722671023257 0ustar lucaslucas# # Automatically generated make config: don't edit # Linux kernel version: 2.6.18 # Thu May 22 13:25:50 2008 # CONFIG_DEFCONFIG_LIST="arch/$ARCH/defconfig" CONFIG_GENERIC_HARDIRQS=y CONFIG_UML=y CONFIG_MMU=y CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_IRQ_RELEASE_METHOD=y # # UML-specific options # # CONFIG_MODE_TT is not set # CONFIG_STATIC_LINK is not set CONFIG_MODE_SKAS=y # # Host processor type and features # # CONFIG_M386 is not set # CONFIG_M486 is not set # CONFIG_M586 is not set # CONFIG_M586TSC is not set CONFIG_M586MMX=y # CONFIG_M686 is not set # CONFIG_MPENTIUMII is not set # CONFIG_MPENTIUMIII is not set # CONFIG_MPENTIUMM is not set # CONFIG_MPENTIUM4 is not set # CONFIG_MK6 is not set # CONFIG_MK7 is not set # CONFIG_MK8 is not set # CONFIG_MCRUSOE is not set # CONFIG_MEFFICEON is not set # CONFIG_MWINCHIPC6 is not set # CONFIG_MWINCHIP2 is not set # CONFIG_MWINCHIP3D is not set # CONFIG_MGEODEGX1 is not set # CONFIG_MGEODE_LX is not set # CONFIG_MCYRIXIII is not set # CONFIG_MVIAC3_2 is not set CONFIG_X86_GENERIC=y CONFIG_X86_CMPXCHG=y CONFIG_X86_XADD=y CONFIG_X86_L1_CACHE_SHIFT=7 CONFIG_RWSEM_XCHGADD_ALGORITHM=y CONFIG_X86_PPRO_FENCE=y CONFIG_X86_F00F_BUG=y CONFIG_X86_WP_WORKS_OK=y CONFIG_X86_INVLPG=y CONFIG_X86_BSWAP=y CONFIG_X86_POPAD_OK=y CONFIG_X86_CMPXCHG64=y CONFIG_X86_ALIGNMENT_16=y CONFIG_X86_GOOD_APIC=y CONFIG_X86_INTEL_USERCOPY=y CONFIG_X86_TSC=y CONFIG_UML_X86=y # CONFIG_64BIT is not set CONFIG_SEMAPHORE_SLEEPERS=y # CONFIG_HOST_2G_2G is not set CONFIG_TOP_ADDR=0xc0000000 # CONFIG_3_LEVEL_PGTABLES is not set CONFIG_STUB_CODE=0xbfffe000 CONFIG_STUB_DATA=0xbffff000 CONFIG_STUB_START=0xbfffe000 CONFIG_ARCH_HAS_SC_SIGNALS=y CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA=y CONFIG_GENERIC_HWEIGHT=y CONFIG_SELECT_MEMORY_MODEL=y CONFIG_FLATMEM_MANUAL=y # CONFIG_DISCONTIGMEM_MANUAL is not set # CONFIG_SPARSEMEM_MANUAL is not set CONFIG_FLATMEM=y CONFIG_FLAT_NODE_MEM_MAP=y # CONFIG_SPARSEMEM_STATIC is not set CONFIG_SPLIT_PTLOCK_CPUS=4 # CONFIG_RESOURCES_64BIT is not set CONFIG_LD_SCRIPT_DYN=y CONFIG_NET=y CONFIG_BINFMT_ELF=y CONFIG_BINFMT_MISC=y CONFIG_HOSTFS=y # CONFIG_HPPFS is not set CONFIG_MCONSOLE=y CONFIG_MAGIC_SYSRQ=y CONFIG_NEST_LEVEL=0 # CONFIG_HIGHMEM is not set CONFIG_KERNEL_STACK_ORDER=2 CONFIG_UML_REAL_TIME_CLOCK=y # # Code maturity level options # CONFIG_EXPERIMENTAL=y CONFIG_BROKEN_ON_SMP=y CONFIG_INIT_ENV_ARG_LIMIT=128 # # General setup # CONFIG_LOCALVERSION="-ghost" CONFIG_LOCALVERSION_AUTO=y CONFIG_SWAP=y CONFIG_SYSVIPC=y CONFIG_POSIX_MQUEUE=y CONFIG_BSD_PROCESS_ACCT=y # CONFIG_BSD_PROCESS_ACCT_V3 is not set # CONFIG_TASKSTATS is not set # CONFIG_AUDIT is not set CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y CONFIG_RELAY=y CONFIG_INITRAMFS_SOURCE="" # CONFIG_CC_OPTIMIZE_FOR_SIZE is not set # CONFIG_EMBEDDED is not set CONFIG_UID16=y CONFIG_SYSCTL=y CONFIG_KALLSYMS=y CONFIG_KALLSYMS_EXTRA_PASS=y CONFIG_HOTPLUG=y CONFIG_PRINTK=y CONFIG_BUG=y CONFIG_ELF_CORE=y CONFIG_BASE_FULL=y CONFIG_FUTEX=y CONFIG_EPOLL=y CONFIG_SHMEM=y CONFIG_SLAB=y CONFIG_VM_EVENT_COUNTERS=y CONFIG_RT_MUTEXES=y # CONFIG_TINY_SHMEM is not set CONFIG_BASE_SMALL=0 # CONFIG_SLOB is not set # # Loadable module support # # CONFIG_MODULES is not set # # Block layer # CONFIG_LBD=y # CONFIG_BLK_DEV_IO_TRACE is not set CONFIG_LSF=y # # IO Schedulers # CONFIG_IOSCHED_NOOP=y CONFIG_IOSCHED_AS=y CONFIG_IOSCHED_DEADLINE=y CONFIG_IOSCHED_CFQ=y CONFIG_DEFAULT_AS=y # CONFIG_DEFAULT_DEADLINE is not set # CONFIG_DEFAULT_CFQ is not set # CONFIG_DEFAULT_NOOP is not set CONFIG_DEFAULT_IOSCHED="anticipatory" # # Block devices # CONFIG_BLK_DEV_UBD=y CONFIG_BLK_DEV_UBD_SYNC=y CONFIG_BLK_DEV_COW_COMMON=y # CONFIG_MMAPPER is not set CONFIG_BLK_DEV_LOOP=y CONFIG_BLK_DEV_CRYPTOLOOP=y CONFIG_BLK_DEV_NBD=y CONFIG_BLK_DEV_RAM=y CONFIG_BLK_DEV_RAM_COUNT=16 CONFIG_BLK_DEV_RAM_SIZE=4096 CONFIG_BLK_DEV_RAM_BLOCKSIZE=1024 CONFIG_BLK_DEV_INITRD=y CONFIG_ATA_OVER_ETH=y # # Character Devices # CONFIG_STDERR_CONSOLE=y CONFIG_STDIO_CONSOLE=y CONFIG_SSL=y CONFIG_NULL_CHAN=y CONFIG_PORT_CHAN=y CONFIG_PTY_CHAN=y CONFIG_TTY_CHAN=y CONFIG_XTERM_CHAN=y # CONFIG_NOCONFIG_CHAN is not set CONFIG_CON_ZERO_CHAN="fd:0,fd:1" CONFIG_CON_CHAN="xterm" CONFIG_SSL_CHAN="pty" CONFIG_UNIX98_PTYS=y CONFIG_LEGACY_PTYS=y CONFIG_LEGACY_PTY_COUNT=256 # CONFIG_WATCHDOG is not set # CONFIG_UML_SOUND is not set # CONFIG_SOUND is not set # CONFIG_HOSTAUDIO is not set CONFIG_UML_RANDOM=y # # Generic Driver Options # CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y # CONFIG_FW_LOADER is not set # CONFIG_SYS_HYPERVISOR is not set # # Networking # # # Networking options # # CONFIG_NETDEBUG is not set CONFIG_PACKET=y CONFIG_PACKET_MMAP=y CONFIG_UNIX=y CONFIG_XFRM=y CONFIG_XFRM_USER=y CONFIG_NET_KEY=y CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_ASK_IP_FIB_HASH=y # CONFIG_IP_FIB_TRIE is not set CONFIG_IP_FIB_HASH=y CONFIG_IP_MULTIPLE_TABLES=y # CONFIG_IP_ROUTE_FWMARK is not set CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_MULTIPATH_CACHED=y CONFIG_IP_ROUTE_MULTIPATH_RR=y CONFIG_IP_ROUTE_MULTIPATH_RANDOM=y CONFIG_IP_ROUTE_MULTIPATH_WRANDOM=y CONFIG_IP_ROUTE_MULTIPATH_DRR=y CONFIG_IP_ROUTE_VERBOSE=y CONFIG_IP_PNP=y CONFIG_IP_PNP_DHCP=y CONFIG_IP_PNP_BOOTP=y CONFIG_IP_PNP_RARP=y CONFIG_NET_IPIP=y CONFIG_NET_IPGRE=y CONFIG_NET_IPGRE_BROADCAST=y CONFIG_IP_MROUTE=y CONFIG_IP_PIMSM_V1=y # CONFIG_IP_PIMSM_V2 is not set CONFIG_ARPD=y # CONFIG_SYN_COOKIES is not set CONFIG_INET_AH=y CONFIG_INET_ESP=y CONFIG_INET_IPCOMP=y CONFIG_INET_XFRM_TUNNEL=y CONFIG_INET_TUNNEL=y CONFIG_INET_XFRM_MODE_TRANSPORT=y CONFIG_INET_XFRM_MODE_TUNNEL=y CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y CONFIG_TCP_CONG_ADVANCED=y # # TCP congestion control # CONFIG_TCP_CONG_BIC=y CONFIG_TCP_CONG_CUBIC=y CONFIG_TCP_CONG_WESTWOOD=y CONFIG_TCP_CONG_HTCP=y CONFIG_TCP_CONG_HSTCP=y CONFIG_TCP_CONG_HYBLA=y CONFIG_TCP_CONG_VEGAS=y CONFIG_TCP_CONG_SCALABLE=y CONFIG_TCP_CONG_LP=y CONFIG_TCP_CONG_VENO=y # # IP: Virtual Server Configuration # # CONFIG_IP_VS is not set CONFIG_IPV6=y CONFIG_IPV6_PRIVACY=y CONFIG_IPV6_ROUTER_PREF=y # CONFIG_IPV6_ROUTE_INFO is not set CONFIG_INET6_AH=y CONFIG_INET6_ESP=y CONFIG_INET6_IPCOMP=y CONFIG_INET6_XFRM_TUNNEL=y CONFIG_INET6_TUNNEL=y CONFIG_INET6_XFRM_MODE_TRANSPORT=y CONFIG_INET6_XFRM_MODE_TUNNEL=y CONFIG_IPV6_TUNNEL=y # CONFIG_NETWORK_SECMARK is not set CONFIG_NETFILTER=y # CONFIG_NETFILTER_DEBUG is not set CONFIG_BRIDGE_NETFILTER=y # # Core Netfilter Configuration # CONFIG_NETFILTER_NETLINK=y CONFIG_NETFILTER_NETLINK_QUEUE=y CONFIG_NETFILTER_NETLINK_LOG=y CONFIG_NETFILTER_XTABLES=y CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y CONFIG_NETFILTER_XT_TARGET_CONNMARK=y CONFIG_NETFILTER_XT_TARGET_MARK=y CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y CONFIG_NETFILTER_XT_TARGET_NOTRACK=y CONFIG_NETFILTER_XT_MATCH_COMMENT=y CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y CONFIG_NETFILTER_XT_MATCH_CONNMARK=y CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y CONFIG_NETFILTER_XT_MATCH_DCCP=y CONFIG_NETFILTER_XT_MATCH_ESP=y CONFIG_NETFILTER_XT_MATCH_HELPER=y CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y CONFIG_NETFILTER_XT_MATCH_MAC=y CONFIG_NETFILTER_XT_MATCH_MARK=y CONFIG_NETFILTER_XT_MATCH_POLICY=y CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y # CONFIG_NETFILTER_XT_MATCH_PHYSDEV is not set CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y CONFIG_NETFILTER_XT_MATCH_QUOTA=y CONFIG_NETFILTER_XT_MATCH_REALM=y CONFIG_NETFILTER_XT_MATCH_SCTP=y CONFIG_NETFILTER_XT_MATCH_STATE=y CONFIG_NETFILTER_XT_MATCH_STATISTIC=y CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y # # IP: Netfilter Configuration # CONFIG_IP_NF_CONNTRACK=y CONFIG_IP_NF_CT_ACCT=y CONFIG_IP_NF_CONNTRACK_MARK=y CONFIG_IP_NF_CONNTRACK_EVENTS=y CONFIG_IP_NF_CONNTRACK_NETLINK=y CONFIG_IP_NF_CT_PROTO_SCTP=y CONFIG_IP_NF_FTP=y CONFIG_IP_NF_IRC=y CONFIG_IP_NF_NETBIOS_NS=y CONFIG_IP_NF_TFTP=y CONFIG_IP_NF_AMANDA=y CONFIG_IP_NF_PPTP=y CONFIG_IP_NF_H323=y CONFIG_IP_NF_SIP=y CONFIG_IP_NF_QUEUE=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_IPRANGE=y CONFIG_IP_NF_MATCH_TOS=y CONFIG_IP_NF_MATCH_RECENT=y CONFIG_IP_NF_MATCH_ECN=y CONFIG_IP_NF_MATCH_DSCP=y CONFIG_IP_NF_MATCH_AH=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_MATCH_OWNER=y CONFIG_IP_NF_MATCH_ADDRTYPE=y CONFIG_IP_NF_MATCH_HASHLIMIT=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_TARGET_LOG=y CONFIG_IP_NF_TARGET_ULOG=y CONFIG_IP_NF_TARGET_TCPMSS=y CONFIG_IP_NF_NAT=y CONFIG_IP_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=y CONFIG_IP_NF_TARGET_REDIRECT=y CONFIG_IP_NF_TARGET_NETMAP=y CONFIG_IP_NF_TARGET_SAME=y CONFIG_IP_NF_NAT_SNMP_BASIC=y CONFIG_IP_NF_NAT_IRC=y CONFIG_IP_NF_NAT_FTP=y CONFIG_IP_NF_NAT_TFTP=y CONFIG_IP_NF_NAT_AMANDA=y CONFIG_IP_NF_NAT_PPTP=y CONFIG_IP_NF_NAT_H323=y CONFIG_IP_NF_NAT_SIP=y CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_TARGET_TOS=y CONFIG_IP_NF_TARGET_ECN=y CONFIG_IP_NF_TARGET_DSCP=y CONFIG_IP_NF_TARGET_TTL=y CONFIG_IP_NF_TARGET_CLUSTERIP=y CONFIG_IP_NF_RAW=y CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_ARPFILTER=y CONFIG_IP_NF_ARP_MANGLE=y # # IPv6: Netfilter Configuration (EXPERIMENTAL) # # CONFIG_IP6_NF_QUEUE is not set CONFIG_IP6_NF_IPTABLES=y CONFIG_IP6_NF_MATCH_RT=y CONFIG_IP6_NF_MATCH_OPTS=y CONFIG_IP6_NF_MATCH_FRAG=y CONFIG_IP6_NF_MATCH_HL=y CONFIG_IP6_NF_MATCH_OWNER=y CONFIG_IP6_NF_MATCH_IPV6HEADER=y CONFIG_IP6_NF_MATCH_AH=y CONFIG_IP6_NF_MATCH_EUI64=y CONFIG_IP6_NF_FILTER=y CONFIG_IP6_NF_TARGET_LOG=y CONFIG_IP6_NF_TARGET_REJECT=y CONFIG_IP6_NF_MANGLE=y CONFIG_IP6_NF_TARGET_HL=y CONFIG_IP6_NF_RAW=y # # Bridge: Netfilter Configuration # CONFIG_BRIDGE_NF_EBTABLES=y CONFIG_BRIDGE_EBT_BROUTE=y CONFIG_BRIDGE_EBT_T_FILTER=y CONFIG_BRIDGE_EBT_T_NAT=y CONFIG_BRIDGE_EBT_802_3=y CONFIG_BRIDGE_EBT_AMONG=y CONFIG_BRIDGE_EBT_ARP=y CONFIG_BRIDGE_EBT_IP=y CONFIG_BRIDGE_EBT_LIMIT=y CONFIG_BRIDGE_EBT_MARK=y CONFIG_BRIDGE_EBT_PKTTYPE=y CONFIG_BRIDGE_EBT_STP=y CONFIG_BRIDGE_EBT_VLAN=y CONFIG_BRIDGE_EBT_ARPREPLY=y CONFIG_BRIDGE_EBT_DNAT=y CONFIG_BRIDGE_EBT_MARK_T=y CONFIG_BRIDGE_EBT_REDIRECT=y CONFIG_BRIDGE_EBT_SNAT=y CONFIG_BRIDGE_EBT_LOG=y CONFIG_BRIDGE_EBT_ULOG=y # # DCCP Configuration (EXPERIMENTAL) # # CONFIG_IP_DCCP is not set # # SCTP Configuration (EXPERIMENTAL) # CONFIG_IP_SCTP=y # CONFIG_SCTP_DBG_MSG is not set # CONFIG_SCTP_DBG_OBJCNT is not set # CONFIG_SCTP_HMAC_NONE is not set # CONFIG_SCTP_HMAC_SHA1 is not set CONFIG_SCTP_HMAC_MD5=y # # TIPC Configuration (EXPERIMENTAL) # # CONFIG_TIPC is not set # CONFIG_ATM is not set CONFIG_BRIDGE=y CONFIG_VLAN_8021Q=y # CONFIG_DECNET is not set CONFIG_LLC=y # CONFIG_LLC2 is not set # CONFIG_IPX is not set # CONFIG_ATALK is not set # CONFIG_X25 is not set # CONFIG_LAPB is not set # CONFIG_ECONET is not set # CONFIG_WAN_ROUTER is not set # # QoS and/or fair queueing # # CONFIG_NET_SCHED is not set CONFIG_NET_CLS_ROUTE=y # # Network testing # # CONFIG_NET_PKTGEN is not set # CONFIG_HAMRADIO is not set # CONFIG_IRDA is not set # CONFIG_BT is not set CONFIG_IEEE80211=y # CONFIG_IEEE80211_DEBUG is not set CONFIG_IEEE80211_CRYPT_WEP=y CONFIG_IEEE80211_CRYPT_CCMP=y CONFIG_IEEE80211_SOFTMAC=y # CONFIG_IEEE80211_SOFTMAC_DEBUG is not set CONFIG_WIRELESS_EXT=y # # UML Network Devices # CONFIG_UML_NET=y CONFIG_UML_NET_ETHERTAP=y CONFIG_UML_NET_TUNTAP=y CONFIG_UML_NET_SLIP=y CONFIG_UML_NET_DAEMON=y CONFIG_UML_NET_MCAST=y CONFIG_UML_NET_PCAP=y CONFIG_UML_NET_SLIRP=y # # Network device support # CONFIG_NETDEVICES=y CONFIG_DUMMY=y CONFIG_BONDING=y # CONFIG_EQUALIZER is not set CONFIG_TUN=y # # PHY device support # # # Wireless LAN (non-hamradio) # # CONFIG_NET_RADIO is not set # # Wan interfaces # # CONFIG_WAN is not set CONFIG_PPP=y CONFIG_PPP_MULTILINK=y CONFIG_PPP_FILTER=y CONFIG_PPP_ASYNC=y CONFIG_PPP_SYNC_TTY=y CONFIG_PPP_DEFLATE=y CONFIG_PPP_BSDCOMP=y CONFIG_PPP_MPPE=y CONFIG_PPPOE=y CONFIG_SLIP=y CONFIG_SLIP_COMPRESSED=y CONFIG_SLIP_SMART=y CONFIG_SLIP_MODE_SLIP6=y CONFIG_SHAPER=y # CONFIG_NETCONSOLE is not set # CONFIG_NETPOLL is not set # CONFIG_NET_POLL_CONTROLLER is not set # # Connector - unified userspace <-> kernelspace linker # CONFIG_CONNECTOR=y CONFIG_PROC_EVENTS=y # # File systems # CONFIG_EXT2_FS=y CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_POSIX_ACL=y # CONFIG_EXT2_FS_SECURITY is not set CONFIG_EXT2_FS_XIP=y CONFIG_FS_XIP=y CONFIG_EXT3_FS=y CONFIG_EXT3_FS_XATTR=y CONFIG_EXT3_FS_POSIX_ACL=y # CONFIG_EXT3_FS_SECURITY is not set CONFIG_JBD=y # CONFIG_JBD_DEBUG is not set CONFIG_FS_MBCACHE=y CONFIG_REISERFS_FS=y # CONFIG_REISERFS_CHECK is not set CONFIG_REISERFS_PROC_INFO=y CONFIG_REISERFS_FS_XATTR=y CONFIG_REISERFS_FS_POSIX_ACL=y # CONFIG_REISERFS_FS_SECURITY is not set CONFIG_JFS_FS=y CONFIG_JFS_POSIX_ACL=y # CONFIG_JFS_SECURITY is not set # CONFIG_JFS_DEBUG is not set CONFIG_JFS_STATISTICS=y CONFIG_FS_POSIX_ACL=y CONFIG_XFS_FS=y # CONFIG_XFS_QUOTA is not set # CONFIG_XFS_SECURITY is not set CONFIG_XFS_POSIX_ACL=y CONFIG_XFS_RT=y CONFIG_OCFS2_FS=y CONFIG_OCFS2_DEBUG_MASKLOG=y CONFIG_MINIX_FS=y CONFIG_ROMFS_FS=y CONFIG_INOTIFY=y CONFIG_INOTIFY_USER=y # CONFIG_QUOTA is not set CONFIG_DNOTIFY=y CONFIG_AUTOFS_FS=y CONFIG_AUTOFS4_FS=y # CONFIG_FUSE_FS is not set # # CD-ROM/DVD Filesystems # CONFIG_ISO9660_FS=y CONFIG_JOLIET=y CONFIG_ZISOFS=y CONFIG_ZISOFS_FS=y CONFIG_UDF_FS=y CONFIG_UDF_NLS=y # # DOS/FAT/NT Filesystems # CONFIG_FAT_FS=y CONFIG_MSDOS_FS=y CONFIG_VFAT_FS=y CONFIG_FAT_DEFAULT_CODEPAGE=437 CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1" CONFIG_NTFS_FS=y # CONFIG_NTFS_DEBUG is not set CONFIG_NTFS_RW=y # # Pseudo filesystems # CONFIG_PROC_FS=y CONFIG_PROC_KCORE=y CONFIG_SYSFS=y CONFIG_TMPFS=y # CONFIG_HUGETLB_PAGE is not set CONFIG_RAMFS=y CONFIG_CONFIGFS_FS=y # # Miscellaneous filesystems # # CONFIG_ADFS_FS is not set # CONFIG_AFFS_FS is not set # CONFIG_ASFS_FS is not set # CONFIG_HFS_FS is not set # CONFIG_HFSPLUS_FS is not set # CONFIG_BEFS_FS is not set # CONFIG_BFS_FS is not set # CONFIG_EFS_FS is not set CONFIG_CRAMFS=y # CONFIG_VXFS_FS is not set # CONFIG_HPFS_FS is not set # CONFIG_QNX4FS_FS is not set # CONFIG_SYSV_FS is not set # CONFIG_UFS_FS is not set # # Network File Systems # CONFIG_NFS_FS=y CONFIG_NFS_V3=y # CONFIG_NFS_V3_ACL is not set # CONFIG_NFS_V4 is not set # CONFIG_NFS_DIRECTIO is not set CONFIG_NFSD=y CONFIG_NFSD_V2_ACL=y CONFIG_NFSD_V3=y CONFIG_NFSD_V3_ACL=y # CONFIG_NFSD_V4 is not set CONFIG_NFSD_TCP=y # CONFIG_ROOT_NFS is not set CONFIG_LOCKD=y CONFIG_LOCKD_V4=y CONFIG_EXPORTFS=y CONFIG_NFS_ACL_SUPPORT=y CONFIG_NFS_COMMON=y CONFIG_SUNRPC=y # CONFIG_RPCSEC_GSS_KRB5 is not set # CONFIG_RPCSEC_GSS_SPKM3 is not set CONFIG_SMB_FS=y CONFIG_SMB_NLS_DEFAULT=y CONFIG_SMB_NLS_REMOTE="cp437" CONFIG_CIFS=y CONFIG_CIFS_STATS=y CONFIG_CIFS_STATS2=y # CONFIG_CIFS_WEAK_PW_HASH is not set # CONFIG_CIFS_XATTR is not set # CONFIG_CIFS_DEBUG2 is not set # CONFIG_CIFS_EXPERIMENTAL is not set # CONFIG_NCP_FS is not set # CONFIG_CODA_FS is not set # CONFIG_AFS_FS is not set # CONFIG_9P_FS is not set # # Partition Types # CONFIG_PARTITION_ADVANCED=y # CONFIG_ACORN_PARTITION is not set # CONFIG_OSF_PARTITION is not set # CONFIG_AMIGA_PARTITION is not set # CONFIG_ATARI_PARTITION is not set # CONFIG_MAC_PARTITION is not set CONFIG_MSDOS_PARTITION=y CONFIG_BSD_DISKLABEL=y # CONFIG_MINIX_SUBPARTITION is not set # CONFIG_SOLARIS_X86_PARTITION is not set # CONFIG_UNIXWARE_DISKLABEL is not set CONFIG_LDM_PARTITION=y CONFIG_LDM_DEBUG=y # CONFIG_SGI_PARTITION is not set # CONFIG_ULTRIX_PARTITION is not set # CONFIG_SUN_PARTITION is not set # CONFIG_KARMA_PARTITION is not set # CONFIG_EFI_PARTITION is not set # # Native Language Support # CONFIG_NLS=y CONFIG_NLS_DEFAULT="iso8859-1" CONFIG_NLS_CODEPAGE_437=y # CONFIG_NLS_CODEPAGE_737 is not set # CONFIG_NLS_CODEPAGE_775 is not set CONFIG_NLS_CODEPAGE_850=y # CONFIG_NLS_CODEPAGE_852 is not set # CONFIG_NLS_CODEPAGE_855 is not set # CONFIG_NLS_CODEPAGE_857 is not set # CONFIG_NLS_CODEPAGE_860 is not set # CONFIG_NLS_CODEPAGE_861 is not set # CONFIG_NLS_CODEPAGE_862 is not set # CONFIG_NLS_CODEPAGE_863 is not set # CONFIG_NLS_CODEPAGE_864 is not set # CONFIG_NLS_CODEPAGE_865 is not set # CONFIG_NLS_CODEPAGE_866 is not set # CONFIG_NLS_CODEPAGE_869 is not set CONFIG_NLS_CODEPAGE_936=y CONFIG_NLS_CODEPAGE_950=y # CONFIG_NLS_CODEPAGE_932 is not set # CONFIG_NLS_CODEPAGE_949 is not set # CONFIG_NLS_CODEPAGE_874 is not set # CONFIG_NLS_ISO8859_8 is not set # CONFIG_NLS_CODEPAGE_1250 is not set # CONFIG_NLS_CODEPAGE_1251 is not set # CONFIG_NLS_ASCII is not set CONFIG_NLS_ISO8859_1=y # CONFIG_NLS_ISO8859_2 is not set # CONFIG_NLS_ISO8859_3 is not set # CONFIG_NLS_ISO8859_4 is not set # CONFIG_NLS_ISO8859_5 is not set CONFIG_NLS_ISO8859_6=y # CONFIG_NLS_ISO8859_7 is not set CONFIG_NLS_ISO8859_9=y # CONFIG_NLS_ISO8859_13 is not set # CONFIG_NLS_ISO8859_14 is not set # CONFIG_NLS_ISO8859_15 is not set # CONFIG_NLS_KOI8_R is not set # CONFIG_NLS_KOI8_U is not set CONFIG_NLS_UTF8=y # # Security options # # CONFIG_KEYS is not set # CONFIG_SECURITY is not set # # Cryptographic options # CONFIG_CRYPTO=y CONFIG_CRYPTO_HMAC=y CONFIG_CRYPTO_NULL=y CONFIG_CRYPTO_MD4=y CONFIG_CRYPTO_MD5=y CONFIG_CRYPTO_SHA1=y CONFIG_CRYPTO_SHA256=y CONFIG_CRYPTO_SHA512=y CONFIG_CRYPTO_WP512=y CONFIG_CRYPTO_TGR192=y CONFIG_CRYPTO_DES=y CONFIG_CRYPTO_BLOWFISH=y CONFIG_CRYPTO_TWOFISH=y CONFIG_CRYPTO_SERPENT=y CONFIG_CRYPTO_AES=y CONFIG_CRYPTO_AES_586=y CONFIG_CRYPTO_CAST5=y CONFIG_CRYPTO_CAST6=y CONFIG_CRYPTO_TEA=y CONFIG_CRYPTO_ARC4=y CONFIG_CRYPTO_KHAZAD=y CONFIG_CRYPTO_ANUBIS=y CONFIG_CRYPTO_DEFLATE=y CONFIG_CRYPTO_MICHAEL_MIC=y CONFIG_CRYPTO_CRC32C=y # # Hardware crypto devices # # # Library routines # CONFIG_CRC_CCITT=y CONFIG_CRC16=y CONFIG_CRC32=y CONFIG_LIBCRC32C=y CONFIG_ZLIB_INFLATE=y CONFIG_ZLIB_DEFLATE=y CONFIG_TEXTSEARCH=y CONFIG_TEXTSEARCH_KMP=y CONFIG_TEXTSEARCH_BM=y CONFIG_TEXTSEARCH_FSM=y CONFIG_PLIST=y # # Multi-device support (RAID and LVM) # # CONFIG_MD is not set # CONFIG_INPUT is not set # # Kernel hacking # # CONFIG_PRINTK_TIME is not set # CONFIG_UNUSED_SYMBOLS is not set # CONFIG_DEBUG_KERNEL is not set CONFIG_LOG_BUF_SHIFT=14 # CONFIG_DEBUG_FS is not set # CONFIG_UNWIND_INFO is not set marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/linux-2.6.30-ghost.patch0000644000175000017500000030144513175722671025667 0ustar lucaslucasdiff -rNuad linux-2.6.30/include/linux/netdevice.h linux-2.6.30-ghost/include/linux/netdevice.h --- linux-2.6.30/include/linux/netdevice.h 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/include/linux/netdevice.h 2009-11-26 22:50:50.000000000 +0000 @@ -14,6 +14,8 @@ * Alan Cox, * Bjorn Ekwall. * Pekka Riikonen + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -1910,4 +1912,12 @@ extern struct pernet_operations __net_initdata loopback_net_ops; #endif /* __KERNEL__ */ +/* + * (ghost support) Just check whether the given name + * belongs to the ghost interface + */ +#ifdef CONFIG_GHOSTIFICATION +int is_a_ghost_interface_name(const char *interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + #endif /* _LINUX_DEV_H */ diff -rNuad linux-2.6.30/include/linux/sockios.h linux-2.6.30-ghost/include/linux/sockios.h --- linux-2.6.30/include/linux/sockios.h 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/include/linux/sockios.h 2009-11-26 22:50:50.000000000 +0000 @@ -9,6 +9,8 @@ * * Authors: Ross Biro * Fred N. van Kempen, + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -83,6 +85,13 @@ #define SIOCWANDEV 0x894A /* get/set netdev parameters */ +/* (ghost support) ghostification's ioctl */ +#ifdef CONFIG_GHOSTIFICATION +#define SIOKLOG 0x894D /* Write a string to the log */ +#define SIOCGIFGHOSTIFY 0x894E /* Make a network device 'ghost' */ +#define SIOCGIFUNGHOSTIFY 0x894F /* Make a network device 'ghost' */ +#endif /* CONFIG_GHOSTIFICATION */ + /* ARP cache control calls. */ /* 0x8950 - 0x8952 * obsolete calls, don't re-use */ #define SIOCDARP 0x8953 /* delete ARP table entry */ diff -rNuad linux-2.6.30/include/net/ghostdebug.h linux-2.6.30-ghost/include/net/ghostdebug.h --- linux-2.6.30/include/net/ghostdebug.h 1970-01-01 00:00:00.000000000 +0000 +++ linux-2.6.30-ghost/include/net/ghostdebug.h 2009-11-26 22:50:50.000000000 +0000 @@ -0,0 +1,93 @@ +/* + * Ghost support: + * Some trivials macros for display messages, trace ghost ops, + * debug and devel the ghostification kernel patch. + * + * Authors: Roudiere Jonathan, + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version + * 2 of the License, or (at your option) any later version. + */ + +#ifndef __GHOSTDEBUG__ +#define __GHOSTDEBUG__ + +#ifdef CONFIG_GHOSTIFICATION + +/* + * Ghost macros: there are three type of macros for three kind of + * information level : + * + * - the first one is ghost_ptk, that is a simple printk with the + * KERN_INFO log level, it is the standard type of display used + * by the ghostification kernel code to allow user to monitor + * ghost operations, if GHOSTIFICATION_PRINTK is not defined then + * user will not any information about the ghostified interfaces + * and the ghost engine (almost any infos ;-)), + * + * - ghost_debug and ghost_debugmsg are respectively used to show a + * calling card in a part of the code (function, files) and to show + * in plus informations additional (variable, etc ..), these two macros + * display messages with the level KERNEL_DEBUG, + * + * - ghost_devel and ghost_develmsg are very similar (redundant) + * in both previous ones, they are mainly used for the development + * of the patch to follow the stream of execution, activate + * GHOSTIFICATION_DEVEL has interest only for developers. + * +*/ + +/* + * Macro usable to debug during normal usage of the kernel. +*/ +#ifdef CONFIG_GHOSTIFICATION_DEBUG +#define ghost_debug \ + printk(KERN_DEBUG \ + "(ghost_debug): file(%s): funct(%s): line(%04d): -- info debug -- \n", \ + __FILE__, __FUNCTION__, __LINE__) +#define ghost_debugmsg(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost_debug): file(%s): funct(%s): line(%04d): " msg "\n", \ + __FILE__, __FUNCTION__, __LINE__, ##args) +#else +#define ghost_debug +#define ghost_debugmsg(msg,args...) +#endif + +/* + * A little bit redundant with the macro ghost_debug/debugmsg + * but allows a difference in the use, they are not used for the + * debugging, but to verify roads borrowed during the development. + * (note: certainly remove at next release of the patch) +*/ +#ifdef CONFIG_GHOSTIFICATION_DEVEL +#define ghost_devel \ + printk(KERN_DEBUG \ + "(ghost_devel): file(%s): funct(%s): line(%04d): -- info devel -- \n", \ + __FILE__, __FUNCTION__, __LINE__) +#define ghost_develmsg(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost_devel): file(%s): funct(%s): line(%04d): " msg "\n", \ + __FILE__, __FUNCTION__, __LINE__, ##args) +#else +#define ghost_devel +#define ghost_develmsg(msg,args...) +#endif + +/* + * Macro to display all message from chunk of code which has + * ghostification in charge (use macro to add debug level later). +*/ +#ifdef CONFIG_GHOSTIFICATION_PRINTK +#define ghost_ptk(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost) " msg "\n", ##args) +#else +#define ghost_ptk(msg,args...) +#endif + +#endif /* CONFIG_GHOSTIFICATION */ + +#endif /* __GHOSTDEBUG__ */ diff -rNuad linux-2.6.30/kernel/softirq.c linux-2.6.30-ghost/kernel/softirq.c --- linux-2.6.30/kernel/softirq.c 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/kernel/softirq.c 2009-11-26 22:50:50.000000000 +0000 @@ -126,8 +126,11 @@ */ void _local_bh_enable(void) { +/* (ghost support) we don't want disturbe user's console */ +#ifndef CONFIG_GHOSTIFICATION WARN_ON_ONCE(in_irq()); WARN_ON_ONCE(!irqs_disabled()); +#endif if (softirq_count() == SOFTIRQ_OFFSET) trace_softirqs_on((unsigned long)__builtin_return_address(0)); @@ -138,7 +141,10 @@ static inline void _local_bh_enable_ip(unsigned long ip) { +/* (ghost support) we don't want disturbe user's console */ +#ifndef CONFIG_GHOSTIFICATION WARN_ON_ONCE(in_irq() || irqs_disabled()); +#endif #ifdef CONFIG_TRACE_IRQFLAGS local_irq_disable(); #endif diff -rNuad linux-2.6.30/net/Kconfig linux-2.6.30-ghost/net/Kconfig --- linux-2.6.30/net/Kconfig 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/net/Kconfig 2009-11-26 22:50:50.000000000 +0000 @@ -159,6 +159,105 @@ source "net/decnet/netfilter/Kconfig" source "net/bridge/netfilter/Kconfig" +config GHOSTIFICATION_NETFILTER + bool "Ghostification support to netfilter" + depends on GHOSTIFICATION && NETFILTER_ADVANCED + default y + help + Ghostification support to Netfilter. Allow to bypass all + Netfilter's hooks (INPUT, OUTPUT, FORWARD, POSTROUTING and + PREROUTING (when available)) and that for all layer or protocol: + ARP, Bridge, IPv4, IPv6 (and Decnet) or just for one protocol + or layer. + If you choose to activate the Ghostification of Netfilter then + all the network packets which come from, or go to an ghostified + interface will not get through the hooks of Netfilter; so rules + which have been created with Iptables, Ip6tables, Arptables or + Ebtables will have no effect on these packets. + Note: This option allows you to have access to the options of + configuration of the Ghostification of Netfilter but it activates + no section of code; you will thus need to select one or some + among those this below. + +config GHOSTIFICATION_NETFILTER_ALL + bool "Ghostification support to netfilter, skip all hooks" + depends on GHOSTIFICATION_NETFILTER + default y + help + Netfiter Ghostification support for all protocols/layers. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass + Netfilter's hooks; thus any actions or rules which have been + created through Iptables, Ip6tables, Arptables or Ebtables + will not have any effect on this packets. + +config GHOSTIFICATION_NETFILTER_ARP + bool "Ghostification support to netfilter, skip ARP hooks" + depends on GHOSTIFICATION_NETFILTER && IP_NF_ARPTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the ARP protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass Arp + hooks of Netfilter; thus the rules which have been created + with the Arptables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_BRIDGE + bool "Ghostification support to netfilter, skip Bridge hooks" + depends on GHOSTIFICATION_NETFILTER && BRIDGE_NF_EBTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the Bridge protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass Bridge + hooks of Netfilter; thus the rules which have been created + with the Ebtables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_IPV4 + bool "Ghostification support to netfilter, skip IPv4 hooks" + depends on GHOSTIFICATION_NETFILTER && !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the IPv4 protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass IPv4 + hooks of Netfilter; thus the rules which have been created + with the Iptables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_IPV6 + bool "Ghostification support to netfilter, skip IPv6 hooks" + depends on GHOSTIFICATION_NETFILTER && IP6_NF_IPTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the IPv6 protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass IPv6 + hooks of Netfilter; thus the rules which have been created + with the Ip6tables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + endif source "net/dccp/Kconfig" @@ -255,4 +354,93 @@ source "net/rfkill/Kconfig" source "net/9p/Kconfig" +config GHOSTIFICATION + bool "Ghostification support" + depends on INET + default y + help + Ghostification support allow you to hide network interfaces + on your system. Ghostify and Unghostify are the actions which + make dynamically invisible and visible a network interface/cards + (eth0, lo, tun, ...) for the userspace. + When a network interface is ghostified, users of your system + can not see it with userspace tools like ifconfig, route, iproute, + netstat and/or have statistics about it. However even if a network + interface is ghostified it is always possible to open a socket + using the Ip address of this interface, ping this interface or + any host connected to the same network remains possible; has the + opposite, it is not possible to sniff packets on a ghostified + interface with userspace tools like tcpdump, wireshark, ... + Informations about a ghostified interface are hidden under /proc + but they can be find under /sys, it is a limit of the ghostification + patch. + For more informations about Ghostification patch and engine see + the README of the tarball that you have used or go to website of + the Marionnet project at . + + +config GHOSTIFICATION_NUM + int "Ghostification support : max number of possible ghostified interface" + depends on GHOSTIFICATION + range 4 32 + default 8 + help + Here you can choose the number of network interfaces that + you will be allowed to ghostify. This number must be between + 4 and 32. + +config GHOSTIFICATION_MESG + bool "Ghostification messages, display, debug and devel" + depends on GHOSTIFICATION + default y + help + Ghostification messages configuration. This option allow + you to have acces to the options which configure and control + the type of messages that you want the ghostification engine + diplay (visible through syslogd). + There are three options which make more or less verbose the + ghostification engine. You can choose to not select any + options below if you want to try to hide the ghostification + operations for the users of your system. + Note: This option allows you to have access to the options + which control the number of messages and the verbosity of + the Ghostification engine but it activates no section of + code; you will thus need to select one or some among those + this below. + +config GHOSTIFICATION_PRINTK + bool "Ghostification, messages to monitor ghost operations" + depends on GHOSTIFICATION_MESG + default y + help + This option allow you to activate normal messsages from the + ghostification engine, those messages are display through a + simple printk (visible through syslogd), this messages allow + to have informations about the ghost operations (like "the + interface ethX has been ghostified", "unghostified", "is already + ghostified", etc ...). If you really wish to hide ghostified + interfaces and ghost operations for the users of your system + don't select this option. + +config GHOSTIFICATION_DEBUG + bool "Ghostification, debugging messages to monitor ghost operations" + depends on GHOSTIFICATION_MESG + help + This option increase the verbosity of the ghostification engine, + allow to get more informations in order to debug the ghost ops. + This option is in general used to verify the result of a test or + to display the datas (interface name, pid of a calling process, ...) + which are treated by the ghost engine. + +config GHOSTIFICATION_DEVEL + bool "Ghostification, helping messages to trace ghost operations (devel)" + depends on GHOSTIFICATION_MESG + help + This option give more informations that the option above, it is use + by developer of the ghostification patch in order to control some + paths used in the kernel code and the datas which are manipulated. + This option is a little redundant with the debug option but allow + to have a better granularity, maybe it will be remove for the next + release of the ghostification patch. + endif # if NET diff -rNuad linux-2.6.30/net/core/dev.c linux-2.6.30-ghost/net/core/dev.c --- linux-2.6.30/net/core/dev.c 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/net/core/dev.c 2009-11-26 22:50:50.000000000 +0000 @@ -18,6 +18,7 @@ * Alexey Kuznetsov * Adam Sulmicki * Pekka Riikonen + * Luca Saiu (ghostification support) * * Changes: * D.J. Barrow : Fixed bug where dev->refcnt gets set @@ -70,6 +71,8 @@ * indefinitely on dev->refcnt * J Hadi Salim : - Backlog queue sampling * - netif_rx() feedback + * Roudiere Jonathan : make some buxfix in ghostification engine + * verify CAP_NET_ADMIN before (un)ghost iface */ #include @@ -136,6 +139,230 @@ #define GRO_MAX_HEAD (MAX_HEADER + 128) /* + * (ghost support) Chunk of code which has in charge + * the ghostification of network interfaces. + */ +#ifdef CONFIG_GHOSTIFICATION +#include + +/* The maximum number of ghost interfaces allowed at any given time: */ +#define MAX_GHOST_INTERFACES_NO CONFIG_GHOSTIFICATION_NUM + +/* + * A crude unsorted array of unique names, where "" stands for an + * empty slot. Elements are so few that an hash table would be overkill, + * and possibly also less efficient than this solution: + */ +static char ghost_interface_names[MAX_GHOST_INTERFACES_NO][IFNAMSIZ]; + +/* A lock protecting the ghost interfaces' support structure: */ +/* static DEFINE_SPINLOCK(ghostification_spin_lock); */ +static rwlock_t ghostification_spin_lock = RW_LOCK_UNLOCKED; + +/* Lock disabling local interrupts and saving flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + unsigned long flags; write_lock_irqsave(&ghostification_spin_lock, flags) + +/* Unlock re-enabling interrupts and restoring flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + write_unlock_irqrestore(&ghostification_spin_lock, flags) + +/* Lock disabling local interrupts and saving flags. This is for + readers, which are allowed to execute concurrently: */ +#define LOCK_GHOSTIFICATION_FOR_READING \ + unsigned long flags; read_lock_irqsave(&ghostification_spin_lock, flags) + +/* Lock re-enabling interrupts and restoring flags. This is for + readers, which are allowed to execute concurrently: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING \ + read_unlock_irqrestore(&ghostification_spin_lock, flags) + +#ifdef CONFIG_IPV6 +/* Defined in net/ipv6/addrconf.c: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +#endif /* CONFIG_IPV6 */ + +/* Return the index of the given element (which may be "") within + ghost_interface_names, or -1 on failure. Note that this must be + executed in a critical section: */ +static int __lookup_ghost_interface_names(const char *interface_name) +{ + int i; + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(!strcmp(interface_name, ghost_interface_names[i])) + return i; /* we found the given name in the i-th element */ + return -1; /* we didn't find the given name in the array */ +} + +/* This is useful for debugging. It must be called in a critical section. */ +static void __dump_ghost_interfaces(void) +{ + int i; + int number_of_ghost_interfaces = 0; + + ghost_ptk("Ghost interfaces are now: "); + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(strcmp(ghost_interface_names[i], "")) { + number_of_ghost_interfaces++; + ghost_ptk("%i. %s", number_of_ghost_interfaces, + ghost_interface_names[i]); + } + + ghost_ptk("There are now %i ghost interfaces. " + "A maximum of %i can exist at any given time.", + number_of_ghost_interfaces, MAX_GHOST_INTERFACES_NO); +} + +/* Just check whether the given name belongs to a ghost interface. + This must be called in a critical section: */ +int __is_a_ghost_interface_name(const char *interface_name) +{ + /* Particular case: "" is *not* a ghost interface name, even + if it's in the ghost interfaces array (we use it just to mark + an empty slot): */ + if(interface_name[0] == '\0') + return 0; + /* Just check whether interface_name is an element of the array: */ + return __lookup_ghost_interface_names(interface_name) >= 0; +} + +/* Just check whether the given name belongs to a ghost interface: */ +int is_a_ghost_interface_name(const char *interface_name) +{ + int result; + LOCK_GHOSTIFICATION_FOR_READING; + /* Just check whether interface_name is an element of the array: */ + result = __is_a_ghost_interface_name(interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING; + return result; +} + +/* Make the given interface ghost. Return 0 on success, nonzero on + failure. Failure occours when the interface is already ghost or + does not exist: */ +static int ghostify_interface(char *interface_name) +{ + int a_free_element_index; + const size_t name_length = strlen(interface_name); + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + + /* Let's avoid buffer overflows... This could possibly be exploited: */ + if((name_length >= IFNAMSIZ) || (name_length == 0)) + { + ghost_ptk("The user asked to ghostify the interface %s, " + "which has a name of length %i. Failing.", + interface_name, name_length); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EINVAL; + } + + /* Fail if the interface is already ghostified. In particular we + want *no* duplicates in the array. Note that we're already in + a critical section here, so there's no need for locking: */ + if(__is_a_ghost_interface_name(interface_name)) + { + ghost_ptk("Could not ghostify the interface %s, " + "because it\'s already ghost.", interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EEXIST; /* File exists, seems to be more appropriate */ + /* return -EINVAL; */ + } + + /* Fail if the interface is not found. We don't want add a + no-existing interface in our array */ + struct net_device *device; + device = dev_get_by_name(&init_net, interface_name); + if (device == NULL) { + ghost_ptk("Could not ghostify the interface %s which " + "doesn't exist. Try again.", interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENODEV; + } + + /* Look for a free spot: */ + a_free_element_index = __lookup_ghost_interface_names(""); + if(a_free_element_index < 0) + { + ghost_ptk("Could not ghostify the interface %s, " + "because %i interfaces are already ghostified. Sorry.", + interface_name, MAX_GHOST_INTERFACES_NO); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENOMEM; + } + + /* Ok, we found a free spot; just copy the interface name: */ + strcpy(ghost_interface_names[a_free_element_index], interface_name); + +#ifdef CONFIG_IPV6 + /* Hide /proc/net/dev_snmp6/DEVICE for the new ghost DEVICE: */ + hide_proc_net_dev_snmp6_DEVICE_if_needed( + ghost_interface_names[a_free_element_index]); +#endif /* CONFIG_IPV6 */ + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} + +/* Make the given interface, which should be ghost, non-ghost. + Return 0 on success, nonzero on failure. Failure occours when + the given interface is non-ghost or does not exist: */ +static int unghostify_interface(char *ghost_interface_name) +{ + int the_interface_index; + struct net_device *device; + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + + /* Fail if the interface is not found. It is not necessary + to search in the array a no-existing interface and allow + to return a more appropriate error code to the userspace. */ + device = dev_get_by_name(&init_net, ghost_interface_name); + if (device == NULL) { + ghost_ptk("Could not unghostify the interface %s " + "which doesn't exist. Try again.\n", ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENODEV; + } + + /* Look for the given interface: */ + the_interface_index = + __lookup_ghost_interface_names(ghost_interface_name); + if(the_interface_index < 0) + { + ghost_ptk("Could not unghostify the interface %s, \ + because it's non-ghost or not existing.\n", + ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ESRCH; /* No such device or address, seems to be more appropriate */ + /* return -EINVAL; */ + } + + /* Ok, we found the interface: just "remove" its name from the array: */ + ghost_interface_names[the_interface_index][0] = '\0'; + +#ifdef CONFIG_IPV6 + /* Show again /proc/net/dev_snmp6/DEVICE for the now non-ghost DEVICE: */ + show_proc_net_dev_snmp6_DEVICE_if_needed(ghost_interface_name); +#endif /* CONFIG_IPV6 */ + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} +EXPORT_SYMBOL(is_a_ghost_interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + +/* + * (ghost support) End of ghostification support + */ + + +/* * The list of packet types we will receive (as opposed to discard) * and the routines to invoke. * @@ -536,6 +763,13 @@ { int ints[5]; struct ifmap map; + /* (ghost support) There are no ghost interfaces by default */ +#ifdef CONFIG_GHOSTIFICATION + int i; + + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + ghost_interface_names[i][0] = '\0'; +#endif /* CONFIG_GHOSTIFICATION */ str = get_options(str, ARRAY_SIZE(ints), ints); if (!str || !*str) @@ -2899,11 +3133,20 @@ len = ifc.ifc_len; /* - * Loop over the interfaces, and write an info block for each. + * Loop over the interfaces, and write an info block for each, + * (ghost support) unless they are ghostified. */ total = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* Don't tell the user about ghost interfaces: just skip them */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Skipping the ghost interface %s in SIOCGIFCONF", + dev->name); + continue; + } +#endif /* CONFIG_GHOSTIFICATION */ for (i = 0; i < NPROTO; i++) { if (gifconf_list[i]) { int done; @@ -2972,6 +3215,10 @@ { const struct net_device_stats *stats = dev_get_stats(dev); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't show anything in /proc if iface is ghostified */ + if(! is_a_ghost_interface_name(dev->name)) +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(seq, "%6s:%8lu %7lu %4lu %4lu %4lu %5lu %10lu %9lu " "%8lu %7lu %4lu %4lu %4lu %5lu %7lu %10lu\n", dev->name, stats->rx_bytes, stats->rx_packets, @@ -3851,6 +4098,16 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) skip if it is a ghostified interface */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("The user is performing a SIOCxIFxxx ioctl() " + "on the ghost interface %s, Failing.", dev->name); + ghost_debugmsg("we make the SIOCxIFxxx ioctl's call fail with -ENODEV"); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + switch (cmd) { case SIOCGIFFLAGS: /* Get interface flags */ ifr->ifr_flags = dev_get_flags(dev); @@ -3921,6 +4178,17 @@ ops = dev->netdev_ops; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) skip if it is a ghostified interface */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("The user is performing a SIOCxIFxxx ioctl() on " + "the ghost interface %s, Failing.", dev->name); + ghost_debugmsg("we make the SIOCxIFxxx ioctl's call fail " + "with -ENODEV"); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + switch (cmd) { case SIOCSIFFLAGS: /* Set interface flags */ return dev_change_flags(dev, ifr->ifr_flags); @@ -4064,6 +4332,57 @@ */ switch (cmd) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) catch ghostification's ioctl */ + case SIOKLOG: { + char text[1000]; + if(copy_from_user(text, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + text[IFNAMSIZ] = '\0'; + printk(KERN_DEBUG "%s\n", text); + return 0; + } + /* (un)ghostification ops require superuser power */ + case SIOCGIFGHOSTIFY: { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, + (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + ghost_ptk("The user asked to ghostify the interface %s.", + interface_name); + if((failure = ghostify_interface(interface_name)) == 0) + ghost_ptk("Ok, %s was ghostified.", + interface_name); + else + ghost_ptk("Failure in ghostification of %s.", + interface_name); + return failure; + } + case SIOCGIFUNGHOSTIFY: { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + ghost_ptk("The user asked to unghostify the interface %s.", + interface_name); + if((failure = unghostify_interface(interface_name)) == 0) + ghost_ptk("Ok, %s was unghostified.", + interface_name); + else + ghost_ptk("Failure in unghostification of %s.", + interface_name); + return failure; + } + /* end of ghostficiation ioctl */ +#endif /* CONFIG_GHOSTIFICATION */ + /* * These ioctl calls: * - can be done by all. diff -rNuad linux-2.6.30/net/core/dev_mcast.c linux-2.6.30-ghost/net/core/dev_mcast.c --- linux-2.6.30/net/core/dev_mcast.c 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/net/core/dev_mcast.c 2009-11-26 22:50:50.000000000 +0000 @@ -14,6 +14,8 @@ * Alan Cox : IFF_ALLMULTI support. * Alan Cox : New format set_multicast_list() calls. * Gleb Natapov : Remove dev_mc_lock. + * Luca Saiu : trivial changes for + * ghostification support. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -48,6 +50,9 @@ #include #include +#ifdef CONFIG_GHOSTIFICATION +#include +#endif /* CONFIG_GHOSTIFICATION */ /* * Device multicast list maintenance. @@ -167,7 +172,15 @@ netif_addr_lock_bh(dev); for (m = dev->mc_list; m; m = m->next) { int i; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information + in /proc about ghost interfaces */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Don't show any information in /proc " + "about ghostified interface"); + continue; + } +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(seq, "%-4d %-15s %-5d %-5d ", dev->ifindex, dev->name, m->dmi_users, m->dmi_gusers); diff -rNuad linux-2.6.30/net/core/rtnetlink.c linux-2.6.30-ghost/net/core/rtnetlink.c --- linux-2.6.30/net/core/rtnetlink.c 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/net/core/rtnetlink.c 2009-11-26 22:50:50.000000000 +0000 @@ -12,8 +12,12 @@ * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * - * Fixes: + * Fixes: * Vitaly E. Lavrov RTA_OK arithmetics was wrong. + * + * Changes: + * Roudiere Jonathan Some changes + * to ghost support, to allow to hide ghost net interfaces */ #include @@ -53,6 +57,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + struct rtnl_link { rtnl_doit_func doit; @@ -106,7 +115,10 @@ static rtnl_doit_func rtnl_get_doit(int protocol, int msgindex) { struct rtnl_link *tab; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("protocol = %i and msgindex %i ",protocol, msgindex); +#endif tab = rtnl_msg_handlers[protocol]; if (tab == NULL || tab[msgindex].doit == NULL) tab = rtnl_msg_handlers[PF_UNSPEC]; @@ -117,7 +129,10 @@ static rtnl_dumpit_func rtnl_get_dumpit(int protocol, int msgindex) { struct rtnl_link *tab; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("protocol = %i and msgindex %i ",protocol, msgindex); +#endif tab = rtnl_msg_handlers[protocol]; if (tab == NULL || tab[msgindex].dumpit == NULL) tab = rtnl_msg_handlers[PF_UNSPEC]; @@ -460,6 +475,12 @@ { struct sock *rtnl = net->rtnl; int report = 0; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add inforation to devel patch */ + ghost_develmsg("pid = %i, nlh->nlmsg_pid = %i, nlh->nlmsg_type %i " + "and nlh->nlmsg_seq = %i", pid, nlh->nlmsg_pid, + nlh->nlmsg_type, nlh->nlmsg_seq); +#endif if (nlh) report = nlmsg_report(nlh); @@ -616,6 +637,20 @@ if (nlh == NULL) return -EMSGSIZE; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("pid = %i, nlh->nlmsg_pid = %i, nlh->nlmsg_type " + "= %i, seq = %i and nlh->nlmsg_seq = %i", + pid, nlh->nlmsg_pid, nlh->nlmsg_type, + seq, nlh->nlmsg_seq); + ghost_develmsg("dev->name = %s and dev->ifindex = %i", + dev->name, + dev->ifindex); + /* function whose call rtnl_fill_ifinfo has been modified, except + rtmsg_ifinfo so if it will be necessary to skip ghost iface here then + keep in your mind to test pid because if it is eq. to 0 then it is a + kernel request (else user request) and we don't want disturbe its work. */ +#endif ifm = nlmsg_data(nlh); ifm->ifi_family = AF_UNSPEC; ifm->__ifi_pad = 0; @@ -690,6 +725,24 @@ idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) function which encapsulates calls to + * rtnl_fill_ifinfo and which is call after rtnl_get_doit/dumpit, + * use to dump list of network interfaces (as used by "ip link") + */ + ghost_develmsg("for_each_netdev, current net_device is %s", + dev->name); + ghost_develmsg("netlink cb pid = %i, cb nlh->nlmsg_type = %i, " + "cb familly/proto = %i, cb nlh->nlmsg_pid %i", + NETLINK_CB(cb->skb).pid, cb->nlh->nlmsg_type, + cb->family, cb->nlh->nlmsg_pid); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Hide ghotified interface (%s) in the dump", + dev->name); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if (rtnl_fill_ifinfo(skb, dev, RTM_NEWLINK, @@ -941,6 +994,18 @@ err = -ENODEV; goto errout; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it + with user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change state/parameters of a ghotified " + "interface (%s), skip", dev->name); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ if ((err = validate_linkmsg(dev, tb)) < 0) goto errout_dev; @@ -979,6 +1044,17 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it + with user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change dell a ghotified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ ops = dev->rtnl_link_ops; if (!ops) @@ -1181,6 +1257,17 @@ dev = dev_get_by_index(net, ifm->ifi_index); if (dev == NULL) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it with + user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get infos about a ghotified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ } else return -EINVAL; @@ -1235,6 +1322,8 @@ struct sk_buff *skb; int err = -ENOBUFS; + /* (ghost support) call rtnl_fill_ifinfo so maybe it + is need here to modify, in order to skip ghost iface */ skb = nlmsg_new(if_nlmsg_size(dev), GFP_KERNEL); if (skb == NULL) goto errout; @@ -1270,6 +1359,11 @@ int err; type = nlh->nlmsg_type; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("Enter, nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i and nlh->nlmsg_seq = %i ", + nlh->nlmsg_pid, nlh->nlmsg_seq, nlh->nlmsg_seq); +#endif /* CONFIG_GHOSTIFICATION */ + if (type > RTM_MAX) return -EOPNOTSUPP; @@ -1289,14 +1383,21 @@ if (kind != 2 && security_netlink_recv(skb, CAP_NET_ADMIN)) return -EPERM; + /* (ghost support) kind = 2 then imply RTM_GETLINK has been used */ if (kind == 2 && nlh->nlmsg_flags&NLM_F_DUMP) { struct sock *rtnl; rtnl_dumpit_func dumpit; + /* (ghost support) then rtnl_get_dumpit return pointer to the appropriate + function for this family and this type take in rtnl_msg_handler[] */ dumpit = rtnl_get_dumpit(family, type); if (dumpit == NULL) return -EOPNOTSUPP; - +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("Part 1: rtnl_get_dumpit(family %i, type %i) " + "is used before call to netlink_dump_start", + family,type); +#endif /* CONFIG_GHOSTIFICATION */ __rtnl_unlock(); rtnl = net->rtnl; err = netlink_dump_start(rtnl, skb, nlh, dumpit, NULL); @@ -1328,6 +1429,11 @@ doit = rtnl_get_doit(family, type); if (doit == NULL) return -EOPNOTSUPP; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) rtnl_get_doit return pointer to the appropriate + function for this family and this type take in rtnl_msg_handler[] */ + ghost_develmsg("Part 2: rtnl_get_doit(family %i, type %i)", family, type); +#endif /* CONFIG_GHOSTIFICATION */ return doit(skb, nlh, (void *)&rta_buf[0]); } @@ -1343,6 +1449,10 @@ { struct net_device *dev = ptr; + /* (ghost support) if we want provide a ghost's way to modify + the state of a ghost iface, it will be necessary to skip event + reports involing ghost iface (actually any changes are possible + if the iface is ghostified so there is nothing to report) */ switch (event) { case NETDEV_UNREGISTER: rtmsg_ifinfo(RTM_DELLINK, dev, ~0U); diff -rNuad linux-2.6.30/net/ipv4/arp.c linux-2.6.30-ghost/net/ipv4/arp.c --- linux-2.6.30/net/ipv4/arp.c 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/net/ipv4/arp.c 2009-11-26 22:50:50.000000000 +0000 @@ -70,6 +70,8 @@ * bonding can change the skb before * sending (e.g. insert 8021q tag). * Harald Welte : convert to make use of jenkins hash + * Luca Saiu @@ -116,6 +118,11 @@ struct neigh_table *clip_tbl_hook; #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include #include @@ -1312,9 +1319,21 @@ } #endif sprintf(tbuf, "%pI4", n->primary_key); +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) Don't show anything in /proc if it involves +ghost interfaces: */ + if (! is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Don't show any arp information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", + tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); + read_unlock(&n->lock); + } +#else seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", - tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); + tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); read_unlock(&n->lock); +#endif /* CONFIG_GHOSTIFICATION */ } static void arp_format_pneigh_entry(struct seq_file *seq, @@ -1325,9 +1344,21 @@ char tbuf[16]; sprintf(tbuf, "%pI4", n->key); +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) Don't show anything in /proc if it involves + ghost interfaces */ + if (! is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Don't show any arp information in /proc " + "about ghostified interfaces (2)."); + seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", + tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", + dev ? dev->name : "*"); + } +#else seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", - tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", - dev ? dev->name : "*"); + tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", + dev ? dev->name : "*"); +#endif /* CONFIG_GHOSTIFICATION */ } static int arp_seq_show(struct seq_file *seq, void *v) diff -rNuad linux-2.6.30/net/ipv4/devinet.c linux-2.6.30-ghost/net/ipv4/devinet.c --- linux-2.6.30/net/ipv4/devinet.c 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/net/ipv4/devinet.c 2009-11-26 22:50:50.000000000 +0000 @@ -23,6 +23,9 @@ * address (4.4BSD alias style support), * fall back to comparing just the label * if no match found. + * Roudiere Jonathan : + * some changes to ghost support, skip + * request involving a ghostified iface. */ @@ -62,6 +65,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + static struct ipv4_devconf ipv4_devconf = { .data = { [NET_IPV4_CONF_ACCEPT_REDIRECTS - 1] = 1, @@ -448,6 +456,16 @@ err = -ENODEV; goto errout; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("in_dev->dev->name = %s", in_dev->dev->name); + if (is_a_ghost_interface_name(in_dev->dev->name)) { + ghost_ptk("Try to delete address on a ghostified interface (%s), skip", + (in_dev->dev->name)); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ __in_dev_put(in_dev); @@ -497,6 +515,17 @@ if (dev == NULL) goto errout; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("(dev->name) = %s ", (dev->name)); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change/modfy address on a ghostified interface (%s), skip", + (dev->name)); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ + in_dev = __in_dev_get_rtnl(dev); err = -ENOBUFS; if (in_dev == NULL) @@ -546,6 +575,12 @@ ASSERT_RTNL(); + /* (ghost support) don't modify this funct but directly + rtm_to_ifaddr, as for others funct, with user-levels tools + (as iproute) we normaly never arrive here (because a dump + all ifaces is perform before and func which make the dump + has been modified (but we want prevent user tool request + the ghost iface directly */ ifa = rtm_to_ifaddr(net, nlh); if (IS_ERR(ifa)) return PTR_ERR(ifa); @@ -1169,6 +1204,15 @@ s_ip_idx = ip_idx = cb->args[1]; idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION /* _VERIFICATION_NEED_ */ + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("dev->name = %s", dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get address on a ghostified interface (%s), skip", + (dev->name)); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if (idx > s_idx) diff -rNuad linux-2.6.30/net/ipv4/fib_frontend.c linux-2.6.30-ghost/net/ipv4/fib_frontend.c --- linux-2.6.30/net/ipv4/fib_frontend.c 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/net/ipv4/fib_frontend.c 2009-11-26 22:50:50.000000000 +0000 @@ -6,6 +6,10 @@ * IPv4 Forwarding Information Base: FIB frontend. * * Authors: Alexey Kuznetsov, + * Luca Saiu (simple changes for ghostification + * support). + * Roudiere Jonathan (some display + * and comment for ghostification in rtnetlink functions). * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -45,6 +49,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #ifndef CONFIG_IP_MULTIPLE_TABLES static int __net_init fib4_rules_init(struct net *net) @@ -451,6 +460,11 @@ * Handle IP routing ioctl calls. These are used to manipulate the routing tables */ +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) A function implemented in net/core/dev.c */ +int is_a_ghost_interface_name(const char *interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + int ip_rt_ioctl(struct net *net, unsigned int cmd, void __user *arg) { struct fib_config cfg; @@ -465,6 +479,22 @@ if (copy_from_user(&rt, arg, sizeof(rt))) return -EFAULT; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Forbid any action involving a ghost interface */ + if (rt.rt_dev != (char __user*)NULL) { + /* We need to have this name in kernel space to check + for ghostification: */ + char interface_name[1000]; /* [IFNAMSIZ+1] is certainly sufficient */ + if(copy_from_user(interface_name, rt.rt_dev, IFNAMSIZ + 1)) + return -EFAULT; + if(is_a_ghost_interface_name(interface_name)) { + ghost_ptk("The user aked to add a route involving the " + "ghost interface %s. We make this operation fail", + interface_name); + return -ENODEV; + } + } +#endif /* CONFIG_GHOSTIFICATION */ rtnl_lock(); err = rtentry_to_fib_config(net, cmd, &rt, &cfg); @@ -473,12 +503,18 @@ if (cmd == SIOCDELRT) { tb = fib_get_table(net, cfg.fc_table); + /* (ghost support) The function pointed by tb->tb_delete was + also modified to deal with ghost interfaces. Such function + may be either fn_hash_delete() or fn_trie_delete() */ if (tb) err = tb->tb_delete(tb, &cfg); else err = -ESRCH; } else { tb = fib_new_table(net, cfg.fc_table); + /* (ghost support) The function pointed by tb->tb_insert was + also modified to deal with ghost interfaces. Such function + may be either fn_hash_insert() or fn_trie_insert() */ if (tb) err = tb->tb_insert(tb, &cfg); else @@ -585,6 +621,16 @@ struct fib_table *tb; int err; + /* + * (ghost support) add infos for patch devel, we don't modify + * inet_rtm_newroute but instead functions pointed by tb->tb_delete, + * either fn_hash_delete() (in fib_hash.c) or fn_trie_delete() + * (in fib_trie.c) + */ + ghost_develmsg(" nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i " + "and nlh->nlmsg_type = %i", nlh->nlmsg_pid, + nlh->nlmsg_seq, nlh->nlmsg_type); + err = rtm_to_fib_config(net, skb, nlh, &cfg); if (err < 0) goto errout; @@ -607,6 +653,16 @@ struct fib_table *tb; int err; + /* + * (ghost support) add infos for patch devel, we don't modify + * inet_rtm_newroute but instead function pointed by tb->tb_insert, + * either fn_hash_insert() (in fib_hash.c) or fn_trie_insert() + * (in fib_trie.c) + */ + ghost_develmsg(" nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i " + "and nlh->nlmsg_type = %i", nlh->nlmsg_pid, + nlh->nlmsg_seq, nlh->nlmsg_type); + err = rtm_to_fib_config(net, skb, nlh, &cfg); if (err < 0) goto errout; @@ -622,6 +678,12 @@ return err; } +/* + * (ghost support) Fonction called through rtnetlink to dump + * all routes, we don't change anythings here, changes have + * been made in fib_semantics.c (in fib_dump_info which is + * called by fib_trie and fib_hash). + */ static int inet_dump_fib(struct sk_buff *skb, struct netlink_callback *cb) { struct net *net = sock_net(skb->sk); @@ -634,7 +696,7 @@ if (nlmsg_len(cb->nlh) >= sizeof(struct rtmsg) && ((struct rtmsg *) nlmsg_data(cb->nlh))->rtm_flags & RTM_F_CLONED) - return ip_rt_dump(skb, cb); + return ip_rt_dump(skb, cb); /* (ghost support) need modify this func */ s_h = cb->args[0]; s_e = cb->args[1]; @@ -659,6 +721,9 @@ cb->args[1] = e; cb->args[0] = h; + /* (ghost support) Length returned can be changed by + fib_dump_info when a route of a ghositifed iface is + lookup (skb length may be abnormal, diff of mod(240)) */ return skb->len; } diff -rNuad linux-2.6.30/net/ipv4/fib_hash.c linux-2.6.30-ghost/net/ipv4/fib_hash.c --- linux-2.6.30/net/ipv4/fib_hash.c 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/net/ipv4/fib_hash.c 2009-11-26 22:50:50.000000000 +0000 @@ -6,6 +6,11 @@ * IPv4 FIB: lookup engine and maintenance routines. * * Authors: Alexey Kuznetsov, + * Luca Saiu (simple changes for ghostification + * support). + * Roudiere Jonathan (bugfixes, + * forgetting ghost support in the function fn_hash_insert, bad + * field check in fib_seq_show). * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -41,6 +46,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "fib_lookup.h" static struct kmem_cache *fn_hash_kmem __read_mostly; @@ -397,6 +407,18 @@ if (IS_ERR(fi)) return PTR_ERR(fi); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for route involving + ghostified interface, current funct is pointed by tb->tb_insert */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + if (fz->fz_nent > (fz->fz_divisor<<1) && fz->fz_divisor < FZ_MAX_DIVISOR && (cfg->fc_dst_len == 32 || @@ -580,7 +602,17 @@ fa = list_entry(fa->fa_list.prev, struct fib_alias, fa_list); list_for_each_entry_continue(fa, &f->fn_alias, fa_list) { struct fib_info *fi = fa->fa_info; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for route involving + ghostified interface, current funct is pointed by tb->tb_delete */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ if (fa->fa_tos != cfg->fc_tos) break; @@ -1022,19 +1054,39 @@ prefix = f->fn_key; mask = FZ_MASK(iter->zone); flags = fib_flag_trans(fa->fa_type, mask, fi); - if (fi) + if (fi) + { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't display any informations about + ghostified interfaces under /proc/net/route, bf */ + if (! is_a_ghost_interface_name((const char*)fi->fib_dev->name)) + { + ghost_ptk("Don't display routes for a ghostified " + "interface (%s) /proc/net/route", + (const char*)fi->fib_dev->name); + seq_printf(seq, + "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", prefix, + fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, + mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); + } +#else seq_printf(seq, - "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", - fi->fib_dev ? fi->fib_dev->name : "*", prefix, - fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, - mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), - fi->fib_window, - fi->fib_rtt >> 3, &len); - else + "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", prefix, + fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, + mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); +#endif /* CONFIG_GHOSTIFICATION */ + } + else { seq_printf(seq, - "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", - prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); - + "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); + } seq_printf(seq, "%*s\n", 127 - len, ""); out: return 0; diff -rNuad linux-2.6.30/net/ipv4/fib_semantics.c linux-2.6.30-ghost/net/ipv4/fib_semantics.c --- linux-2.6.30/net/ipv4/fib_semantics.c 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/net/ipv4/fib_semantics.c 2009-11-26 22:50:50.000000000 +0000 @@ -11,6 +11,9 @@ * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. + * Changes: + * Roudiere Jonathan trivial + * change for ghostification. */ #include @@ -43,6 +46,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "fib_lookup.h" static DEFINE_SPINLOCK(fib_info_lock); @@ -954,6 +962,23 @@ if (nlh == NULL) return -EMSGSIZE; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) function call by fib_trie and fib_hash to dump route, + * in most case we won't arrive here with usertools (like iproute), because + * modification in rtnl_dump_ifinfo hide iface and modif here may be not really + * proper because put abnormal length in the skb->len return by inet_dump_fib + * (used without error..) if pid != 0 then user talks else that is the kernel; + */ + if (pid != 0) + if (is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Try to get route about ghost iface (%s), skip", + fi->fib_dev->name); + /* return -EMSGSIZE; don't use this because that stops evaluation */ + return nlmsg_end(skb, nlh); + } +#endif /* CONFIG_GHOSTIFICATION */ + rtm = nlmsg_data(nlh); rtm->rtm_family = AF_INET; rtm->rtm_dst_len = dst_len; diff -rNuad linux-2.6.30/net/ipv4/fib_trie.c linux-2.6.30-ghost/net/ipv4/fib_trie.c --- linux-2.6.30/net/ipv4/fib_trie.c 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/net/ipv4/fib_trie.c 2009-11-26 22:50:50.000000000 +0000 @@ -12,6 +12,12 @@ * * Hans Liss Uppsala Universitet * + * Luca Saiu (simple changes for ghostification + * support) + * Roudiere Jonathan (bugfixes, + * forgetting ghost support in the function fn_trie_insert, bad + * field check in fib_route_seq_show). + * * This work is based on the LPC-trie which is originally descibed in: * * An experimental study of compression methods for dynamic tries @@ -80,6 +86,11 @@ #include #include "fib_lookup.h" +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define MAX_STAT_DEPTH 32 #define KEYLENGTH (8*sizeof(t_key)) @@ -1199,6 +1210,18 @@ goto err; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for + route involving ghostified interface */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + l = fib_find_node(t, key); fa = NULL; @@ -1627,7 +1650,17 @@ fa = list_entry(fa->fa_list.prev, struct fib_alias, fa_list); list_for_each_entry_continue(fa, fa_head, fa_list) { struct fib_info *fi = fa->fa_info; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for + route involving ghostified interface */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ if (fa->fa_tos != tos) break; @@ -2587,7 +2620,28 @@ || fa->fa_type == RTN_MULTICAST) continue; - if (fi) + if (fi) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't display any informations about + ghostified interfaces under /proc/net/route, bf */ + if (! is_a_ghost_interface_name((const char*)fi->fib_dev->name)) { + ghost_ptk("Don't display routes for a ghostified " + "interface (%s) in /proc/net/route", + (const char*)fi->fib_dev->name); + seq_printf(seq, + "%s\t%08X\t%08X\t%04X\t%d\t%u\t" + "%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", + prefix, + fi->fib_nh->nh_gw, flags, 0, 0, + fi->fib_priority, + mask, + (fi->fib_advmss ? + fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); + } +#else seq_printf(seq, "%s\t%08X\t%08X\t%04X\t%d\t%u\t" "%d\t%08X\t%d\t%u\t%u%n", @@ -2600,13 +2654,14 @@ fi->fib_advmss + 40 : 0), fi->fib_window, fi->fib_rtt >> 3, &len); - else +#endif /* CONFIG_GHOSTIFICATION */ + } else { seq_printf(seq, "*\t%08X\t%08X\t%04X\t%d\t%u\t" "%d\t%08X\t%d\t%u\t%u%n", prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); - + } seq_printf(seq, "%*s\n", 127 - len, ""); } } diff -rNuad linux-2.6.30/net/ipv4/igmp.c linux-2.6.30-ghost/net/ipv4/igmp.c --- linux-2.6.30/net/ipv4/igmp.c 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/net/ipv4/igmp.c 2009-11-26 22:50:50.000000000 +0000 @@ -68,6 +68,8 @@ * Alexey Kuznetsov: Accordance to igmp-v2-06 draft. * David L Stevens: IGMPv3 support, with help from * Vinay Kulkarni + * Luca Saiu : trivial changes for ghostification + * support */ #include @@ -105,6 +107,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define IP_MAX_MEMBERSHIPS 20 #define IP_MAX_MSF 10 @@ -2387,8 +2394,18 @@ #endif if (state->in_dev->mc_list == im) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if(! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, "%d\t%-10s: %5d %7s\n", + state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier); + } +#else seq_printf(seq, "%d\t%-10s: %5d %7s\n", state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier); +#endif /* CONFIG_GHOSTIFICATION */ } seq_printf(seq, @@ -2550,14 +2567,30 @@ "Device", "MCA", "SRC", "INC", "EXC"); } else { - seq_printf(seq, - "%3d %6.6s 0x%08x " - "0x%08x %6lu %6lu\n", - state->dev->ifindex, state->dev->name, - ntohl(state->im->multiaddr), - ntohl(psf->sf_inaddr), - psf->sf_count[MCAST_INCLUDE], - psf->sf_count[MCAST_EXCLUDE]); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if (! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp information in /proc " + "about ghostified interfaces (2)."); + seq_printf(seq, + "%3d %6.6s 0x%08x " + "0x%08x %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + ntohl(state->im->multiaddr), + ntohl(psf->sf_inaddr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); + } +#else + seq_printf(seq, + "%3d %6.6s 0x%08x " + "0x%08x %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + ntohl(state->im->multiaddr), + ntohl(psf->sf_inaddr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; } diff -rNuad linux-2.6.30/net/ipv4/route.c linux-2.6.30-ghost/net/ipv4/route.c --- linux-2.6.30/net/ipv4/route.c 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/net/ipv4/route.c 2009-11-26 22:50:50.000000000 +0000 @@ -55,6 +55,9 @@ * Eric Dumazet : hashed spinlocks and rt_check_expire() fixes. * Ilia Sotnikov : Ignore TOS on PMTUD and Redirect * Ilia Sotnikov : Removed TOS from hash calculations + * Luca Saiu : trivial changes for ghostification support + * Roudiere Jonathan : ghost support to rtnetlink + * function, ghost bugfix (field) in rt_cache_seq_show * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -108,6 +111,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define RT_FL_TOS(oldflp) \ ((u32)(oldflp->fl4_tos & (IPTOS_RT_MASK | RTO_ONLINK))) @@ -375,6 +383,14 @@ "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t" "HHUptod\tSpecDst"); else { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Dont't display informations about ghost ifaces, bf */ + if(is_a_ghost_interface_name((const char*)((struct rtable*)v)->u.dst.dev->name)) { + ghost_ptk("Don't display routing informations about ghost interface (%s)", + ((const char*)((struct rtable*)v)->u.dst.dev->name)); + return 0; + } +#endif /* CONFIG_GHOSTIFICATION */ struct rtable *r = v; int len; @@ -392,11 +408,11 @@ r->fl.fl4_tos, r->u.dst.hh ? atomic_read(&r->u.dst.hh->hh_refcnt) : -1, r->u.dst.hh ? (r->u.dst.hh->hh_output == - dev_queue_xmit) : 0, + dev_queue_xmit) : 0, r->rt_spec_dst, &len); seq_printf(seq, "%*s\n", 127 - len, ""); - } + } return 0; } @@ -2793,8 +2809,13 @@ r->rtm_src_len = 32; NLA_PUT_BE32(skb, RTA_SRC, rt->fl.fl4_src); } - if (rt->u.dst.dev) + if (rt->u.dst.dev) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) */ + ghost_develmsg("Net device is = %s ",rt->u.dst.dev->name); +#endif NLA_PUT_U32(skb, RTA_OIF, rt->u.dst.dev->ifindex); + } #ifdef CONFIG_NET_CLS_ROUTE if (rt->u.dst.tclassid) NLA_PUT_U32(skb, RTA_FLOW, rt->u.dst.tclassid); @@ -2877,7 +2898,7 @@ err = -ENOBUFS; goto errout; } - + /* Reserve room for dummy headers, this skb can pass through good chunk of routing engine. */ @@ -2899,6 +2920,17 @@ if (dev == NULL) { err = -ENODEV; goto errout_free; + +#ifdef CONFIG_GHOSTIFICATION + ghost_debugmsg("Net device is %s ", dev->name); + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get a route involving a ghostified " + "interface (%s), skip", dev->name); + err = -ENODEV; + goto errout_free; + } +#endif /* CONFIG_GHOSTIFICATION */ } skb->protocol = htons(ETH_P_IP); @@ -2931,6 +2963,22 @@ if (rtm->rtm_flags & RTM_F_NOTIFY) rt->rt_flags |= RTCF_NOTIFY; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't allow get ops for route + involving a ghostified interface, unnecessary test ..(rt) */ + if (rt) { + if (rt->u.dst.dev) { + ghost_debugmsg("Net device is %s ",rt->u.dst.dev->name); + if (is_a_ghost_interface_name(rt->u.dst.dev->name)) { + ghost_ptk("Try to get a route involving a ghostified " + "interface (%s), skip", + rt->u.dst.dev->name); + err = -ENETUNREACH; + goto errout_free; + } + } + } +#endif /* CONFIG_GHOSTIFICATION */ err = rt_fill_info(net, skb, NETLINK_CB(in_skb).pid, nlh->nlmsg_seq, RTM_NEWROUTE, 0, 0); if (err <= 0) @@ -2945,6 +2993,8 @@ goto errout; } +/* (ghost support) maybe it will be necessary to modify +this func which is call in fib_frontend.c */ int ip_rt_dump(struct sk_buff *skb, struct netlink_callback *cb) { struct rtable *rt; diff -rNuad linux-2.6.30/net/ipv6/Kconfig linux-2.6.30-ghost/net/ipv6/Kconfig --- linux-2.6.30/net/ipv6/Kconfig 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/net/ipv6/Kconfig 2009-11-26 22:50:50.000000000 +0000 @@ -4,8 +4,8 @@ # IPv6 as module will cause a CRASH if you try to unload it menuconfig IPV6 - tristate "The IPv6 protocol" - default m + bool "The IPv6 protocol" + default y ---help--- This is complemental support for the IP version 6. You will still be able to do traditional IPv4 networking as well. @@ -16,6 +16,10 @@ For specific information about IPv6 under Linux, read the HOWTO at . + Ghostification notes: + ===================== + IPV6 can not be built in module with ghost support. + To compile this protocol support as a module, choose M here: the module will be called ipv6. @@ -68,7 +72,7 @@ If unsure, say N. config INET6_AH - tristate "IPv6: AH transformation" + bool "IPv6: AH transformation" select XFRM select CRYPTO select CRYPTO_HMAC @@ -80,7 +84,7 @@ If unsure, say Y. config INET6_ESP - tristate "IPv6: ESP transformation" + bool "IPv6: ESP transformation" select XFRM select CRYPTO select CRYPTO_AUTHENC @@ -95,7 +99,7 @@ If unsure, say Y. config INET6_IPCOMP - tristate "IPv6: IPComp transformation" + bool "IPv6: IPComp transformation" select INET6_XFRM_TUNNEL select XFRM_IPCOMP ---help--- @@ -105,7 +109,7 @@ If unsure, say Y. config IPV6_MIP6 - tristate "IPv6: Mobility (EXPERIMENTAL)" + bool "IPv6: Mobility (EXPERIMENTAL)" depends on EXPERIMENTAL select XFRM ---help--- @@ -114,16 +118,16 @@ If unsure, say N. config INET6_XFRM_TUNNEL - tristate + bool select INET6_TUNNEL default n config INET6_TUNNEL - tristate + bool default n config INET6_XFRM_MODE_TRANSPORT - tristate "IPv6: IPsec transport mode" + bool "IPv6: IPsec transport mode" default IPV6 select XFRM ---help--- @@ -132,7 +136,7 @@ If unsure, say Y. config INET6_XFRM_MODE_TUNNEL - tristate "IPv6: IPsec tunnel mode" + bool "IPv6: IPsec tunnel mode" default IPV6 select XFRM ---help--- @@ -141,7 +145,7 @@ If unsure, say Y. config INET6_XFRM_MODE_BEET - tristate "IPv6: IPsec BEET mode" + bool "IPv6: IPsec BEET mode" default IPV6 select XFRM ---help--- @@ -150,14 +154,14 @@ If unsure, say Y. config INET6_XFRM_MODE_ROUTEOPTIMIZATION - tristate "IPv6: MIPv6 route optimization mode (EXPERIMENTAL)" + bool "IPv6: MIPv6 route optimization mode (EXPERIMENTAL)" depends on EXPERIMENTAL select XFRM ---help--- Support for MIPv6 route optimization mode. config IPV6_SIT - tristate "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" + bool "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" select INET_TUNNEL select IPV6_NDISC_NODETYPE default y @@ -174,7 +178,7 @@ bool config IPV6_TUNNEL - tristate "IPv6: IP-in-IPv6 tunnel (RFC2473)" + bool "IPv6: IP-in-IPv6 tunnel (RFC2473)" select INET6_TUNNEL ---help--- Support for IPv6-in-IPv6 and IPv4-in-IPv6 tunnels described in diff -rNuad linux-2.6.30/net/ipv6/addrconf.c linux-2.6.30-ghost/net/ipv6/addrconf.c --- linux-2.6.30/net/ipv6/addrconf.c 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/net/ipv6/addrconf.c 2009-11-26 22:50:50.000000000 +0000 @@ -36,6 +36,9 @@ * YOSHIFUJI Hideaki @USAGI : improved source address * selection; consider scope, * status etc. + * Luca Saiu : ghostification support + * Roudiere Jonathan : ghost + * modify functions using (rt)netlink */ #include @@ -81,6 +84,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include #include @@ -446,6 +454,86 @@ return idev; } +/* + * (ghost support) Support to hide snmp6 proc infos. + */ +#ifdef CONFIG_GHOSTIFICATION +/* Utility procedure, needed for {show,hide}_proc_net_dev_snmp6_DEVICE_if_needed(). + Return a pointer to a valid inet6_dev structure on success, NULL on failure: */ +static struct inet6_dev* lookup_snmp6_device(const char *interface_name) +{ + struct net_device *device; + struct inet6_dev *idev; + + /* Lookup the device by name, obtaining an inet6_dev structure: */ + device = dev_get_by_name(&init_net, interface_name); + if(device == NULL) + return NULL; + rtnl_lock(); + idev = ipv6_find_idev(device); + rtnl_unlock(); + return idev; +} + +/* These are defined in net/ipv6/proc.c: */ +extern struct proc_dir_entry *proc_net_devsnmp6; +extern struct file_operations snmp6_seq_fops; + +/* Remove the virtual file /proc/net/dev_snmp6/DEVICE, unless + it's already hidden. Return 0 on success, nonzero on error: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name) +{ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + ghost_ptk("Hiding /proc/net/dev_snmp6/%s...", interface_name); + if(idev == NULL) /* lookup failed */ + return -EINVAL; + + /* Remove the proc/ entry, if any. If there was no entry + then remove_proc_entry() will fail, but it's ok for us: */ +#ifdef CONFIG_PROC_FS + if (!proc_net_devsnmp6) + return -ENOENT; + if (idev->stats.proc_dir_entry == NULL) + return -EINVAL; + remove_proc_entry(interface_name, proc_net_devsnmp6); +#endif /* CONFIG_PROC_FS */ + return 0; + //return snmp6_unregister_dev(idev); +} + +/* Create the virtual file /proc/net/dev_snmp6/DEVICE, unless + it's already shown. Return 0 on success, nonzero on error: */ +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name) +{ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + struct proc_dir_entry *proc_directory_entry; + ghost_ptk("Showing /proc/net/dev_snmp6/%s...", + interface_name); + if(idev == NULL) /* lookup failed */ + return -EINVAL; + if(idev->dev == NULL) /* I doubt this may happen... */ + return -EINVAL; +#ifdef CONFIG_PROC_FS + if(!proc_net_devsnmp6) /* there isn't any /proc/net/dev_snmp6 */ + return -ENOENT; + if((proc_directory_entry = create_proc_entry(interface_name, + S_IRUGO, proc_net_devsnmp6)) == NULL) + return -ENOMEM; + proc_directory_entry->data = idev; + proc_directory_entry->proc_fops = &snmp6_seq_fops; + idev->stats.proc_dir_entry = proc_directory_entry; +#endif /* CONFIG_PROC_FS */ + return 0; + /* return snmp6_register_dev(idev); */ +} +EXPORT_SYMBOL(show_proc_net_dev_snmp6_DEVICE_if_needed); +EXPORT_SYMBOL(hide_proc_net_dev_snmp6_DEVICE_if_needed); +#endif /* CONFIG_GHOSTIFICATION */ + +/* + * End of ghostification support + */ + #ifdef CONFIG_SYSCTL static void dev_forward_change(struct inet6_dev *idev) { @@ -2126,6 +2214,10 @@ return PTR_ERR(ifp); } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_addr_del(struct net *net, int ifindex, struct in6_addr *pfx, unsigned int plen) { @@ -2140,6 +2232,15 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to delete address on a ghostified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + if ((idev = __in6_dev_get(dev)) == NULL) return -ENXIO; @@ -2954,6 +3055,22 @@ static int if6_seq_show(struct seq_file *seq, void *v) { struct inet6_ifaddr *ifp = (struct inet6_ifaddr *)v; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information about ghost interfaces */ + if (is_a_ghost_interface_name(ifp->idev->dev->name)) { + ghost_ptk("Don't show informations about a ghostified " + "interface (%s) under /proc.", + ifp->idev->dev->name); + } else { + seq_printf(seq, "%pi6 %02x %02x %02x %02x %8s\n", + &ifp->addr, + ifp->idev->dev->ifindex, + ifp->prefix_len, + ifp->scope, + ifp->flags, + ifp->idev->dev->name); + } +#else seq_printf(seq, "%pi6 %02x %02x %02x %02x %8s\n", &ifp->addr, ifp->idev->dev->ifindex, @@ -2961,6 +3078,8 @@ ifp->scope, ifp->flags, ifp->idev->dev->name); +#endif /* CONFIG_GHOSTIFICATION */ + return 0; } @@ -3168,6 +3287,10 @@ [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) }, }; +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { @@ -3185,7 +3308,9 @@ pfx = extract_addr(tb[IFA_ADDRESS], tb[IFA_LOCAL]); if (pfx == NULL) return -EINVAL; - + /* (ghost support) we could/should stop here a request involving a + ghostified interface but inet6_addr_del already do a part of our work + (get dev etc ..) so instead we modify inet6_addr_del */ return inet6_addr_del(net, ifm->ifa_index, pfx, ifm->ifa_prefixlen); } @@ -3234,6 +3359,10 @@ return 0; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { @@ -3271,6 +3400,15 @@ if (dev == NULL) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to add a address to a ghostified interface (%s). Failing.", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + /* We ignore other flags so far. */ ifa_flags = ifm->ifa_flags & (IFA_F_NODAD | IFA_F_HOMEADDRESS); @@ -3436,6 +3574,12 @@ ANYCAST_ADDR, }; +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc; + * inet6_dump_addr is called by inet6_dump_{ifaddr,ifmcaddr,ifacaddr} + * and call the appropriate inet6_fill_* function. + */ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb, enum addr_type_t type) { @@ -3461,6 +3605,17 @@ ip_idx = 0; if ((idev = in6_dev_get(dev)) == NULL) goto cont; + +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get infos about addresses of a ghostified interface (%s), skip.", + dev->name); + goto cont; + /* return -ENODEV; don't use it */ + } +#endif /* CONFIG_GHOSTIFICATION */ + read_lock_bh(&idev->lock); switch (type) { case UNICAST_ADDR: @@ -3532,7 +3687,6 @@ return inet6_dump_addr(skb, cb, type); } - static int inet6_dump_ifacaddr(struct sk_buff *skb, struct netlink_callback *cb) { enum addr_type_t type = ANYCAST_ADDR; @@ -3540,6 +3694,10 @@ return inet6_dump_addr(skb, cb, type); } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_getaddr(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) { @@ -3566,6 +3724,17 @@ if (ifm->ifa_index) dev = __dev_get_by_index(net, ifm->ifa_index); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (dev) { + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get address of a ghostified interface (%s), skip.", + dev->name); + return -ENODEV; + } + } +#endif /* CONFIG_GHOSTIFICATION */ + if ((ifa = ipv6_get_ifaddr(net, addr, dev, 1)) == NULL) { err = -EADDRNOTAVAIL; goto errout; @@ -3774,6 +3943,10 @@ return -EMSGSIZE; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb) { struct net *net = sock_net(skb->sk); @@ -3785,6 +3958,14 @@ read_lock(&dev_base_lock); idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to dump address infos about a ghostified interface (%s), skip.", + dev->name); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if ((idev = in6_dev_get(dev)) == NULL) @@ -3812,7 +3993,6 @@ skb = nlmsg_new(inet6_if_nlmsg_size(), GFP_ATOMIC); if (skb == NULL) goto errout; - err = inet6_fill_ifinfo(skb, idev, 0, 0, event, 0); if (err < 0) { /* -EMSGSIZE implies BUG in inet6_if_nlmsg_size() */ diff -rNuad linux-2.6.30/net/ipv6/ip6_fib.c linux-2.6.30-ghost/net/ipv6/ip6_fib.c --- linux-2.6.30/net/ipv6/ip6_fib.c 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/net/ipv6/ip6_fib.c 2009-11-26 22:50:50.000000000 +0000 @@ -275,6 +275,8 @@ #endif +/* (ghost support) iterate on net device, don't modify this function, +we can return ENODEV here, user-space tools (as ip) dump iface list before */ static int fib6_dump_node(struct fib6_walker_t *w) { int res; @@ -320,7 +322,6 @@ { struct fib6_walker_t *w; int res; - w = (void *)cb->args[2]; w->root = &table->tb6_root; diff -rNuad linux-2.6.30/net/ipv6/mcast.c linux-2.6.30-ghost/net/ipv6/mcast.c --- linux-2.6.30/net/ipv6/mcast.c 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/net/ipv6/mcast.c 2009-11-26 22:54:01.000000000 +0000 @@ -24,6 +24,10 @@ * - MLD for link-local addresses. * David L Stevens : * - MLDv2 support + * Luca Saiu : + * - trivial changes for ghostification support + * Roudiere Jonathan + * - trivial changes to correct an forgetting */ #include @@ -61,6 +65,11 @@ #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Set to 3 to get tracing... */ #define MCAST_DEBUG 2 @@ -2432,6 +2441,11 @@ struct ifmcaddr6 *im = (struct ifmcaddr6 *)v; struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information about ghost interfaces */ + if(! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp6 information in /proc " + "about ghostified interfaces (1)."); seq_printf(seq, "%-4d %-15s %pi6 %5d %08X %ld\n", state->dev->ifindex, state->dev->name, @@ -2439,6 +2453,16 @@ im->mca_users, im->mca_flags, (im->mca_flags&MAF_TIMER_RUNNING) ? jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); + } +#else + seq_printf(seq, + "%-4d %-15s %pi6 %5d %08X %ld\n", + state->dev->ifindex, state->dev->name, + &im->mca_addr, + im->mca_users, im->mca_flags, + (im->mca_flags&MAF_TIMER_RUNNING) ? + jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); +#endif /* CONFIG_GHOSTIFICATION */ return 0; } @@ -2593,6 +2617,11 @@ "Device", "Multicast Address", "Source Address", "INC", "EXC"); } else { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if (! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp6 information in /proc" + " about ghostified interfaces (2)."); seq_printf(seq, "%3d %6.6s %pi6 %pi6 %6lu %6lu\n", state->dev->ifindex, state->dev->name, @@ -2600,6 +2629,16 @@ &psf->sf_addr, psf->sf_count[MCAST_INCLUDE], psf->sf_count[MCAST_EXCLUDE]); + } +#else + seq_printf(seq, + "%3d %6.6s %pi6 %pi6 %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + &state->im->mca_addr, + &psf->sf_addr, + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; } diff -rNuad linux-2.6.30/net/ipv6/proc.c linux-2.6.30-ghost/net/ipv6/proc.c --- linux-2.6.30/net/ipv6/proc.c 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/net/ipv6/proc.c 2009-11-26 22:51:47.000000000 +0000 @@ -9,6 +9,8 @@ * * Authors: David S. Miller (davem@caip.rutgers.edu) * YOSHIFUJI Hideaki + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -29,6 +31,16 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include + +/* (ghost support) We don't want this to be static, as it has to + be read at ghostifying and unghostifying time */ +struct proc_dir_entry *proc_net_devsnmp6; +EXPORT_SYMBOL(proc_net_devsnmp6); +#endif /* CONFIG_GHOSTIFICATION */ + static int sockstat6_seq_show(struct seq_file *seq, void *v) { struct net *net = seq->private; @@ -194,6 +206,18 @@ return single_open_net(inode, file, snmp6_seq_show); } +/* (ghost support) This was originally static, +but we need to make it visible */ +#ifdef CONFIG_GHOSTIFICATION +struct file_operations snmp6_seq_fops = { + .owner = THIS_MODULE, + .open = snmp6_seq_open, + .read = seq_read, + .llseek = seq_lseek, + .release = single_release, +}; +EXPORT_SYMBOL(snmp6_seq_fops); +#else static const struct file_operations snmp6_seq_fops = { .owner = THIS_MODULE, .open = snmp6_seq_open, @@ -201,6 +225,7 @@ .llseek = seq_lseek, .release = single_release_net, }; +#endif /* CONFIG_GHOSTIFICATION */ static int snmp6_dev_seq_show(struct seq_file *seq, void *v) { diff -rNuad linux-2.6.30/net/ipv6/route.c linux-2.6.30-ghost/net/ipv6/route.c --- linux-2.6.30/net/ipv6/route.c 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/net/ipv6/route.c 2009-11-26 22:50:50.000000000 +0000 @@ -22,6 +22,10 @@ * reachable. otherwise, round-robin the list. * Ville Nuorvala * Fixed routing subtrees. + * Luca Saiu + * trivial changes for ghostification support + * Roudiere Jonathan + * ghostification support update, modify functions using netlink */ #include @@ -60,6 +64,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Set to 3 to get tracing. */ #define RT6_DEBUG 2 @@ -1115,10 +1124,6 @@ return hoplimit; } -/* - * - */ - int ip6_route_add(struct fib6_config *cfg) { int err; @@ -1830,6 +1835,8 @@ struct in6_rtmsg rtmsg; int err; + /* (ghost support) don't make any change, changes + have been made later for ioctl request */ switch(cmd) { case SIOCADDRT: /* Add a route */ case SIOCDELRT: /* Delete a route */ @@ -2133,26 +2140,84 @@ return err; } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc. + */ static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) { struct fib6_config cfg; int err; - err = rtm_to_fib6_config(skb, nlh, &cfg); - if (err < 0) - return err; +#ifdef CONFIG_GHOSTIFICATION + struct net *net = NULL; + struct net_device *dev = NULL; + + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; + + /* (ghost support) get the net struct through sock struct */ + net = sock_net(skb->sk); + if(!net) + return ip6_route_del(&cfg); /* do that or exit on error ... */ + /* (ghost support) get the net_device struct through fib6_config */ + dev = dev_get_by_index(net, cfg.fc_ifindex); + if(!dev) + return ip6_route_del(&cfg); /* do that or exit on error ... */ + /* (ghost support) ok we know the device name so if it + is a ghostified interface, return device not exist */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to del route involving a ghostified interface (%s). Failing", + dev->name); + return -ENODEV; + } +#else + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; +#endif /* CONFIG_GHOSTIFICATION */ return ip6_route_del(&cfg); } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc. + */ static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) { struct fib6_config cfg; int err; +#ifdef CONFIG_GHOSTIFICATION + struct net *net = NULL; + struct net_device *dev = NULL; + err = rtm_to_fib6_config(skb, nlh, &cfg); if (err < 0) return err; + + /* (ghost support) get the net struct through sock struct */ + net = sock_net(skb->sk); + if(!net) + return ip6_route_add(&cfg); /* do that or exit on error ... */ + /* (ghost support) get the net_device struct through fib6_config */ + dev = dev_get_by_index(net, cfg.fc_ifindex); + if(!dev) + return ip6_route_add(&cfg); /* do that or exit on error ... */ + /* (ghost support) ok we know the device name so if it is + a ghostified interface, return device not exist */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to add route involving a ghostified interface (%s). Failing.", + dev->name); + return -ENODEV; + } +#else + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; +#endif /* CONFIG_GHOSTIFICATION */ return ip6_route_add(&cfg); } @@ -2172,6 +2237,10 @@ + nla_total_size(sizeof(struct rta_cacheinfo)); } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc + */ static int rt6_fill_node(struct net *net, struct sk_buff *skb, struct rt6_info *rt, struct in6_addr *dst, struct in6_addr *src, @@ -2183,6 +2252,19 @@ long expires; u32 table; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("rtnetlink msg type %i, pid %i and seq %i", + type, pid, seq); + /* (ghost support) this function is called by by rt6_dump_route, and + inet6_rtm_get_route and inet6_rt_notify, test if it is a kernel request*/ + if (rt->rt6i_dev->name) + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Try to get/notify route infos about a " + "ghostified interface (%s), skip.", + rt->rt6i_dev->name); + return 1; + } +#endif /* CONFIG_GHOSTIFICATION */ if (prefix) { /* user wants prefix routes only */ if (!(rt->rt6i_flags & RTF_PREFIX_RT)) { /* success since this is not a prefix route */ @@ -2290,10 +2372,26 @@ return -EMSGSIZE; } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc, + */ int rt6_dump_route(struct rt6_info *rt, void *p_arg) { struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg; int prefix; + +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg(" rtnetlink mesg %i, pid %i and seq %i", + arg->cb->nlh->nlmsg_type, arg->cb->nlh->nlmsg_pid, arg->cb->nlh->nlmsg_seq); + /* if (rt->rt6i_dev) + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Try to dump route infos about a ghostified interface (%s), skip", + rt->rt6i_dev->name); + return -ENODEV; errro maybe come from here, modify instead + rt6_fill_node which has multiple callers + } */ +#endif /* CONFIG_GHOSTIFICATION */ if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) { struct rtmsg *rtm = nlmsg_data(arg->cb->nlh); @@ -2307,6 +2405,8 @@ prefix, 0, NLM_F_MULTI); } +/* (ghost support) Don't make changes here, function +rt6_fill_node has been modified instead */ static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) { struct net *net = sock_net(in_skb->sk); @@ -2452,6 +2552,17 @@ { struct seq_file *m = p_arg; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Do nothing if this route involves a + ghostified interface */ + if(rt->rt6i_dev != NULL) /* can't use &&: evaluation order is undefined */ + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Don't show any informations under /proc/net" + "involving a ghostified interface (%s)", + rt->rt6i_dev->name); + return 0; + } +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(m, "%pi6 %02x ", &rt->rt6i_dst.addr, rt->rt6i_dst.plen); #ifdef CONFIG_IPV6_SUBTREES diff -rNuad linux-2.6.30/net/netfilter/core.c linux-2.6.30-ghost/net/netfilter/core.c --- linux-2.6.30/net/netfilter/core.c 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/net/netfilter/core.c 2009-11-26 22:54:38.000000000 +0000 @@ -5,6 +5,8 @@ * way. * * Rusty Russell (C)2000 -- This code is GPL. + * Little change by Jonathan Roudiere to add + * Ghostification support (bypass netfilter for ghost interface). */ #include #include @@ -22,6 +24,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "nf_internals.h" static DEFINE_MUTEX(afinfo_mutex); @@ -59,7 +66,6 @@ { struct nf_hook_ops *elem; int err; - err = mutex_lock_interruptible(&nf_hook_mutex); if (err < 0) return err; @@ -169,7 +175,158 @@ rcu_read_lock(); elem = &nf_hooks[pf][hook]; + next_hook: + /* + * (ghost support) Netfilter ghostification support. + * Perform too much tests here is not a good idea because all + * network packets pass through this section but we have + * not other choice to skip netfilter hooks (per hook). + */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER + /* + * Bypass all Netfilter hooks (for ipv4/6, arp, bridge) for any + * ghostified interface (eq. to return NF_ACCEPT for each packet which + * go through an interface which is ghostified (do that at hook level + * in order to skip all chains's rules hang on the hooks)) + */ + + /* don't use ghost_debugmsg macro in this section + because it may introduce too much delay */ + ghost_develmsg("Enter in hook (pf=%i) (hook=%i) from indev->name = " + "%s to outdev->name = %s", pf, hook, indev->name, outdev->name); + +/* If we wish to skip all netfilter hooks for all PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ALL + /* + * outdev->name field is defined in OUTPUT, FORWARD and POSTROUTING hooks, + * if it is a ghostified interface then we must bypass netfilter hooks + * (and all rules chains), we start here (with outdev) to bypass netfilter's + * hooks in the case where we are in FORWARD. + */ + if ((outdev->name) != NULL) { + if (!is_a_ghost_interface_name(outdev->name)) { + ghost_develmsg("(outdev->name) = %s is not a ghostfied interface", + (outdev->name)); + goto apply_hook; + } else { + ghost_develmsg("(outdev->name) = %s is a ghostfied interface", + (outdev->name)); + ret = 1; + goto unlock; + } + } + /* + * indev->name field is defined in PREROUTING, FORWARD and INPUT hooks, + * if it is a ghostified interface then we must bypass netfilter hooks + * (and all rules chains), if we are in FORWARD hook and outdev/indev->name + * is not a ghostified interface then we can go towards hooks. + */ + if ((indev->name) != NULL) { + if (!is_a_ghost_interface_name(indev->name)) { + ghost_develmsg("(indev->name) = %s is not a ghostfied interface", + (indev->name)); + goto apply_hook; + } else { + ghost_develmsg("(indev->name) = %s is a ghostfied interface", + (indev->name)); + ret = 1; + goto unlock; + } + } + +/* + * If GHOSTIFICATION_NETFILTER_ALL is not defined neither any + * GHOSTIFICATION_NETFILTER_PF then we 'll skip all this code chunk. + * (about performance, choose to skip netfilter just for certains PF + * is the most bad things we can do, but ...) + */ +#elif (defined(CONFIG_GHOSTIFICATION_NETFILTER_IPV4) || defined(CONFIG_GHOSTIFICATION_NETFILTER_IPV6) || \ + defined(CONFIG_GHOSTIFICATION_NETFILTER_ARP) || defined(CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE)) + /* Here we have the same logic as previously (in GHOSTIFICATION_NETFILTER_ALL) + but with the ability to choose what are the PFs that we want to skip */ + if ((outdev->name) != NULL) { + if (!is_a_ghost_interface_name(outdev->name)) { + ghost_develmsg("(outdev->name) = %s is not a ghostfied interface", + (outdev->name)); + goto apply_hook; + } else { + ghost_develmsg("(outdev->name) = %s is a ghostfied interface", + (outdev->name)); + /* start with IPv4, IPv6 because they are the most current PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV4 + if (pf == PF_INET) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV4 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV6 + if (pf == PF_INET6) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV6 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ARP + if (pf == NF_ARP) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_ARP */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE + if (pf == PF_BRIDGE) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE */ + /* We arrive here that is because we are not in a PF + that we wish skip so we apply rules chain (for decnet) */ + goto apply_hook; + } + } + if ((indev->name) != NULL) { + if (!is_a_ghost_interface_name(indev->name)) { + ghost_develmsg("(indev->name) = %s is not a ghostfied interface", + (indev->name)); + goto apply_hook; + } else { + ghost_develmsg("(indev->name) = %s is a ghostfied interface", + (indev->name)); + /* start with IPv4, IPv6 because they are the most current PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV4 + if (pf == PF_INET) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV4 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV6 + if (pf == PF_INET6) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV6 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ARP + if (pf == NF_ARP) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_ARP */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE + if (pf == PF_BRIDGE) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE */ + /* We arrive here that is because we are not in a PF + that we wish skip so we apply rules chain (for decnet) */ + goto apply_hook; + } + } + +#endif /* CONFIG_GHOSTIFICATION_ALL */ +apply_hook: +#endif /* CONFIG_GHOSTIFICATION_NETFILTER */ +/* (ghost support) End of ghostification support */ + verdict = nf_iterate(&nf_hooks[pf][hook], skb, hook, indev, outdev, &elem, okfn, hook_thresh); if (verdict == NF_ACCEPT || verdict == NF_STOP) { @@ -182,6 +339,9 @@ verdict >> NF_VERDICT_BITS)) goto next_hook; } +#ifdef CONFIG_GHOSTIFICATION_NETFILTER +unlock: +#endif rcu_read_unlock(); return ret; } diff -rNuad linux-2.6.30/net/packet/af_packet.c linux-2.6.30-ghost/net/packet/af_packet.c --- linux-2.6.30/net/packet/af_packet.c 2009-06-10 03:05:27.000000000 +0000 +++ linux-2.6.30-ghost/net/packet/af_packet.c 2009-11-26 22:50:50.000000000 +0000 @@ -39,6 +39,7 @@ * will simply extend the hardware address * byte arrays at the end of sockaddr_ll * and packet_mreq. + * Luca Saiu : Trivial changes for ghostification * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -83,6 +84,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Assumptions: - if device has no dev->hard_header routine, it adds and removes ll header @@ -489,6 +495,18 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Drop packets involving ghost interfaces: + * we don't want the user to be able to sniff them + */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Drop a packet which is going through a ghostified interface (rcv)"); + goto drop; + } +#endif /* CONFIG_GHOSTIFICATION */ + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -611,6 +629,18 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Drop packets involving ghost interfaces: + * we don't want the user to be able to sniff them. + */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Drop a packet which is going through a ghostified interface (trcv)"); + goto drop; + } +#endif /* CONFIG_GHOSTIFICATION */ + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -2049,17 +2079,38 @@ struct sock *s = v; const struct packet_sock *po = pkt_sk(s); +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Don't show packets involving ghost devices + */ + struct net_device *net_device = dev_get_by_index(sock_net(s), po->ifindex); + if(! is_a_ghost_interface_name(net_device->name)) { + ghost_debugmsg("Don't show packets involving ghostified interface"); + seq_printf(seq, + "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", + s, + atomic_read(&s->sk_refcnt), + s->sk_type, + ntohs(po->num), + po->ifindex, + po->running, + atomic_read(&s->sk_rmem_alloc), + sock_i_uid(s), + sock_i_ino(s) ); + } +#else seq_printf(seq, - "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", - s, - atomic_read(&s->sk_refcnt), - s->sk_type, - ntohs(po->num), - po->ifindex, - po->running, - atomic_read(&s->sk_rmem_alloc), - sock_i_uid(s), - sock_i_ino(s) ); + "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", + s, + atomic_read(&s->sk_refcnt), + s->sk_type, + ntohs(po->num), + po->ifindex, + po->running, + atomic_read(&s->sk_rmem_alloc), + sock_i_uid(s), + sock_i_ino(s) ); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; marionnet-0.90.6+bzr508.orig/uml/kernel/older-versions/linux-2.6.31-ghost_debian.patch0000644000175000017500000030143013175722671027164 0ustar lucaslucasdiff -rNuad linux-2.6.31/include/linux/netdevice.h linux-2.6.31-ghost/include/linux/netdevice.h --- linux-2.6.31/include/linux/netdevice.h 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/include/linux/netdevice.h 2009-11-26 22:58:23.000000000 +0000 @@ -14,6 +14,8 @@ * Alan Cox, * Bjorn Ekwall. * Pekka Riikonen + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -2001,4 +2003,12 @@ } #endif /* __KERNEL__ */ +/* + * (ghost support) Just check whether the given name + * belongs to the ghost interface + */ +#ifdef CONFIG_GHOSTIFICATION +int is_a_ghost_interface_name(const char *interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + #endif /* _LINUX_NETDEVICE_H */ diff -rNuad linux-2.6.31/include/linux/sockios.h linux-2.6.31-ghost/include/linux/sockios.h --- linux-2.6.31/include/linux/sockios.h 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/include/linux/sockios.h 2009-11-26 22:58:23.000000000 +0000 @@ -9,6 +9,8 @@ * * Authors: Ross Biro * Fred N. van Kempen, + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -83,6 +85,13 @@ #define SIOCWANDEV 0x894A /* get/set netdev parameters */ +/* (ghost support) ghostification's ioctl */ +#ifdef CONFIG_GHOSTIFICATION +#define SIOKLOG 0x894D /* Write a string to the log */ +#define SIOCGIFGHOSTIFY 0x894E /* Make a network device 'ghost' */ +#define SIOCGIFUNGHOSTIFY 0x894F /* Make a network device 'ghost' */ +#endif /* CONFIG_GHOSTIFICATION */ + /* ARP cache control calls. */ /* 0x8950 - 0x8952 * obsolete calls, don't re-use */ #define SIOCDARP 0x8953 /* delete ARP table entry */ diff -rNuad linux-2.6.31/include/net/ghostdebug.h linux-2.6.31-ghost/include/net/ghostdebug.h --- linux-2.6.31/include/net/ghostdebug.h 1970-01-01 00:00:00.000000000 +0000 +++ linux-2.6.31-ghost/include/net/ghostdebug.h 2009-11-26 22:58:23.000000000 +0000 @@ -0,0 +1,93 @@ +/* + * Ghost support: + * Some trivials macros for display messages, trace ghost ops, + * debug and devel the ghostification kernel patch. + * + * Authors: Roudiere Jonathan, + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version + * 2 of the License, or (at your option) any later version. + */ + +#ifndef __GHOSTDEBUG__ +#define __GHOSTDEBUG__ + +#ifdef CONFIG_GHOSTIFICATION + +/* + * Ghost macros: there are three type of macros for three kind of + * information level : + * + * - the first one is ghost_ptk, that is a simple printk with the + * KERN_INFO log level, it is the standard type of display used + * by the ghostification kernel code to allow user to monitor + * ghost operations, if GHOSTIFICATION_PRINTK is not defined then + * user will not any information about the ghostified interfaces + * and the ghost engine (almost any infos ;-)), + * + * - ghost_debug and ghost_debugmsg are respectively used to show a + * calling card in a part of the code (function, files) and to show + * in plus informations additional (variable, etc ..), these two macros + * display messages with the level KERNEL_DEBUG, + * + * - ghost_devel and ghost_develmsg are very similar (redundant) + * in both previous ones, they are mainly used for the development + * of the patch to follow the stream of execution, activate + * GHOSTIFICATION_DEVEL has interest only for developers. + * +*/ + +/* + * Macro usable to debug during normal usage of the kernel. +*/ +#ifdef CONFIG_GHOSTIFICATION_DEBUG +#define ghost_debug \ + printk(KERN_DEBUG \ + "(ghost_debug): file(%s): funct(%s): line(%04d): -- info debug -- \n", \ + __FILE__, __FUNCTION__, __LINE__) +#define ghost_debugmsg(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost_debug): file(%s): funct(%s): line(%04d): " msg "\n", \ + __FILE__, __FUNCTION__, __LINE__, ##args) +#else +#define ghost_debug +#define ghost_debugmsg(msg,args...) +#endif + +/* + * A little bit redundant with the macro ghost_debug/debugmsg + * but allows a difference in the use, they are not used for the + * debugging, but to verify roads borrowed during the development. + * (note: certainly remove at next release of the patch) +*/ +#ifdef CONFIG_GHOSTIFICATION_DEVEL +#define ghost_devel \ + printk(KERN_DEBUG \ + "(ghost_devel): file(%s): funct(%s): line(%04d): -- info devel -- \n", \ + __FILE__, __FUNCTION__, __LINE__) +#define ghost_develmsg(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost_devel): file(%s): funct(%s): line(%04d): " msg "\n", \ + __FILE__, __FUNCTION__, __LINE__, ##args) +#else +#define ghost_devel +#define ghost_develmsg(msg,args...) +#endif + +/* + * Macro to display all message from chunk of code which has + * ghostification in charge (use macro to add debug level later). +*/ +#ifdef CONFIG_GHOSTIFICATION_PRINTK +#define ghost_ptk(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost) " msg "\n", ##args) +#else +#define ghost_ptk(msg,args...) +#endif + +#endif /* CONFIG_GHOSTIFICATION */ + +#endif /* __GHOSTDEBUG__ */ diff -rNuad linux-2.6.31/kernel/softirq.c linux-2.6.31-ghost/kernel/softirq.c --- linux-2.6.31/kernel/softirq.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/kernel/softirq.c 2009-11-26 22:58:23.000000000 +0000 @@ -128,8 +128,11 @@ */ void _local_bh_enable(void) { +/* (ghost support) we don't want disturbe user's console */ +#ifndef CONFIG_GHOSTIFICATION WARN_ON_ONCE(in_irq()); WARN_ON_ONCE(!irqs_disabled()); +#endif if (softirq_count() == SOFTIRQ_OFFSET) trace_softirqs_on((unsigned long)__builtin_return_address(0)); @@ -140,7 +143,10 @@ static inline void _local_bh_enable_ip(unsigned long ip) { +/* (ghost support) we don't want disturbe user's console */ +#ifndef CONFIG_GHOSTIFICATION WARN_ON_ONCE(in_irq() || irqs_disabled()); +#endif #ifdef CONFIG_TRACE_IRQFLAGS local_irq_disable(); #endif diff -rNuad linux-2.6.31/net/Kconfig linux-2.6.31-ghost/net/Kconfig --- linux-2.6.31/net/Kconfig 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/Kconfig 2009-11-26 22:58:23.000000000 +0000 @@ -159,6 +159,105 @@ source "net/decnet/netfilter/Kconfig" source "net/bridge/netfilter/Kconfig" +config GHOSTIFICATION_NETFILTER + bool "Ghostification support to netfilter" + depends on GHOSTIFICATION && NETFILTER_ADVANCED + default y + help + Ghostification support to Netfilter. Allow to bypass all + Netfilter's hooks (INPUT, OUTPUT, FORWARD, POSTROUTING and + PREROUTING (when available)) and that for all layer or protocol: + ARP, Bridge, IPv4, IPv6 (and Decnet) or just for one protocol + or layer. + If you choose to activate the Ghostification of Netfilter then + all the network packets which come from, or go to an ghostified + interface will not get through the hooks of Netfilter; so rules + which have been created with Iptables, Ip6tables, Arptables or + Ebtables will have no effect on these packets. + Note: This option allows you to have access to the options of + configuration of the Ghostification of Netfilter but it activates + no section of code; you will thus need to select one or some + among those this below. + +config GHOSTIFICATION_NETFILTER_ALL + bool "Ghostification support to netfilter, skip all hooks" + depends on GHOSTIFICATION_NETFILTER + default y + help + Netfiter Ghostification support for all protocols/layers. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass + Netfilter's hooks; thus any actions or rules which have been + created through Iptables, Ip6tables, Arptables or Ebtables + will not have any effect on this packets. + +config GHOSTIFICATION_NETFILTER_ARP + bool "Ghostification support to netfilter, skip ARP hooks" + depends on GHOSTIFICATION_NETFILTER && IP_NF_ARPTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the ARP protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass Arp + hooks of Netfilter; thus the rules which have been created + with the Arptables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_BRIDGE + bool "Ghostification support to netfilter, skip Bridge hooks" + depends on GHOSTIFICATION_NETFILTER && BRIDGE_NF_EBTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the Bridge protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass Bridge + hooks of Netfilter; thus the rules which have been created + with the Ebtables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_IPV4 + bool "Ghostification support to netfilter, skip IPv4 hooks" + depends on GHOSTIFICATION_NETFILTER && !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the IPv4 protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass IPv4 + hooks of Netfilter; thus the rules which have been created + with the Iptables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_IPV6 + bool "Ghostification support to netfilter, skip IPv6 hooks" + depends on GHOSTIFICATION_NETFILTER && IP6_NF_IPTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the IPv6 protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass IPv6 + hooks of Netfilter; thus the rules which have been created + with the Ip6tables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + endif source "net/dccp/Kconfig" @@ -256,4 +355,93 @@ source "net/rfkill/Kconfig" source "net/9p/Kconfig" +config GHOSTIFICATION + bool "Ghostification support" + depends on INET + default y + help + Ghostification support allow you to hide network interfaces + on your system. Ghostify and Unghostify are the actions which + make dynamically invisible and visible a network interface/cards + (eth0, lo, tun, ...) for the userspace. + When a network interface is ghostified, users of your system + can not see it with userspace tools like ifconfig, route, iproute, + netstat and/or have statistics about it. However even if a network + interface is ghostified it is always possible to open a socket + using the Ip address of this interface, ping this interface or + any host connected to the same network remains possible; has the + opposite, it is not possible to sniff packets on a ghostified + interface with userspace tools like tcpdump, wireshark, ... + Informations about a ghostified interface are hidden under /proc + but they can be find under /sys, it is a limit of the ghostification + patch. + For more informations about Ghostification patch and engine see + the README of the tarball that you have used or go to website of + the Marionnet project at . + + +config GHOSTIFICATION_NUM + int "Ghostification support : max number of possible ghostified interface" + depends on GHOSTIFICATION + range 4 32 + default 8 + help + Here you can choose the number of network interfaces that + you will be allowed to ghostify. This number must be between + 4 and 32. + +config GHOSTIFICATION_MESG + bool "Ghostification messages, display, debug and devel" + depends on GHOSTIFICATION + default y + help + Ghostification messages configuration. This option allow + you to have acces to the options which configure and control + the type of messages that you want the ghostification engine + diplay (visible through syslogd). + There are three options which make more or less verbose the + ghostification engine. You can choose to not select any + options below if you want to try to hide the ghostification + operations for the users of your system. + Note: This option allows you to have access to the options + which control the number of messages and the verbosity of + the Ghostification engine but it activates no section of + code; you will thus need to select one or some among those + this below. + +config GHOSTIFICATION_PRINTK + bool "Ghostification, messages to monitor ghost operations" + depends on GHOSTIFICATION_MESG + default y + help + This option allow you to activate normal messsages from the + ghostification engine, those messages are display through a + simple printk (visible through syslogd), this messages allow + to have informations about the ghost operations (like "the + interface ethX has been ghostified", "unghostified", "is already + ghostified", etc ...). If you really wish to hide ghostified + interfaces and ghost operations for the users of your system + don't select this option. + +config GHOSTIFICATION_DEBUG + bool "Ghostification, debugging messages to monitor ghost operations" + depends on GHOSTIFICATION_MESG + help + This option increase the verbosity of the ghostification engine, + allow to get more informations in order to debug the ghost ops. + This option is in general used to verify the result of a test or + to display the datas (interface name, pid of a calling process, ...) + which are treated by the ghost engine. + +config GHOSTIFICATION_DEVEL + bool "Ghostification, helping messages to trace ghost operations (devel)" + depends on GHOSTIFICATION_MESG + help + This option give more informations that the option above, it is use + by developer of the ghostification patch in order to control some + paths used in the kernel code and the datas which are manipulated. + This option is a little redundant with the debug option but allow + to have a better granularity, maybe it will be remove for the next + release of the ghostification patch. + endif # if NET diff -rNuad linux-2.6.31/net/core/dev.c linux-2.6.31-ghost/net/core/dev.c --- linux-2.6.31/net/core/dev.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/core/dev.c 2009-11-26 22:58:23.000000000 +0000 @@ -18,6 +18,7 @@ * Alexey Kuznetsov * Adam Sulmicki * Pekka Riikonen + * Luca Saiu (ghostification support) * * Changes: * D.J. Barrow : Fixed bug where dev->refcnt gets set @@ -70,6 +71,8 @@ * indefinitely on dev->refcnt * J Hadi Salim : - Backlog queue sampling * - netif_rx() feedback + * Roudiere Jonathan : make some buxfix in ghostification engine + * verify CAP_NET_ADMIN before (un)ghost iface */ #include @@ -137,6 +140,230 @@ #define GRO_MAX_HEAD (MAX_HEADER + 128) /* + * (ghost support) Chunk of code which has in charge + * the ghostification of network interfaces. + */ +#ifdef CONFIG_GHOSTIFICATION +#include + +/* The maximum number of ghost interfaces allowed at any given time: */ +#define MAX_GHOST_INTERFACES_NO CONFIG_GHOSTIFICATION_NUM + +/* + * A crude unsorted array of unique names, where "" stands for an + * empty slot. Elements are so few that an hash table would be overkill, + * and possibly also less efficient than this solution: + */ +static char ghost_interface_names[MAX_GHOST_INTERFACES_NO][IFNAMSIZ]; + +/* A lock protecting the ghost interfaces' support structure: */ +/* static DEFINE_SPINLOCK(ghostification_spin_lock); */ +static rwlock_t ghostification_spin_lock = RW_LOCK_UNLOCKED; + +/* Lock disabling local interrupts and saving flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + unsigned long flags; write_lock_irqsave(&ghostification_spin_lock, flags) + +/* Unlock re-enabling interrupts and restoring flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + write_unlock_irqrestore(&ghostification_spin_lock, flags) + +/* Lock disabling local interrupts and saving flags. This is for + readers, which are allowed to execute concurrently: */ +#define LOCK_GHOSTIFICATION_FOR_READING \ + unsigned long flags; read_lock_irqsave(&ghostification_spin_lock, flags) + +/* Lock re-enabling interrupts and restoring flags. This is for + readers, which are allowed to execute concurrently: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING \ + read_unlock_irqrestore(&ghostification_spin_lock, flags) + +#ifdef CONFIG_IPV6 +/* Defined in net/ipv6/addrconf.c: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +#endif /* CONFIG_IPV6 */ + +/* Return the index of the given element (which may be "") within + ghost_interface_names, or -1 on failure. Note that this must be + executed in a critical section: */ +static int __lookup_ghost_interface_names(const char *interface_name) +{ + int i; + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(!strcmp(interface_name, ghost_interface_names[i])) + return i; /* we found the given name in the i-th element */ + return -1; /* we didn't find the given name in the array */ +} + +/* This is useful for debugging. It must be called in a critical section. */ +static void __dump_ghost_interfaces(void) +{ + int i; + int number_of_ghost_interfaces = 0; + + ghost_ptk("Ghost interfaces are now: "); + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(strcmp(ghost_interface_names[i], "")) { + number_of_ghost_interfaces++; + ghost_ptk("%i. %s", number_of_ghost_interfaces, + ghost_interface_names[i]); + } + + ghost_ptk("There are now %i ghost interfaces. " + "A maximum of %i can exist at any given time.", + number_of_ghost_interfaces, MAX_GHOST_INTERFACES_NO); +} + +/* Just check whether the given name belongs to a ghost interface. + This must be called in a critical section: */ +int __is_a_ghost_interface_name(const char *interface_name) +{ + /* Particular case: "" is *not* a ghost interface name, even + if it's in the ghost interfaces array (we use it just to mark + an empty slot): */ + if(interface_name[0] == '\0') + return 0; + /* Just check whether interface_name is an element of the array: */ + return __lookup_ghost_interface_names(interface_name) >= 0; +} + +/* Just check whether the given name belongs to a ghost interface: */ +int is_a_ghost_interface_name(const char *interface_name) +{ + int result; + LOCK_GHOSTIFICATION_FOR_READING; + /* Just check whether interface_name is an element of the array: */ + result = __is_a_ghost_interface_name(interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING; + return result; +} + +/* Make the given interface ghost. Return 0 on success, nonzero on + failure. Failure occours when the interface is already ghost or + does not exist: */ +static int ghostify_interface(char *interface_name) +{ + int a_free_element_index; + const size_t name_length = strlen(interface_name); + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + + /* Let's avoid buffer overflows... This could possibly be exploited: */ + if((name_length >= IFNAMSIZ) || (name_length == 0)) + { + ghost_ptk("The user asked to ghostify the interface %s, " + "which has a name of length %i. Failing.", + interface_name, name_length); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EINVAL; + } + + /* Fail if the interface is already ghostified. In particular we + want *no* duplicates in the array. Note that we're already in + a critical section here, so there's no need for locking: */ + if(__is_a_ghost_interface_name(interface_name)) + { + ghost_ptk("Could not ghostify the interface %s, " + "because it\'s already ghost.", interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EEXIST; /* File exists, seems to be more appropriate */ + /* return -EINVAL; */ + } + + /* Fail if the interface is not found. We don't want add a + no-existing interface in our array */ + struct net_device *device; + device = dev_get_by_name(&init_net, interface_name); + if (device == NULL) { + ghost_ptk("Could not ghostify the interface %s which " + "doesn't exist. Try again.", interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENODEV; + } + + /* Look for a free spot: */ + a_free_element_index = __lookup_ghost_interface_names(""); + if(a_free_element_index < 0) + { + ghost_ptk("Could not ghostify the interface %s, " + "because %i interfaces are already ghostified. Sorry.", + interface_name, MAX_GHOST_INTERFACES_NO); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENOMEM; + } + + /* Ok, we found a free spot; just copy the interface name: */ + strcpy(ghost_interface_names[a_free_element_index], interface_name); + +#ifdef CONFIG_IPV6 + /* Hide /proc/net/dev_snmp6/DEVICE for the new ghost DEVICE: */ + hide_proc_net_dev_snmp6_DEVICE_if_needed( + ghost_interface_names[a_free_element_index]); +#endif /* CONFIG_IPV6 */ + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} + +/* Make the given interface, which should be ghost, non-ghost. + Return 0 on success, nonzero on failure. Failure occours when + the given interface is non-ghost or does not exist: */ +static int unghostify_interface(char *ghost_interface_name) +{ + int the_interface_index; + struct net_device *device; + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + + /* Fail if the interface is not found. It is not necessary + to search in the array a no-existing interface and allow + to return a more appropriate error code to the userspace. */ + device = dev_get_by_name(&init_net, ghost_interface_name); + if (device == NULL) { + ghost_ptk("Could not unghostify the interface %s " + "which doesn't exist. Try again.\n", ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENODEV; + } + + /* Look for the given interface: */ + the_interface_index = + __lookup_ghost_interface_names(ghost_interface_name); + if(the_interface_index < 0) + { + ghost_ptk("Could not unghostify the interface %s, \ + because it's non-ghost or not existing.\n", + ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ESRCH; /* No such device or address, seems to be more appropriate */ + /* return -EINVAL; */ + } + + /* Ok, we found the interface: just "remove" its name from the array: */ + ghost_interface_names[the_interface_index][0] = '\0'; + +#ifdef CONFIG_IPV6 + /* Show again /proc/net/dev_snmp6/DEVICE for the now non-ghost DEVICE: */ + show_proc_net_dev_snmp6_DEVICE_if_needed(ghost_interface_name); +#endif /* CONFIG_IPV6 */ + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} +EXPORT_SYMBOL(is_a_ghost_interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + +/* + * (ghost support) End of ghostification support + */ + + +/* * The list of packet types we will receive (as opposed to discard) * and the routines to invoke. * @@ -539,6 +766,13 @@ { int ints[5]; struct ifmap map; + /* (ghost support) There are no ghost interfaces by default */ +#ifdef CONFIG_GHOSTIFICATION + int i; + + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + ghost_interface_names[i][0] = '\0'; +#endif /* CONFIG_GHOSTIFICATION */ str = get_options(str, ARRAY_SIZE(ints), ints); if (!str || !*str) @@ -2936,11 +3170,20 @@ len = ifc.ifc_len; /* - * Loop over the interfaces, and write an info block for each. + * Loop over the interfaces, and write an info block for each, + * (ghost support) unless they are ghostified. */ total = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* Don't tell the user about ghost interfaces: just skip them */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Skipping the ghost interface %s in SIOCGIFCONF", + dev->name); + continue; + } +#endif /* CONFIG_GHOSTIFICATION */ for (i = 0; i < NPROTO; i++) { if (gifconf_list[i]) { int done; @@ -3009,6 +3252,10 @@ { const struct net_device_stats *stats = dev_get_stats(dev); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't show anything in /proc if iface is ghostified */ + if(! is_a_ghost_interface_name(dev->name)) +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(seq, "%6s:%8lu %7lu %4lu %4lu %4lu %5lu %10lu %9lu " "%8lu %7lu %4lu %4lu %4lu %5lu %7lu %10lu\n", dev->name, stats->rx_bytes, stats->rx_packets, @@ -4210,6 +4457,16 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) skip if it is a ghostified interface */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("The user is performing a SIOCxIFxxx ioctl() " + "on the ghost interface %s, Failing.", dev->name); + ghost_debugmsg("we make the SIOCxIFxxx ioctl's call fail with -ENODEV"); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + switch (cmd) { case SIOCGIFFLAGS: /* Get interface flags */ ifr->ifr_flags = (short) dev_get_flags(dev); @@ -4280,6 +4537,17 @@ ops = dev->netdev_ops; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) skip if it is a ghostified interface */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("The user is performing a SIOCxIFxxx ioctl() on " + "the ghost interface %s, Failing.", dev->name); + ghost_debugmsg("we make the SIOCxIFxxx ioctl's call fail " + "with -ENODEV"); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + switch (cmd) { case SIOCSIFFLAGS: /* Set interface flags */ return dev_change_flags(dev, ifr->ifr_flags); @@ -4423,6 +4691,57 @@ */ switch (cmd) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) catch ghostification's ioctl */ + case SIOKLOG: { + char text[1000]; + if(copy_from_user(text, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + text[IFNAMSIZ] = '\0'; + printk(KERN_DEBUG "%s\n", text); + return 0; + } + /* (un)ghostification ops require superuser power */ + case SIOCGIFGHOSTIFY: { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, + (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + ghost_ptk("The user asked to ghostify the interface %s.", + interface_name); + if((failure = ghostify_interface(interface_name)) == 0) + ghost_ptk("Ok, %s was ghostified.", + interface_name); + else + ghost_ptk("Failure in ghostification of %s.", + interface_name); + return failure; + } + case SIOCGIFUNGHOSTIFY: { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + ghost_ptk("The user asked to unghostify the interface %s.", + interface_name); + if((failure = unghostify_interface(interface_name)) == 0) + ghost_ptk("Ok, %s was unghostified.", + interface_name); + else + ghost_ptk("Failure in unghostification of %s.", + interface_name); + return failure; + } + /* end of ghostficiation ioctl */ +#endif /* CONFIG_GHOSTIFICATION */ + /* * These ioctl calls: * - can be done by all. diff -rNuad linux-2.6.31/net/core/dev_mcast.c linux-2.6.31-ghost/net/core/dev_mcast.c --- linux-2.6.31/net/core/dev_mcast.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/core/dev_mcast.c 2009-11-26 22:58:23.000000000 +0000 @@ -14,6 +14,8 @@ * Alan Cox : IFF_ALLMULTI support. * Alan Cox : New format set_multicast_list() calls. * Gleb Natapov : Remove dev_mc_lock. + * Luca Saiu : trivial changes for + * ghostification support. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -48,6 +50,9 @@ #include #include +#ifdef CONFIG_GHOSTIFICATION +#include +#endif /* CONFIG_GHOSTIFICATION */ /* * Device multicast list maintenance. @@ -167,7 +172,15 @@ netif_addr_lock_bh(dev); for (m = dev->mc_list; m; m = m->next) { int i; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information + in /proc about ghost interfaces */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Don't show any information in /proc " + "about ghostified interface"); + continue; + } +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(seq, "%-4d %-15s %-5d %-5d ", dev->ifindex, dev->name, m->dmi_users, m->dmi_gusers); diff -rNuad linux-2.6.31/net/core/rtnetlink.c linux-2.6.31-ghost/net/core/rtnetlink.c --- linux-2.6.31/net/core/rtnetlink.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/core/rtnetlink.c 2009-11-26 22:58:23.000000000 +0000 @@ -12,8 +12,12 @@ * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * - * Fixes: + * Fixes: * Vitaly E. Lavrov RTA_OK arithmetics was wrong. + * + * Changes: + * Roudiere Jonathan Some changes + * to ghost support, to allow to hide ghost net interfaces */ #include @@ -53,6 +57,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + struct rtnl_link { rtnl_doit_func doit; @@ -106,7 +115,10 @@ static rtnl_doit_func rtnl_get_doit(int protocol, int msgindex) { struct rtnl_link *tab; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("protocol = %i and msgindex %i ",protocol, msgindex); +#endif tab = rtnl_msg_handlers[protocol]; if (tab == NULL || tab[msgindex].doit == NULL) tab = rtnl_msg_handlers[PF_UNSPEC]; @@ -117,7 +129,10 @@ static rtnl_dumpit_func rtnl_get_dumpit(int protocol, int msgindex) { struct rtnl_link *tab; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("protocol = %i and msgindex %i ",protocol, msgindex); +#endif tab = rtnl_msg_handlers[protocol]; if (tab == NULL || tab[msgindex].dumpit == NULL) tab = rtnl_msg_handlers[PF_UNSPEC]; @@ -460,6 +475,12 @@ { struct sock *rtnl = net->rtnl; int report = 0; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add inforation to devel patch */ + ghost_develmsg("pid = %i, nlh->nlmsg_pid = %i, nlh->nlmsg_type %i " + "and nlh->nlmsg_seq = %i", pid, nlh->nlmsg_pid, + nlh->nlmsg_type, nlh->nlmsg_seq); +#endif if (nlh) report = nlmsg_report(nlh); @@ -616,6 +637,20 @@ if (nlh == NULL) return -EMSGSIZE; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("pid = %i, nlh->nlmsg_pid = %i, nlh->nlmsg_type " + "= %i, seq = %i and nlh->nlmsg_seq = %i", + pid, nlh->nlmsg_pid, nlh->nlmsg_type, + seq, nlh->nlmsg_seq); + ghost_develmsg("dev->name = %s and dev->ifindex = %i", + dev->name, + dev->ifindex); + /* function whose call rtnl_fill_ifinfo has been modified, except + rtmsg_ifinfo so if it will be necessary to skip ghost iface here then + keep in your mind to test pid because if it is eq. to 0 then it is a + kernel request (else user request) and we don't want disturbe its work. */ +#endif ifm = nlmsg_data(nlh); ifm->ifi_family = AF_UNSPEC; ifm->__ifi_pad = 0; @@ -690,6 +725,24 @@ idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) function which encapsulates calls to + * rtnl_fill_ifinfo and which is call after rtnl_get_doit/dumpit, + * use to dump list of network interfaces (as used by "ip link") + */ + ghost_develmsg("for_each_netdev, current net_device is %s", + dev->name); + ghost_develmsg("netlink cb pid = %i, cb nlh->nlmsg_type = %i, " + "cb familly/proto = %i, cb nlh->nlmsg_pid %i", + NETLINK_CB(cb->skb).pid, cb->nlh->nlmsg_type, + cb->family, cb->nlh->nlmsg_pid); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Hide ghotified interface (%s) in the dump", + dev->name); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if (rtnl_fill_ifinfo(skb, dev, RTM_NEWLINK, @@ -941,6 +994,18 @@ err = -ENODEV; goto errout; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it + with user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change state/parameters of a ghotified " + "interface (%s), skip", dev->name); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ if ((err = validate_linkmsg(dev, tb)) < 0) goto errout_dev; @@ -979,6 +1044,17 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it + with user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change dell a ghotified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ ops = dev->rtnl_link_ops; if (!ops) @@ -1181,6 +1257,17 @@ dev = dev_get_by_index(net, ifm->ifi_index); if (dev == NULL) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it with + user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get infos about a ghotified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ } else return -EINVAL; @@ -1235,6 +1322,8 @@ struct sk_buff *skb; int err = -ENOBUFS; + /* (ghost support) call rtnl_fill_ifinfo so maybe it + is need here to modify, in order to skip ghost iface */ skb = nlmsg_new(if_nlmsg_size(dev), GFP_KERNEL); if (skb == NULL) goto errout; @@ -1270,6 +1359,11 @@ int err; type = nlh->nlmsg_type; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("Enter, nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i and nlh->nlmsg_seq = %i ", + nlh->nlmsg_pid, nlh->nlmsg_seq, nlh->nlmsg_seq); +#endif /* CONFIG_GHOSTIFICATION */ + if (type > RTM_MAX) return -EOPNOTSUPP; @@ -1289,14 +1383,21 @@ if (kind != 2 && security_netlink_recv(skb, CAP_NET_ADMIN)) return -EPERM; + /* (ghost support) kind = 2 then imply RTM_GETLINK has been used */ if (kind == 2 && nlh->nlmsg_flags&NLM_F_DUMP) { struct sock *rtnl; rtnl_dumpit_func dumpit; + /* (ghost support) then rtnl_get_dumpit return pointer to the appropriate + function for this family and this type take in rtnl_msg_handler[] */ dumpit = rtnl_get_dumpit(family, type); if (dumpit == NULL) return -EOPNOTSUPP; - +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("Part 1: rtnl_get_dumpit(family %i, type %i) " + "is used before call to netlink_dump_start", + family,type); +#endif /* CONFIG_GHOSTIFICATION */ __rtnl_unlock(); rtnl = net->rtnl; err = netlink_dump_start(rtnl, skb, nlh, dumpit, NULL); @@ -1328,6 +1429,11 @@ doit = rtnl_get_doit(family, type); if (doit == NULL) return -EOPNOTSUPP; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) rtnl_get_doit return pointer to the appropriate + function for this family and this type take in rtnl_msg_handler[] */ + ghost_develmsg("Part 2: rtnl_get_doit(family %i, type %i)", family, type); +#endif /* CONFIG_GHOSTIFICATION */ return doit(skb, nlh, (void *)&rta_buf[0]); } @@ -1343,6 +1449,10 @@ { struct net_device *dev = ptr; + /* (ghost support) if we want provide a ghost's way to modify + the state of a ghost iface, it will be necessary to skip event + reports involing ghost iface (actually any changes are possible + if the iface is ghostified so there is nothing to report) */ switch (event) { case NETDEV_UNREGISTER: rtmsg_ifinfo(RTM_DELLINK, dev, ~0U); diff -rNuad linux-2.6.31/net/ipv4/arp.c linux-2.6.31-ghost/net/ipv4/arp.c --- linux-2.6.31/net/ipv4/arp.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv4/arp.c 2009-11-26 22:58:23.000000000 +0000 @@ -70,6 +70,8 @@ * bonding can change the skb before * sending (e.g. insert 8021q tag). * Harald Welte : convert to make use of jenkins hash + * Luca Saiu @@ -116,6 +118,11 @@ struct neigh_table *clip_tbl_hook; #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include #include @@ -1311,9 +1318,21 @@ } #endif sprintf(tbuf, "%pI4", n->primary_key); +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) Don't show anything in /proc if it involves +ghost interfaces: */ + if (! is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Don't show any arp information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", + tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); + read_unlock(&n->lock); + } +#else seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", - tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); + tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); read_unlock(&n->lock); +#endif /* CONFIG_GHOSTIFICATION */ } static void arp_format_pneigh_entry(struct seq_file *seq, @@ -1324,9 +1343,21 @@ char tbuf[16]; sprintf(tbuf, "%pI4", n->key); +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) Don't show anything in /proc if it involves + ghost interfaces */ + if (! is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Don't show any arp information in /proc " + "about ghostified interfaces (2)."); + seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", + tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", + dev ? dev->name : "*"); + } +#else seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", - tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", - dev ? dev->name : "*"); + tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", + dev ? dev->name : "*"); +#endif /* CONFIG_GHOSTIFICATION */ } static int arp_seq_show(struct seq_file *seq, void *v) diff -rNuad linux-2.6.31/net/ipv4/devinet.c linux-2.6.31-ghost/net/ipv4/devinet.c --- linux-2.6.31/net/ipv4/devinet.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv4/devinet.c 2009-11-26 22:58:23.000000000 +0000 @@ -23,6 +23,9 @@ * address (4.4BSD alias style support), * fall back to comparing just the label * if no match found. + * Roudiere Jonathan : + * some changes to ghost support, skip + * request involving a ghostified iface. */ @@ -62,6 +65,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + static struct ipv4_devconf ipv4_devconf = { .data = { [NET_IPV4_CONF_ACCEPT_REDIRECTS - 1] = 1, @@ -448,6 +456,16 @@ err = -ENODEV; goto errout; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("in_dev->dev->name = %s", in_dev->dev->name); + if (is_a_ghost_interface_name(in_dev->dev->name)) { + ghost_ptk("Try to delete address on a ghostified interface (%s), skip", + (in_dev->dev->name)); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ __in_dev_put(in_dev); @@ -497,6 +515,17 @@ if (dev == NULL) goto errout; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("(dev->name) = %s ", (dev->name)); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change/modfy address on a ghostified interface (%s), skip", + (dev->name)); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ + in_dev = __in_dev_get_rtnl(dev); err = -ENOBUFS; if (in_dev == NULL) @@ -546,6 +575,12 @@ ASSERT_RTNL(); + /* (ghost support) don't modify this funct but directly + rtm_to_ifaddr, as for others funct, with user-levels tools + (as iproute) we normaly never arrive here (because a dump + all ifaces is perform before and func which make the dump + has been modified (but we want prevent user tool request + the ghost iface directly */ ifa = rtm_to_ifaddr(net, nlh); if (IS_ERR(ifa)) return PTR_ERR(ifa); @@ -1169,6 +1204,15 @@ s_ip_idx = ip_idx = cb->args[1]; idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION /* _VERIFICATION_NEED_ */ + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("dev->name = %s", dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get address on a ghostified interface (%s), skip", + (dev->name)); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if (idx > s_idx) diff -rNuad linux-2.6.31/net/ipv4/fib_frontend.c linux-2.6.31-ghost/net/ipv4/fib_frontend.c --- linux-2.6.31/net/ipv4/fib_frontend.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv4/fib_frontend.c 2009-11-26 22:58:23.000000000 +0000 @@ -6,6 +6,10 @@ * IPv4 Forwarding Information Base: FIB frontend. * * Authors: Alexey Kuznetsov, + * Luca Saiu (simple changes for ghostification + * support). + * Roudiere Jonathan (some display + * and comment for ghostification in rtnetlink functions). * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -44,6 +48,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #ifndef CONFIG_IP_MULTIPLE_TABLES static int __net_init fib4_rules_init(struct net *net) @@ -450,6 +459,11 @@ * Handle IP routing ioctl calls. These are used to manipulate the routing tables */ +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) A function implemented in net/core/dev.c */ +int is_a_ghost_interface_name(const char *interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + int ip_rt_ioctl(struct net *net, unsigned int cmd, void __user *arg) { struct fib_config cfg; @@ -464,6 +478,22 @@ if (copy_from_user(&rt, arg, sizeof(rt))) return -EFAULT; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Forbid any action involving a ghost interface */ + if (rt.rt_dev != (char __user*)NULL) { + /* We need to have this name in kernel space to check + for ghostification: */ + char interface_name[1000]; /* [IFNAMSIZ+1] is certainly sufficient */ + if(copy_from_user(interface_name, rt.rt_dev, IFNAMSIZ + 1)) + return -EFAULT; + if(is_a_ghost_interface_name(interface_name)) { + ghost_ptk("The user aked to add a route involving the " + "ghost interface %s. We make this operation fail", + interface_name); + return -ENODEV; + } + } +#endif /* CONFIG_GHOSTIFICATION */ rtnl_lock(); err = rtentry_to_fib_config(net, cmd, &rt, &cfg); @@ -472,12 +502,18 @@ if (cmd == SIOCDELRT) { tb = fib_get_table(net, cfg.fc_table); + /* (ghost support) The function pointed by tb->tb_delete was + also modified to deal with ghost interfaces. Such function + may be either fn_hash_delete() or fn_trie_delete() */ if (tb) err = tb->tb_delete(tb, &cfg); else err = -ESRCH; } else { tb = fib_new_table(net, cfg.fc_table); + /* (ghost support) The function pointed by tb->tb_insert was + also modified to deal with ghost interfaces. Such function + may be either fn_hash_insert() or fn_trie_insert() */ if (tb) err = tb->tb_insert(tb, &cfg); else @@ -584,6 +620,16 @@ struct fib_table *tb; int err; + /* + * (ghost support) add infos for patch devel, we don't modify + * inet_rtm_newroute but instead functions pointed by tb->tb_delete, + * either fn_hash_delete() (in fib_hash.c) or fn_trie_delete() + * (in fib_trie.c) + */ + ghost_develmsg(" nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i " + "and nlh->nlmsg_type = %i", nlh->nlmsg_pid, + nlh->nlmsg_seq, nlh->nlmsg_type); + err = rtm_to_fib_config(net, skb, nlh, &cfg); if (err < 0) goto errout; @@ -606,6 +652,16 @@ struct fib_table *tb; int err; + /* + * (ghost support) add infos for patch devel, we don't modify + * inet_rtm_newroute but instead function pointed by tb->tb_insert, + * either fn_hash_insert() (in fib_hash.c) or fn_trie_insert() + * (in fib_trie.c) + */ + ghost_develmsg(" nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i " + "and nlh->nlmsg_type = %i", nlh->nlmsg_pid, + nlh->nlmsg_seq, nlh->nlmsg_type); + err = rtm_to_fib_config(net, skb, nlh, &cfg); if (err < 0) goto errout; @@ -621,6 +677,12 @@ return err; } +/* + * (ghost support) Fonction called through rtnetlink to dump + * all routes, we don't change anythings here, changes have + * been made in fib_semantics.c (in fib_dump_info which is + * called by fib_trie and fib_hash). + */ static int inet_dump_fib(struct sk_buff *skb, struct netlink_callback *cb) { struct net *net = sock_net(skb->sk); @@ -633,7 +695,7 @@ if (nlmsg_len(cb->nlh) >= sizeof(struct rtmsg) && ((struct rtmsg *) nlmsg_data(cb->nlh))->rtm_flags & RTM_F_CLONED) - return ip_rt_dump(skb, cb); + return ip_rt_dump(skb, cb); /* (ghost support) need modify this func */ s_h = cb->args[0]; s_e = cb->args[1]; @@ -658,6 +720,9 @@ cb->args[1] = e; cb->args[0] = h; + /* (ghost support) Length returned can be changed by + fib_dump_info when a route of a ghositifed iface is + lookup (skb length may be abnormal, diff of mod(240)) */ return skb->len; } diff -rNuad linux-2.6.31/net/ipv4/fib_hash.c linux-2.6.31-ghost/net/ipv4/fib_hash.c --- linux-2.6.31/net/ipv4/fib_hash.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv4/fib_hash.c 2009-11-26 22:58:23.000000000 +0000 @@ -6,6 +6,11 @@ * IPv4 FIB: lookup engine and maintenance routines. * * Authors: Alexey Kuznetsov, + * Luca Saiu (simple changes for ghostification + * support). + * Roudiere Jonathan (bugfixes, + * forgetting ghost support in the function fn_hash_insert, bad + * field check in fib_seq_show). * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -41,6 +46,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "fib_lookup.h" static struct kmem_cache *fn_hash_kmem __read_mostly; @@ -396,6 +406,18 @@ if (IS_ERR(fi)) return PTR_ERR(fi); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for route involving + ghostified interface, current funct is pointed by tb->tb_insert */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + if (fz->fz_nent > (fz->fz_divisor<<1) && fz->fz_divisor < FZ_MAX_DIVISOR && (cfg->fc_dst_len == 32 || @@ -579,7 +601,17 @@ fa = list_entry(fa->fa_list.prev, struct fib_alias, fa_list); list_for_each_entry_continue(fa, &f->fn_alias, fa_list) { struct fib_info *fi = fa->fa_info; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for route involving + ghostified interface, current funct is pointed by tb->tb_delete */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ if (fa->fa_tos != cfg->fc_tos) break; @@ -1021,19 +1053,39 @@ prefix = f->fn_key; mask = FZ_MASK(iter->zone); flags = fib_flag_trans(fa->fa_type, mask, fi); - if (fi) + if (fi) + { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't display any informations about + ghostified interfaces under /proc/net/route, bf */ + if (! is_a_ghost_interface_name((const char*)fi->fib_dev->name)) + { + ghost_ptk("Don't display routes for a ghostified " + "interface (%s) /proc/net/route", + (const char*)fi->fib_dev->name); + seq_printf(seq, + "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", prefix, + fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, + mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); + } +#else seq_printf(seq, - "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", - fi->fib_dev ? fi->fib_dev->name : "*", prefix, - fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, - mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), - fi->fib_window, - fi->fib_rtt >> 3, &len); - else + "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", prefix, + fi->fib_nh->nh_gw, flags, 0, 0, fi->fib_priority, + mask, (fi->fib_advmss ? fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); +#endif /* CONFIG_GHOSTIFICATION */ + } + else { seq_printf(seq, - "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", - prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); - + "*\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u%n", + prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); + } seq_printf(seq, "%*s\n", 127 - len, ""); out: return 0; diff -rNuad linux-2.6.31/net/ipv4/fib_semantics.c linux-2.6.31-ghost/net/ipv4/fib_semantics.c --- linux-2.6.31/net/ipv4/fib_semantics.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv4/fib_semantics.c 2009-11-26 22:58:23.000000000 +0000 @@ -11,6 +11,9 @@ * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. + * Changes: + * Roudiere Jonathan trivial + * change for ghostification. */ #include @@ -43,6 +46,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "fib_lookup.h" static DEFINE_SPINLOCK(fib_info_lock); @@ -953,6 +961,23 @@ if (nlh == NULL) return -EMSGSIZE; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) function call by fib_trie and fib_hash to dump route, + * in most case we won't arrive here with usertools (like iproute), because + * modification in rtnl_dump_ifinfo hide iface and modif here may be not really + * proper because put abnormal length in the skb->len return by inet_dump_fib + * (used without error..) if pid != 0 then user talks else that is the kernel; + */ + if (pid != 0) + if (is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Try to get route about ghost iface (%s), skip", + fi->fib_dev->name); + /* return -EMSGSIZE; don't use this because that stops evaluation */ + return nlmsg_end(skb, nlh); + } +#endif /* CONFIG_GHOSTIFICATION */ + rtm = nlmsg_data(nlh); rtm->rtm_family = AF_INET; rtm->rtm_dst_len = dst_len; diff -rNuad linux-2.6.31/net/ipv4/fib_trie.c linux-2.6.31-ghost/net/ipv4/fib_trie.c --- linux-2.6.31/net/ipv4/fib_trie.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv4/fib_trie.c 2009-11-26 22:58:23.000000000 +0000 @@ -12,6 +12,12 @@ * * Hans Liss Uppsala Universitet * + * Luca Saiu (simple changes for ghostification + * support) + * Roudiere Jonathan (bugfixes, + * forgetting ghost support in the function fn_trie_insert, bad + * field check in fib_route_seq_show). + * * This work is based on the LPC-trie which is originally descibed in: * * An experimental study of compression methods for dynamic tries @@ -80,6 +86,11 @@ #include #include "fib_lookup.h" +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define MAX_STAT_DEPTH 32 #define KEYLENGTH (8*sizeof(t_key)) @@ -1225,6 +1236,18 @@ goto err; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for + route involving ghostified interface */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + l = fib_find_node(t, key); fa = NULL; @@ -1652,7 +1675,17 @@ fa = list_entry(fa->fa_list.prev, struct fib_alias, fa_list); list_for_each_entry_continue(fa, fa_head, fa_list) { struct fib_info *fi = fa->fa_info; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for + route involving ghostified interface */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ if (fa->fa_tos != tos) break; @@ -2612,7 +2645,28 @@ || fa->fa_type == RTN_MULTICAST) continue; - if (fi) + if (fi) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't display any informations about + ghostified interfaces under /proc/net/route, bf */ + if (! is_a_ghost_interface_name((const char*)fi->fib_dev->name)) { + ghost_ptk("Don't display routes for a ghostified " + "interface (%s) in /proc/net/route", + (const char*)fi->fib_dev->name); + seq_printf(seq, + "%s\t%08X\t%08X\t%04X\t%d\t%u\t" + "%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", + prefix, + fi->fib_nh->nh_gw, flags, 0, 0, + fi->fib_priority, + mask, + (fi->fib_advmss ? + fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); + } +#else seq_printf(seq, "%s\t%08X\t%08X\t%04X\t%d\t%u\t" "%d\t%08X\t%d\t%u\t%u%n", @@ -2625,13 +2679,14 @@ fi->fib_advmss + 40 : 0), fi->fib_window, fi->fib_rtt >> 3, &len); - else +#endif /* CONFIG_GHOSTIFICATION */ + } else { seq_printf(seq, "*\t%08X\t%08X\t%04X\t%d\t%u\t" "%d\t%08X\t%d\t%u\t%u%n", prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); - + } seq_printf(seq, "%*s\n", 127 - len, ""); } } diff -rNuad linux-2.6.31/net/ipv4/igmp.c linux-2.6.31-ghost/net/ipv4/igmp.c --- linux-2.6.31/net/ipv4/igmp.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv4/igmp.c 2009-11-26 22:58:23.000000000 +0000 @@ -68,6 +68,8 @@ * Alexey Kuznetsov: Accordance to igmp-v2-06 draft. * David L Stevens: IGMPv3 support, with help from * Vinay Kulkarni + * Luca Saiu : trivial changes for ghostification + * support */ #include @@ -105,6 +107,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define IP_MAX_MEMBERSHIPS 20 #define IP_MAX_MSF 10 @@ -2387,8 +2394,18 @@ #endif if (state->in_dev->mc_list == im) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if(! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, "%d\t%-10s: %5d %7s\n", + state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier); + } +#else seq_printf(seq, "%d\t%-10s: %5d %7s\n", state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier); +#endif /* CONFIG_GHOSTIFICATION */ } seq_printf(seq, @@ -2550,14 +2567,30 @@ "Device", "MCA", "SRC", "INC", "EXC"); } else { - seq_printf(seq, - "%3d %6.6s 0x%08x " - "0x%08x %6lu %6lu\n", - state->dev->ifindex, state->dev->name, - ntohl(state->im->multiaddr), - ntohl(psf->sf_inaddr), - psf->sf_count[MCAST_INCLUDE], - psf->sf_count[MCAST_EXCLUDE]); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if (! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp information in /proc " + "about ghostified interfaces (2)."); + seq_printf(seq, + "%3d %6.6s 0x%08x " + "0x%08x %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + ntohl(state->im->multiaddr), + ntohl(psf->sf_inaddr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); + } +#else + seq_printf(seq, + "%3d %6.6s 0x%08x " + "0x%08x %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + ntohl(state->im->multiaddr), + ntohl(psf->sf_inaddr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; } diff -rNuad linux-2.6.31/net/ipv4/route.c linux-2.6.31-ghost/net/ipv4/route.c --- linux-2.6.31/net/ipv4/route.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv4/route.c 2009-11-26 22:58:23.000000000 +0000 @@ -55,6 +55,9 @@ * Eric Dumazet : hashed spinlocks and rt_check_expire() fixes. * Ilia Sotnikov : Ignore TOS on PMTUD and Redirect * Ilia Sotnikov : Removed TOS from hash calculations + * Luca Saiu : trivial changes for ghostification support + * Roudiere Jonathan : ghost support to rtnetlink + * function, ghost bugfix (field) in rt_cache_seq_show * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -108,6 +111,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define RT_FL_TOS(oldflp) \ ((u32)(oldflp->fl4_tos & (IPTOS_RT_MASK | RTO_ONLINK))) @@ -375,6 +383,14 @@ "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t" "HHUptod\tSpecDst"); else { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Dont't display informations about ghost ifaces, bf */ + if(is_a_ghost_interface_name((const char*)((struct rtable*)v)->u.dst.dev->name)) { + ghost_ptk("Don't display routing informations about ghost interface (%s)", + ((const char*)((struct rtable*)v)->u.dst.dev->name)); + return 0; + } +#endif /* CONFIG_GHOSTIFICATION */ struct rtable *r = v; int len; @@ -392,11 +408,11 @@ r->fl.fl4_tos, r->u.dst.hh ? atomic_read(&r->u.dst.hh->hh_refcnt) : -1, r->u.dst.hh ? (r->u.dst.hh->hh_output == - dev_queue_xmit) : 0, + dev_queue_xmit) : 0, r->rt_spec_dst, &len); seq_printf(seq, "%*s\n", 127 - len, ""); - } + } return 0; } @@ -2833,8 +2849,13 @@ r->rtm_src_len = 32; NLA_PUT_BE32(skb, RTA_SRC, rt->fl.fl4_src); } - if (rt->u.dst.dev) + if (rt->u.dst.dev) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) */ + ghost_develmsg("Net device is = %s ",rt->u.dst.dev->name); +#endif NLA_PUT_U32(skb, RTA_OIF, rt->u.dst.dev->ifindex); + } #ifdef CONFIG_NET_CLS_ROUTE if (rt->u.dst.tclassid) NLA_PUT_U32(skb, RTA_FLOW, rt->u.dst.tclassid); @@ -2917,7 +2938,7 @@ err = -ENOBUFS; goto errout; } - + /* Reserve room for dummy headers, this skb can pass through good chunk of routing engine. */ @@ -2939,6 +2960,17 @@ if (dev == NULL) { err = -ENODEV; goto errout_free; + +#ifdef CONFIG_GHOSTIFICATION + ghost_debugmsg("Net device is %s ", dev->name); + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get a route involving a ghostified " + "interface (%s), skip", dev->name); + err = -ENODEV; + goto errout_free; + } +#endif /* CONFIG_GHOSTIFICATION */ } skb->protocol = htons(ETH_P_IP); @@ -2971,6 +3003,22 @@ if (rtm->rtm_flags & RTM_F_NOTIFY) rt->rt_flags |= RTCF_NOTIFY; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't allow get ops for route + involving a ghostified interface, unnecessary test ..(rt) */ + if (rt) { + if (rt->u.dst.dev) { + ghost_debugmsg("Net device is %s ",rt->u.dst.dev->name); + if (is_a_ghost_interface_name(rt->u.dst.dev->name)) { + ghost_ptk("Try to get a route involving a ghostified " + "interface (%s), skip", + rt->u.dst.dev->name); + err = -ENETUNREACH; + goto errout_free; + } + } + } +#endif /* CONFIG_GHOSTIFICATION */ err = rt_fill_info(net, skb, NETLINK_CB(in_skb).pid, nlh->nlmsg_seq, RTM_NEWROUTE, 0, 0); if (err <= 0) @@ -2985,6 +3033,8 @@ goto errout; } +/* (ghost support) maybe it will be necessary to modify +this func which is call in fib_frontend.c */ int ip_rt_dump(struct sk_buff *skb, struct netlink_callback *cb) { struct rtable *rt; diff -rNuad linux-2.6.31/net/ipv6/Kconfig linux-2.6.31-ghost/net/ipv6/Kconfig --- linux-2.6.31/net/ipv6/Kconfig 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv6/Kconfig 2009-11-26 22:58:23.000000000 +0000 @@ -4,8 +4,8 @@ # IPv6 as module will cause a CRASH if you try to unload it menuconfig IPV6 - tristate "The IPv6 protocol" - default m + bool "The IPv6 protocol" + default y ---help--- This is complemental support for the IP version 6. You will still be able to do traditional IPv4 networking as well. @@ -16,6 +16,10 @@ For specific information about IPv6 under Linux, read the HOWTO at . + Ghostification notes: + ===================== + IPV6 can not be built in module with ghost support. + To compile this protocol support as a module, choose M here: the module will be called ipv6. @@ -68,7 +72,7 @@ If unsure, say N. config INET6_AH - tristate "IPv6: AH transformation" + bool "IPv6: AH transformation" select XFRM select CRYPTO select CRYPTO_HMAC @@ -80,7 +84,7 @@ If unsure, say Y. config INET6_ESP - tristate "IPv6: ESP transformation" + bool "IPv6: ESP transformation" select XFRM select CRYPTO select CRYPTO_AUTHENC @@ -95,7 +99,7 @@ If unsure, say Y. config INET6_IPCOMP - tristate "IPv6: IPComp transformation" + bool "IPv6: IPComp transformation" select INET6_XFRM_TUNNEL select XFRM_IPCOMP ---help--- @@ -105,7 +109,7 @@ If unsure, say Y. config IPV6_MIP6 - tristate "IPv6: Mobility (EXPERIMENTAL)" + bool "IPv6: Mobility (EXPERIMENTAL)" depends on EXPERIMENTAL select XFRM ---help--- @@ -114,16 +118,16 @@ If unsure, say N. config INET6_XFRM_TUNNEL - tristate + bool select INET6_TUNNEL default n config INET6_TUNNEL - tristate + bool default n config INET6_XFRM_MODE_TRANSPORT - tristate "IPv6: IPsec transport mode" + bool "IPv6: IPsec transport mode" default IPV6 select XFRM ---help--- @@ -132,7 +136,7 @@ If unsure, say Y. config INET6_XFRM_MODE_TUNNEL - tristate "IPv6: IPsec tunnel mode" + bool "IPv6: IPsec tunnel mode" default IPV6 select XFRM ---help--- @@ -141,7 +145,7 @@ If unsure, say Y. config INET6_XFRM_MODE_BEET - tristate "IPv6: IPsec BEET mode" + bool "IPv6: IPsec BEET mode" default IPV6 select XFRM ---help--- @@ -150,14 +154,14 @@ If unsure, say Y. config INET6_XFRM_MODE_ROUTEOPTIMIZATION - tristate "IPv6: MIPv6 route optimization mode (EXPERIMENTAL)" + bool "IPv6: MIPv6 route optimization mode (EXPERIMENTAL)" depends on EXPERIMENTAL select XFRM ---help--- Support for MIPv6 route optimization mode. config IPV6_SIT - tristate "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" + bool "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" select INET_TUNNEL select IPV6_NDISC_NODETYPE default y @@ -174,7 +178,7 @@ bool config IPV6_TUNNEL - tristate "IPv6: IP-in-IPv6 tunnel (RFC2473)" + bool "IPv6: IP-in-IPv6 tunnel (RFC2473)" select INET6_TUNNEL ---help--- Support for IPv6-in-IPv6 and IPv4-in-IPv6 tunnels described in diff -rNuad linux-2.6.31/net/ipv6/addrconf.c linux-2.6.31-ghost/net/ipv6/addrconf.c --- linux-2.6.31/net/ipv6/addrconf.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv6/addrconf.c 2009-11-26 22:58:23.000000000 +0000 @@ -36,6 +36,9 @@ * YOSHIFUJI Hideaki @USAGI : improved source address * selection; consider scope, * status etc. + * Luca Saiu : ghostification support + * Roudiere Jonathan : ghost + * modify functions using (rt)netlink */ #include @@ -81,6 +84,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include #include @@ -446,6 +454,86 @@ return idev; } +/* + * (ghost support) Support to hide snmp6 proc infos. + */ +#ifdef CONFIG_GHOSTIFICATION +/* Utility procedure, needed for {show,hide}_proc_net_dev_snmp6_DEVICE_if_needed(). + Return a pointer to a valid inet6_dev structure on success, NULL on failure: */ +static struct inet6_dev* lookup_snmp6_device(const char *interface_name) +{ + struct net_device *device; + struct inet6_dev *idev; + + /* Lookup the device by name, obtaining an inet6_dev structure: */ + device = dev_get_by_name(&init_net, interface_name); + if(device == NULL) + return NULL; + rtnl_lock(); + idev = ipv6_find_idev(device); + rtnl_unlock(); + return idev; +} + +/* These are defined in net/ipv6/proc.c: */ +extern struct proc_dir_entry *proc_net_devsnmp6; +extern struct file_operations snmp6_seq_fops; + +/* Remove the virtual file /proc/net/dev_snmp6/DEVICE, unless + it's already hidden. Return 0 on success, nonzero on error: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name) +{ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + ghost_ptk("Hiding /proc/net/dev_snmp6/%s...", interface_name); + if(idev == NULL) /* lookup failed */ + return -EINVAL; + + /* Remove the proc/ entry, if any. If there was no entry + then remove_proc_entry() will fail, but it's ok for us: */ +#ifdef CONFIG_PROC_FS + if (!proc_net_devsnmp6) + return -ENOENT; + if (idev->stats.proc_dir_entry == NULL) + return -EINVAL; + remove_proc_entry(interface_name, proc_net_devsnmp6); +#endif /* CONFIG_PROC_FS */ + return 0; + //return snmp6_unregister_dev(idev); +} + +/* Create the virtual file /proc/net/dev_snmp6/DEVICE, unless + it's already shown. Return 0 on success, nonzero on error: */ +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name) +{ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + struct proc_dir_entry *proc_directory_entry; + ghost_ptk("Showing /proc/net/dev_snmp6/%s...", + interface_name); + if(idev == NULL) /* lookup failed */ + return -EINVAL; + if(idev->dev == NULL) /* I doubt this may happen... */ + return -EINVAL; +#ifdef CONFIG_PROC_FS + if(!proc_net_devsnmp6) /* there isn't any /proc/net/dev_snmp6 */ + return -ENOENT; + if((proc_directory_entry = create_proc_entry(interface_name, + S_IRUGO, proc_net_devsnmp6)) == NULL) + return -ENOMEM; + proc_directory_entry->data = idev; + proc_directory_entry->proc_fops = &snmp6_seq_fops; + idev->stats.proc_dir_entry = proc_directory_entry; +#endif /* CONFIG_PROC_FS */ + return 0; + /* return snmp6_register_dev(idev); */ +} +EXPORT_SYMBOL(show_proc_net_dev_snmp6_DEVICE_if_needed); +EXPORT_SYMBOL(hide_proc_net_dev_snmp6_DEVICE_if_needed); +#endif /* CONFIG_GHOSTIFICATION */ + +/* + * End of ghostification support + */ + #ifdef CONFIG_SYSCTL static void dev_forward_change(struct inet6_dev *idev) { @@ -2151,6 +2239,10 @@ return PTR_ERR(ifp); } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_addr_del(struct net *net, int ifindex, struct in6_addr *pfx, unsigned int plen) { @@ -2165,6 +2257,15 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to delete address on a ghostified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + if ((idev = __in6_dev_get(dev)) == NULL) return -ENXIO; @@ -2979,6 +3080,22 @@ static int if6_seq_show(struct seq_file *seq, void *v) { struct inet6_ifaddr *ifp = (struct inet6_ifaddr *)v; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information about ghost interfaces */ + if (is_a_ghost_interface_name(ifp->idev->dev->name)) { + ghost_ptk("Don't show informations about a ghostified " + "interface (%s) under /proc.", + ifp->idev->dev->name); + } else { + seq_printf(seq, "%pi6 %02x %02x %02x %02x %8s\n", + &ifp->addr, + ifp->idev->dev->ifindex, + ifp->prefix_len, + ifp->scope, + ifp->flags, + ifp->idev->dev->name); + } +#else seq_printf(seq, "%pi6 %02x %02x %02x %02x %8s\n", &ifp->addr, ifp->idev->dev->ifindex, @@ -2986,6 +3103,8 @@ ifp->scope, ifp->flags, ifp->idev->dev->name); +#endif /* CONFIG_GHOSTIFICATION */ + return 0; } @@ -3193,6 +3312,10 @@ [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) }, }; +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { @@ -3210,7 +3333,9 @@ pfx = extract_addr(tb[IFA_ADDRESS], tb[IFA_LOCAL]); if (pfx == NULL) return -EINVAL; - + /* (ghost support) we could/should stop here a request involving a + ghostified interface but inet6_addr_del already do a part of our work + (get dev etc ..) so instead we modify inet6_addr_del */ return inet6_addr_del(net, ifm->ifa_index, pfx, ifm->ifa_prefixlen); } @@ -3259,6 +3384,10 @@ return 0; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { @@ -3296,6 +3425,15 @@ if (dev == NULL) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to add a address to a ghostified interface (%s). Failing.", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + /* We ignore other flags so far. */ ifa_flags = ifm->ifa_flags & (IFA_F_NODAD | IFA_F_HOMEADDRESS); @@ -3464,6 +3602,12 @@ ANYCAST_ADDR, }; +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc; + * inet6_dump_addr is called by inet6_dump_{ifaddr,ifmcaddr,ifacaddr} + * and call the appropriate inet6_fill_* function. + */ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb, enum addr_type_t type) { @@ -3489,6 +3633,17 @@ ip_idx = 0; if ((idev = in6_dev_get(dev)) == NULL) goto cont; + +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get infos about addresses of a ghostified interface (%s), skip.", + dev->name); + goto cont; + /* return -ENODEV; don't use it */ + } +#endif /* CONFIG_GHOSTIFICATION */ + read_lock_bh(&idev->lock); switch (type) { case UNICAST_ADDR: @@ -3560,7 +3715,6 @@ return inet6_dump_addr(skb, cb, type); } - static int inet6_dump_ifacaddr(struct sk_buff *skb, struct netlink_callback *cb) { enum addr_type_t type = ANYCAST_ADDR; @@ -3568,6 +3722,10 @@ return inet6_dump_addr(skb, cb, type); } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_getaddr(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) { @@ -3594,6 +3752,17 @@ if (ifm->ifa_index) dev = __dev_get_by_index(net, ifm->ifa_index); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (dev) { + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get address of a ghostified interface (%s), skip.", + dev->name); + return -ENODEV; + } + } +#endif /* CONFIG_GHOSTIFICATION */ + if ((ifa = ipv6_get_ifaddr(net, addr, dev, 1)) == NULL) { err = -EADDRNOTAVAIL; goto errout; @@ -3802,6 +3971,10 @@ return -EMSGSIZE; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb) { struct net *net = sock_net(skb->sk); @@ -3813,6 +3986,14 @@ read_lock(&dev_base_lock); idx = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to dump address infos about a ghostified interface (%s), skip.", + dev->name); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if ((idev = in6_dev_get(dev)) == NULL) @@ -3840,7 +4021,6 @@ skb = nlmsg_new(inet6_if_nlmsg_size(), GFP_ATOMIC); if (skb == NULL) goto errout; - err = inet6_fill_ifinfo(skb, idev, 0, 0, event, 0); if (err < 0) { /* -EMSGSIZE implies BUG in inet6_if_nlmsg_size() */ diff -rNuad linux-2.6.31/net/ipv6/ip6_fib.c linux-2.6.31-ghost/net/ipv6/ip6_fib.c --- linux-2.6.31/net/ipv6/ip6_fib.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv6/ip6_fib.c 2009-11-26 22:58:23.000000000 +0000 @@ -275,6 +275,8 @@ #endif +/* (ghost support) iterate on net device, don't modify this function, +we can return ENODEV here, user-space tools (as ip) dump iface list before */ static int fib6_dump_node(struct fib6_walker_t *w) { int res; @@ -320,7 +322,6 @@ { struct fib6_walker_t *w; int res; - w = (void *)cb->args[2]; w->root = &table->tb6_root; diff -rNuad linux-2.6.31/net/ipv6/mcast.c linux-2.6.31-ghost/net/ipv6/mcast.c --- linux-2.6.31/net/ipv6/mcast.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv6/mcast.c 2009-11-26 22:59:37.000000000 +0000 @@ -24,6 +24,10 @@ * - MLD for link-local addresses. * David L Stevens : * - MLDv2 support + * Luca Saiu : + * - trivial changes for ghostification support + * Roudiere Jonathan + * - trivial changes to correct an forgetting */ #include @@ -61,6 +65,11 @@ #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Set to 3 to get tracing... */ #define MCAST_DEBUG 2 @@ -2440,6 +2449,20 @@ struct ifmcaddr6 *im = (struct ifmcaddr6 *)v; struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information about ghost interfaces */ + if(! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp6 information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, + "%-4d %-15s %pi6 %5d %08X %ld\n", + state->dev->ifindex, state->dev->name, + &im->mca_addr, + im->mca_users, im->mca_flags, + (im->mca_flags&MAF_TIMER_RUNNING) ? + jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); + } +#else seq_printf(seq, "%-4d %-15s %pi6 %5d %08X %ld\n", state->dev->ifindex, state->dev->name, @@ -2447,6 +2470,7 @@ im->mca_users, im->mca_flags, (im->mca_flags&MAF_TIMER_RUNNING) ? jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); +#endif /* CONFIG_GHOSTIFICATION */ return 0; } @@ -2601,6 +2625,20 @@ "Device", "Multicast Address", "Source Address", "INC", "EXC"); } else { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if (! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp6 information in /proc" + " about ghostified interfaces (2)."); + seq_printf(seq, + "%3d %6.6s %pi6 %pi6 %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + &state->im->mca_addr, + &psf->sf_addr, + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); + } +#else seq_printf(seq, "%3d %6.6s %pi6 %pi6 %6lu %6lu\n", state->dev->ifindex, state->dev->name, @@ -2608,6 +2646,7 @@ &psf->sf_addr, psf->sf_count[MCAST_INCLUDE], psf->sf_count[MCAST_EXCLUDE]); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; } diff -rNuad linux-2.6.31/net/ipv6/proc.c linux-2.6.31-ghost/net/ipv6/proc.c --- linux-2.6.31/net/ipv6/proc.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv6/proc.c 2009-11-26 22:59:07.000000000 +0000 @@ -9,6 +9,8 @@ * * Authors: David S. Miller (davem@caip.rutgers.edu) * YOSHIFUJI Hideaki + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -29,6 +31,16 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include + +/* (ghost support) We don't want this to be static, as it has to + be read at ghostifying and unghostifying time */ +struct proc_dir_entry *proc_net_devsnmp6; +EXPORT_SYMBOL(proc_net_devsnmp6); +#endif /* CONFIG_GHOSTIFICATION */ + static int sockstat6_seq_show(struct seq_file *seq, void *v) { struct net *net = seq->private; @@ -200,6 +212,18 @@ return single_open_net(inode, file, snmp6_seq_show); } +/* (ghost support) This was originally static, +but we need to make it visible */ +#ifdef CONFIG_GHOSTIFICATION +struct file_operations snmp6_seq_fops = { + .owner = THIS_MODULE, + .open = snmp6_seq_open, + .read = seq_read, + .llseek = seq_lseek, + .release = single_release, +}; +EXPORT_SYMBOL(snmp6_seq_fops); +#else static const struct file_operations snmp6_seq_fops = { .owner = THIS_MODULE, .open = snmp6_seq_open, @@ -207,6 +231,7 @@ .llseek = seq_lseek, .release = single_release_net, }; +#endif /* CONFIG_GHOSTIFICATION */ static int snmp6_dev_seq_show(struct seq_file *seq, void *v) { diff -rNuad linux-2.6.31/net/ipv6/route.c linux-2.6.31-ghost/net/ipv6/route.c --- linux-2.6.31/net/ipv6/route.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/ipv6/route.c 2009-11-26 22:58:23.000000000 +0000 @@ -22,6 +22,10 @@ * reachable. otherwise, round-robin the list. * Ville Nuorvala * Fixed routing subtrees. + * Luca Saiu + * trivial changes for ghostification support + * Roudiere Jonathan + * ghostification support update, modify functions using netlink */ #include @@ -60,6 +64,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Set to 3 to get tracing. */ #define RT6_DEBUG 2 @@ -1115,10 +1124,6 @@ return hoplimit; } -/* - * - */ - int ip6_route_add(struct fib6_config *cfg) { int err; @@ -1830,6 +1835,8 @@ struct in6_rtmsg rtmsg; int err; + /* (ghost support) don't make any change, changes + have been made later for ioctl request */ switch(cmd) { case SIOCADDRT: /* Add a route */ case SIOCDELRT: /* Delete a route */ @@ -2133,26 +2140,84 @@ return err; } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc. + */ static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) { struct fib6_config cfg; int err; - err = rtm_to_fib6_config(skb, nlh, &cfg); - if (err < 0) - return err; +#ifdef CONFIG_GHOSTIFICATION + struct net *net = NULL; + struct net_device *dev = NULL; + + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; + + /* (ghost support) get the net struct through sock struct */ + net = sock_net(skb->sk); + if(!net) + return ip6_route_del(&cfg); /* do that or exit on error ... */ + /* (ghost support) get the net_device struct through fib6_config */ + dev = dev_get_by_index(net, cfg.fc_ifindex); + if(!dev) + return ip6_route_del(&cfg); /* do that or exit on error ... */ + /* (ghost support) ok we know the device name so if it + is a ghostified interface, return device not exist */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to del route involving a ghostified interface (%s). Failing", + dev->name); + return -ENODEV; + } +#else + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; +#endif /* CONFIG_GHOSTIFICATION */ return ip6_route_del(&cfg); } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc. + */ static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) { struct fib6_config cfg; int err; +#ifdef CONFIG_GHOSTIFICATION + struct net *net = NULL; + struct net_device *dev = NULL; + err = rtm_to_fib6_config(skb, nlh, &cfg); if (err < 0) return err; + + /* (ghost support) get the net struct through sock struct */ + net = sock_net(skb->sk); + if(!net) + return ip6_route_add(&cfg); /* do that or exit on error ... */ + /* (ghost support) get the net_device struct through fib6_config */ + dev = dev_get_by_index(net, cfg.fc_ifindex); + if(!dev) + return ip6_route_add(&cfg); /* do that or exit on error ... */ + /* (ghost support) ok we know the device name so if it is + a ghostified interface, return device not exist */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to add route involving a ghostified interface (%s). Failing.", + dev->name); + return -ENODEV; + } +#else + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; +#endif /* CONFIG_GHOSTIFICATION */ return ip6_route_add(&cfg); } @@ -2172,6 +2237,10 @@ + nla_total_size(sizeof(struct rta_cacheinfo)); } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc + */ static int rt6_fill_node(struct net *net, struct sk_buff *skb, struct rt6_info *rt, struct in6_addr *dst, struct in6_addr *src, @@ -2183,6 +2252,19 @@ long expires; u32 table; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("rtnetlink msg type %i, pid %i and seq %i", + type, pid, seq); + /* (ghost support) this function is called by by rt6_dump_route, and + inet6_rtm_get_route and inet6_rt_notify, test if it is a kernel request*/ + if (rt->rt6i_dev->name) + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Try to get/notify route infos about a " + "ghostified interface (%s), skip.", + rt->rt6i_dev->name); + return 1; + } +#endif /* CONFIG_GHOSTIFICATION */ if (prefix) { /* user wants prefix routes only */ if (!(rt->rt6i_flags & RTF_PREFIX_RT)) { /* success since this is not a prefix route */ @@ -2290,10 +2372,26 @@ return -EMSGSIZE; } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc, + */ int rt6_dump_route(struct rt6_info *rt, void *p_arg) { struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg; int prefix; + +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg(" rtnetlink mesg %i, pid %i and seq %i", + arg->cb->nlh->nlmsg_type, arg->cb->nlh->nlmsg_pid, arg->cb->nlh->nlmsg_seq); + /* if (rt->rt6i_dev) + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Try to dump route infos about a ghostified interface (%s), skip", + rt->rt6i_dev->name); + return -ENODEV; errro maybe come from here, modify instead + rt6_fill_node which has multiple callers + } */ +#endif /* CONFIG_GHOSTIFICATION */ if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) { struct rtmsg *rtm = nlmsg_data(arg->cb->nlh); @@ -2307,6 +2405,8 @@ prefix, 0, NLM_F_MULTI); } +/* (ghost support) Don't make changes here, function +rt6_fill_node has been modified instead */ static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) { struct net *net = sock_net(in_skb->sk); @@ -2452,6 +2552,17 @@ { struct seq_file *m = p_arg; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Do nothing if this route involves a + ghostified interface */ + if(rt->rt6i_dev != NULL) /* can't use &&: evaluation order is undefined */ + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Don't show any informations under /proc/net" + "involving a ghostified interface (%s)", + rt->rt6i_dev->name); + return 0; + } +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(m, "%pi6 %02x ", &rt->rt6i_dst.addr, rt->rt6i_dst.plen); #ifdef CONFIG_IPV6_SUBTREES diff -rNuad linux-2.6.31/net/netfilter/core.c linux-2.6.31-ghost/net/netfilter/core.c --- linux-2.6.31/net/netfilter/core.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/netfilter/core.c 2009-11-26 23:00:16.000000000 +0000 @@ -5,6 +5,8 @@ * way. * * Rusty Russell (C)2000 -- This code is GPL. + * Little change by Jonathan Roudiere to add + * Ghostification support (bypass netfilter for ghost interface). */ #include #include @@ -22,6 +24,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "nf_internals.h" static DEFINE_MUTEX(afinfo_mutex); @@ -59,7 +66,6 @@ { struct nf_hook_ops *elem; int err; - err = mutex_lock_interruptible(&nf_hook_mutex); if (err < 0) return err; @@ -169,7 +175,158 @@ rcu_read_lock(); elem = &nf_hooks[pf][hook]; + next_hook: + /* + * (ghost support) Netfilter ghostification support. + * Perform too much tests here is not a good idea because all + * network packets pass through this section but we have + * not other choice to skip netfilter hooks (per hook). + */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER + /* + * Bypass all Netfilter hooks (for ipv4/6, arp, bridge) for any + * ghostified interface (eq. to return NF_ACCEPT for each packet which + * go through an interface which is ghostified (do that at hook level + * in order to skip all chains's rules hang on the hooks)) + */ + + /* don't use ghost_debugmsg macro in this section + because it may introduce too much delay */ + ghost_develmsg("Enter in hook (pf=%i) (hook=%i) from indev->name = " + "%s to outdev->name = %s", pf, hook, indev->name, outdev->name); + +/* If we wish to skip all netfilter hooks for all PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ALL + /* + * outdev->name field is defined in OUTPUT, FORWARD and POSTROUTING hooks, + * if it is a ghostified interface then we must bypass netfilter hooks + * (and all rules chains), we start here (with outdev) to bypass netfilter's + * hooks in the case where we are in FORWARD. + */ + if ((outdev->name) != NULL) { + if (!is_a_ghost_interface_name(outdev->name)) { + ghost_develmsg("(outdev->name) = %s is not a ghostfied interface", + (outdev->name)); + goto apply_hook; + } else { + ghost_develmsg("(outdev->name) = %s is a ghostfied interface", + (outdev->name)); + ret = 1; + goto unlock; + } + } + /* + * indev->name field is defined in PREROUTING, FORWARD and INPUT hooks, + * if it is a ghostified interface then we must bypass netfilter hooks + * (and all rules chains), if we are in FORWARD hook and outdev/indev->name + * is not a ghostified interface then we can go towards hooks. + */ + if ((indev->name) != NULL) { + if (!is_a_ghost_interface_name(indev->name)) { + ghost_develmsg("(indev->name) = %s is not a ghostfied interface", + (indev->name)); + goto apply_hook; + } else { + ghost_develmsg("(indev->name) = %s is a ghostfied interface", + (indev->name)); + ret = 1; + goto unlock; + } + } + +/* + * If GHOSTIFICATION_NETFILTER_ALL is not defined neither any + * GHOSTIFICATION_NETFILTER_PF then we 'll skip all this code chunk. + * (about performance, choose to skip netfilter just for certains PF + * is the most bad things we can do, but ...) + */ +#elif (defined(CONFIG_GHOSTIFICATION_NETFILTER_IPV4) || defined(CONFIG_GHOSTIFICATION_NETFILTER_IPV6) || \ + defined(CONFIG_GHOSTIFICATION_NETFILTER_ARP) || defined(CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE)) + /* Here we have the same logic as previously (in GHOSTIFICATION_NETFILTER_ALL) + but with the ability to choose what are the PFs that we want to skip */ + if ((outdev->name) != NULL) { + if (!is_a_ghost_interface_name(outdev->name)) { + ghost_develmsg("(outdev->name) = %s is not a ghostfied interface", + (outdev->name)); + goto apply_hook; + } else { + ghost_develmsg("(outdev->name) = %s is a ghostfied interface", + (outdev->name)); + /* start with IPv4, IPv6 because they are the most current PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV4 + if (pf == PF_INET) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV4 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV6 + if (pf == PF_INET6) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV6 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ARP + if (pf == NF_ARP) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_ARP */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE + if (pf == PF_BRIDGE) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE */ + /* We arrive here that is because we are not in a PF + that we wish skip so we apply rules chain (for decnet) */ + goto apply_hook; + } + } + if ((indev->name) != NULL) { + if (!is_a_ghost_interface_name(indev->name)) { + ghost_develmsg("(indev->name) = %s is not a ghostfied interface", + (indev->name)); + goto apply_hook; + } else { + ghost_develmsg("(indev->name) = %s is a ghostfied interface", + (indev->name)); + /* start with IPv4, IPv6 because they are the most current PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV4 + if (pf == PF_INET) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV4 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV6 + if (pf == PF_INET6) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV6 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ARP + if (pf == NF_ARP) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_ARP */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE + if (pf == PF_BRIDGE) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE */ + /* We arrive here that is because we are not in a PF + that we wish skip so we apply rules chain (for decnet) */ + goto apply_hook; + } + } + +#endif /* CONFIG_GHOSTIFICATION_ALL */ +apply_hook: +#endif /* CONFIG_GHOSTIFICATION_NETFILTER */ +/* (ghost support) End of ghostification support */ + verdict = nf_iterate(&nf_hooks[pf][hook], skb, hook, indev, outdev, &elem, okfn, hook_thresh); if (verdict == NF_ACCEPT || verdict == NF_STOP) { @@ -182,6 +339,9 @@ verdict >> NF_VERDICT_BITS)) goto next_hook; } +#ifdef CONFIG_GHOSTIFICATION_NETFILTER +unlock: +#endif rcu_read_unlock(); return ret; } diff -rNuad linux-2.6.31/net/packet/af_packet.c linux-2.6.31-ghost/net/packet/af_packet.c --- linux-2.6.31/net/packet/af_packet.c 2009-09-09 22:13:59.000000000 +0000 +++ linux-2.6.31-ghost/net/packet/af_packet.c 2009-11-26 22:58:23.000000000 +0000 @@ -8,6 +8,7 @@ * Authors: Ross Biro * Fred N. van Kempen, * Alan Cox, + * Luca Saiu : Trivial changes for ghostification * * Fixes: * Alan Cox : verify_area() now used correctly @@ -84,6 +85,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Assumptions: - if device has no dev->hard_header routine, it adds and removes ll header @@ -549,6 +555,18 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Drop packets involving ghost interfaces: + * we don't want the user to be able to sniff them + */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Drop a packet which is going through a ghostified interface (rcv)"); + goto drop; + } +#endif /* CONFIG_GHOSTIFICATION */ + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -670,6 +688,18 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Drop packets involving ghost interfaces: + * we don't want the user to be able to sniff them. + */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Drop a packet which is going through a ghostified interface (trcv)"); + goto drop; + } +#endif /* CONFIG_GHOSTIFICATION */ + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -2420,17 +2450,38 @@ struct sock *s = v; const struct packet_sock *po = pkt_sk(s); +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Don't show packets involving ghost devices + */ + struct net_device *net_device = dev_get_by_index(sock_net(s), po->ifindex); + if(! is_a_ghost_interface_name(net_device->name)) { + ghost_debugmsg("Don't show packets involving ghostified interface"); + seq_printf(seq, + "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", + s, + atomic_read(&s->sk_refcnt), + s->sk_type, + ntohs(po->num), + po->ifindex, + po->running, + atomic_read(&s->sk_rmem_alloc), + sock_i_uid(s), + sock_i_ino(s) ); + } +#else seq_printf(seq, - "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", - s, - atomic_read(&s->sk_refcnt), - s->sk_type, - ntohs(po->num), - po->ifindex, - po->running, - atomic_read(&s->sk_rmem_alloc), - sock_i_uid(s), - sock_i_ino(s) ); + "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", + s, + atomic_read(&s->sk_refcnt), + s->sk_type, + ntohs(po->num), + po->ifindex, + po->running, + atomic_read(&s->sk_rmem_alloc), + sock_i_uid(s), + sock_i_ino(s) ); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; marionnet-0.90.6+bzr508.orig/uml/kernel/linux-3.2.%.compile_with_ARCH_um_SUBARCH_i386.diff0000644000175000017500000000143013175722671027171 0ustar lucaslucas*** linux-3.2.13.original/arch/x86/um/Makefile 2012-03-19 17:03:17.000000000 +0100 --- linux-3.2.13.modified/arch/x86/um/Makefile 2013-04-30 18:09:48.000000000 +0200 *************** *** 19,25 **** obj-y += checksum_32.o obj-$(CONFIG_BINFMT_ELF) += elfcore.o ! subarch-y = ../lib/string_32.o ../lib/atomic64_32.o ../lib/atomic64_cx8_32.o subarch-$(CONFIG_RWSEM_XCHGADD_ALGORITHM) += ../lib/rwsem.o subarch-$(CONFIG_HIGHMEM) += ../mm/highmem_32.o --- 19,27 ---- obj-y += checksum_32.o obj-$(CONFIG_BINFMT_ELF) += elfcore.o ! subarch-y = ../lib/string_32.o ../lib/atomic64_32.o ../lib/atomic64_cx8_32.o \ ! ../lib/atomic64_386_32.o ../lib/cmpxchg8b_emu.o ! subarch-$(CONFIG_RWSEM_XCHGADD_ALGORITHM) += ../lib/rwsem.o subarch-$(CONFIG_HIGHMEM) += ../mm/highmem_32.o marionnet-0.90.6+bzr508.orig/uml/kernel/CONFIG-3.2.510000644000175000017500000006750013175722671020303 0ustar lucaslucas# # Automatically generated file; DO NOT EDIT. # User Mode Linux/i386 3.2.48 Kernel Configuration # CONFIG_DEFCONFIG_LIST="arch/$ARCH/defconfig" CONFIG_UML=y CONFIG_MMU=y CONFIG_NO_IOMEM=y # CONFIG_TRACE_IRQFLAGS_SUPPORT is not set CONFIG_LOCKDEP_SUPPORT=y # CONFIG_STACKTRACE_SUPPORT is not set CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_CLOCKEVENTS=y CONFIG_IRQ_RELEASE_METHOD=y CONFIG_HZ=100 # # UML-specific options # # # Host processor type and features # # CONFIG_CMPXCHG_LOCAL is not set # CONFIG_CMPXCHG_DOUBLE is not set # CONFIG_M486 is not set # CONFIG_M586 is not set # CONFIG_M586TSC is not set CONFIG_M586MMX=y # CONFIG_M686 is not set # CONFIG_MPENTIUMII is not set # CONFIG_MPENTIUMIII is not set # CONFIG_MPENTIUMM is not set # CONFIG_MPENTIUM4 is not set # CONFIG_MK6 is not set # CONFIG_MK7 is not set # CONFIG_MK8 is not set # CONFIG_MCRUSOE is not set # CONFIG_MEFFICEON is not set # CONFIG_MWINCHIPC6 is not set # CONFIG_MWINCHIP3D is not set # CONFIG_MELAN is not set # CONFIG_MGEODEGX1 is not set # CONFIG_MGEODE_LX is not set # CONFIG_MCYRIXIII is not set # CONFIG_MVIAC3_2 is not set # CONFIG_MVIAC7 is not set # CONFIG_MCORE2 is not set # CONFIG_MATOM is not set CONFIG_X86_GENERIC=y CONFIG_X86_INTERNODE_CACHE_SHIFT=6 CONFIG_X86_CMPXCHG=y CONFIG_X86_L1_CACHE_SHIFT=6 CONFIG_X86_XADD=y CONFIG_X86_PPRO_FENCE=y CONFIG_X86_F00F_BUG=y CONFIG_X86_WP_WORKS_OK=y CONFIG_X86_INVLPG=y CONFIG_X86_BSWAP=y CONFIG_X86_POPAD_OK=y CONFIG_X86_ALIGNMENT_16=y CONFIG_X86_INTEL_USERCOPY=y CONFIG_X86_TSC=y CONFIG_X86_MINIMUM_CPU_FAMILY=4 CONFIG_CPU_SUP_INTEL=y CONFIG_CPU_SUP_CYRIX_32=y CONFIG_CPU_SUP_AMD=y CONFIG_CPU_SUP_CENTAUR=y CONFIG_CPU_SUP_TRANSMETA_32=y CONFIG_CPU_SUP_UMC_32=y CONFIG_UML_X86=y # CONFIG_64BIT is not set CONFIG_X86_32=y # CONFIG_X86_64 is not set # CONFIG_RWSEM_XCHGADD_ALGORITHM is not set CONFIG_RWSEM_GENERIC_SPINLOCK=y CONFIG_3_LEVEL_PGTABLES=y CONFIG_ARCH_HAS_SC_SIGNALS=y CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA=y CONFIG_GENERIC_HWEIGHT=y # CONFIG_STATIC_LINK is not set CONFIG_SELECT_MEMORY_MODEL=y CONFIG_FLATMEM_MANUAL=y CONFIG_FLATMEM=y CONFIG_FLAT_NODE_MEM_MAP=y CONFIG_PAGEFLAGS_EXTENDED=y CONFIG_SPLIT_PTLOCK_CPUS=4 # CONFIG_COMPACTION is not set # CONFIG_PHYS_ADDR_T_64BIT is not set CONFIG_ZONE_DMA_FLAG=0 CONFIG_VIRT_TO_BUS=y # CONFIG_KSM is not set CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 CONFIG_NEED_PER_CPU_KM=y # CONFIG_CLEANCACHE is not set CONFIG_TICK_ONESHOT=y CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y CONFIG_GENERIC_CLOCKEVENTS_BUILD=y CONFIG_LD_SCRIPT_DYN=y CONFIG_BINFMT_ELF=y CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y CONFIG_HAVE_AOUT=y # CONFIG_BINFMT_AOUT is not set CONFIG_BINFMT_MISC=y CONFIG_HOSTFS=y # CONFIG_HPPFS is not set CONFIG_MCONSOLE=y CONFIG_MAGIC_SYSRQ=y CONFIG_KERNEL_STACK_ORDER=2 # CONFIG_MMAPPER is not set CONFIG_NO_DMA=y # # General setup # CONFIG_EXPERIMENTAL=y CONFIG_BROKEN_ON_SMP=y CONFIG_INIT_ENV_ARG_LIMIT=128 CONFIG_CROSS_COMPILE="" CONFIG_LOCALVERSION="" CONFIG_LOCALVERSION_AUTO=y CONFIG_DEFAULT_HOSTNAME="(none)" CONFIG_SWAP=y CONFIG_SYSVIPC=y CONFIG_SYSVIPC_SYSCTL=y CONFIG_POSIX_MQUEUE=y CONFIG_POSIX_MQUEUE_SYSCTL=y CONFIG_BSD_PROCESS_ACCT=y # CONFIG_BSD_PROCESS_ACCT_V3 is not set # CONFIG_FHANDLE is not set # CONFIG_TASKSTATS is not set # CONFIG_AUDIT is not set CONFIG_HAVE_GENERIC_HARDIRQS=y # # IRQ subsystem # CONFIG_GENERIC_HARDIRQS=y CONFIG_GENERIC_IRQ_SHOW=y # # RCU Subsystem # CONFIG_TINY_RCU=y # CONFIG_PREEMPT_RCU is not set # CONFIG_RCU_TRACE is not set # CONFIG_TREE_RCU_TRACE is not set CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y CONFIG_LOG_BUF_SHIFT=14 # CONFIG_CGROUPS is not set CONFIG_NAMESPACES=y CONFIG_UTS_NS=y CONFIG_IPC_NS=y CONFIG_USER_NS=y CONFIG_PID_NS=y CONFIG_NET_NS=y # CONFIG_SCHED_AUTOGROUP is not set CONFIG_SYSFS_DEPRECATED=y # CONFIG_SYSFS_DEPRECATED_V2 is not set CONFIG_RELAY=y CONFIG_BLK_DEV_INITRD=y CONFIG_INITRAMFS_SOURCE="" CONFIG_RD_GZIP=y CONFIG_RD_BZIP2=y CONFIG_RD_LZMA=y CONFIG_RD_XZ=y CONFIG_RD_LZO=y CONFIG_CC_OPTIMIZE_FOR_SIZE=y CONFIG_SYSCTL=y CONFIG_ANON_INODES=y # CONFIG_EXPERT is not set CONFIG_UID16=y # CONFIG_SYSCTL_SYSCALL is not set CONFIG_KALLSYMS=y # CONFIG_KALLSYMS_ALL is not set CONFIG_HOTPLUG=y CONFIG_PRINTK=y CONFIG_BUG=y CONFIG_ELF_CORE=y CONFIG_BASE_FULL=y CONFIG_FUTEX=y CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_SHMEM=y CONFIG_AIO=y # CONFIG_EMBEDDED is not set # # Kernel Performance Events And Counters # CONFIG_VM_EVENT_COUNTERS=y CONFIG_COMPAT_BRK=y CONFIG_SLAB=y # CONFIG_SLUB is not set # CONFIG_PROFILING is not set # # GCOV-based kernel profiling # # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set CONFIG_SLABINFO=y CONFIG_RT_MUTEXES=y CONFIG_BASE_SMALL=0 CONFIG_MODULES=y # CONFIG_MODULE_FORCE_LOAD is not set CONFIG_MODULE_UNLOAD=y # CONFIG_MODULE_FORCE_UNLOAD is not set # CONFIG_MODVERSIONS is not set # CONFIG_MODULE_SRCVERSION_ALL is not set CONFIG_BLOCK=y CONFIG_LBDAF=y CONFIG_BLK_DEV_BSG=y # CONFIG_BLK_DEV_BSGLIB is not set # CONFIG_BLK_DEV_INTEGRITY is not set # # IO Schedulers # CONFIG_IOSCHED_NOOP=y CONFIG_IOSCHED_DEADLINE=y CONFIG_IOSCHED_CFQ=y # CONFIG_DEFAULT_DEADLINE is not set CONFIG_DEFAULT_CFQ=y # CONFIG_DEFAULT_NOOP is not set CONFIG_DEFAULT_IOSCHED="cfq" # CONFIG_INLINE_SPIN_TRYLOCK is not set # CONFIG_INLINE_SPIN_TRYLOCK_BH is not set # CONFIG_INLINE_SPIN_LOCK is not set # CONFIG_INLINE_SPIN_LOCK_BH is not set # CONFIG_INLINE_SPIN_LOCK_IRQ is not set # CONFIG_INLINE_SPIN_LOCK_IRQSAVE is not set CONFIG_INLINE_SPIN_UNLOCK=y # CONFIG_INLINE_SPIN_UNLOCK_BH is not set CONFIG_INLINE_SPIN_UNLOCK_IRQ=y # CONFIG_INLINE_SPIN_UNLOCK_IRQRESTORE is not set # CONFIG_INLINE_READ_TRYLOCK is not set # CONFIG_INLINE_READ_LOCK is not set # CONFIG_INLINE_READ_LOCK_BH is not set # CONFIG_INLINE_READ_LOCK_IRQ is not set # CONFIG_INLINE_READ_LOCK_IRQSAVE is not set CONFIG_INLINE_READ_UNLOCK=y # CONFIG_INLINE_READ_UNLOCK_BH is not set CONFIG_INLINE_READ_UNLOCK_IRQ=y # CONFIG_INLINE_READ_UNLOCK_IRQRESTORE is not set # CONFIG_INLINE_WRITE_TRYLOCK is not set # CONFIG_INLINE_WRITE_LOCK is not set # CONFIG_INLINE_WRITE_LOCK_BH is not set # CONFIG_INLINE_WRITE_LOCK_IRQ is not set # CONFIG_INLINE_WRITE_LOCK_IRQSAVE is not set CONFIG_INLINE_WRITE_UNLOCK=y # CONFIG_INLINE_WRITE_UNLOCK_BH is not set CONFIG_INLINE_WRITE_UNLOCK_IRQ=y # CONFIG_INLINE_WRITE_UNLOCK_IRQRESTORE is not set # CONFIG_MUTEX_SPIN_ON_OWNER is not set # CONFIG_FREEZER is not set # # UML Character Devices # CONFIG_STDERR_CONSOLE=y CONFIG_STDIO_CONSOLE=y CONFIG_SSL=y CONFIG_NULL_CHAN=y CONFIG_PORT_CHAN=y CONFIG_PTY_CHAN=y CONFIG_TTY_CHAN=y CONFIG_XTERM_CHAN=y # CONFIG_NOCONFIG_CHAN is not set CONFIG_CON_ZERO_CHAN="fd:0,fd:1" CONFIG_CON_CHAN="xterm" CONFIG_SSL_CHAN="pty" CONFIG_UML_SOUND=y CONFIG_SOUND=y CONFIG_SOUND_OSS_CORE=y CONFIG_HOSTAUDIO=y # # Device Drivers # # # Generic Driver Options # CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" CONFIG_DEVTMPFS=y CONFIG_DEVTMPFS_MOUNT=n CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y CONFIG_FW_LOADER=y CONFIG_FIRMWARE_IN_KERNEL=y CONFIG_EXTRA_FIRMWARE="" # CONFIG_DEBUG_DRIVER is not set # CONFIG_DEBUG_DEVRES is not set # CONFIG_SYS_HYPERVISOR is not set CONFIG_CONNECTOR=y CONFIG_PROC_EVENTS=y CONFIG_BLK_DEV=y CONFIG_BLK_DEV_UBD=y CONFIG_BLK_DEV_UBD_SYNC=y CONFIG_BLK_DEV_COW_COMMON=y CONFIG_BLK_DEV_LOOP=y CONFIG_BLK_DEV_LOOP_MIN_COUNT=8 CONFIG_BLK_DEV_CRYPTOLOOP=y # CONFIG_BLK_DEV_DRBD is not set CONFIG_BLK_DEV_NBD=y CONFIG_BLK_DEV_RAM=y CONFIG_BLK_DEV_RAM_COUNT=16 CONFIG_BLK_DEV_RAM_SIZE=4096 # CONFIG_BLK_DEV_XIP is not set CONFIG_ATA_OVER_ETH=y # CONFIG_BLK_DEV_RBD is not set # CONFIG_MISC_DEVICES is not set # # SCSI device support # CONFIG_SCSI_MOD=y # CONFIG_RAID_ATTRS is not set # CONFIG_SCSI is not set # CONFIG_SCSI_DMA is not set # CONFIG_SCSI_NETLINK is not set # CONFIG_MD is not set CONFIG_NETDEVICES=y CONFIG_NET_CORE=y CONFIG_BONDING=y CONFIG_DUMMY=y # CONFIG_EQUALIZER is not set # CONFIG_MII is not set # CONFIG_MACVLAN is not set # CONFIG_NETCONSOLE is not set # CONFIG_NETPOLL is not set # CONFIG_NET_POLL_CONTROLLER is not set CONFIG_TUN=y # CONFIG_VETH is not set # # CAIF transport drivers # CONFIG_ETHERNET=y CONFIG_NET_VENDOR_CHELSIO=y CONFIG_NET_VENDOR_INTEL=y CONFIG_NET_VENDOR_I825XX=y CONFIG_NET_VENDOR_MARVELL=y CONFIG_NET_VENDOR_NATSEMI=y CONFIG_NET_VENDOR_8390=y # CONFIG_PHYLIB is not set CONFIG_PPP=y CONFIG_PPP_BSDCOMP=y CONFIG_PPP_DEFLATE=y CONFIG_PPP_FILTER=y CONFIG_PPP_MPPE=y CONFIG_PPP_MULTILINK=y CONFIG_PPPOE=y CONFIG_PPP_ASYNC=y CONFIG_PPP_SYNC_TTY=y CONFIG_SLIP=y CONFIG_SLHC=y CONFIG_SLIP_COMPRESSED=y CONFIG_SLIP_SMART=y CONFIG_SLIP_MODE_SLIP6=y CONFIG_WLAN=y # CONFIG_HOSTAP is not set # # Enable WiMAX (Networking options) to see the WiMAX drivers # # CONFIG_WAN is not set # # Character devices # CONFIG_UNIX98_PTYS=y # CONFIG_DEVPTS_MULTIPLE_INSTANCES is not set CONFIG_LEGACY_PTYS=y CONFIG_LEGACY_PTY_COUNT=32 # CONFIG_N_GSM is not set # CONFIG_TRACE_SINK is not set CONFIG_DEVKMEM=y CONFIG_HW_RANDOM=y CONFIG_UML_RANDOM=y # CONFIG_R3964 is not set # CONFIG_NSC_GPIO is not set # CONFIG_RAW_DRIVER is not set # # PPS support # # CONFIG_PPS is not set # # PPS generators support # # # PTP clock support # # # Enable Device Drivers -> PPS to see the PTP clock options. # # CONFIG_POWER_SUPPLY is not set # CONFIG_THERMAL is not set # CONFIG_WATCHDOG is not set # CONFIG_REGULATOR is not set CONFIG_SOUND_OSS_CORE_PRECLAIM=y # CONFIG_MEMSTICK is not set # CONFIG_NEW_LEDS is not set # CONFIG_ACCESSIBILITY is not set # CONFIG_AUXDISPLAY is not set # CONFIG_UIO is not set # # Virtio drivers # # CONFIG_VIRTIO_BALLOON is not set # CONFIG_STAGING is not set # # Hardware Spinlock drivers # CONFIG_IOMMU_SUPPORT=y # CONFIG_VIRT_DRIVERS is not set # CONFIG_PM_DEVFREQ is not set CONFIG_NET=y # # Networking options # CONFIG_PACKET=y CONFIG_UNIX=y CONFIG_XFRM=y CONFIG_XFRM_USER=y # CONFIG_XFRM_SUB_POLICY is not set # CONFIG_XFRM_MIGRATE is not set # CONFIG_XFRM_STATISTICS is not set CONFIG_XFRM_IPCOMP=y CONFIG_NET_KEY=y # CONFIG_NET_KEY_MIGRATE is not set CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y # CONFIG_IP_FIB_TRIE_STATS is not set CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_VERBOSE=y CONFIG_IP_ROUTE_CLASSID=y CONFIG_IP_PNP=y CONFIG_IP_PNP_DHCP=y CONFIG_IP_PNP_BOOTP=y CONFIG_IP_PNP_RARP=y CONFIG_NET_IPIP=y # CONFIG_NET_IPGRE_DEMUX is not set CONFIG_IP_MROUTE=y # CONFIG_IP_MROUTE_MULTIPLE_TABLES is not set CONFIG_IP_PIMSM_V1=y # CONFIG_IP_PIMSM_V2 is not set CONFIG_ARPD=y # CONFIG_SYN_COOKIES is not set CONFIG_INET_AH=y CONFIG_INET_ESP=y CONFIG_INET_IPCOMP=y CONFIG_INET_XFRM_TUNNEL=y CONFIG_INET_TUNNEL=y CONFIG_INET_XFRM_MODE_TRANSPORT=y CONFIG_INET_XFRM_MODE_TUNNEL=y CONFIG_INET_XFRM_MODE_BEET=y CONFIG_INET_LRO=y CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y CONFIG_TCP_CONG_ADVANCED=y CONFIG_TCP_CONG_BIC=y CONFIG_TCP_CONG_CUBIC=y CONFIG_TCP_CONG_WESTWOOD=y CONFIG_TCP_CONG_HTCP=y CONFIG_TCP_CONG_HSTCP=y CONFIG_TCP_CONG_HYBLA=y CONFIG_TCP_CONG_VEGAS=y CONFIG_TCP_CONG_SCALABLE=y CONFIG_TCP_CONG_LP=y CONFIG_TCP_CONG_VENO=y # CONFIG_TCP_CONG_YEAH is not set # CONFIG_TCP_CONG_ILLINOIS is not set # CONFIG_DEFAULT_BIC is not set CONFIG_DEFAULT_CUBIC=y # CONFIG_DEFAULT_HTCP is not set # CONFIG_DEFAULT_HYBLA is not set # CONFIG_DEFAULT_VEGAS is not set # CONFIG_DEFAULT_VENO is not set # CONFIG_DEFAULT_WESTWOOD is not set # CONFIG_DEFAULT_RENO is not set CONFIG_DEFAULT_TCP_CONG="cubic" # CONFIG_TCP_MD5SIG is not set CONFIG_IPV6=y CONFIG_IPV6_PRIVACY=y CONFIG_IPV6_ROUTER_PREF=y # CONFIG_IPV6_ROUTE_INFO is not set # CONFIG_IPV6_OPTIMISTIC_DAD is not set CONFIG_INET6_AH=y CONFIG_INET6_ESP=y CONFIG_INET6_IPCOMP=y # CONFIG_IPV6_MIP6 is not set CONFIG_INET6_XFRM_TUNNEL=y CONFIG_INET6_TUNNEL=y CONFIG_INET6_XFRM_MODE_TRANSPORT=y CONFIG_INET6_XFRM_MODE_TUNNEL=y CONFIG_INET6_XFRM_MODE_BEET=y # CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set CONFIG_IPV6_SIT=y # CONFIG_IPV6_SIT_6RD is not set CONFIG_IPV6_NDISC_NODETYPE=y CONFIG_IPV6_TUNNEL=y # CONFIG_IPV6_MULTIPLE_TABLES is not set # CONFIG_IPV6_MROUTE is not set # CONFIG_NETWORK_SECMARK is not set # CONFIG_NETWORK_PHY_TIMESTAMPING is not set CONFIG_NETFILTER=y # CONFIG_NETFILTER_DEBUG is not set CONFIG_NETFILTER_ADVANCED=y CONFIG_BRIDGE_NETFILTER=y # # Core Netfilter Configuration # CONFIG_NETFILTER_NETLINK=y CONFIG_NETFILTER_NETLINK_QUEUE=y CONFIG_NETFILTER_NETLINK_LOG=y # CONFIG_NF_CONNTRACK is not set # CONFIG_NETFILTER_TPROXY is not set CONFIG_NETFILTER_XTABLES=y # # Xtables combined modules # CONFIG_NETFILTER_XT_MARK=y # # Xtables targets # # CONFIG_NETFILTER_XT_TARGET_CHECKSUM is not set CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y # CONFIG_NETFILTER_XT_TARGET_DSCP is not set CONFIG_NETFILTER_XT_TARGET_HL=y # CONFIG_NETFILTER_XT_TARGET_IDLETIMER is not set CONFIG_NETFILTER_XT_TARGET_MARK=y # CONFIG_NETFILTER_XT_TARGET_NFLOG is not set CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y # CONFIG_NETFILTER_XT_TARGET_RATEEST is not set # CONFIG_NETFILTER_XT_TARGET_TEE is not set # CONFIG_NETFILTER_XT_TARGET_TRACE is not set # CONFIG_NETFILTER_XT_TARGET_TCPMSS is not set # CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP is not set # # Xtables matches # # CONFIG_NETFILTER_XT_MATCH_ADDRTYPE is not set CONFIG_NETFILTER_XT_MATCH_COMMENT=y # CONFIG_NETFILTER_XT_MATCH_CPU is not set CONFIG_NETFILTER_XT_MATCH_DCCP=y # CONFIG_NETFILTER_XT_MATCH_DEVGROUP is not set # CONFIG_NETFILTER_XT_MATCH_DSCP is not set CONFIG_NETFILTER_XT_MATCH_ESP=y # CONFIG_NETFILTER_XT_MATCH_HASHLIMIT is not set CONFIG_NETFILTER_XT_MATCH_HL=y # CONFIG_NETFILTER_XT_MATCH_IPRANGE is not set CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y CONFIG_NETFILTER_XT_MATCH_MAC=y CONFIG_NETFILTER_XT_MATCH_MARK=y CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y # CONFIG_NETFILTER_XT_MATCH_OSF is not set # CONFIG_NETFILTER_XT_MATCH_OWNER is not set CONFIG_NETFILTER_XT_MATCH_POLICY=y # CONFIG_NETFILTER_XT_MATCH_PHYSDEV is not set CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y CONFIG_NETFILTER_XT_MATCH_QUOTA=y # CONFIG_NETFILTER_XT_MATCH_RATEEST is not set CONFIG_NETFILTER_XT_MATCH_REALM=y # CONFIG_NETFILTER_XT_MATCH_RECENT is not set CONFIG_NETFILTER_XT_MATCH_SCTP=y CONFIG_NETFILTER_XT_MATCH_STATISTIC=y CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y # CONFIG_NETFILTER_XT_MATCH_TIME is not set # CONFIG_NETFILTER_XT_MATCH_U32 is not set # CONFIG_IP_SET is not set # CONFIG_IP_VS is not set # # IP: Netfilter Configuration # # CONFIG_NF_DEFRAG_IPV4 is not set CONFIG_IP_NF_QUEUE=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_AH=y CONFIG_IP_NF_MATCH_ECN=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_TARGET_LOG=y CONFIG_IP_NF_TARGET_ULOG=y CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_TARGET_ECN=y CONFIG_IP_NF_TARGET_TTL=y CONFIG_IP_NF_RAW=y CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_ARPFILTER=y CONFIG_IP_NF_ARP_MANGLE=y # # IPv6: Netfilter Configuration # # CONFIG_NF_DEFRAG_IPV6 is not set # CONFIG_IP6_NF_QUEUE is not set CONFIG_IP6_NF_IPTABLES=y CONFIG_IP6_NF_MATCH_AH=y CONFIG_IP6_NF_MATCH_EUI64=y CONFIG_IP6_NF_MATCH_FRAG=y CONFIG_IP6_NF_MATCH_OPTS=y CONFIG_IP6_NF_MATCH_HL=y CONFIG_IP6_NF_MATCH_IPV6HEADER=y # CONFIG_IP6_NF_MATCH_MH is not set CONFIG_IP6_NF_MATCH_RT=y CONFIG_IP6_NF_TARGET_HL=y CONFIG_IP6_NF_TARGET_LOG=y CONFIG_IP6_NF_FILTER=y CONFIG_IP6_NF_TARGET_REJECT=y CONFIG_IP6_NF_MANGLE=y CONFIG_IP6_NF_RAW=y CONFIG_BRIDGE_NF_EBTABLES=y CONFIG_BRIDGE_EBT_BROUTE=y CONFIG_BRIDGE_EBT_T_FILTER=y CONFIG_BRIDGE_EBT_T_NAT=y CONFIG_BRIDGE_EBT_802_3=y CONFIG_BRIDGE_EBT_AMONG=y CONFIG_BRIDGE_EBT_ARP=y CONFIG_BRIDGE_EBT_IP=y # CONFIG_BRIDGE_EBT_IP6 is not set CONFIG_BRIDGE_EBT_LIMIT=y CONFIG_BRIDGE_EBT_MARK=y CONFIG_BRIDGE_EBT_PKTTYPE=y CONFIG_BRIDGE_EBT_STP=y CONFIG_BRIDGE_EBT_VLAN=y CONFIG_BRIDGE_EBT_ARPREPLY=y CONFIG_BRIDGE_EBT_DNAT=y CONFIG_BRIDGE_EBT_MARK_T=y CONFIG_BRIDGE_EBT_REDIRECT=y CONFIG_BRIDGE_EBT_SNAT=y CONFIG_BRIDGE_EBT_LOG=y CONFIG_BRIDGE_EBT_ULOG=y # CONFIG_BRIDGE_EBT_NFLOG is not set CONFIG_GHOSTIFICATION_NETFILTER=y CONFIG_GHOSTIFICATION_NETFILTER_ALL=y # CONFIG_IP_DCCP is not set CONFIG_IP_SCTP=y # CONFIG_SCTP_DBG_MSG is not set # CONFIG_SCTP_DBG_OBJCNT is not set # CONFIG_SCTP_HMAC_NONE is not set # CONFIG_SCTP_HMAC_SHA1 is not set CONFIG_SCTP_HMAC_MD5=y # CONFIG_RDS is not set # CONFIG_TIPC is not set # CONFIG_ATM is not set # CONFIG_L2TP is not set CONFIG_STP=y CONFIG_BRIDGE=y CONFIG_BRIDGE_IGMP_SNOOPING=y # CONFIG_NET_DSA is not set CONFIG_VLAN_8021Q=y # CONFIG_VLAN_8021Q_GVRP is not set # CONFIG_DECNET is not set CONFIG_LLC=y # CONFIG_LLC2 is not set # CONFIG_IPX is not set # CONFIG_ATALK is not set # CONFIG_X25 is not set # CONFIG_LAPB is not set # CONFIG_ECONET is not set # CONFIG_WAN_ROUTER is not set # CONFIG_PHONET is not set # CONFIG_IEEE802154 is not set # CONFIG_NET_SCHED is not set # CONFIG_DCB is not set # CONFIG_BATMAN_ADV is not set # # Network testing # # CONFIG_NET_PKTGEN is not set # CONFIG_HAMRADIO is not set # CONFIG_CAN is not set # CONFIG_IRDA is not set # CONFIG_BT is not set # CONFIG_AF_RXRPC is not set CONFIG_FIB_RULES=y CONFIG_WIRELESS=y # CONFIG_CFG80211 is not set # CONFIG_LIB80211 is not set # # CFG80211 needs to be enabled for MAC80211 # # CONFIG_WIMAX is not set # CONFIG_RFKILL is not set # CONFIG_NET_9P is not set # CONFIG_CAIF is not set # CONFIG_CEPH_LIB is not set # CONFIG_NFC is not set CONFIG_GHOSTIFICATION=y CONFIG_GHOSTIFICATION_NUM=8 CONFIG_GHOSTIFICATION_MESG=y CONFIG_GHOSTIFICATION_PRINTK=y # CONFIG_GHOSTIFICATION_DEBUG is not set # CONFIG_GHOSTIFICATION_DEVEL is not set # # UML Network Devices # CONFIG_UML_NET=y CONFIG_UML_NET_ETHERTAP=y CONFIG_UML_NET_TUNTAP=y CONFIG_UML_NET_SLIP=y CONFIG_UML_NET_DAEMON=y # CONFIG_UML_NET_VDE is not set CONFIG_UML_NET_MCAST=y # CONFIG_UML_NET_PCAP is not set CONFIG_UML_NET_SLIRP=y # # File systems # CONFIG_EXT2_FS=y CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_POSIX_ACL=y # CONFIG_EXT2_FS_SECURITY is not set CONFIG_EXT2_FS_XIP=y CONFIG_EXT3_FS=y CONFIG_EXT3_DEFAULTS_TO_ORDERED=y CONFIG_EXT3_FS_XATTR=y CONFIG_EXT3_FS_POSIX_ACL=y # CONFIG_EXT3_FS_SECURITY is not set CONFIG_EXT4_FS=y CONFIG_EXT4_FS_XATTR=y CONFIG_EXT4_FS_POSIX_ACL=y # CONFIG_EXT4_FS_SECURITY is not set # CONFIG_EXT4_DEBUG is not set CONFIG_FS_XIP=y CONFIG_JBD=y CONFIG_JBD2=y CONFIG_FS_MBCACHE=y CONFIG_REISERFS_FS=y # CONFIG_REISERFS_CHECK is not set CONFIG_REISERFS_PROC_INFO=y CONFIG_REISERFS_FS_XATTR=y CONFIG_REISERFS_FS_POSIX_ACL=y # CONFIG_REISERFS_FS_SECURITY is not set CONFIG_JFS_FS=y CONFIG_JFS_POSIX_ACL=y # CONFIG_JFS_SECURITY is not set # CONFIG_JFS_DEBUG is not set CONFIG_JFS_STATISTICS=y CONFIG_XFS_FS=y # CONFIG_XFS_QUOTA is not set CONFIG_XFS_POSIX_ACL=y CONFIG_XFS_RT=y # CONFIG_XFS_DEBUG is not set # CONFIG_GFS2_FS is not set CONFIG_OCFS2_FS=y CONFIG_OCFS2_FS_O2CB=y CONFIG_OCFS2_DEBUG_MASKLOG=y # CONFIG_OCFS2_DEBUG_FS is not set CONFIG_BTRFS_FS=y CONFIG_BTRFS_FS_POSIX_ACL=y # CONFIG_NILFS2_FS is not set CONFIG_FS_POSIX_ACL=y CONFIG_EXPORTFS=y CONFIG_FILE_LOCKING=y CONFIG_FSNOTIFY=y CONFIG_DNOTIFY=y CONFIG_INOTIFY_USER=y # CONFIG_FANOTIFY is not set CONFIG_QUOTA=y # CONFIG_QUOTA_NETLINK_INTERFACE is not set CONFIG_PRINT_QUOTA_WARNING=y # CONFIG_QUOTA_DEBUG is not set CONFIG_QUOTA_TREE=y # CONFIG_QFMT_V1 is not set # CONFIG_QFMT_V2 is not set CONFIG_QUOTACTL=y CONFIG_AUTOFS4_FS=y CONFIG_FUSE_FS=y # CONFIG_CUSE is not set # # Caches # # CONFIG_FSCACHE is not set # # CD-ROM/DVD Filesystems # CONFIG_ISO9660_FS=y CONFIG_JOLIET=y CONFIG_ZISOFS=y CONFIG_UDF_FS=y CONFIG_UDF_NLS=y # # DOS/FAT/NT Filesystems # CONFIG_FAT_FS=y CONFIG_MSDOS_FS=y CONFIG_VFAT_FS=y CONFIG_FAT_DEFAULT_CODEPAGE=437 CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1" CONFIG_NTFS_FS=y # CONFIG_NTFS_DEBUG is not set CONFIG_NTFS_RW=y # # Pseudo filesystems # CONFIG_PROC_FS=y CONFIG_PROC_KCORE=y CONFIG_PROC_SYSCTL=y CONFIG_PROC_PAGE_MONITOR=y CONFIG_SYSFS=y CONFIG_TMPFS=y # CONFIG_TMPFS_POSIX_ACL is not set # CONFIG_TMPFS_XATTR is not set # CONFIG_HUGETLB_PAGE is not set CONFIG_CONFIGFS_FS=y CONFIG_MISC_FILESYSTEMS=y # CONFIG_ADFS_FS is not set # CONFIG_AFFS_FS is not set # CONFIG_HFS_FS is not set # CONFIG_HFSPLUS_FS is not set # CONFIG_BEFS_FS is not set # CONFIG_BFS_FS is not set # CONFIG_EFS_FS is not set # CONFIG_LOGFS is not set CONFIG_CRAMFS=y # CONFIG_SQUASHFS is not set # CONFIG_SQUASHFS_XATTR is not set # CONFIG_SQUASHFS_ZLIB is not set # CONFIG_SQUASHFS_LZO is not set # CONFIG_SQUASHFS_XZ is not set # CONFIG_SQUASHFS_4K_DEVBLK_SIZE is not set # CONFIG_SQUASHFS_EMBEDDED is not set # CONFIG_SQUASHFS_FRAGMENT_CACHE_SIZE is not set # CONFIG_VXFS_FS is not set CONFIG_MINIX_FS=y # CONFIG_OMFS_FS is not set # CONFIG_HPFS_FS is not set # CONFIG_QNX4FS_FS is not set CONFIG_ROMFS_FS=y CONFIG_ROMFS_BACKED_BY_BLOCK=y CONFIG_ROMFS_ON_BLOCK=y # CONFIG_PSTORE is not set # CONFIG_SYSV_FS is not set # CONFIG_UFS_FS is not set CONFIG_NETWORK_FILESYSTEMS=y CONFIG_NFS_FS=y CONFIG_NFS_V3=y # CONFIG_NFS_V3_ACL is not set # CONFIG_NFS_V4 is not set # CONFIG_ROOT_NFS is not set CONFIG_NFSD=y CONFIG_NFSD_V2_ACL=y CONFIG_NFSD_V3=y CONFIG_NFSD_V3_ACL=y # CONFIG_NFSD_V4 is not set CONFIG_LOCKD=y CONFIG_LOCKD_V4=y CONFIG_NFS_ACL_SUPPORT=y CONFIG_NFS_COMMON=y CONFIG_SUNRPC=y # CONFIG_CEPH_FS is not set CONFIG_CIFS=y CONFIG_CIFS_STATS=y CONFIG_CIFS_STATS2=y # CONFIG_CIFS_WEAK_PW_HASH is not set # CONFIG_CIFS_XATTR is not set # CONFIG_CIFS_DEBUG2 is not set # CONFIG_NCP_FS is not set # CONFIG_CODA_FS is not set # CONFIG_AFS_FS is not set # # Partition Types # CONFIG_PARTITION_ADVANCED=y # CONFIG_ACORN_PARTITION is not set # CONFIG_OSF_PARTITION is not set # CONFIG_AMIGA_PARTITION is not set # CONFIG_ATARI_PARTITION is not set # CONFIG_MAC_PARTITION is not set CONFIG_MSDOS_PARTITION=y CONFIG_BSD_DISKLABEL=y # CONFIG_MINIX_SUBPARTITION is not set # CONFIG_SOLARIS_X86_PARTITION is not set # CONFIG_UNIXWARE_DISKLABEL is not set CONFIG_LDM_PARTITION=y CONFIG_LDM_DEBUG=y # CONFIG_SGI_PARTITION is not set # CONFIG_ULTRIX_PARTITION is not set # CONFIG_SUN_PARTITION is not set # CONFIG_KARMA_PARTITION is not set # CONFIG_EFI_PARTITION is not set # CONFIG_SYSV68_PARTITION is not set CONFIG_NLS=y CONFIG_NLS_DEFAULT="iso8859-1" CONFIG_NLS_CODEPAGE_437=y # CONFIG_NLS_CODEPAGE_737 is not set # CONFIG_NLS_CODEPAGE_775 is not set CONFIG_NLS_CODEPAGE_850=y # CONFIG_NLS_CODEPAGE_852 is not set # CONFIG_NLS_CODEPAGE_855 is not set # CONFIG_NLS_CODEPAGE_857 is not set # CONFIG_NLS_CODEPAGE_860 is not set # CONFIG_NLS_CODEPAGE_861 is not set # CONFIG_NLS_CODEPAGE_862 is not set # CONFIG_NLS_CODEPAGE_863 is not set # CONFIG_NLS_CODEPAGE_864 is not set # CONFIG_NLS_CODEPAGE_865 is not set # CONFIG_NLS_CODEPAGE_866 is not set # CONFIG_NLS_CODEPAGE_869 is not set CONFIG_NLS_CODEPAGE_936=y CONFIG_NLS_CODEPAGE_950=y # CONFIG_NLS_CODEPAGE_932 is not set # CONFIG_NLS_CODEPAGE_949 is not set # CONFIG_NLS_CODEPAGE_874 is not set # CONFIG_NLS_ISO8859_8 is not set # CONFIG_NLS_CODEPAGE_1250 is not set # CONFIG_NLS_CODEPAGE_1251 is not set # CONFIG_NLS_ASCII is not set CONFIG_NLS_ISO8859_1=y # CONFIG_NLS_ISO8859_2 is not set # CONFIG_NLS_ISO8859_3 is not set # CONFIG_NLS_ISO8859_4 is not set # CONFIG_NLS_ISO8859_5 is not set CONFIG_NLS_ISO8859_6=y # CONFIG_NLS_ISO8859_7 is not set CONFIG_NLS_ISO8859_9=y # CONFIG_NLS_ISO8859_13 is not set # CONFIG_NLS_ISO8859_14 is not set # CONFIG_NLS_ISO8859_15 is not set # CONFIG_NLS_KOI8_R is not set # CONFIG_NLS_KOI8_U is not set CONFIG_NLS_UTF8=y # CONFIG_DLM is not set # # Security options # # CONFIG_KEYS is not set # CONFIG_SECURITY_DMESG_RESTRICT is not set # CONFIG_SECURITY is not set # CONFIG_SECURITYFS is not set CONFIG_DEFAULT_SECURITY_DAC=y CONFIG_DEFAULT_SECURITY="" CONFIG_CRYPTO=y # # Crypto core or helper # CONFIG_CRYPTO_ALGAPI=y CONFIG_CRYPTO_ALGAPI2=y CONFIG_CRYPTO_AEAD=y CONFIG_CRYPTO_AEAD2=y CONFIG_CRYPTO_BLKCIPHER=y CONFIG_CRYPTO_BLKCIPHER2=y CONFIG_CRYPTO_HASH=y CONFIG_CRYPTO_HASH2=y CONFIG_CRYPTO_RNG=y CONFIG_CRYPTO_RNG2=y CONFIG_CRYPTO_PCOMP2=y CONFIG_CRYPTO_MANAGER=y CONFIG_CRYPTO_MANAGER2=y # CONFIG_CRYPTO_USER is not set CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y # CONFIG_CRYPTO_GF128MUL is not set CONFIG_CRYPTO_NULL=y CONFIG_CRYPTO_WORKQUEUE=y # CONFIG_CRYPTO_CRYPTD is not set CONFIG_CRYPTO_AUTHENC=y # CONFIG_CRYPTO_TEST is not set # # Authenticated Encryption with Associated Data # # CONFIG_CRYPTO_CCM is not set # CONFIG_CRYPTO_GCM is not set # CONFIG_CRYPTO_SEQIV is not set # # Block modes # CONFIG_CRYPTO_CBC=y # CONFIG_CRYPTO_CTR is not set # CONFIG_CRYPTO_CTS is not set CONFIG_CRYPTO_ECB=y # CONFIG_CRYPTO_LRW is not set # CONFIG_CRYPTO_PCBC is not set # CONFIG_CRYPTO_XTS is not set # # Hash modes # CONFIG_CRYPTO_HMAC=y # CONFIG_CRYPTO_XCBC is not set # CONFIG_CRYPTO_VMAC is not set # # Digest # CONFIG_CRYPTO_CRC32C=y # CONFIG_CRYPTO_GHASH is not set CONFIG_CRYPTO_MD4=y CONFIG_CRYPTO_MD5=y CONFIG_CRYPTO_MICHAEL_MIC=y # CONFIG_CRYPTO_RMD128 is not set # CONFIG_CRYPTO_RMD160 is not set # CONFIG_CRYPTO_RMD256 is not set # CONFIG_CRYPTO_RMD320 is not set CONFIG_CRYPTO_SHA1=y CONFIG_CRYPTO_SHA256=y CONFIG_CRYPTO_SHA512=y CONFIG_CRYPTO_TGR192=y CONFIG_CRYPTO_WP512=y # # Ciphers # CONFIG_CRYPTO_AES=y CONFIG_CRYPTO_AES_586=y CONFIG_CRYPTO_ANUBIS=y CONFIG_CRYPTO_ARC4=y CONFIG_CRYPTO_BLOWFISH=y CONFIG_CRYPTO_BLOWFISH_COMMON=y # CONFIG_CRYPTO_CAMELLIA is not set CONFIG_CRYPTO_CAST5=y CONFIG_CRYPTO_CAST6=y CONFIG_CRYPTO_DES=y # CONFIG_CRYPTO_FCRYPT is not set CONFIG_CRYPTO_KHAZAD=y # CONFIG_CRYPTO_SALSA20 is not set # CONFIG_CRYPTO_SALSA20_586 is not set # CONFIG_CRYPTO_SEED is not set CONFIG_CRYPTO_SERPENT=y CONFIG_CRYPTO_TEA=y CONFIG_CRYPTO_TWOFISH=y CONFIG_CRYPTO_TWOFISH_COMMON=y # CONFIG_CRYPTO_TWOFISH_586 is not set # # Compression # CONFIG_CRYPTO_DEFLATE=y # CONFIG_CRYPTO_ZLIB is not set # CONFIG_CRYPTO_LZO is not set # # Random Number Generation # CONFIG_CRYPTO_ANSI_CPRNG=y # CONFIG_CRYPTO_USER_API_HASH is not set # CONFIG_CRYPTO_USER_API_SKCIPHER is not set CONFIG_CRYPTO_HW=y # CONFIG_BINARY_PRINTF is not set # # Library routines # CONFIG_BITREVERSE=y CONFIG_GENERIC_FIND_FIRST_BIT=y CONFIG_CRC_CCITT=y CONFIG_CRC16=y # CONFIG_CRC_T10DIF is not set CONFIG_CRC_ITU_T=y CONFIG_CRC32=y # CONFIG_CRC7 is not set CONFIG_LIBCRC32C=y # CONFIG_CRC8 is not set CONFIG_ZLIB_INFLATE=y CONFIG_ZLIB_DEFLATE=y CONFIG_LZO_COMPRESS=y CONFIG_LZO_DECOMPRESS=y CONFIG_XZ_DEC=y CONFIG_XZ_DEC_X86=y CONFIG_XZ_DEC_POWERPC=y CONFIG_XZ_DEC_IA64=y CONFIG_XZ_DEC_ARM=y CONFIG_XZ_DEC_ARMTHUMB=y CONFIG_XZ_DEC_SPARC=y CONFIG_XZ_DEC_BCJ=y # CONFIG_XZ_DEC_TEST is not set CONFIG_DECOMPRESS_GZIP=y CONFIG_DECOMPRESS_BZIP2=y CONFIG_DECOMPRESS_LZMA=y CONFIG_DECOMPRESS_XZ=y CONFIG_DECOMPRESS_LZO=y CONFIG_TEXTSEARCH=y CONFIG_TEXTSEARCH_KMP=y CONFIG_TEXTSEARCH_BM=y CONFIG_TEXTSEARCH_FSM=y CONFIG_NLATTR=y # CONFIG_AVERAGE is not set # CONFIG_CORDIC is not set # # Kernel hacking # # CONFIG_PRINTK_TIME is not set CONFIG_DEFAULT_MESSAGE_LOGLEVEL=4 CONFIG_ENABLE_WARN_DEPRECATED=y CONFIG_ENABLE_MUST_CHECK=y CONFIG_FRAME_WARN=2048 # CONFIG_STRIP_ASM_SYMS is not set # CONFIG_UNUSED_SYMBOLS is not set # CONFIG_DEBUG_FS is not set # CONFIG_DEBUG_SECTION_MISMATCH is not set CONFIG_DEBUG_KERNEL=y # CONFIG_DEBUG_SHIRQ is not set # CONFIG_LOCKUP_DETECTOR is not set # CONFIG_HARDLOCKUP_DETECTOR is not set # CONFIG_DETECT_HUNG_TASK is not set CONFIG_SCHED_DEBUG=y # CONFIG_SCHEDSTATS is not set # CONFIG_TIMER_STATS is not set # CONFIG_DEBUG_OBJECTS is not set # CONFIG_DEBUG_SLAB is not set # CONFIG_DEBUG_RT_MUTEXES is not set # CONFIG_RT_MUTEX_TESTER is not set # CONFIG_DEBUG_SPINLOCK is not set # CONFIG_DEBUG_MUTEXES is not set # CONFIG_SPARSE_RCU_POINTER is not set # CONFIG_DEBUG_ATOMIC_SLEEP is not set # CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set # CONFIG_DEBUG_STACK_USAGE is not set # CONFIG_DEBUG_KOBJECT is not set CONFIG_DEBUG_BUGVERBOSE=y CONFIG_DEBUG_INFO=y # CONFIG_DEBUG_INFO_REDUCED is not set # CONFIG_DEBUG_VM is not set # CONFIG_DEBUG_WRITECOUNT is not set CONFIG_DEBUG_MEMORY_INIT=y # CONFIG_DEBUG_LIST is not set # CONFIG_TEST_LIST_SORT is not set # CONFIG_DEBUG_SG is not set # CONFIG_DEBUG_NOTIFIERS is not set # CONFIG_DEBUG_CREDENTIALS is not set CONFIG_FRAME_POINTER=y # CONFIG_BOOT_PRINTK_DELAY is not set # CONFIG_RCU_TORTURE_TEST is not set # CONFIG_BACKTRACE_SELF_TEST is not set # CONFIG_DEBUG_BLOCK_EXT_DEVT is not set # CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set # CONFIG_FAULT_INJECTION is not set # CONFIG_SYSCTL_SYSCALL_CHECK is not set # CONFIG_DEBUG_PAGEALLOC is not set # CONFIG_ATOMIC64_SELFTEST is not set # CONFIG_SAMPLES is not set # CONFIG_TEST_KSTRTOX is not set # CONFIG_GPROF is not set # CONFIG_GCOV is not set CONFIG_EARLY_PRINTK=y marionnet-0.90.6+bzr508.orig/uml/kernel/linux-3.2.%-ghost.diff0000644000175000017500000026641113175722671022427 0ustar lucaslucasdiff -ruN linux-3.2.48--original/include/linux/netdevice.h linux-3.2.48/include/linux/netdevice.h --- linux-3.2.48--original/include/linux/netdevice.h 2013-06-29 05:06:45.000000000 +0200 +++ linux-3.2.48/include/linux/netdevice.h 2013-07-01 11:59:07.000000000 +0200 @@ -14,6 +14,8 @@ * Alan Cox, * Bjorn Ekwall. * Pekka Riikonen + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -2735,4 +2737,12 @@ #endif /* __KERNEL__ */ +/* + * (ghost support) Just check whether the given name + * belongs to the ghost interface + */ +#ifdef CONFIG_GHOSTIFICATION +int is_a_ghost_interface_name(const char *interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + #endif /* _LINUX_NETDEVICE_H */ diff -ruN linux-3.2.48--original/include/linux/sockios.h linux-3.2.48/include/linux/sockios.h --- linux-3.2.48--original/include/linux/sockios.h 2013-06-29 05:06:45.000000000 +0200 +++ linux-3.2.48/include/linux/sockios.h 2013-07-01 11:59:07.000000000 +0200 @@ -9,6 +9,8 @@ * * Authors: Ross Biro * Fred N. van Kempen, + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -85,6 +87,13 @@ #define SIOCOUTQNSD 0x894B /* output queue size (not sent only) */ +/* (ghost support) ghostification's ioctl */ +#ifdef CONFIG_GHOSTIFICATION +#define SIOKLOG 0x894D /* Write a string to the log */ +#define SIOCGIFGHOSTIFY 0x894E /* Make a network device 'ghost' */ +#define SIOCGIFUNGHOSTIFY 0x894F /* Make a network device 'ghost' */ +#endif /* CONFIG_GHOSTIFICATION */ + /* ARP cache control calls. */ /* 0x8950 - 0x8952 * obsolete calls, don't re-use */ #define SIOCDARP 0x8953 /* delete ARP table entry */ diff -ruN linux-3.2.48--original/include/net/ghostdebug.h linux-3.2.48/include/net/ghostdebug.h --- linux-3.2.48--original/include/net/ghostdebug.h 1970-01-01 01:00:00.000000000 +0100 +++ linux-3.2.48/include/net/ghostdebug.h 2013-07-01 11:59:07.000000000 +0200 @@ -0,0 +1,93 @@ +/* + * Ghost support: + * Some trivials macros for display messages, trace ghost ops, + * debug and devel the ghostification kernel patch. + * + * Authors: Roudiere Jonathan, + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version + * 2 of the License, or (at your option) any later version. + */ + +#ifndef __GHOSTDEBUG__ +#define __GHOSTDEBUG__ + +#ifdef CONFIG_GHOSTIFICATION + +/* + * Ghost macros: there are three type of macros for three kind of + * information level : + * + * - the first one is ghost_ptk, that is a simple printk with the + * KERN_INFO log level, it is the standard type of display used + * by the ghostification kernel code to allow user to monitor + * ghost operations, if GHOSTIFICATION_PRINTK is not defined then + * user will not any information about the ghostified interfaces + * and the ghost engine (almost any infos ;-)), + * + * - ghost_debug and ghost_debugmsg are respectively used to show a + * calling card in a part of the code (function, files) and to show + * in plus informations additional (variable, etc ..), these two macros + * display messages with the level KERNEL_DEBUG, + * + * - ghost_devel and ghost_develmsg are very similar (redundant) + * in both previous ones, they are mainly used for the development + * of the patch to follow the stream of execution, activate + * GHOSTIFICATION_DEVEL has interest only for developers. + * +*/ + +/* + * Macro usable to debug during normal usage of the kernel. +*/ +#ifdef CONFIG_GHOSTIFICATION_DEBUG +#define ghost_debug \ + printk(KERN_DEBUG \ + "(ghost_debug): file(%s): funct(%s): line(%04d): -- info debug -- \n", \ + __FILE__, __FUNCTION__, __LINE__) +#define ghost_debugmsg(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost_debug): file(%s): funct(%s): line(%04d): " msg "\n", \ + __FILE__, __FUNCTION__, __LINE__, ##args) +#else +#define ghost_debug +#define ghost_debugmsg(msg,args...) +#endif + +/* + * A little bit redundant with the macro ghost_debug/debugmsg + * but allows a difference in the use, they are not used for the + * debugging, but to verify roads borrowed during the development. + * (note: certainly remove at next release of the patch) +*/ +#ifdef CONFIG_GHOSTIFICATION_DEVEL +#define ghost_devel \ + printk(KERN_DEBUG \ + "(ghost_devel): file(%s): funct(%s): line(%04d): -- info devel -- \n", \ + __FILE__, __FUNCTION__, __LINE__) +#define ghost_develmsg(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost_devel): file(%s): funct(%s): line(%04d): " msg "\n", \ + __FILE__, __FUNCTION__, __LINE__, ##args) +#else +#define ghost_devel +#define ghost_develmsg(msg,args...) +#endif + +/* + * Macro to display all message from chunk of code which has + * ghostification in charge (use macro to add debug level later). +*/ +#ifdef CONFIG_GHOSTIFICATION_PRINTK +#define ghost_ptk(msg,args...) \ + printk(KERN_DEBUG \ + "(ghost) " msg "\n", ##args) +#else +#define ghost_ptk(msg,args...) +#endif + +#endif /* CONFIG_GHOSTIFICATION */ + +#endif /* __GHOSTDEBUG__ */ diff -ruN linux-3.2.48--original/kernel/softirq.c linux-3.2.48/kernel/softirq.c --- linux-3.2.48--original/kernel/softirq.c 2013-06-29 05:06:45.000000000 +0200 +++ linux-3.2.48/kernel/softirq.c 2013-07-01 11:59:07.000000000 +0200 @@ -134,8 +134,11 @@ static void __local_bh_enable(unsigned int cnt) { +/* (ghost support) we don't want disturbe user's console */ +#ifndef CONFIG_GHOSTIFICATION WARN_ON_ONCE(in_irq()); WARN_ON_ONCE(!irqs_disabled()); +#endif if (softirq_count() == cnt) trace_softirqs_on((unsigned long)__builtin_return_address(0)); @@ -156,7 +159,10 @@ static inline void _local_bh_enable_ip(unsigned long ip) { +/* (ghost support) we don't want disturbe user's console */ +#ifndef CONFIG_GHOSTIFICATION WARN_ON_ONCE(in_irq() || irqs_disabled()); +#endif #ifdef CONFIG_TRACE_IRQFLAGS local_irq_disable(); #endif Binary files linux-3.2.48--original/linux and linux-3.2.48/linux differ diff -ruN linux-3.2.48--original/net/core/dev.c linux-3.2.48/net/core/dev.c --- linux-3.2.48--original/net/core/dev.c 2013-06-29 05:06:45.000000000 +0200 +++ linux-3.2.48/net/core/dev.c 2013-07-01 11:59:07.000000000 +0200 @@ -18,6 +18,7 @@ * Alexey Kuznetsov * Adam Sulmicki * Pekka Riikonen + * Luca Saiu (ghostification support) * * Changes: * D.J. Barrow : Fixed bug where dev->refcnt gets set @@ -70,6 +71,8 @@ * indefinitely on dev->refcnt * J Hadi Salim : - Backlog queue sampling * - netif_rx() feedback + * Roudiere Jonathan : make some buxfix in ghostification engine + * verify CAP_NET_ADMIN before (un)ghost iface */ #include @@ -147,6 +150,231 @@ #define GRO_MAX_HEAD (MAX_HEADER + 128) /* + * (ghost support) Chunk of code which has in charge + * the ghostification of network interfaces. + */ +#ifdef CONFIG_GHOSTIFICATION +#include + +/* The maximum number of ghost interfaces allowed at any given time: */ +#define MAX_GHOST_INTERFACES_NO CONFIG_GHOSTIFICATION_NUM + +/* + * A crude unsorted array of unique names, where "" stands for an + * empty slot. Elements are so few that an hash table would be overkill, + * and possibly also less efficient than this solution: + */ +static char ghost_interface_names[MAX_GHOST_INTERFACES_NO][IFNAMSIZ]; + +/* A lock protecting the ghost interfaces' support structure: */ +/* static DEFINE_SPINLOCK(ghostification_spin_lock); */ +/* static rwlock_t ghostification_spin_lock = RW_LOCK_UNLOCKED; */ +static DEFINE_RWLOCK(ghostification_spin_lock); + +/* Lock disabling local interrupts and saving flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + unsigned long flags; write_lock_irqsave(&ghostification_spin_lock, flags) + +/* Unlock re-enabling interrupts and restoring flags. This is for + readers/writers, which should be prevented from interfering with + other readers/writers and with readers: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING \ + write_unlock_irqrestore(&ghostification_spin_lock, flags) + +/* Lock disabling local interrupts and saving flags. This is for + readers, which are allowed to execute concurrently: */ +#define LOCK_GHOSTIFICATION_FOR_READING \ + unsigned long flags; read_lock_irqsave(&ghostification_spin_lock, flags) + +/* Lock re-enabling interrupts and restoring flags. This is for + readers, which are allowed to execute concurrently: */ +#define UNLOCK_GHOSTIFICATION_FOR_READING \ + read_unlock_irqrestore(&ghostification_spin_lock, flags) + +#ifdef CONFIG_IPV6 +/* Defined in net/ipv6/addrconf.c: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name); +#endif /* CONFIG_IPV6 */ + +/* Return the index of the given element (which may be "") within + ghost_interface_names, or -1 on failure. Note that this must be + executed in a critical section: */ +static int __lookup_ghost_interface_names(const char *interface_name) +{ + int i; + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(!strcmp(interface_name, ghost_interface_names[i])) + return i; /* we found the given name in the i-th element */ + return -1; /* we didn't find the given name in the array */ +} + +/* This is useful for debugging. It must be called in a critical section. */ +static void __dump_ghost_interfaces(void) +{ + int i; + int number_of_ghost_interfaces = 0; + + ghost_ptk("Ghost interfaces are now: "); + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + if(strcmp(ghost_interface_names[i], "")) { + number_of_ghost_interfaces++; + ghost_ptk("%i. %s", number_of_ghost_interfaces, + ghost_interface_names[i]); + } + + ghost_ptk("There are now %i ghost interfaces. " + "A maximum of %i can exist at any given time.", + number_of_ghost_interfaces, MAX_GHOST_INTERFACES_NO); +} + +/* Just check whether the given name belongs to a ghost interface. + This must be called in a critical section: */ +int __is_a_ghost_interface_name(const char *interface_name) +{ + /* Particular case: "" is *not* a ghost interface name, even + if it's in the ghost interfaces array (we use it just to mark + an empty slot): */ + if(interface_name[0] == '\0') + return 0; + /* Just check whether interface_name is an element of the array: */ + return __lookup_ghost_interface_names(interface_name) >= 0; +} + +/* Just check whether the given name belongs to a ghost interface: */ +int is_a_ghost_interface_name(const char *interface_name) +{ + int result; + LOCK_GHOSTIFICATION_FOR_READING; + /* Just check whether interface_name is an element of the array: */ + result = __is_a_ghost_interface_name(interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING; + return result; +} + +/* Make the given interface ghost. Return 0 on success, nonzero on + failure. Failure occours when the interface is already ghost or + does not exist: */ +static int ghostify_interface(char *interface_name) +{ + int a_free_element_index; + const size_t name_length = strlen(interface_name); + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + + /* Let's avoid buffer overflows... This could possibly be exploited: */ + if((name_length >= IFNAMSIZ) || (name_length == 0)) + { + ghost_ptk("The user asked to ghostify the interface %s, " + "which has a name of length %i. Failing.", + interface_name, name_length); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EINVAL; + } + + /* Fail if the interface is already ghostified. In particular we + want *no* duplicates in the array. Note that we're already in + a critical section here, so there's no need for locking: */ + if(__is_a_ghost_interface_name(interface_name)) + { + ghost_ptk("Could not ghostify the interface %s, " + "because it\'s already ghost.", interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -EEXIST; /* File exists, seems to be more appropriate */ + /* return -EINVAL; */ + } + + /* Fail if the interface is not found. We don't want add a + no-existing interface in our array */ + struct net_device *device; + device = dev_get_by_name(&init_net, interface_name); + if (device == NULL) { + ghost_ptk("Could not ghostify the interface %s which " + "doesn't exist. Try again.", interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENODEV; + } + + /* Look for a free spot: */ + a_free_element_index = __lookup_ghost_interface_names(""); + if(a_free_element_index < 0) + { + ghost_ptk("Could not ghostify the interface %s, " + "because %i interfaces are already ghostified. Sorry.", + interface_name, MAX_GHOST_INTERFACES_NO); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENOMEM; + } + + /* Ok, we found a free spot; just copy the interface name: */ + strcpy(ghost_interface_names[a_free_element_index], interface_name); + +#ifdef CONFIG_IPV6 + /* Hide /proc/net/dev_snmp6/DEVICE for the new ghost DEVICE: */ + hide_proc_net_dev_snmp6_DEVICE_if_needed( + ghost_interface_names[a_free_element_index]); +#endif /* CONFIG_IPV6 */ + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} + +/* Make the given interface, which should be ghost, non-ghost. + Return 0 on success, nonzero on failure. Failure occours when + the given interface is non-ghost or does not exist: */ +static int unghostify_interface(char *ghost_interface_name) +{ + int the_interface_index; + struct net_device *device; + LOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + + /* Fail if the interface is not found. It is not necessary + to search in the array a no-existing interface and allow + to return a more appropriate error code to the userspace. */ + device = dev_get_by_name(&init_net, ghost_interface_name); + if (device == NULL) { + ghost_ptk("Could not unghostify the interface %s " + "which doesn't exist. Try again.\n", ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ENODEV; + } + + /* Look for the given interface: */ + the_interface_index = + __lookup_ghost_interface_names(ghost_interface_name); + if(the_interface_index < 0) + { + ghost_ptk("Could not unghostify the interface %s, \ + because it's non-ghost or not existing.\n", + ghost_interface_name); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return -ESRCH; /* No such device or address, seems to be more appropriate */ + /* return -EINVAL; */ + } + + /* Ok, we found the interface: just "remove" its name from the array: */ + ghost_interface_names[the_interface_index][0] = '\0'; + +#ifdef CONFIG_IPV6 + /* Show again /proc/net/dev_snmp6/DEVICE for the now non-ghost DEVICE: */ + show_proc_net_dev_snmp6_DEVICE_if_needed(ghost_interface_name); +#endif /* CONFIG_IPV6 */ + + __dump_ghost_interfaces(); + UNLOCK_GHOSTIFICATION_FOR_READING_AND_WRITING; + return 0; +} +EXPORT_SYMBOL(is_a_ghost_interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + +/* + * (ghost support) End of ghostification support + */ + + +/* * The list of packet types we will receive (as opposed to discard) * and the routines to invoke. * @@ -576,6 +804,13 @@ { int ints[5]; struct ifmap map; + /* (ghost support) There are no ghost interfaces by default */ +#ifdef CONFIG_GHOSTIFICATION + int i; + + for(i = 0; i < MAX_GHOST_INTERFACES_NO; i++) + ghost_interface_names[i][0] = '\0'; +#endif /* CONFIG_GHOSTIFICATION */ str = get_options(str, ARRAY_SIZE(ints), ints); if (!str || !*str) @@ -4076,11 +4311,20 @@ len = ifc.ifc_len; /* - * Loop over the interfaces, and write an info block for each. + * Loop over the interfaces, and write an info block for each, + * (ghost support) unless they are ghostified. */ total = 0; for_each_netdev(net, dev) { +#ifdef CONFIG_GHOSTIFICATION + /* Don't tell the user about ghost interfaces: just skip them */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Skipping the ghost interface %s in SIOCGIFCONF", + dev->name); + continue; + } +#endif /* CONFIG_GHOSTIFICATION */ for (i = 0; i < NPROTO; i++) { if (gifconf_list[i]) { int done; @@ -4183,6 +4427,10 @@ struct rtnl_link_stats64 temp; const struct rtnl_link_stats64 *stats = dev_get_stats(dev, &temp); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't show anything in /proc if iface is ghostified */ + if(! is_a_ghost_interface_name(dev->name)) +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(seq, "%6s: %7llu %7llu %4llu %4llu %4llu %5llu %10llu %9llu " "%8llu %7llu %4llu %4llu %4llu %5llu %7llu %10llu\n", dev->name, stats->rx_bytes, stats->rx_packets, @@ -4891,6 +5139,16 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) skip if it is a ghostified interface */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("The user is performing a SIOCxIFxxx ioctl() " + "on the ghost interface %s, Failing.", dev->name); + ghost_debugmsg("we make the SIOCxIFxxx ioctl's call fail with -ENODEV"); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + switch (cmd) { case SIOCGIFFLAGS: /* Get interface flags */ ifr->ifr_flags = (short) dev_get_flags(dev); @@ -4961,6 +5219,17 @@ ops = dev->netdev_ops; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) skip if it is a ghostified interface */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("The user is performing a SIOCxIFxxx ioctl() on " + "the ghost interface %s, Failing.", dev->name); + ghost_debugmsg("we make the SIOCxIFxxx ioctl's call fail " + "with -ENODEV"); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + switch (cmd) { case SIOCSIFFLAGS: /* Set interface flags */ return dev_change_flags(dev, ifr->ifr_flags); @@ -5107,6 +5376,56 @@ */ switch (cmd) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) catch ghostification's ioctl */ + case SIOKLOG: { + char text[1000]; + if(copy_from_user(text, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + text[IFNAMSIZ] = '\0'; + printk(KERN_DEBUG "%s\n", text); + return 0; + } + /* (un)ghostification ops require superuser power */ + case SIOCGIFGHOSTIFY: { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, + (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + ghost_ptk("The user asked to ghostify the interface %s.", + interface_name); + if((failure = ghostify_interface(interface_name)) == 0) + ghost_ptk("Ok, %s was ghostified.", + interface_name); + else + ghost_ptk("Failure in ghostification of %s.", + interface_name); + return failure; + } + case SIOCGIFUNGHOSTIFY: { + if (!capable(CAP_NET_ADMIN)) + return -EPERM; + char interface_name[1000]; + int failure; + if(copy_from_user(interface_name, (char __user *)arg, IFNAMSIZ + 1)) + return -EFAULT; + interface_name[IFNAMSIZ] = '\0'; + ghost_ptk("The user asked to unghostify the interface %s.", + interface_name); + if((failure = unghostify_interface(interface_name)) == 0) + ghost_ptk("Ok, %s was unghostified.", + interface_name); + else + ghost_ptk("Failure in unghostification of %s.", + interface_name); + return failure; + } + /* end of ghostficiation ioctl */ +#endif /* CONFIG_GHOSTIFICATION */ /* * These ioctl calls: * - can be done by all. diff -ruN linux-3.2.48--original/net/core/rtnetlink.c linux-3.2.48/net/core/rtnetlink.c --- linux-3.2.48--original/net/core/rtnetlink.c 2013-06-29 05:06:45.000000000 +0200 +++ linux-3.2.48/net/core/rtnetlink.c 2013-07-01 15:55:19.000000000 +0200 @@ -12,8 +12,12 @@ * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * - * Fixes: + * Fixes: * Vitaly E. Lavrov RTA_OK arithmetics was wrong. + * + * Changes: + * Roudiere Jonathan Some changes + * to ghost support, to allow to hide ghost net interfaces */ #include @@ -53,6 +57,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + struct rtnl_link { rtnl_doit_func doit; rtnl_dumpit_func dumpit; @@ -118,7 +127,10 @@ static rtnl_doit_func rtnl_get_doit(int protocol, int msgindex) { struct rtnl_link *tab; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("protocol = %i and msgindex %i ",protocol, msgindex); +#endif if (protocol <= RTNL_FAMILY_MAX) tab = rtnl_msg_handlers[protocol]; else @@ -133,7 +145,10 @@ static rtnl_dumpit_func rtnl_get_dumpit(int protocol, int msgindex) { struct rtnl_link *tab; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("protocol = %i and msgindex %i ",protocol, msgindex); +#endif if (protocol <= RTNL_FAMILY_MAX) tab = rtnl_msg_handlers[protocol]; else @@ -577,6 +592,12 @@ { struct sock *rtnl = net->rtnl; int report = 0; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add inforation to devel patch */ + ghost_develmsg("pid = %i, nlh->nlmsg_pid = %i, nlh->nlmsg_type %i " + "and nlh->nlmsg_seq = %i", pid, nlh->nlmsg_pid, + nlh->nlmsg_type, nlh->nlmsg_seq); +#endif if (nlh) report = nlmsg_report(nlh); @@ -887,6 +908,20 @@ if (nlh == NULL) return -EMSGSIZE; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) add information to devel patch */ + ghost_develmsg("pid = %i, nlh->nlmsg_pid = %i, nlh->nlmsg_type " + "= %i, seq = %i and nlh->nlmsg_seq = %i", + pid, nlh->nlmsg_pid, nlh->nlmsg_type, + seq, nlh->nlmsg_seq); + ghost_develmsg("dev->name = %s and dev->ifindex = %i", + dev->name, + dev->ifindex); + /* function whose call rtnl_fill_ifinfo has been modified, except + rtmsg_ifinfo so if it will be necessary to skip ghost iface here then + keep in your mind to test pid because if it is eq. to 0 then it is a + kernel request (else user request) and we don't want disturbe its work. */ +#endif ifm = nlmsg_data(nlh); ifm->ifi_family = AF_UNSPEC; ifm->__ifi_pad = 0; @@ -1075,6 +1110,24 @@ idx = 0; head = &net->dev_index_head[h]; hlist_for_each_entry_rcu(dev, node, head, index_hlist) { +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) function which encapsulates calls to + * rtnl_fill_ifinfo and which is call after rtnl_get_doit/dumpit, + * use to dump list of network interfaces (as used by "ip link") + */ + ghost_develmsg("for_each_netdev, current net_device is %s", + dev->name); + ghost_develmsg("netlink cb pid = %i, cb nlh->nlmsg_type = %i, " + "cb familly/proto = %i, cb nlh->nlmsg_pid %i", + NETLINK_CB(cb->skb).pid, cb->nlh->nlmsg_type, + cb->family, cb->nlh->nlmsg_pid); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Hide ghotified interface (%s) in the dump", + dev->name); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if (rtnl_fill_ifinfo(skb, dev, RTM_NEWLINK, @@ -1203,6 +1256,20 @@ } } } +#ifdef CONFIG_GHOSTIFICATION + if(dev != NULL){ + /* (ghost support) Normally we should never go through it + with user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change state/parameters of a ghotified " + "interface (%s), skip", dev->name); + return -ENODEV; + } + } + +#endif /* CONFIG_GHOSTIFICATION */ return 0; } @@ -1564,6 +1631,17 @@ err = -ENODEV; goto errout; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it with + user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get infos about a ghotified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ err = validate_linkmsg(dev, tb); if (err < 0) @@ -1602,6 +1680,17 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Normally we should never go through it + with user-space tools (like iproute) which scan all iface first */ + ghost_develmsg("nlh->nlmsg_type = %i, nlmsg_seq = %i, nlmsg_pid = %i and dev->name = %s", + nlh->nlmsg_type, nlh->nlmsg_seq, nlh->nlmsg_pid, dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change dell a ghotified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ ops = dev->rtnl_link_ops; if (!ops) @@ -1959,6 +2048,8 @@ int err = -ENOBUFS; size_t if_info_size; + /* (ghost support) call rtnl_fill_ifinfo so maybe it + is need here to modify, in order to skip ghost iface */ skb = nlmsg_new((if_info_size = if_nlmsg_size(dev, 0)), GFP_KERNEL); if (skb == NULL) goto errout; @@ -1994,6 +2085,11 @@ int err; type = nlh->nlmsg_type; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("Enter, nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i and nlh->nlmsg_seq = %i ", + nlh->nlmsg_pid, nlh->nlmsg_seq, nlh->nlmsg_seq); +#endif /* CONFIG_GHOSTIFICATION */ + if (type > RTM_MAX) return -EOPNOTSUPP; @@ -2010,15 +2106,23 @@ if (kind != 2 && security_netlink_recv(skb, CAP_NET_ADMIN)) return -EPERM; + /* (ghost support) kind = 2 then imply RTM_GETLINK has been used */ if (kind == 2 && nlh->nlmsg_flags&NLM_F_DUMP) { struct sock *rtnl; rtnl_dumpit_func dumpit; rtnl_calcit_func calcit; u16 min_dump_alloc = 0; + /* (ghost support) then rtnl_get_dumpit return pointer to the appropriate + function for this family and this type take in rtnl_msg_handler[] */ dumpit = rtnl_get_dumpit(family, type); if (dumpit == NULL) return -EOPNOTSUPP; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("Part 1: rtnl_get_dumpit(family %i, type %i) " + "is used before call to netlink_dump_start", + family,type); +#endif /* CONFIG_GHOSTIFICATION */ calcit = rtnl_get_calcit(family, type); if (calcit) min_dump_alloc = calcit(skb, nlh); @@ -2055,6 +2159,11 @@ doit = rtnl_get_doit(family, type); if (doit == NULL) return -EOPNOTSUPP; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) rtnl_get_doit return pointer to the appropriate + function for this family and this type take in rtnl_msg_handler[] */ + ghost_develmsg("Part 2: rtnl_get_doit(family %i, type %i)", family, type); +#endif /* CONFIG_GHOSTIFICATION */ return doit(skb, nlh, (void *)&rta_buf[0]); } @@ -2070,6 +2179,10 @@ { struct net_device *dev = ptr; + /* (ghost support) if we want provide a ghost's way to modify + the state of a ghost iface, it will be necessary to skip event + reports involing ghost iface (actually any changes are possible + if the iface is ghostified so there is nothing to report) */ switch (event) { case NETDEV_UP: case NETDEV_DOWN: diff -ruN linux-3.2.48--original/net/ipv4/arp.c linux-3.2.48/net/ipv4/arp.c --- linux-3.2.48--original/net/ipv4/arp.c 2013-06-29 05:06:45.000000000 +0200 +++ linux-3.2.48/net/ipv4/arp.c 2013-07-01 11:59:07.000000000 +0200 @@ -71,6 +71,8 @@ * sending (e.g. insert 8021q tag). * Harald Welte : convert to make use of jenkins hash * Jesper D. Brouer: Proxy ARP PVLAN RFC 3069 support. + * Luca Saiu : trivial changes for ghostification + * support */ #include @@ -118,6 +120,11 @@ EXPORT_SYMBOL(clip_tbl_hook); #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include #include @@ -1352,9 +1359,21 @@ } #endif sprintf(tbuf, "%pI4", n->primary_key); +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) Don't show anything in /proc if it involves +ghost interfaces: */ + if (! is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Don't show any arp information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", + tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); + read_unlock(&n->lock); + } +#else seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", - tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); + tbuf, hatype, arp_state_to_flags(n), hbuffer, dev->name); read_unlock(&n->lock); +#endif /* CONFIG_GHOSTIFICATION */ } static void arp_format_pneigh_entry(struct seq_file *seq, @@ -1365,9 +1384,21 @@ char tbuf[16]; sprintf(tbuf, "%pI4", n->key); +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) Don't show anything in /proc if it involves + ghost interfaces */ + if (! is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Don't show any arp information in /proc " + "about ghostified interfaces (2)."); + seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", + tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", + dev ? dev->name : "*"); + } +#else seq_printf(seq, "%-16s 0x%-10x0x%-10x%s * %s\n", - tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", - dev ? dev->name : "*"); + tbuf, hatype, ATF_PUBL | ATF_PERM, "00:00:00:00:00:00", + dev ? dev->name : "*"); +#endif /* CONFIG_GHOSTIFICATION */ } static int arp_seq_show(struct seq_file *seq, void *v) diff -ruN linux-3.2.48--original/net/ipv4/devinet.c linux-3.2.48/net/ipv4/devinet.c --- linux-3.2.48--original/net/ipv4/devinet.c 2013-06-29 05:06:45.000000000 +0200 +++ linux-3.2.48/net/ipv4/devinet.c 2013-07-01 11:59:07.000000000 +0200 @@ -23,6 +23,9 @@ * address (4.4BSD alias style support), * fall back to comparing just the label * if no match found. + * Roudiere Jonathan : + * some changes to ghost support, skip + * request involving a ghostified iface. */ @@ -66,6 +69,11 @@ #include "fib_lookup.h" +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + static struct ipv4_devconf ipv4_devconf = { .data = { [IPV4_DEVCONF_ACCEPT_REDIRECTS - 1] = 1, @@ -455,6 +463,15 @@ ifa->ifa_flags |= IFA_F_SECONDARY; } } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("in_dev->dev->name = %s", in_dev->dev->name); + if (is_a_ghost_interface_name(in_dev->dev->name)) { + ghost_ptk("Try to delete address on a ghostified interface (%s), skip", + (in_dev->dev->name)); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ if (!(ifa->ifa_flags & IFA_F_SECONDARY)) { net_srandom(ifa->ifa_local); @@ -600,6 +617,17 @@ if (dev == NULL) goto errout; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("(dev->name) = %s ", (dev->name)); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to change/modfy address on a ghostified interface (%s), skip", + (dev->name)); + err = -ENODEV; + goto errout; + } +#endif /* CONFIG_GHOSTIFICATION */ + in_dev = __in_dev_get_rtnl(dev); err = -ENOBUFS; if (in_dev == NULL) @@ -650,6 +678,12 @@ ASSERT_RTNL(); + /* (ghost support) don't modify this funct but directly + rtm_to_ifaddr, as for others funct, with user-levels tools + (as iproute) we normaly never arrive here (because a dump + all ifaces is perform before and func which make the dump + has been modified (but we want prevent user tool request + the ghost iface directly */ ifa = rtm_to_ifaddr(net, nlh); if (IS_ERR(ifa)) return PTR_ERR(ifa); @@ -1306,6 +1340,15 @@ head = &net->dev_index_head[h]; rcu_read_lock(); hlist_for_each_entry_rcu(dev, node, head, index_hlist) { +#ifdef CONFIG_GHOSTIFICATION /* _VERIFICATION_NEED_ */ + /* (ghost support) If it is a ghostified interface then skip */ + ghost_debugmsg("dev->name = %s", dev->name); + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get address on a ghostified interface (%s), skip", + (dev->name)); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; if (h > s_h || idx > s_idx) diff -ruN linux-3.2.48--original/net/ipv4/fib_frontend.c linux-3.2.48/net/ipv4/fib_frontend.c --- linux-3.2.48--original/net/ipv4/fib_frontend.c 2013-06-29 05:06:45.000000000 +0200 +++ linux-3.2.48/net/ipv4/fib_frontend.c 2013-07-01 11:59:07.000000000 +0200 @@ -6,6 +6,10 @@ * IPv4 Forwarding Information Base: FIB frontend. * * Authors: Alexey Kuznetsov, + * Luca Saiu (simple changes for ghostification + * support). + * Roudiere Jonathan (some display + * and comment for ghostification in rtnetlink functions). * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -46,6 +50,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #ifndef CONFIG_IP_MULTIPLE_TABLES static int __net_init fib4_rules_init(struct net *net) @@ -424,6 +433,12 @@ return 0; } +#ifdef CONFIG_GHOSTIFICATION +/* (ghost support) A function implemented in net/core/dev.c */ +int is_a_ghost_interface_name(const char *interface_name); +#endif /* CONFIG_GHOSTIFICATION */ + + /* * Handle IP routing ioctl calls. * These are used to manipulate the routing tables @@ -442,6 +457,22 @@ if (copy_from_user(&rt, arg, sizeof(rt))) return -EFAULT; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Forbid any action involving a ghost interface */ + if (rt.rt_dev != (char __user*)NULL) { + /* We need to have this name in kernel space to check + for ghostification: */ + char interface_name[1000]; /* [IFNAMSIZ+1] is certainly sufficient */ + if(copy_from_user(interface_name, rt.rt_dev, IFNAMSIZ + 1)) + return -EFAULT; + if(is_a_ghost_interface_name(interface_name)) { + ghost_ptk("The user aked to add a route involving the " + "ghost interface %s. We make this operation fail", + interface_name); + return -ENODEV; + } + } +#endif /* CONFIG_GHOSTIFICATION */ rtnl_lock(); err = rtentry_to_fib_config(net, cmd, &rt, &cfg); @@ -450,12 +481,18 @@ if (cmd == SIOCDELRT) { tb = fib_get_table(net, cfg.fc_table); + /* (ghost support) The function pointed by tb->tb_delete was + also modified to deal with ghost interfaces. Such function + may be either fn_hash_delete() or fn_trie_delete() */ if (tb) err = fib_table_delete(tb, &cfg); else err = -ESRCH; } else { tb = fib_new_table(net, cfg.fc_table); + /* (ghost support) The function pointed by tb->tb_insert was + also modified to deal with ghost interfaces. Such function + may be either fn_hash_insert() or fn_trie_insert() */ if (tb) err = fib_table_insert(tb, &cfg); else @@ -562,6 +599,16 @@ struct fib_table *tb; int err; + /* + * (ghost support) add infos for patch devel, we don't modify + * inet_rtm_newroute but instead functions pointed by tb->tb_delete, + * either fn_hash_delete() (in fib_hash.c) or fn_trie_delete() + * (in fib_trie.c) + */ + ghost_develmsg(" nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i " + "and nlh->nlmsg_type = %i", nlh->nlmsg_pid, + nlh->nlmsg_seq, nlh->nlmsg_type); + err = rtm_to_fib_config(net, skb, nlh, &cfg); if (err < 0) goto errout; @@ -584,6 +631,16 @@ struct fib_table *tb; int err; + /* + * (ghost support) add infos for patch devel, we don't modify + * inet_rtm_newroute but instead function pointed by tb->tb_insert, + * either fn_hash_insert() (in fib_hash.c) or fn_trie_insert() + * (in fib_trie.c) + */ + ghost_develmsg(" nlh->nlmsg_pid = %i, nlh->nlmsg_seq = %i " + "and nlh->nlmsg_type = %i", nlh->nlmsg_pid, + nlh->nlmsg_seq, nlh->nlmsg_type); + err = rtm_to_fib_config(net, skb, nlh, &cfg); if (err < 0) goto errout; @@ -599,6 +656,12 @@ return err; } +/* + * (ghost support) Fonction called through rtnetlink to dump + * all routes, we don't change anythings here, changes have + * been made in fib_semantics.c (in fib_dump_info which is + * called by fib_trie and fib_hash). + */ static int inet_dump_fib(struct sk_buff *skb, struct netlink_callback *cb) { struct net *net = sock_net(skb->sk); @@ -611,7 +674,7 @@ if (nlmsg_len(cb->nlh) >= sizeof(struct rtmsg) && ((struct rtmsg *) nlmsg_data(cb->nlh))->rtm_flags & RTM_F_CLONED) - return ip_rt_dump(skb, cb); + return ip_rt_dump(skb, cb); /* (ghost support) need modify this func */ s_h = cb->args[0]; s_e = cb->args[1]; @@ -636,6 +699,9 @@ cb->args[1] = e; cb->args[0] = h; + /* (ghost support) Length returned can be changed by + fib_dump_info when a route of a ghositifed iface is + lookup (skb length may be abnormal, diff of mod(240)) */ return skb->len; } diff -ruN linux-3.2.48--original/net/ipv4/fib_semantics.c linux-3.2.48/net/ipv4/fib_semantics.c --- linux-3.2.48--original/net/ipv4/fib_semantics.c 2013-06-29 05:06:45.000000000 +0200 +++ linux-3.2.48/net/ipv4/fib_semantics.c 2013-07-01 11:59:07.000000000 +0200 @@ -11,6 +11,9 @@ * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. + * Changes: + * Roudiere Jonathan trivial + * change for ghostification. */ #include @@ -44,6 +47,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "fib_lookup.h" static DEFINE_SPINLOCK(fib_info_lock); @@ -923,6 +931,23 @@ if (nlh == NULL) return -EMSGSIZE; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) function call by fib_trie and fib_hash to dump route, + * in most case we won't arrive here with usertools (like iproute), because + * modification in rtnl_dump_ifinfo hide iface and modif here may be not really + * proper because put abnormal length in the skb->len return by inet_dump_fib + * (used without error..) if pid != 0 then user talks else that is the kernel; + */ + if (pid != 0) + if (is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Try to get route about ghost iface (%s), skip", + fi->fib_dev->name); + /* return -EMSGSIZE; don't use this because that stops evaluation */ + return nlmsg_end(skb, nlh); + } +#endif /* CONFIG_GHOSTIFICATION */ + rtm = nlmsg_data(nlh); rtm->rtm_family = AF_INET; rtm->rtm_dst_len = dst_len; diff -ruN linux-3.2.48--original/net/ipv4/fib_trie.c linux-3.2.48/net/ipv4/fib_trie.c --- linux-3.2.48--original/net/ipv4/fib_trie.c 2013-06-29 05:06:45.000000000 +0200 +++ linux-3.2.48/net/ipv4/fib_trie.c 2013-07-01 11:59:07.000000000 +0200 @@ -47,6 +47,14 @@ * Paul E. McKenney * Patrick McHardy */ +/* + * Luca Saiu (simple changes for ghostification + * support) + * Roudiere Jonathan (bugfixes, + * forgetting ghost support in the function fn_trie_insert, bad + * field check in fib_route_seq_show). + * + */ #define VERSION "0.409" @@ -83,6 +91,11 @@ #include #include "fib_lookup.h" +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define MAX_STAT_DEPTH 32 #define KEYLENGTH (8*sizeof(t_key)) @@ -1216,6 +1229,18 @@ goto err; } +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for + route involving ghostified interface */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + l = fib_find_node(t, key); fa = NULL; @@ -1670,7 +1695,17 @@ fa = list_entry(fa->fa_list.prev, struct fib_alias, fa_list); list_for_each_entry_continue(fa, fa_head, fa_list) { struct fib_info *fi = fa->fa_info; - +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) don't make any change for + route involving ghostified interface */ + ghost_debugmsg("interface is %s", fi->fib_dev->name); + if(is_a_ghost_interface_name(fi->fib_dev->name)) { + ghost_ptk("Trying to delete a route involving the " + "ghost device %s: we make this operation fail.", + fi->fib_dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ if (fa->fa_tos != tos) break; @@ -2557,7 +2592,28 @@ || fa->fa_type == RTN_MULTICAST) continue; - if (fi) + if (fi) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't display any informations about + ghostified interfaces under /proc/net/route, bf */ + if (! is_a_ghost_interface_name((const char*)fi->fib_dev->name)) { + ghost_ptk("Don't display routes for a ghostified " + "interface (%s) in /proc/net/route", + (const char*)fi->fib_dev->name); + seq_printf(seq, + "%s\t%08X\t%08X\t%04X\t%d\t%u\t" + "%d\t%08X\t%d\t%u\t%u%n", + fi->fib_dev ? fi->fib_dev->name : "*", + prefix, + fi->fib_nh->nh_gw, flags, 0, 0, + fi->fib_priority, + mask, + (fi->fib_advmss ? + fi->fib_advmss + 40 : 0), + fi->fib_window, + fi->fib_rtt >> 3, &len); + } +#else seq_printf(seq, "%s\t%08X\t%08X\t%04X\t%d\t%u\t" "%d\t%08X\t%d\t%u\t%u%n", @@ -2570,13 +2626,14 @@ fi->fib_advmss + 40 : 0), fi->fib_window, fi->fib_rtt >> 3, &len); - else +#endif /* CONFIG_GHOSTIFICATION */ + } else { seq_printf(seq, "*\t%08X\t%08X\t%04X\t%d\t%u\t" "%d\t%08X\t%d\t%u\t%u%n", prefix, 0, flags, 0, 0, 0, mask, 0, 0, 0, &len); - + } seq_printf(seq, "%*s\n", 127 - len, ""); } } diff -ruN linux-3.2.48--original/net/ipv4/igmp.c linux-3.2.48/net/ipv4/igmp.c --- linux-3.2.48--original/net/ipv4/igmp.c 2013-06-29 05:06:45.000000000 +0200 +++ linux-3.2.48/net/ipv4/igmp.c 2013-07-01 11:59:07.000000000 +0200 @@ -68,6 +68,8 @@ * Alexey Kuznetsov: Accordance to igmp-v2-06 draft. * David L Stevens: IGMPv3 support, with help from * Vinay Kulkarni + * Luca Saiu : trivial changes for ghostification + * support */ #include @@ -106,6 +108,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define IP_MAX_MEMBERSHIPS 20 #define IP_MAX_MSF 10 @@ -2440,8 +2447,18 @@ #endif if (rcu_dereference(state->in_dev->mc_list) == im) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if(! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, "%d\t%-10s: %5d %7s\n", + state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier); + } +#else seq_printf(seq, "%d\t%-10s: %5d %7s\n", state->dev->ifindex, state->dev->name, state->in_dev->mc_count, querier); +#endif /* CONFIG_GHOSTIFICATION */ } seq_printf(seq, @@ -2593,14 +2610,30 @@ "Device", "MCA", "SRC", "INC", "EXC"); } else { - seq_printf(seq, - "%3d %6.6s 0x%08x " - "0x%08x %6lu %6lu\n", - state->dev->ifindex, state->dev->name, - ntohl(state->im->multiaddr), - ntohl(psf->sf_inaddr), - psf->sf_count[MCAST_INCLUDE], - psf->sf_count[MCAST_EXCLUDE]); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if (! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp information in /proc " + "about ghostified interfaces (2)."); + seq_printf(seq, + "%3d %6.6s 0x%08x " + "0x%08x %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + ntohl(state->im->multiaddr), + ntohl(psf->sf_inaddr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); + } +#else + seq_printf(seq, + "%3d %6.6s 0x%08x " + "0x%08x %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + ntohl(state->im->multiaddr), + ntohl(psf->sf_inaddr), + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; } diff -ruN linux-3.2.48--original/net/ipv4/route.c linux-3.2.48/net/ipv4/route.c --- linux-3.2.48--original/net/ipv4/route.c 2013-06-29 05:06:45.000000000 +0200 +++ linux-3.2.48/net/ipv4/route.c 2013-07-01 11:59:07.000000000 +0200 @@ -55,6 +55,9 @@ * Eric Dumazet : hashed spinlocks and rt_check_expire() fixes. * Ilia Sotnikov : Ignore TOS on PMTUD and Redirect * Ilia Sotnikov : Removed TOS from hash calculations + * Luca Saiu : trivial changes for ghostification support + * Roudiere Jonathan : ghost support to rtnetlink + * function, ghost bugfix (field) in rt_cache_seq_show * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -112,6 +115,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #define RT_FL_TOS(oldflp4) \ ((oldflp4)->flowi4_tos & (IPTOS_RT_MASK | RTO_ONLINK)) @@ -420,6 +428,14 @@ "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t" "HHUptod\tSpecDst"); else { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Dont't display informations about ghost ifaces, bf */ + if(is_a_ghost_interface_name((const char*)((struct rtable*)v)->dst.dev->name)) { + ghost_ptk("Don't display routing informations about ghost interface (%s)", + ((const char*)((struct rtable*)v)->dst.dev->name)); + return 0; + } +#endif /* CONFIG_GHOSTIFICATION */ struct rtable *r = v; struct neighbour *n; int len, HHUptod; @@ -2999,8 +3015,13 @@ r->rtm_src_len = 32; NLA_PUT_BE32(skb, RTA_SRC, rt->rt_key_src); } - if (rt->dst.dev) + if (rt->dst.dev) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) */ + ghost_develmsg("Net device is = %s ",rt->dst.dev->name); +#endif NLA_PUT_U32(skb, RTA_OIF, rt->dst.dev->ifindex); + } #ifdef CONFIG_IP_ROUTE_CLASSID if (rt->dst.tclassid) NLA_PUT_U32(skb, RTA_FLOW, rt->dst.tclassid); @@ -3096,7 +3117,7 @@ err = -ENOBUFS; goto errout; } - + /* Reserve room for dummy headers, this skb can pass through good chunk of routing engine. */ @@ -3119,6 +3140,17 @@ if (dev == NULL) { err = -ENODEV; goto errout_free; + +#ifdef CONFIG_GHOSTIFICATION + ghost_debugmsg("Net device is %s ", dev->name); + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get a route involving a ghostified " + "interface (%s), skip", dev->name); + err = -ENODEV; + goto errout_free; + } +#endif /* CONFIG_GHOSTIFICATION */ } skb->protocol = htons(ETH_P_IP); @@ -3153,6 +3185,22 @@ if (rtm->rtm_flags & RTM_F_NOTIFY) rt->rt_flags |= RTCF_NOTIFY; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't allow get ops for route + involving a ghostified interface, unnecessary test ..(rt) */ + if (rt) { + if (rt->dst.dev) { + ghost_debugmsg("Net device is %s ",rt->dst.dev->name); + if (is_a_ghost_interface_name(rt->dst.dev->name)) { + ghost_ptk("Try to get a route involving a ghostified " + "interface (%s), skip", + rt->dst.dev->name); + err = -ENETUNREACH; + goto errout_free; + } + } + } +#endif /* CONFIG_GHOSTIFICATION */ err = rt_fill_info(net, skb, NETLINK_CB(in_skb).pid, nlh->nlmsg_seq, RTM_NEWROUTE, 0, 0); if (err <= 0) @@ -3167,6 +3215,8 @@ goto errout; } +/* (ghost support) maybe it will be necessary to modify +this func which is call in fib_frontend.c */ int ip_rt_dump(struct sk_buff *skb, struct netlink_callback *cb) { struct rtable *rt; diff -ruN linux-3.2.48--original/net/ipv6/addrconf.c linux-3.2.48/net/ipv6/addrconf.c --- linux-3.2.48--original/net/ipv6/addrconf.c 2013-06-29 05:06:45.000000000 +0200 +++ linux-3.2.48/net/ipv6/addrconf.c 2013-07-01 11:59:07.000000000 +0200 @@ -36,6 +36,9 @@ * YOSHIFUJI Hideaki @USAGI : improved source address * selection; consider scope, * status etc. + * Luca Saiu : ghostification support + * Roudiere Jonathan : ghost + * modify functions using (rt)netlink */ #include @@ -82,6 +85,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include #include @@ -459,6 +467,86 @@ return idev; } +/* + * (ghost support) Support to hide snmp6 proc infos. + */ +#ifdef CONFIG_GHOSTIFICATION +/* Utility procedure, needed for {show,hide}_proc_net_dev_snmp6_DEVICE_if_needed(). + Return a pointer to a valid inet6_dev structure on success, NULL on failure: */ +static struct inet6_dev* lookup_snmp6_device(const char *interface_name) +{ + struct net_device *device; + struct inet6_dev *idev; + + /* Lookup the device by name, obtaining an inet6_dev structure: */ + device = dev_get_by_name(&init_net, interface_name); + if(device == NULL) + return NULL; + rtnl_lock(); + idev = ipv6_find_idev(device); + rtnl_unlock(); + return idev; +} + +/* These are defined in net/ipv6/proc.c: */ +extern struct proc_dir_entry *proc_net_devsnmp6; +extern struct file_operations snmp6_seq_fops; + +/* Remove the virtual file /proc/net/dev_snmp6/DEVICE, unless + it's already hidden. Return 0 on success, nonzero on error: */ +int hide_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name) +{ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + ghost_ptk("Hiding /proc/net/dev_snmp6/%s...", interface_name); + if(idev == NULL) /* lookup failed */ + return -EINVAL; + + /* Remove the proc/ entry, if any. If there was no entry + then remove_proc_entry() will fail, but it's ok for us: */ +#ifdef CONFIG_PROC_FS + if (!proc_net_devsnmp6) + return -ENOENT; + if (idev->stats.proc_dir_entry == NULL) + return -EINVAL; + remove_proc_entry(interface_name, proc_net_devsnmp6); +#endif /* CONFIG_PROC_FS */ + return 0; + //return snmp6_unregister_dev(idev); +} + +/* Create the virtual file /proc/net/dev_snmp6/DEVICE, unless + it's already shown. Return 0 on success, nonzero on error: */ +int show_proc_net_dev_snmp6_DEVICE_if_needed(const char *interface_name) +{ + struct inet6_dev *idev = lookup_snmp6_device(interface_name); + struct proc_dir_entry *proc_directory_entry; + ghost_ptk("Showing /proc/net/dev_snmp6/%s...", + interface_name); + if(idev == NULL) /* lookup failed */ + return -EINVAL; + if(idev->dev == NULL) /* I doubt this may happen... */ + return -EINVAL; +#ifdef CONFIG_PROC_FS + if(!proc_net_devsnmp6) /* there isn't any /proc/net/dev_snmp6 */ + return -ENOENT; + if((proc_directory_entry = create_proc_entry(interface_name, + S_IRUGO, proc_net_devsnmp6)) == NULL) + return -ENOMEM; + proc_directory_entry->data = idev; + proc_directory_entry->proc_fops = &snmp6_seq_fops; + idev->stats.proc_dir_entry = proc_directory_entry; +#endif /* CONFIG_PROC_FS */ + return 0; + /* return snmp6_register_dev(idev); */ +} +EXPORT_SYMBOL(show_proc_net_dev_snmp6_DEVICE_if_needed); +EXPORT_SYMBOL(hide_proc_net_dev_snmp6_DEVICE_if_needed); +#endif /* CONFIG_GHOSTIFICATION */ + +/* + * End of ghostification support + */ + #ifdef CONFIG_SYSCTL static void dev_forward_change(struct inet6_dev *idev) { @@ -2254,6 +2342,10 @@ return PTR_ERR(ifp); } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_addr_del(struct net *net, int ifindex, const struct in6_addr *pfx, unsigned int plen) { @@ -2268,6 +2360,15 @@ if (!dev) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to delete address on a ghostified interface (%s), skip", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + if ((idev = __in6_dev_get(dev)) == NULL) return -ENXIO; @@ -3184,6 +3285,22 @@ static int if6_seq_show(struct seq_file *seq, void *v) { struct inet6_ifaddr *ifp = (struct inet6_ifaddr *)v; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information about ghost interfaces */ + if (is_a_ghost_interface_name(ifp->idev->dev->name)) { + ghost_ptk("Don't show informations about a ghostified " + "interface (%s) under /proc.", + ifp->idev->dev->name); + } else { + seq_printf(seq, "%pi6 %02x %02x %02x %02x %8s\n", + &ifp->addr, + ifp->idev->dev->ifindex, + ifp->prefix_len, + ifp->scope, + ifp->flags, + ifp->idev->dev->name); + } +#else seq_printf(seq, "%pi6 %02x %02x %02x %02x %8s\n", &ifp->addr, ifp->idev->dev->ifindex, @@ -3191,6 +3308,8 @@ ifp->scope, ifp->flags, ifp->idev->dev->name); +#endif /* CONFIG_GHOSTIFICATION */ + return 0; } @@ -3409,6 +3528,10 @@ [IFA_CACHEINFO] = { .len = sizeof(struct ifa_cacheinfo) }, }; +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_deladdr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { @@ -3426,7 +3549,9 @@ pfx = extract_addr(tb[IFA_ADDRESS], tb[IFA_LOCAL]); if (pfx == NULL) return -EINVAL; - + /* (ghost support) we could/should stop here a request involving a + ghostified interface but inet6_addr_del already do a part of our work + (get dev etc ..) so instead we modify inet6_addr_del */ return inet6_addr_del(net, ifm->ifa_index, pfx, ifm->ifa_prefixlen); } @@ -3475,6 +3600,10 @@ return 0; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_newaddr(struct sk_buff *skb, struct nlmsghdr *nlh, void *arg) { @@ -3512,6 +3641,15 @@ if (dev == NULL) return -ENODEV; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to add a address to a ghostified interface (%s). Failing.", + dev->name); + return -ENODEV; + } +#endif /* CONFIG_GHOSTIFICATION */ + /* We ignore other flags so far. */ ifa_flags = ifm->ifa_flags & (IFA_F_NODAD | IFA_F_HOMEADDRESS); @@ -3748,6 +3886,12 @@ return err; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc; + * inet6_dump_addr is called by inet6_dump_{ifaddr,ifmcaddr,ifacaddr} + * and call the appropriate inet6_fill_* function. + */ static int inet6_dump_addr(struct sk_buff *skb, struct netlink_callback *cb, enum addr_type_t type) { @@ -3778,6 +3922,16 @@ if (!idev) goto cont; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get infos about addresses of a ghostified interface (%s), skip.", + dev->name); + goto cont; + /* return -ENODEV; don't use it */ + } +#endif /* CONFIG_GHOSTIFICATION */ + if (in6_dump_addrs(idev, skb, cb, type, s_ip_idx, &ip_idx) <= 0) goto done; @@ -3808,7 +3962,6 @@ return inet6_dump_addr(skb, cb, type); } - static int inet6_dump_ifacaddr(struct sk_buff *skb, struct netlink_callback *cb) { enum addr_type_t type = ANYCAST_ADDR; @@ -3816,6 +3969,10 @@ return inet6_dump_addr(skb, cb, type); } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_rtm_getaddr(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) { @@ -3842,6 +3999,17 @@ if (ifm->ifa_index) dev = __dev_get_by_index(net, ifm->ifa_index); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (dev) { + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to get address of a ghostified interface (%s), skip.", + dev->name); + return -ENODEV; + } + } +#endif /* CONFIG_GHOSTIFICATION */ + ifa = ipv6_get_ifaddr(net, addr, dev, 1); if (!ifa) { err = -EADDRNOTAVAIL; @@ -4107,6 +4275,10 @@ return -EMSGSIZE; } +/* + * (ghost support) We don't want that an address which is linked + * to an ghostified interface can be show/add/del/modify/etc + */ static int inet6_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb) { struct net *net = sock_net(skb->sk); @@ -4125,6 +4297,14 @@ idx = 0; head = &net->dev_index_head[h]; hlist_for_each_entry_rcu(dev, node, head, index_hlist) { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) If it is a ghostified interface then exit */ + if (is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to dump address infos about a ghostified interface (%s), skip.", + dev->name); + goto cont; + } +#endif /* CONFIG_GHOSTIFICATION */ if (idx < s_idx) goto cont; idev = __in6_dev_get(dev); @@ -4156,7 +4336,6 @@ skb = nlmsg_new(inet6_if_nlmsg_size(), GFP_ATOMIC); if (skb == NULL) goto errout; - err = inet6_fill_ifinfo(skb, idev, 0, 0, event, 0); if (err < 0) { /* -EMSGSIZE implies BUG in inet6_if_nlmsg_size() */ diff -ruN linux-3.2.48--original/net/ipv6/ip6_fib.c linux-3.2.48/net/ipv6/ip6_fib.c --- linux-3.2.48--original/net/ipv6/ip6_fib.c 2013-06-29 05:06:45.000000000 +0200 +++ linux-3.2.48/net/ipv6/ip6_fib.c 2013-07-01 11:59:07.000000000 +0200 @@ -269,6 +269,8 @@ #endif +/* (ghost support) iterate on net device, don't modify this function, +we can return ENODEV here, user-space tools (as ip) dump iface list before */ static int fib6_dump_node(struct fib6_walker_t *w) { int res; @@ -314,7 +316,6 @@ { struct fib6_walker_t *w; int res; - w = (void *)cb->args[2]; w->root = &table->tb6_root; diff -ruN linux-3.2.48--original/net/ipv6/Kconfig linux-3.2.48/net/ipv6/Kconfig --- linux-3.2.48--original/net/ipv6/Kconfig 2013-06-29 05:06:45.000000000 +0200 +++ linux-3.2.48/net/ipv6/Kconfig 2013-07-01 11:59:07.000000000 +0200 @@ -4,8 +4,8 @@ # IPv6 as module will cause a CRASH if you try to unload it menuconfig IPV6 - tristate "The IPv6 protocol" - default m + bool "The IPv6 protocol" + default y ---help--- This is complemental support for the IP version 6. You will still be able to do traditional IPv4 networking as well. @@ -16,6 +16,10 @@ For specific information about IPv6 under Linux, read the HOWTO at . + Ghostification notes: + ===================== + IPV6 can not be built in module with ghost support. + To compile this protocol support as a module, choose M here: the module will be called ipv6. @@ -68,7 +72,7 @@ If unsure, say N. config INET6_AH - tristate "IPv6: AH transformation" + bool "IPv6: AH transformation" select XFRM select CRYPTO select CRYPTO_HMAC @@ -80,7 +84,7 @@ If unsure, say Y. config INET6_ESP - tristate "IPv6: ESP transformation" + bool "IPv6: ESP transformation" select XFRM select CRYPTO select CRYPTO_AUTHENC @@ -95,7 +99,7 @@ If unsure, say Y. config INET6_IPCOMP - tristate "IPv6: IPComp transformation" + bool "IPv6: IPComp transformation" select INET6_XFRM_TUNNEL select XFRM_IPCOMP ---help--- @@ -105,7 +109,7 @@ If unsure, say Y. config IPV6_MIP6 - tristate "IPv6: Mobility (EXPERIMENTAL)" + bool "IPv6: Mobility (EXPERIMENTAL)" depends on EXPERIMENTAL select XFRM ---help--- @@ -114,16 +118,16 @@ If unsure, say N. config INET6_XFRM_TUNNEL - tristate + bool select INET6_TUNNEL default n config INET6_TUNNEL - tristate + bool default n config INET6_XFRM_MODE_TRANSPORT - tristate "IPv6: IPsec transport mode" + bool "IPv6: IPsec transport mode" default IPV6 select XFRM ---help--- @@ -132,7 +136,7 @@ If unsure, say Y. config INET6_XFRM_MODE_TUNNEL - tristate "IPv6: IPsec tunnel mode" + bool "IPv6: IPsec tunnel mode" default IPV6 select XFRM ---help--- @@ -141,7 +145,7 @@ If unsure, say Y. config INET6_XFRM_MODE_BEET - tristate "IPv6: IPsec BEET mode" + bool "IPv6: IPsec BEET mode" default IPV6 select XFRM ---help--- @@ -150,14 +154,14 @@ If unsure, say Y. config INET6_XFRM_MODE_ROUTEOPTIMIZATION - tristate "IPv6: MIPv6 route optimization mode (EXPERIMENTAL)" + bool "IPv6: MIPv6 route optimization mode (EXPERIMENTAL)" depends on EXPERIMENTAL select XFRM ---help--- Support for MIPv6 route optimization mode. config IPV6_SIT - tristate "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" + bool "IPv6: IPv6-in-IPv4 tunnel (SIT driver)" select INET_TUNNEL select IPV6_NDISC_NODETYPE default y @@ -193,7 +197,7 @@ bool config IPV6_TUNNEL - tristate "IPv6: IP-in-IPv6 tunnel (RFC2473)" + bool "IPv6: IP-in-IPv6 tunnel (RFC2473)" select INET6_TUNNEL ---help--- Support for IPv6-in-IPv6 and IPv4-in-IPv6 tunnels described in diff -ruN linux-3.2.48--original/net/ipv6/mcast.c linux-3.2.48/net/ipv6/mcast.c --- linux-3.2.48--original/net/ipv6/mcast.c 2013-06-29 05:06:45.000000000 +0200 +++ linux-3.2.48/net/ipv6/mcast.c 2013-07-01 11:59:07.000000000 +0200 @@ -24,6 +24,10 @@ * - MLD for link-local addresses. * David L Stevens : * - MLDv2 support + * Luca Saiu : + * - trivial changes for ghostification support + * Roudiere Jonathan + * - trivial changes to correct an forgetting */ #include @@ -63,6 +67,11 @@ #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Set to 3 to get tracing... */ #define MCAST_DEBUG 2 @@ -2405,6 +2414,20 @@ struct ifmcaddr6 *im = (struct ifmcaddr6 *)v; struct igmp6_mc_iter_state *state = igmp6_mc_seq_private(seq); +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show information about ghost interfaces */ + if(! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp6 information in /proc " + "about ghostified interfaces (1)."); + seq_printf(seq, + "%-4d %-15s %pi6 %5d %08X %ld\n", + state->dev->ifindex, state->dev->name, + &im->mca_addr, + im->mca_users, im->mca_flags, + (im->mca_flags&MAF_TIMER_RUNNING) ? + jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); + } +#else seq_printf(seq, "%-4d %-15s %pi6 %5d %08X %ld\n", state->dev->ifindex, state->dev->name, @@ -2412,6 +2435,7 @@ im->mca_users, im->mca_flags, (im->mca_flags&MAF_TIMER_RUNNING) ? jiffies_to_clock_t(im->mca_timer.expires-jiffies) : 0); +#endif /* CONFIG_GHOSTIFICATION */ return 0; } @@ -2563,6 +2587,20 @@ "Device", "Multicast Address", "Source Address", "INC", "EXC"); } else { +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Don't show any info about ghost interfaces */ + if (! is_a_ghost_interface_name(state->dev->name)) { + ghost_debugmsg("Don't show any igmp6 information in /proc" + " about ghostified interfaces (2)."); + seq_printf(seq, + "%3d %6.6s %pi6 %pi6 %6lu %6lu\n", + state->dev->ifindex, state->dev->name, + &state->im->mca_addr, + &psf->sf_addr, + psf->sf_count[MCAST_INCLUDE], + psf->sf_count[MCAST_EXCLUDE]); + } +#else seq_printf(seq, "%3d %6.6s %pi6 %pi6 %6lu %6lu\n", state->dev->ifindex, state->dev->name, @@ -2570,6 +2608,7 @@ &psf->sf_addr, psf->sf_count[MCAST_INCLUDE], psf->sf_count[MCAST_EXCLUDE]); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; } diff -ruN linux-3.2.48--original/net/ipv6/proc.c linux-3.2.48/net/ipv6/proc.c --- linux-3.2.48--original/net/ipv6/proc.c 2013-06-29 05:06:45.000000000 +0200 +++ linux-3.2.48/net/ipv6/proc.c 2013-07-01 11:59:07.000000000 +0200 @@ -9,6 +9,8 @@ * * Authors: David S. Miller (davem@caip.rutgers.edu) * YOSHIFUJI Hideaki + * Luca Saiu (trivial changes for + * ghostification support) * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -30,6 +32,16 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include + +/* (ghost support) We don't want this to be static, as it has to + be read at ghostifying and unghostifying time */ +struct proc_dir_entry *proc_net_devsnmp6; +EXPORT_SYMBOL(proc_net_devsnmp6); +#endif /* CONFIG_GHOSTIFICATION */ + static int sockstat6_seq_show(struct seq_file *seq, void *v) { struct net *net = seq->private; @@ -229,6 +241,18 @@ return single_open_net(inode, file, snmp6_seq_show); } +/* (ghost support) This was originally static, +but we need to make it visible */ +#ifdef CONFIG_GHOSTIFICATION +struct file_operations snmp6_seq_fops = { + .owner = THIS_MODULE, + .open = snmp6_seq_open, + .read = seq_read, + .llseek = seq_lseek, + .release = single_release, +}; +EXPORT_SYMBOL(snmp6_seq_fops); +#else static const struct file_operations snmp6_seq_fops = { .owner = THIS_MODULE, .open = snmp6_seq_open, @@ -236,6 +260,7 @@ .llseek = seq_lseek, .release = single_release_net, }; +#endif /* CONFIG_GHOSTIFICATION */ static int snmp6_dev_seq_show(struct seq_file *seq, void *v) { diff -ruN linux-3.2.48--original/net/ipv6/route.c linux-3.2.48/net/ipv6/route.c --- linux-3.2.48--original/net/ipv6/route.c 2013-06-29 05:06:45.000000000 +0200 +++ linux-3.2.48/net/ipv6/route.c 2013-07-01 11:59:07.000000000 +0200 @@ -22,6 +22,10 @@ * reachable. otherwise, round-robin the list. * Ville Nuorvala * Fixed routing subtrees. + * Luca Saiu + * trivial changes for ghostification support + * Roudiere Jonathan + * ghostification support update, modify functions using netlink */ #include @@ -62,6 +66,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Set to 3 to get tracing. */ #define RT6_DEBUG 2 @@ -1205,10 +1214,6 @@ } EXPORT_SYMBOL(ip6_dst_hoplimit); -/* - * - */ - int ip6_route_add(struct fib6_config *cfg) { int err; @@ -1958,6 +1963,8 @@ struct in6_rtmsg rtmsg; int err; + /* (ghost support) don't make any change, changes + have been made later for ioctl request */ switch(cmd) { case SIOCADDRT: /* Add a route */ case SIOCDELRT: /* Delete a route */ @@ -2309,26 +2316,84 @@ return err; } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc. + */ static int inet6_rtm_delroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) { struct fib6_config cfg; int err; - err = rtm_to_fib6_config(skb, nlh, &cfg); - if (err < 0) - return err; +#ifdef CONFIG_GHOSTIFICATION + struct net *net = NULL; + struct net_device *dev = NULL; + + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; + + /* (ghost support) get the net struct through sock struct */ + net = sock_net(skb->sk); + if(!net) + return ip6_route_del(&cfg); /* do that or exit on error ... */ + /* (ghost support) get the net_device struct through fib6_config */ + dev = dev_get_by_index(net, cfg.fc_ifindex); + if(!dev) + return ip6_route_del(&cfg); /* do that or exit on error ... */ + /* (ghost support) ok we know the device name so if it + is a ghostified interface, return device not exist */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to del route involving a ghostified interface (%s). Failing", + dev->name); + return -ENODEV; + } +#else + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; +#endif /* CONFIG_GHOSTIFICATION */ return ip6_route_del(&cfg); } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc. + */ static int inet6_rtm_newroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg) { struct fib6_config cfg; int err; +#ifdef CONFIG_GHOSTIFICATION + struct net *net = NULL; + struct net_device *dev = NULL; + err = rtm_to_fib6_config(skb, nlh, &cfg); if (err < 0) return err; + + /* (ghost support) get the net struct through sock struct */ + net = sock_net(skb->sk); + if(!net) + return ip6_route_add(&cfg); /* do that or exit on error ... */ + /* (ghost support) get the net_device struct through fib6_config */ + dev = dev_get_by_index(net, cfg.fc_ifindex); + if(!dev) + return ip6_route_add(&cfg); /* do that or exit on error ... */ + /* (ghost support) ok we know the device name so if it is + a ghostified interface, return device not exist */ + if(is_a_ghost_interface_name(dev->name)) { + ghost_ptk("Try to add route involving a ghostified interface (%s). Failing.", + dev->name); + return -ENODEV; + } +#else + err = rtm_to_fib6_config(skb, nlh, &cfg); + if (err < 0) + return err; +#endif /* CONFIG_GHOSTIFICATION */ return ip6_route_add(&cfg); } @@ -2348,6 +2413,10 @@ + nla_total_size(sizeof(struct rta_cacheinfo)); } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc + */ static int rt6_fill_node(struct net *net, struct sk_buff *skb, struct rt6_info *rt, struct in6_addr *dst, struct in6_addr *src, @@ -2360,6 +2429,19 @@ u32 table; struct neighbour *n; +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg("rtnetlink msg type %i, pid %i and seq %i", + type, pid, seq); + /* (ghost support) this function is called by by rt6_dump_route, and + inet6_rtm_get_route and inet6_rt_notify, test if it is a kernel request*/ + if (rt->rt6i_dev->name) + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Try to get/notify route infos about a " + "ghostified interface (%s), skip.", + rt->rt6i_dev->name); + return 1; + } +#endif /* CONFIG_GHOSTIFICATION */ if (prefix) { /* user wants prefix routes only */ if (!(rt->rt6i_flags & RTF_PREFIX_RT)) { /* success since this is not a prefix route */ @@ -2480,10 +2562,26 @@ return -EMSGSIZE; } +/* + * (ghost support) We don't want a route which involed a + * ghostified interface can be show/add/del/modify/etc, + */ int rt6_dump_route(struct rt6_info *rt, void *p_arg) { struct rt6_rtnl_dump_arg *arg = (struct rt6_rtnl_dump_arg *) p_arg; int prefix; + +#ifdef CONFIG_GHOSTIFICATION + ghost_develmsg(" rtnetlink mesg %i, pid %i and seq %i", + arg->cb->nlh->nlmsg_type, arg->cb->nlh->nlmsg_pid, arg->cb->nlh->nlmsg_seq); + /* if (rt->rt6i_dev) + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Try to dump route infos about a ghostified interface (%s), skip", + rt->rt6i_dev->name); + return -ENODEV; errro maybe come from here, modify instead + rt6_fill_node which has multiple callers + } */ +#endif /* CONFIG_GHOSTIFICATION */ if (nlmsg_len(arg->cb->nlh) >= sizeof(struct rtmsg)) { struct rtmsg *rtm = nlmsg_data(arg->cb->nlh); @@ -2497,6 +2595,8 @@ prefix, 0, NLM_F_MULTI); } +/* (ghost support) Don't make changes here, function +rt6_fill_node has been modified instead */ static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) { struct net *net = sock_net(in_skb->sk); @@ -2641,6 +2741,17 @@ struct seq_file *m = p_arg; struct neighbour *n; +#ifdef CONFIG_GHOSTIFICATION + /* (ghost support) Do nothing if this route involves a + ghostified interface */ + if(rt->rt6i_dev != NULL) /* can't use &&: evaluation order is undefined */ + if(is_a_ghost_interface_name(rt->rt6i_dev->name)) { + ghost_ptk("Don't show any informations under /proc/net" + "involving a ghostified interface (%s)", + rt->rt6i_dev->name); + return 0; + } +#endif /* CONFIG_GHOSTIFICATION */ seq_printf(m, "%pi6 %02x ", &rt->rt6i_dst.addr, rt->rt6i_dst.plen); #ifdef CONFIG_IPV6_SUBTREES diff -ruN linux-3.2.48--original/net/Kconfig linux-3.2.48/net/Kconfig --- linux-3.2.48--original/net/Kconfig 2013-06-29 05:06:45.000000000 +0200 +++ linux-3.2.48/net/Kconfig 2013-07-01 11:59:07.000000000 +0200 @@ -189,6 +189,105 @@ source "net/decnet/netfilter/Kconfig" source "net/bridge/netfilter/Kconfig" +config GHOSTIFICATION_NETFILTER + bool "Ghostification support to netfilter" + depends on GHOSTIFICATION && NETFILTER_ADVANCED + default y + help + Ghostification support to Netfilter. Allow to bypass all + Netfilter's hooks (INPUT, OUTPUT, FORWARD, POSTROUTING and + PREROUTING (when available)) and that for all layer or protocol: + ARP, Bridge, IPv4, IPv6 (and Decnet) or just for one protocol + or layer. + If you choose to activate the Ghostification of Netfilter then + all the network packets which come from, or go to an ghostified + interface will not get through the hooks of Netfilter; so rules + which have been created with Iptables, Ip6tables, Arptables or + Ebtables will have no effect on these packets. + Note: This option allows you to have access to the options of + configuration of the Ghostification of Netfilter but it activates + no section of code; you will thus need to select one or some + among those this below. + +config GHOSTIFICATION_NETFILTER_ALL + bool "Ghostification support to netfilter, skip all hooks" + depends on GHOSTIFICATION_NETFILTER + default y + help + Netfiter Ghostification support for all protocols/layers. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass + Netfilter's hooks; thus any actions or rules which have been + created through Iptables, Ip6tables, Arptables or Ebtables + will not have any effect on this packets. + +config GHOSTIFICATION_NETFILTER_ARP + bool "Ghostification support to netfilter, skip ARP hooks" + depends on GHOSTIFICATION_NETFILTER && IP_NF_ARPTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the ARP protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass Arp + hooks of Netfilter; thus the rules which have been created + with the Arptables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_BRIDGE + bool "Ghostification support to netfilter, skip Bridge hooks" + depends on GHOSTIFICATION_NETFILTER && BRIDGE_NF_EBTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the Bridge protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass Bridge + hooks of Netfilter; thus the rules which have been created + with the Ebtables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_IPV4 + bool "Ghostification support to netfilter, skip IPv4 hooks" + depends on GHOSTIFICATION_NETFILTER && !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the IPv4 protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass IPv4 + hooks of Netfilter; thus the rules which have been created + with the Iptables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + +config GHOSTIFICATION_NETFILTER_IPV6 + bool "Ghostification support to netfilter, skip IPv6 hooks" + depends on GHOSTIFICATION_NETFILTER && IP6_NF_IPTABLES + depends on !GHOSTIFICATION_NETFILTER_ALL + help + Netfiter ghostification support for the IPv6 protocol/layer. + If you activate this option then all network packets which + come from, or go to a ghostified interface will bypass IPv6 + hooks of Netfilter; thus the rules which have been created + with the Ip6tables tool will not have any effect on them. + If you activate Netfilter Ghostification for this protocol/layer + then you will lose the capability that network packets bypass + Decnet's hooks of Netfilter. + If you are unsure how to answer this question when you have + decided to use ghostification then answer N and use instead + GHOSTIFICATION_NETFILTER_ALL above. + endif source "net/dccp/Kconfig" @@ -325,4 +424,93 @@ source "net/nfc/Kconfig" +config GHOSTIFICATION + bool "Ghostification support" + depends on INET + default y + help + Ghostification support allow you to hide network interfaces + on your system. Ghostify and Unghostify are the actions which + make dynamically invisible and visible a network interface/cards + (eth0, lo, tun, ...) for the userspace. + When a network interface is ghostified, users of your system + can not see it with userspace tools like ifconfig, route, iproute, + netstat and/or have statistics about it. However even if a network + interface is ghostified it is always possible to open a socket + using the Ip address of this interface, ping this interface or + any host connected to the same network remains possible; has the + opposite, it is not possible to sniff packets on a ghostified + interface with userspace tools like tcpdump, wireshark, ... + Informations about a ghostified interface are hidden under /proc + but they can be find under /sys, it is a limit of the ghostification + patch. + For more informations about Ghostification patch and engine see + the README of the tarball that you have used or go to website of + the Marionnet project at . + + +config GHOSTIFICATION_NUM + int "Ghostification support : max number of possible ghostified interface" + depends on GHOSTIFICATION + range 4 32 + default 8 + help + Here you can choose the number of network interfaces that + you will be allowed to ghostify. This number must be between + 4 and 32. + +config GHOSTIFICATION_MESG + bool "Ghostification messages, display, debug and devel" + depends on GHOSTIFICATION + default y + help + Ghostification messages configuration. This option allow + you to have acces to the options which configure and control + the type of messages that you want the ghostification engine + diplay (visible through syslogd). + There are three options which make more or less verbose the + ghostification engine. You can choose to not select any + options below if you want to try to hide the ghostification + operations for the users of your system. + Note: This option allows you to have access to the options + which control the number of messages and the verbosity of + the Ghostification engine but it activates no section of + code; you will thus need to select one or some among those + this below. + +config GHOSTIFICATION_PRINTK + bool "Ghostification, messages to monitor ghost operations" + depends on GHOSTIFICATION_MESG + default y + help + This option allow you to activate normal messsages from the + ghostification engine, those messages are display through a + simple printk (visible through syslogd), this messages allow + to have informations about the ghost operations (like "the + interface ethX has been ghostified", "unghostified", "is already + ghostified", etc ...). If you really wish to hide ghostified + interfaces and ghost operations for the users of your system + don't select this option. + +config GHOSTIFICATION_DEBUG + bool "Ghostification, debugging messages to monitor ghost operations" + depends on GHOSTIFICATION_MESG + help + This option increase the verbosity of the ghostification engine, + allow to get more informations in order to debug the ghost ops. + This option is in general used to verify the result of a test or + to display the datas (interface name, pid of a calling process, ...) + which are treated by the ghost engine. + +config GHOSTIFICATION_DEVEL + bool "Ghostification, helping messages to trace ghost operations (devel)" + depends on GHOSTIFICATION_MESG + help + This option give more informations that the option above, it is use + by developer of the ghostification patch in order to control some + paths used in the kernel code and the datas which are manipulated. + This option is a little redundant with the debug option but allow + to have a better granularity, maybe it will be remove for the next + release of the ghostification patch. + endif # if NET diff -ruN linux-3.2.48--original/net/netfilter/core.c linux-3.2.48/net/netfilter/core.c --- linux-3.2.48--original/net/netfilter/core.c 2013-06-29 05:06:45.000000000 +0200 +++ linux-3.2.48/net/netfilter/core.c 2013-07-01 11:59:07.000000000 +0200 @@ -5,6 +5,8 @@ * way. * * Rusty Russell (C)2000 -- This code is GPL. + * Little change by Jonathan Roudiere to add + * Ghostification support (bypass netfilter for ghost interface). */ #include #include @@ -23,6 +25,11 @@ #include #include +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + #include "nf_internals.h" static DEFINE_MUTEX(afinfo_mutex); @@ -60,7 +67,6 @@ { struct nf_hook_ops *elem; int err; - err = mutex_lock_interruptible(&nf_hook_mutex); if (err < 0) return err; @@ -169,7 +175,158 @@ rcu_read_lock(); elem = &nf_hooks[pf][hook]; + next_hook: + /* + * (ghost support) Netfilter ghostification support. + * Perform too much tests here is not a good idea because all + * network packets pass through this section but we have + * not other choice to skip netfilter hooks (per hook). + */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER + /* + * Bypass all Netfilter hooks (for ipv4/6, arp, bridge) for any + * ghostified interface (eq. to return NF_ACCEPT for each packet which + * go through an interface which is ghostified (do that at hook level + * in order to skip all chains's rules hang on the hooks)) + */ + + /* don't use ghost_debugmsg macro in this section + because it may introduce too much delay */ + ghost_develmsg("Enter in hook (pf=%i) (hook=%i) from indev->name = " + "%s to outdev->name = %s", pf, hook, indev->name, outdev->name); + +/* If we wish to skip all netfilter hooks for all PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ALL + /* + * outdev->name field is defined in OUTPUT, FORWARD and POSTROUTING hooks, + * if it is a ghostified interface then we must bypass netfilter hooks + * (and all rules chains), we start here (with outdev) to bypass netfilter's + * hooks in the case where we are in FORWARD. + */ + if ((outdev->name) != NULL) { + if (!is_a_ghost_interface_name(outdev->name)) { + ghost_develmsg("(outdev->name) = %s is not a ghostfied interface", + (outdev->name)); + goto apply_hook; + } else { + ghost_develmsg("(outdev->name) = %s is a ghostfied interface", + (outdev->name)); + ret = 1; + goto unlock; + } + } + /* + * indev->name field is defined in PREROUTING, FORWARD and INPUT hooks, + * if it is a ghostified interface then we must bypass netfilter hooks + * (and all rules chains), if we are in FORWARD hook and outdev/indev->name + * is not a ghostified interface then we can go towards hooks. + */ + if ((indev->name) != NULL) { + if (!is_a_ghost_interface_name(indev->name)) { + ghost_develmsg("(indev->name) = %s is not a ghostfied interface", + (indev->name)); + goto apply_hook; + } else { + ghost_develmsg("(indev->name) = %s is a ghostfied interface", + (indev->name)); + ret = 1; + goto unlock; + } + } + +/* + * If GHOSTIFICATION_NETFILTER_ALL is not defined neither any + * GHOSTIFICATION_NETFILTER_PF then we 'll skip all this code chunk. + * (about performance, choose to skip netfilter just for certains PF + * is the most bad things we can do, but ...) + */ +#elif (defined(CONFIG_GHOSTIFICATION_NETFILTER_IPV4) || defined(CONFIG_GHOSTIFICATION_NETFILTER_IPV6) || \ + defined(CONFIG_GHOSTIFICATION_NETFILTER_ARP) || defined(CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE)) + /* Here we have the same logic as previously (in GHOSTIFICATION_NETFILTER_ALL) + but with the ability to choose what are the PFs that we want to skip */ + if ((outdev->name) != NULL) { + if (!is_a_ghost_interface_name(outdev->name)) { + ghost_develmsg("(outdev->name) = %s is not a ghostfied interface", + (outdev->name)); + goto apply_hook; + } else { + ghost_develmsg("(outdev->name) = %s is a ghostfied interface", + (outdev->name)); + /* start with IPv4, IPv6 because they are the most current PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV4 + if (pf == PF_INET) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV4 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV6 + if (pf == PF_INET6) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV6 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ARP + if (pf == NF_ARP) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_ARP */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE + if (pf == PF_BRIDGE) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE */ + /* We arrive here that is because we are not in a PF + that we wish skip so we apply rules chain (for decnet) */ + goto apply_hook; + } + } + if ((indev->name) != NULL) { + if (!is_a_ghost_interface_name(indev->name)) { + ghost_develmsg("(indev->name) = %s is not a ghostfied interface", + (indev->name)); + goto apply_hook; + } else { + ghost_develmsg("(indev->name) = %s is a ghostfied interface", + (indev->name)); + /* start with IPv4, IPv6 because they are the most current PF */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV4 + if (pf == PF_INET) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV4 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_IPV6 + if (pf == PF_INET6) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_IPV6 */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_ARP + if (pf == NF_ARP) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_ARP */ +#ifdef CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE + if (pf == PF_BRIDGE) { + ret = 1; + goto unlock; + } +#endif /* CONFIG_GHOSTIFICATION_NETFILTER_BRIDGE */ + /* We arrive here that is because we are not in a PF + that we wish skip so we apply rules chain (for decnet) */ + goto apply_hook; + } + } + +#endif /* CONFIG_GHOSTIFICATION_ALL */ +apply_hook: +#endif /* CONFIG_GHOSTIFICATION_NETFILTER */ +/* (ghost support) End of ghostification support */ + verdict = nf_iterate(&nf_hooks[pf][hook], skb, hook, indev, outdev, &elem, okfn, hook_thresh); if (verdict == NF_ACCEPT || verdict == NF_STOP) { @@ -191,6 +348,9 @@ kfree_skb(skb); } } +#ifdef CONFIG_GHOSTIFICATION_NETFILTER +unlock: +#endif rcu_read_unlock(); return ret; } diff -ruN linux-3.2.48--original/net/packet/af_packet.c linux-3.2.48/net/packet/af_packet.c --- linux-3.2.48--original/net/packet/af_packet.c 2013-06-29 05:06:45.000000000 +0200 +++ linux-3.2.48/net/packet/af_packet.c 2013-07-01 11:59:07.000000000 +0200 @@ -8,6 +8,7 @@ * Authors: Ross Biro * Fred N. van Kempen, * Alan Cox, + * Luca Saiu : Trivial changes for ghostification * * Fixes: * Alan Cox : verify_area() now used correctly @@ -94,6 +95,11 @@ #include #endif +/* (ghost support) */ +#ifdef CONFIG_GHOSTIFICATION +#include +#endif + /* Assumptions: - if device has no dev->hard_header routine, it adds and removes ll header @@ -1593,6 +1599,18 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Drop packets involving ghost interfaces: + * we don't want the user to be able to sniff them + */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Drop a packet which is going through a ghostified interface (rcv)"); + goto drop; + } +#endif /* CONFIG_GHOSTIFICATION */ + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -1717,6 +1735,18 @@ if (skb->pkt_type == PACKET_LOOPBACK) goto drop; +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Drop packets involving ghost interfaces: + * we don't want the user to be able to sniff them. + */ + if(is_a_ghost_interface_name(orig_dev->name) || + is_a_ghost_interface_name(dev->name)) { + ghost_debugmsg("Drop a packet which is going through a ghostified interface (trcv)"); + goto drop; + } +#endif /* CONFIG_GHOSTIFICATION */ + sk = pt->af_packet_priv; po = pkt_sk(sk); @@ -3841,6 +3871,26 @@ struct sock *s = sk_entry(v); const struct packet_sock *po = pkt_sk(s); +#ifdef CONFIG_GHOSTIFICATION + /* + * (ghost support) Don't show packets involving ghost devices + */ + struct net_device *net_device = dev_get_by_index(sock_net(s), po->ifindex); + if(! is_a_ghost_interface_name(net_device->name)) { + ghost_debugmsg("Don't show packets involving ghostified interface"); + seq_printf(seq, + "%p %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", + s, + atomic_read(&s->sk_refcnt), + s->sk_type, + ntohs(po->num), + po->ifindex, + po->running, + atomic_read(&s->sk_rmem_alloc), + sock_i_uid(s), + sock_i_ino(s) ); + } +#else seq_printf(seq, "%pK %-6d %-4d %04x %-5d %1d %-6u %-6u %-6lu\n", s, @@ -3852,6 +3902,7 @@ atomic_read(&s->sk_rmem_alloc), sock_i_uid(s), sock_i_ino(s)); +#endif /* CONFIG_GHOSTIFICATION */ } return 0; marionnet-0.90.6+bzr508.orig/uml/kernel/doc/0000755000175000017500000000000013175722671017424 5ustar lucaslucasmarionnet-0.90.6+bzr508.orig/uml/kernel/doc/README0000644000175000017500000000162013175722671020303 0ustar lucaslucas# Written by Jonathan Roudiere in 2009. # To do: add copyright notice. Ghost-kernel-2.0 ================ Ghost-kernel-2.0 is a part of the Marionnet project, Ghostification sub-project has been initiated by Luca Saiu and taken back Jonathan Roudiere . Ghost-kernel-2.0 is just a shell encapsulating the pathing and building a ghostified Kernel (and providing the ghost2 user tool). It allows to help user to build Ghost kernel for Marionnet/UML or to your host and that all ;). For more information about ghostification see README.Ghostification. For more information about Marionnet project see its website at . Copyright and license precised in this archive are just relative to the Ghost patch and the ghost2 utility, about kernel copyright or documentation, etc ... see kernel archive or kernel.org website. marionnet-0.90.6+bzr508.orig/uml/kernel/doc/README.Ghostification0000644000175000017500000002422213175722671023257 0ustar lucaslucas# Written by Jonathan Roudiere in 2009. # To do: add copyright notice. # To do: update Informations about Ghostification support ========================================= 1. Authors 2. Ghostification support 3. What ghostification means 4. User interface 5. Limitations 6. Implementation 7. Implementation rationale 8. Contact information 9. License 1. Authors ========== Copyright (C) 2007 Luca Saiu (original author) Copyright (C) 2009 Jonathan Roudiere This patch is released under the GNU General Public License v2 or any later version published by the Free Software Foundation, Inc. See the added comments in the patch for information about who wrote what. 2. Ghostification support ========================= This project consists in a small kernel patch allowing the user to "ghostify" one or several network interfaces. This patch was originally developed for kernel 2.6.18, is now available for the following kernel versions : 2.6.26, 2.6.27, 2.6.28, 2.6.29, 2.6.30, 2.6.31 (soon 2.6.32). 3. What ghostification means ============================ A network interface in "ghostified" state continues to operate as usual and can be normally employed by user applications for communication. Sockets can be opened and closed and packets are normally sent, received and routed. However a ghostified interface is different from a non-ghostified network interface in the following respects: * Its presence can not be *detected* by user processes: kernel ioctl's don't report the interface presence, and when they receive its name as parameter they fail as if the interface didn't exist, with -ENODEV. The /proc virtual filesystem doesn't contain references to its name. * Its configuration can't be *queried* by user processes: the kernel answers with an error when receiving any configuration query ioctl. Routes involving a ghostified interface are not shown to user processes, although they continue to be normally followed by the kernel. * Its configuration can't be *changed* by user processes: the network interface can't be disabled if currently enabled, or vice-versa. Its address (at all levels, from network down to hardware) can't be changed. Routes involving it cannot be added or removed. * Its configuration can't be *queried* or *changed* by user processes using the kernel netlink interface, so tools as iproute2 cann't obtain more information than ifconfig, route, etc (tools using ioctl request). * Packets received or emited by a ghostified interface cann't be catch through Netfilter (iptables). All Netfilter's hooks are skiped (ARP, Bridge, IPv4, IPv6 and Decnet). * Packets received by a ghostified interface are never copied to AF_PACKET sockets, so that user-level sniffers don't see any traffic when reading from a generic AF_PACKET socket associated to "all" network interfaces. * A ghostified interface can be "unghostified" (see below), after which its state reverts to normal. The implementation has been heavily tested only on Ethernet, loopback, bridge, TUN/TAP devices and dummy interface (and most of virtual interfaces) but is expected to work on any other kind of network interface. The code is architecture-idependent, SMP-safe and also works in User Mode Linux. 4. User interface ================= A normal network interface can be ghostified and a ghostified one can be "unghostified" with the new SIOCGIFGHOSTIFY and SIOCGIFUNGHOSTIFY ioctls. Both take the interface name as parameter and return 0 on success or a negative error code on failure, according to ioctl conventions (see file ghost_kernel_errors.txt for exact return error code for each case). On ghostification and unghostification some lines are written to the system log (only if messages are actived at build time), explaining what happened in an understandable way and listing the currently ghostified network interfaces. Configuration of the Ghostification can be done or adapted by using usual interface to configure the Linux Kernel (make *config); the maximum number of ghostified interface can be changed, the verbosity of messages which are displayed by the ghosfication engine (many or no messages) and the Netfilter support for the ghostification can be enabled or disabled for each hook level (IPv4, IPv6, ARP, Bridge and Decnet). A simple user-level program called "ghost2" is provided for convenience: it take the interface name and an option which specify if user wish to ghostify or unghostify the network interface (two little scripts called "ghostify" and "unghostify" are provided to keep compatibility with old versions). 5. Limitations ============== The current implementation imposes a fixed limit to the number of network interface which can be in ghostified state in any given moment. The limit is currently set to 9, but can be trivially raised by modifying the config of the kernel at build time (through make *config, under -> Networking -> Networking support -> Ghostification support). The implementation was tested on a network using IPv4 and IPv6. Some operations in more exoteric protocols might not be correctly filtered, and in particular the interface name could show up somewhere under /proc if such protocols were employed. In fact, some informations are available under /sys and /proc virtual filesystems. If iproute is used (or any tools using the Netlink interface of the Kernel) then user can notice that the index number of interfaces which are displayed are no contiguous. 6. Implementation ================= The implementation is failry simple and unobtrusive. Its bulk resides in net/core/dev.c, where a simple fixed-length array of fixed-length strings is defined, ghost_interface_names. Such structure is static and always accessed from the outside via is_a_ghost_interface_name() -- which makes changing the implementation fairly easy, should it ever be needed. Structure updates are performed only from within net/core/dev.c, which also contains what essentially is the full implementation of the new ioctls in ghostify_interface() and unghostify_interface(). Their common table lookup functionality is implemented in __lookup_ghost_interface_names(). Such functions (and their unlocked counterparts, where appliable) are of course all static. The data structure initialization is performed in netdev_boot_setup(), in net/core/dev.c . Critical sections are implemented with a spinlock (ghost_interface_spin_lock), and the only exported function, is_a_ghost_interface_name(), is reentrant. The behaviour of several ioctls has been modified according to the specification above, including all SIOCxIFxxx calls (see net/core/dev.c), and SIOCDELRT and SIOCADDRT (see net/ipv4/fib_frontend.c, net/ipv4/fib_trie.c, net/ipv4/fib_hash.c, net/ipv6/route.c). Many modifications just consist in the addition of a call to is_a_ghost_interface_name() within a conditional, making an operation fail when a ghostified interface is involved. Such updates pertain to many files under net/ . Similar modifications have the purpose of "filtering out" some lines displayed in files under /proc/ . A slightly more involved modification consists in making a file under /proc/net/dev_snmp6/ appear or disapper at ghostification or unghostification time. The implementation is in net/ipv6/addrconf.c and net/ipv6/proc.c . Sockets with address format AF_PACKET are dealt with in net/packet/af_packet.c . Modifications just consist in selective packet dropping, even if in several distinct cases. Multicast and memory-mapped devices are explicitly supported. Netfilter ghostification support is performed with a simple test in order to know if a network packet comes from or goes through a ghostified interface. It is possible to skip all Netfilter's hooks or just select some hooks in particular (skip not all but just some hooks may be incredibly inefficient and it is not recommended to use this method). The userspace utility ghost2 just uses ioctl request to do its work, it is a little and very stupid tool. For more informations see the following sources files, patch modify the following : include/linux/netdevice.h include/linux/sockios.h include/net/ghostdebug.h kernel/softirq.c net/Kconfig net/core/dev.c net/core/dev_mcast.c net/core/rtnetlink.c net/ipv4/arp.c net/ipv4/devinet.c net/ipv4/fib_frontend.c net/ipv4/fib_hash.c net/ipv4/fib_semantics.c net/ipv4/fib_trie.c net/ipv4/igmp.c net/ipv4/route.c net/ipv6/Kconfig net/ipv6/addrconf.c net/ipv6/ip6_fib.c net/ipv6/mcast.c net/ipv6/proc.c net/ipv6/route.c net/netfilter/core.c net/packet/af_packet.c 7. Implementation rationale =========================== The cleanest, most straightforward and also most efficient way of keeping track of which interface is currently ghostified would have been adding a new field to struct net_device, defined in include/linux/netdevice.h . Unfortunately such structure is exported to the user level, and even just appending a field to its end would have changed its size, breaking binary compatibility with user applications. We decided to fall back to a less efficient solution, which shouldn't however cause perceivable slowdowns because of the extremely small size of our fixed table. Even using a hash table would have probably been overkill for such a small structure, and could actually have resulted in higher access time. is_a_ghost_interface_name() has constant complexity, consisting (in the worst case) in MAX_GHOST_INTERFACES_NO string comparisons where all strings have size less than IFNAMSIZ (currently defined as 16 in in include/linux/if.h). Using a unique index (such as the ifindex field of struct net_device) instead of the interface name would have probably been less efficient, as many kernel structures and interfaces work with interface names expressed as strings. 8. Contact information ====================== For any bug report or comment, the author is reachable at the address : - (mailing list) - - 9. License ========== This patch and the ghost2 user tool are released under the GNU GPL v2 or later. marionnet-0.90.6+bzr508.orig/uml/kernel/doc/LICENSE0000644000175000017500000004310313175722671020432 0ustar lucaslucas GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. , 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. marionnet-0.90.6+bzr508.orig/uml/kernel/doc/ghost_kernel_errors.txt0000644000175000017500000000250313175722671024245 0ustar lucaslucasKernel code error : =================== Part of the kernel which has in charge the Ghost operations can return several error code when an error occurs. Ghostify or Unghostify a network interface (card) is done through a ioctl(2) request, on error ioctl request use errno to provide the number of the error. The differents error code which can be returned are : ----------------------------------------------------- During Ghostify operation : --------------------------- EINVAL - This error is returned when the name of the specified network card is too long (greater than IFNAMSIZ) or when the name has a null length. This error is also returned by a incorrect ioctl() request. With ghost2 this reflects the fact that the kernel doesn't supports the Ghost operations (because the other cases are handled by the program). EEXIST - This error occurs when the network card is already ghostified. ENODEV - This error is returned when the specified network card doesn't exist (really doesn't exist ;). ENOMEM - This error is returned when the max number of ghostified network cards has been reached. During Unghostify operation : ----------------------------- ENODEV - This error is returned when the specified network card doesn't exist (really doesn't exist ;). ESRCH - The network card is not ghositified. marionnet-0.90.6+bzr508.orig/uml/kernel/doc/ghost_kernel_errors.fr.txt0000644000175000017500000000311613175722671024654 0ustar lucaslucasKernel code error : =================== La partie du code noyau qui a en charge les opérations de ghostification peut renvoyer différents code de retour lorsqu'elle rencontre un erreur. La (un)ghostification d'une interface ce fait à travers une requète ioctl(2), lors d'un echec l'appel ioctl place dans errno le numéro de l'erreur en question. Les différents code de retour sont : ------------------------------------ Lors d'une ghostification d'interface (fonct ghostify) : -------------------------------------------------------- EINVAL : Cette erreur est renvoyée lors le nom de l'interface que l'on désire ghostifier est trop long (plus grand que IFNAMSIZ) où de longueur nulle; cette erreur est également celle renvoyée par une requète ioctl() avec des paramètres incorrect donc lors de l'utilisation du binaire ghost2 cela traduit le fait que le noyau ne supporte pas les opérations de Ghostification (les autres cas étant pris en charge par le logiciel). EEXIST : Cette erreur est renvoyée lorsque l'interface est déjà ghostifiée. ENODEV : Cette erreur est renvoyée lorsque l'interface spécifiée n'existe pas (n'existe réellement pas ;). ENOMEM : Cette erreur est renvoyée lorsque le nombre maximum d'interfaces ghostifiées a été atteint. Lors de la dé-ghostification d'interface (fonct unghostify) : ------------------------------------------------------------- ENODEV : Cette erreur est renvoyée lorsque l'interface spécifiée n'existe pas (n'existe réellement pas ;). ESRCH : L'interface réseau n'est pas ghostifée. marionnet-0.90.6+bzr508.orig/uml/kernel/doc/INSTALL0000644000175000017500000002342013175722671020456 0ustar lucaslucas# Written by Jonathan Roudiere in 2009. # To do: add copyright notice. GHOST-KERNEL-2.0 ================ Abstract : Ghost-kernel contain a patch to some versions of the Linux Kernel and a tool called ghost2. This patch is intended to provide the ability to hide network interfaces to userspace from kernel space. The utility ghost2 is used to ghostify or unghostify network interfaces from userspace. To get more informations about Ghostification see README.Ghostification. 1. Standard build 2. Building using a config file 3. Adapt Build or Install 4. Building packages 1. Standard build ================= To build Linux Ghost Kernel and Ghost2, you need to have standard tools as those provided by binutils, coreutils, libc-dev, make, gcc, bzip2, tar, strip, some development library as ncurses, vde and libpcap ... but most systems provided them or packages to installed them. There aren't configuration script to build Kernel and Ghost2, all needs information must be provided on the make command line (or through a config file, see approriate section about it). NOte : this tarball cann't help you if you wish to build a Linux Ghost Kernel with modules (maybe next release will allow it). --- To know what are the available targets run : $> make help or $> make targets And you will seeing a list a targets with a comment for each. --- To know what is the default configuration (as path, etc ...) just run : $> make show-default-config But you can also use : $> make show-config In this case you see the same configuration (by default) but variables content are interpreted (ex : CONFIG_FILE=CONFIG-$(KERNEL_VERSION) will be shown like that : CONFIG_FILE=CONFIG-2.6.31). Some variables which will displayed are no used by the build system, they will be used for a next release ;), it most case variables that you could have needs are : - KERNEL_VERSION=2.6.x If you wish to built a particular version of the Ghost Kernel (patch for this version must be exist (look vs in kernel-patch if dir exist), by default the latest version of the kernel for which a patch exist will be built. - PREFIX=/path/to/usr standard option to change /usr directory (by /usr/local for example). - DESTDIR=/path To make installation in another root directory (for example, you can use DESTDIR variable in order to install ghost2 in a VM (for marionnet) which could be "mounted" in a directory on your host, to do that, run : $> mount -o loop /usr/share/marionnet/filesystem/vm.img /mnt $> make install-ghost2 DESTDIR=/mnt $> umount /mnt And the ghost2 is now installed on the VM. All others relevant variables are relative to the path of the installation and start by PATH_*, look for your needs with : $> make make show-config |grep PATH Generally their names are explicit (if not, their default definition can help you to know what their purpose). --- This tarball is intended to build two things : - The Linux Kernel patched for Ghotification and - the Ghost2 user tool But the Kernel is intended to be installed to your host, to Marionnet or as a UML kernel (User-Mode-Linux, a simple binary), it is need to use appropriate targets to do that. Standard step to build Kernel and user tool are the following (to build and install a kernel to Marionnet, adapt to your needs) : $> make download-kernel $> make untar-kernel $> make apply-patch $> make configure-kernel-marionnet $> make build-kernel-marionnet $> make pack-kernel-marionnet $> make install-kernel-marionnet $> make ghost2 $> make install-ghost2 If you don't use configuration file you can specify some information on the make commande line : $> make _TARGET_ KERNEL_VERSION=2.6.XX OTHER_VAR1=... OTHER_VAR2=... Remplace _TARGET_ by any target (build-*, install-*, pack*..). --- In fact, targets "all" and "install" are sufficient in most case, if it is need those targets will run all intermediary targets for you, so you can just use them like that : $> make all GHOST_TARGET=_target_ $> make install GHOST_TARGET=_target_ Just change "_target_" by "host", "marionnet" or "uml" according you wish to build a kernel for you host (interactive configuration), to Marionnet or to UML architecture (Marionnet is just an UML kernel with differents name and installing path). --- You must have an Internet connection to build Kernel (exept if Kernel sources have already be donwloaded). If you don't have Internet connection but you already have Kernel tarball then you can lie to the system by : Creating a directory called ./kernel-src in at the root of the sources of ghost-kernel-2.0 : $> mkdir kernel-src Move or copy the Kernel tarball in : $> cp /path/to/tarball/linux-2.6.XX.tar.bz2 ./kernel-src/ And created a directory called ./build with a file as shown below : $> mkdir build $> touch build/download-kernel-2.6.XX-done (Change XX by the kernel version that you wish used). --- Pack : when you built something - before installing a Linux Ghost Kernel or the Ghost2 usertool - a directory called "pack" is created and it contains all files which will be installed after. You can check in sub-directories of the pack directory files which will be installed and where they will be install (but path can be changed during installation by specify it on the make commande line). Pack directory contains subdirs to keep separate targets, and differents versions build (for kernels), the following directories (a part for example) are created : --- ghost2 `-- kernel-host-pack `-- 2.6.26 `-- 2.6.30 `-- usr ... ... `-- kernel-marionnet-pack `-- 2.6.26 ... `-- kernel-uml-pack `-- 2.6.26 ... Advantages to use a intermediary directories before installing files is that you can built (for example) several kernel versions and install them after. Example to install the Ghost Kernel version 2.6.30 to marionnet : $> make KERNEL_VERSION=2.6.27 install-kernel-marionnet If it is built then it will be build by running the previous command line. You can use "pack*" targets to create sereval binaries tarballs (but dist-binary-* do the same). 2. Build with a config file ============================ You can use a config file called CONFIGME in order to specify some variables definition. This file must be put on the root directory of this tarball. You can specify any variables (if some are not used by the build system then they will just be ignored). If you use a configuration file then at any time you can check your current configuration by running : $> make show-config --- If you modify Makefile to add, remove variables then run after : $> ./Makefile.d/update.sh to update part of the Makefile which read the CONFIGME configuration file, and that 's all. 3. Adapt Build or Install ========================= Modify Kernel default configuration : ------------------------------------- If you need to modify the configuration of the kernel which will be build for Marionnet or UML architecture then run : $> make configure-kernel-marionnet or $> make configure-kernel-uml this targets just copy a default config file in kernel tree, and run after : $> make configure-kernel KERN_ARCH=um Some messages will be displayed (to warn you because the kernel is already configured but no important things, just wait a little) and after the standard Kernel configuration interface will open and you can modify or adapt to your needs the default configuration provide for Marionnet or UML. When you have finished, just save, exit and build the kernel with : $> make build-kernel-marionnet or $> make build-kernel-uml Installing Kernel or ghost2 tool in a particular directory ---------------------------------------------------------- To install the product of any target in another directory you can use DESTDIR variable as below : $> make install* DESTDIR=/path/to/rootdir/ And all files will be installed under the specified directory (of course this doesn't change path where files are installed like /usr, /usr/doc/man, etc ...). Build a kernel 2.6.XX with a path to the kernel 2.6.YY ------------------------------------------------------ You can simply use KERNEL_VERSION and PATCH_VERSION to specify what is the version of the kernel that you want used and what is the patch version which you wish used ;) as below : $> make KERNEL_VERSION=2.6.XX PATCH_VERSION=2.6.YY build-kernel* Of course, you can have error or echec but it can be useful to adapt the patch for a newer version of the kernel. 4. Building packages ==================== To build Debian package you must install dpkg-dev and debhelper packages before (and dependancies). To build RPM package you must have rpmbuild. When you build packages the three following will be built : - marionnet-kernel-2.6.X - uml-kernel-2.6.X-ghost - ghost2 Build Debian packages --------------------- To build a Debian package just run (remplace XX by a version for which a patch exit) : $> make deb KERNEL_VERSION=2.6.XX And package will be build in the parent (../) directory. Packages build using this way will use a Kernel source from kernel.org (vanilla). If KERNEL_VERSION is not specified the Kernel build will be the latest for which a patch exist (like for other targets). Or you can also build package using Kernel sources provide by Debian (linux-source-2.6.XX package) by running : $> ./debian/rules binary or $> dpkg-buildpackage Kernel available by this second method are : 2.6.26 (lenny), 2.6.30 (squeeze) and 2.6.31 (sid). Apt sources.list file must contain appropriate url to donwload corresponding debian package. Build RPMs packages ------------------- To build RPMs packages just run : $> make c-rpm KERNEL_VERSION=2.6.XX or $> make c-rpm And package will be built in the parent (../) directory. Packages built using this way will use a Kernel sources from kernel.org (vanilla). If KERNEL_VERSION is not specified the Kernel built will be the latest for which a patch exist (like for other targets). marionnet-0.90.6+bzr508.orig/uml/kernel/CONFIG-3.2.480000644000175000017500000006746313175722671020321 0ustar lucaslucas# # Automatically generated file; DO NOT EDIT. # User Mode Linux/i386 3.2.48 Kernel Configuration # CONFIG_DEFCONFIG_LIST="arch/$ARCH/defconfig" CONFIG_UML=y CONFIG_MMU=y CONFIG_NO_IOMEM=y # CONFIG_TRACE_IRQFLAGS_SUPPORT is not set CONFIG_LOCKDEP_SUPPORT=y # CONFIG_STACKTRACE_SUPPORT is not set CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_CLOCKEVENTS=y CONFIG_IRQ_RELEASE_METHOD=y CONFIG_HZ=100 # # UML-specific options # # # Host processor type and features # # CONFIG_CMPXCHG_LOCAL is not set # CONFIG_CMPXCHG_DOUBLE is not set # CONFIG_M486 is not set # CONFIG_M586 is not set # CONFIG_M586TSC is not set CONFIG_M586MMX=y # CONFIG_M686 is not set # CONFIG_MPENTIUMII is not set # CONFIG_MPENTIUMIII is not set # CONFIG_MPENTIUMM is not set # CONFIG_MPENTIUM4 is not set # CONFIG_MK6 is not set # CONFIG_MK7 is not set # CONFIG_MK8 is not set # CONFIG_MCRUSOE is not set # CONFIG_MEFFICEON is not set # CONFIG_MWINCHIPC6 is not set # CONFIG_MWINCHIP3D is not set # CONFIG_MELAN is not set # CONFIG_MGEODEGX1 is not set # CONFIG_MGEODE_LX is not set # CONFIG_MCYRIXIII is not set # CONFIG_MVIAC3_2 is not set # CONFIG_MVIAC7 is not set # CONFIG_MCORE2 is not set # CONFIG_MATOM is not set CONFIG_X86_GENERIC=y CONFIG_X86_INTERNODE_CACHE_SHIFT=6 CONFIG_X86_CMPXCHG=y CONFIG_X86_L1_CACHE_SHIFT=6 CONFIG_X86_XADD=y CONFIG_X86_PPRO_FENCE=y CONFIG_X86_F00F_BUG=y CONFIG_X86_WP_WORKS_OK=y CONFIG_X86_INVLPG=y CONFIG_X86_BSWAP=y CONFIG_X86_POPAD_OK=y CONFIG_X86_ALIGNMENT_16=y CONFIG_X86_INTEL_USERCOPY=y CONFIG_X86_TSC=y CONFIG_X86_MINIMUM_CPU_FAMILY=4 CONFIG_CPU_SUP_INTEL=y CONFIG_CPU_SUP_CYRIX_32=y CONFIG_CPU_SUP_AMD=y CONFIG_CPU_SUP_CENTAUR=y CONFIG_CPU_SUP_TRANSMETA_32=y CONFIG_CPU_SUP_UMC_32=y CONFIG_UML_X86=y # CONFIG_64BIT is not set CONFIG_X86_32=y # CONFIG_X86_64 is not set # CONFIG_RWSEM_XCHGADD_ALGORITHM is not set CONFIG_RWSEM_GENERIC_SPINLOCK=y CONFIG_3_LEVEL_PGTABLES=y CONFIG_ARCH_HAS_SC_SIGNALS=y CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA=y CONFIG_GENERIC_HWEIGHT=y # CONFIG_STATIC_LINK is not set CONFIG_SELECT_MEMORY_MODEL=y CONFIG_FLATMEM_MANUAL=y CONFIG_FLATMEM=y CONFIG_FLAT_NODE_MEM_MAP=y CONFIG_PAGEFLAGS_EXTENDED=y CONFIG_SPLIT_PTLOCK_CPUS=4 # CONFIG_COMPACTION is not set # CONFIG_PHYS_ADDR_T_64BIT is not set CONFIG_ZONE_DMA_FLAG=0 CONFIG_VIRT_TO_BUS=y # CONFIG_KSM is not set CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 CONFIG_NEED_PER_CPU_KM=y # CONFIG_CLEANCACHE is not set CONFIG_TICK_ONESHOT=y CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y CONFIG_GENERIC_CLOCKEVENTS_BUILD=y CONFIG_LD_SCRIPT_DYN=y CONFIG_BINFMT_ELF=y CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y CONFIG_HAVE_AOUT=y # CONFIG_BINFMT_AOUT is not set CONFIG_BINFMT_MISC=y CONFIG_HOSTFS=y # CONFIG_HPPFS is not set CONFIG_MCONSOLE=y CONFIG_MAGIC_SYSRQ=y CONFIG_KERNEL_STACK_ORDER=2 # CONFIG_MMAPPER is not set CONFIG_NO_DMA=y # # General setup # CONFIG_EXPERIMENTAL=y CONFIG_BROKEN_ON_SMP=y CONFIG_INIT_ENV_ARG_LIMIT=128 CONFIG_CROSS_COMPILE="" CONFIG_LOCALVERSION="" CONFIG_LOCALVERSION_AUTO=y CONFIG_DEFAULT_HOSTNAME="(none)" CONFIG_SWAP=y CONFIG_SYSVIPC=y CONFIG_SYSVIPC_SYSCTL=y CONFIG_POSIX_MQUEUE=y CONFIG_POSIX_MQUEUE_SYSCTL=y CONFIG_BSD_PROCESS_ACCT=y # CONFIG_BSD_PROCESS_ACCT_V3 is not set # CONFIG_FHANDLE is not set # CONFIG_TASKSTATS is not set # CONFIG_AUDIT is not set CONFIG_HAVE_GENERIC_HARDIRQS=y # # IRQ subsystem # CONFIG_GENERIC_HARDIRQS=y CONFIG_GENERIC_IRQ_SHOW=y # # RCU Subsystem # CONFIG_TINY_RCU=y # CONFIG_PREEMPT_RCU is not set # CONFIG_RCU_TRACE is not set # CONFIG_TREE_RCU_TRACE is not set CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y CONFIG_LOG_BUF_SHIFT=14 # CONFIG_CGROUPS is not set CONFIG_NAMESPACES=y CONFIG_UTS_NS=y CONFIG_IPC_NS=y CONFIG_USER_NS=y CONFIG_PID_NS=y CONFIG_NET_NS=y # CONFIG_SCHED_AUTOGROUP is not set CONFIG_SYSFS_DEPRECATED=y # CONFIG_SYSFS_DEPRECATED_V2 is not set CONFIG_RELAY=y CONFIG_BLK_DEV_INITRD=y CONFIG_INITRAMFS_SOURCE="" CONFIG_RD_GZIP=y CONFIG_RD_BZIP2=y CONFIG_RD_LZMA=y CONFIG_RD_XZ=y CONFIG_RD_LZO=y CONFIG_CC_OPTIMIZE_FOR_SIZE=y CONFIG_SYSCTL=y CONFIG_ANON_INODES=y # CONFIG_EXPERT is not set CONFIG_UID16=y # CONFIG_SYSCTL_SYSCALL is not set CONFIG_KALLSYMS=y # CONFIG_KALLSYMS_ALL is not set CONFIG_HOTPLUG=y CONFIG_PRINTK=y CONFIG_BUG=y CONFIG_ELF_CORE=y CONFIG_BASE_FULL=y CONFIG_FUTEX=y CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_SHMEM=y CONFIG_AIO=y # CONFIG_EMBEDDED is not set # # Kernel Performance Events And Counters # CONFIG_VM_EVENT_COUNTERS=y CONFIG_COMPAT_BRK=y CONFIG_SLAB=y # CONFIG_SLUB is not set # CONFIG_PROFILING is not set # # GCOV-based kernel profiling # # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set CONFIG_SLABINFO=y CONFIG_RT_MUTEXES=y CONFIG_BASE_SMALL=0 CONFIG_MODULES=y # CONFIG_MODULE_FORCE_LOAD is not set CONFIG_MODULE_UNLOAD=y # CONFIG_MODULE_FORCE_UNLOAD is not set # CONFIG_MODVERSIONS is not set # CONFIG_MODULE_SRCVERSION_ALL is not set CONFIG_BLOCK=y CONFIG_LBDAF=y CONFIG_BLK_DEV_BSG=y # CONFIG_BLK_DEV_BSGLIB is not set # CONFIG_BLK_DEV_INTEGRITY is not set # # IO Schedulers # CONFIG_IOSCHED_NOOP=y CONFIG_IOSCHED_DEADLINE=y CONFIG_IOSCHED_CFQ=y # CONFIG_DEFAULT_DEADLINE is not set CONFIG_DEFAULT_CFQ=y # CONFIG_DEFAULT_NOOP is not set CONFIG_DEFAULT_IOSCHED="cfq" # CONFIG_INLINE_SPIN_TRYLOCK is not set # CONFIG_INLINE_SPIN_TRYLOCK_BH is not set # CONFIG_INLINE_SPIN_LOCK is not set # CONFIG_INLINE_SPIN_LOCK_BH is not set # CONFIG_INLINE_SPIN_LOCK_IRQ is not set # CONFIG_INLINE_SPIN_LOCK_IRQSAVE is not set CONFIG_INLINE_SPIN_UNLOCK=y # CONFIG_INLINE_SPIN_UNLOCK_BH is not set CONFIG_INLINE_SPIN_UNLOCK_IRQ=y # CONFIG_INLINE_SPIN_UNLOCK_IRQRESTORE is not set # CONFIG_INLINE_READ_TRYLOCK is not set # CONFIG_INLINE_READ_LOCK is not set # CONFIG_INLINE_READ_LOCK_BH is not set # CONFIG_INLINE_READ_LOCK_IRQ is not set # CONFIG_INLINE_READ_LOCK_IRQSAVE is not set CONFIG_INLINE_READ_UNLOCK=y # CONFIG_INLINE_READ_UNLOCK_BH is not set CONFIG_INLINE_READ_UNLOCK_IRQ=y # CONFIG_INLINE_READ_UNLOCK_IRQRESTORE is not set # CONFIG_INLINE_WRITE_TRYLOCK is not set # CONFIG_INLINE_WRITE_LOCK is not set # CONFIG_INLINE_WRITE_LOCK_BH is not set # CONFIG_INLINE_WRITE_LOCK_IRQ is not set # CONFIG_INLINE_WRITE_LOCK_IRQSAVE is not set CONFIG_INLINE_WRITE_UNLOCK=y # CONFIG_INLINE_WRITE_UNLOCK_BH is not set CONFIG_INLINE_WRITE_UNLOCK_IRQ=y # CONFIG_INLINE_WRITE_UNLOCK_IRQRESTORE is not set # CONFIG_MUTEX_SPIN_ON_OWNER is not set # CONFIG_FREEZER is not set # # UML Character Devices # CONFIG_STDERR_CONSOLE=y CONFIG_STDIO_CONSOLE=y CONFIG_SSL=y CONFIG_NULL_CHAN=y CONFIG_PORT_CHAN=y CONFIG_PTY_CHAN=y CONFIG_TTY_CHAN=y CONFIG_XTERM_CHAN=y # CONFIG_NOCONFIG_CHAN is not set CONFIG_CON_ZERO_CHAN="fd:0,fd:1" CONFIG_CON_CHAN="xterm" CONFIG_SSL_CHAN="pty" CONFIG_UML_SOUND=y CONFIG_SOUND=y CONFIG_SOUND_OSS_CORE=y CONFIG_HOSTAUDIO=y # # Device Drivers # # # Generic Driver Options # CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" # CONFIG_DEVTMPFS is not set CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y CONFIG_FW_LOADER=y CONFIG_FIRMWARE_IN_KERNEL=y CONFIG_EXTRA_FIRMWARE="" # CONFIG_DEBUG_DRIVER is not set # CONFIG_DEBUG_DEVRES is not set # CONFIG_SYS_HYPERVISOR is not set CONFIG_CONNECTOR=y CONFIG_PROC_EVENTS=y CONFIG_BLK_DEV=y CONFIG_BLK_DEV_UBD=y CONFIG_BLK_DEV_UBD_SYNC=y CONFIG_BLK_DEV_COW_COMMON=y CONFIG_BLK_DEV_LOOP=y CONFIG_BLK_DEV_LOOP_MIN_COUNT=8 CONFIG_BLK_DEV_CRYPTOLOOP=y # CONFIG_BLK_DEV_DRBD is not set CONFIG_BLK_DEV_NBD=y CONFIG_BLK_DEV_RAM=y CONFIG_BLK_DEV_RAM_COUNT=16 CONFIG_BLK_DEV_RAM_SIZE=4096 # CONFIG_BLK_DEV_XIP is not set CONFIG_ATA_OVER_ETH=y # CONFIG_BLK_DEV_RBD is not set # CONFIG_MISC_DEVICES is not set # # SCSI device support # CONFIG_SCSI_MOD=y # CONFIG_RAID_ATTRS is not set # CONFIG_SCSI is not set # CONFIG_SCSI_DMA is not set # CONFIG_SCSI_NETLINK is not set # CONFIG_MD is not set CONFIG_NETDEVICES=y CONFIG_NET_CORE=y CONFIG_BONDING=y CONFIG_DUMMY=y # CONFIG_EQUALIZER is not set # CONFIG_MII is not set # CONFIG_MACVLAN is not set # CONFIG_NETCONSOLE is not set # CONFIG_NETPOLL is not set # CONFIG_NET_POLL_CONTROLLER is not set CONFIG_TUN=y # CONFIG_VETH is not set # # CAIF transport drivers # CONFIG_ETHERNET=y CONFIG_NET_VENDOR_CHELSIO=y CONFIG_NET_VENDOR_INTEL=y CONFIG_NET_VENDOR_I825XX=y CONFIG_NET_VENDOR_MARVELL=y CONFIG_NET_VENDOR_NATSEMI=y CONFIG_NET_VENDOR_8390=y # CONFIG_PHYLIB is not set CONFIG_PPP=y CONFIG_PPP_BSDCOMP=y CONFIG_PPP_DEFLATE=y CONFIG_PPP_FILTER=y CONFIG_PPP_MPPE=y CONFIG_PPP_MULTILINK=y CONFIG_PPPOE=y CONFIG_PPP_ASYNC=y CONFIG_PPP_SYNC_TTY=y CONFIG_SLIP=y CONFIG_SLHC=y CONFIG_SLIP_COMPRESSED=y CONFIG_SLIP_SMART=y CONFIG_SLIP_MODE_SLIP6=y CONFIG_WLAN=y # CONFIG_HOSTAP is not set # # Enable WiMAX (Networking options) to see the WiMAX drivers # # CONFIG_WAN is not set # # Character devices # CONFIG_UNIX98_PTYS=y # CONFIG_DEVPTS_MULTIPLE_INSTANCES is not set CONFIG_LEGACY_PTYS=y CONFIG_LEGACY_PTY_COUNT=32 # CONFIG_N_GSM is not set # CONFIG_TRACE_SINK is not set CONFIG_DEVKMEM=y CONFIG_HW_RANDOM=y CONFIG_UML_RANDOM=y # CONFIG_R3964 is not set # CONFIG_NSC_GPIO is not set # CONFIG_RAW_DRIVER is not set # # PPS support # # CONFIG_PPS is not set # # PPS generators support # # # PTP clock support # # # Enable Device Drivers -> PPS to see the PTP clock options. # # CONFIG_POWER_SUPPLY is not set # CONFIG_THERMAL is not set # CONFIG_WATCHDOG is not set # CONFIG_REGULATOR is not set CONFIG_SOUND_OSS_CORE_PRECLAIM=y # CONFIG_MEMSTICK is not set # CONFIG_NEW_LEDS is not set # CONFIG_ACCESSIBILITY is not set # CONFIG_AUXDISPLAY is not set # CONFIG_UIO is not set # # Virtio drivers # # CONFIG_VIRTIO_BALLOON is not set # CONFIG_STAGING is not set # # Hardware Spinlock drivers # CONFIG_IOMMU_SUPPORT=y # CONFIG_VIRT_DRIVERS is not set # CONFIG_PM_DEVFREQ is not set CONFIG_NET=y # # Networking options # CONFIG_PACKET=y CONFIG_UNIX=y CONFIG_XFRM=y CONFIG_XFRM_USER=y # CONFIG_XFRM_SUB_POLICY is not set # CONFIG_XFRM_MIGRATE is not set # CONFIG_XFRM_STATISTICS is not set CONFIG_XFRM_IPCOMP=y CONFIG_NET_KEY=y # CONFIG_NET_KEY_MIGRATE is not set CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y # CONFIG_IP_FIB_TRIE_STATS is not set CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_VERBOSE=y CONFIG_IP_ROUTE_CLASSID=y CONFIG_IP_PNP=y CONFIG_IP_PNP_DHCP=y CONFIG_IP_PNP_BOOTP=y CONFIG_IP_PNP_RARP=y CONFIG_NET_IPIP=y # CONFIG_NET_IPGRE_DEMUX is not set CONFIG_IP_MROUTE=y # CONFIG_IP_MROUTE_MULTIPLE_TABLES is not set CONFIG_IP_PIMSM_V1=y # CONFIG_IP_PIMSM_V2 is not set CONFIG_ARPD=y # CONFIG_SYN_COOKIES is not set CONFIG_INET_AH=y CONFIG_INET_ESP=y CONFIG_INET_IPCOMP=y CONFIG_INET_XFRM_TUNNEL=y CONFIG_INET_TUNNEL=y CONFIG_INET_XFRM_MODE_TRANSPORT=y CONFIG_INET_XFRM_MODE_TUNNEL=y CONFIG_INET_XFRM_MODE_BEET=y CONFIG_INET_LRO=y CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y CONFIG_TCP_CONG_ADVANCED=y CONFIG_TCP_CONG_BIC=y CONFIG_TCP_CONG_CUBIC=y CONFIG_TCP_CONG_WESTWOOD=y CONFIG_TCP_CONG_HTCP=y CONFIG_TCP_CONG_HSTCP=y CONFIG_TCP_CONG_HYBLA=y CONFIG_TCP_CONG_VEGAS=y CONFIG_TCP_CONG_SCALABLE=y CONFIG_TCP_CONG_LP=y CONFIG_TCP_CONG_VENO=y # CONFIG_TCP_CONG_YEAH is not set # CONFIG_TCP_CONG_ILLINOIS is not set # CONFIG_DEFAULT_BIC is not set CONFIG_DEFAULT_CUBIC=y # CONFIG_DEFAULT_HTCP is not set # CONFIG_DEFAULT_HYBLA is not set # CONFIG_DEFAULT_VEGAS is not set # CONFIG_DEFAULT_VENO is not set # CONFIG_DEFAULT_WESTWOOD is not set # CONFIG_DEFAULT_RENO is not set CONFIG_DEFAULT_TCP_CONG="cubic" # CONFIG_TCP_MD5SIG is not set CONFIG_IPV6=y CONFIG_IPV6_PRIVACY=y CONFIG_IPV6_ROUTER_PREF=y # CONFIG_IPV6_ROUTE_INFO is not set # CONFIG_IPV6_OPTIMISTIC_DAD is not set CONFIG_INET6_AH=y CONFIG_INET6_ESP=y CONFIG_INET6_IPCOMP=y # CONFIG_IPV6_MIP6 is not set CONFIG_INET6_XFRM_TUNNEL=y CONFIG_INET6_TUNNEL=y CONFIG_INET6_XFRM_MODE_TRANSPORT=y CONFIG_INET6_XFRM_MODE_TUNNEL=y CONFIG_INET6_XFRM_MODE_BEET=y # CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set CONFIG_IPV6_SIT=y # CONFIG_IPV6_SIT_6RD is not set CONFIG_IPV6_NDISC_NODETYPE=y CONFIG_IPV6_TUNNEL=y # CONFIG_IPV6_MULTIPLE_TABLES is not set # CONFIG_IPV6_MROUTE is not set # CONFIG_NETWORK_SECMARK is not set # CONFIG_NETWORK_PHY_TIMESTAMPING is not set CONFIG_NETFILTER=y # CONFIG_NETFILTER_DEBUG is not set CONFIG_NETFILTER_ADVANCED=y CONFIG_BRIDGE_NETFILTER=y # # Core Netfilter Configuration # CONFIG_NETFILTER_NETLINK=y CONFIG_NETFILTER_NETLINK_QUEUE=y CONFIG_NETFILTER_NETLINK_LOG=y # CONFIG_NF_CONNTRACK is not set # CONFIG_NETFILTER_TPROXY is not set CONFIG_NETFILTER_XTABLES=y # # Xtables combined modules # CONFIG_NETFILTER_XT_MARK=y # # Xtables targets # # CONFIG_NETFILTER_XT_TARGET_CHECKSUM is not set CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y # CONFIG_NETFILTER_XT_TARGET_DSCP is not set CONFIG_NETFILTER_XT_TARGET_HL=y # CONFIG_NETFILTER_XT_TARGET_IDLETIMER is not set CONFIG_NETFILTER_XT_TARGET_MARK=y # CONFIG_NETFILTER_XT_TARGET_NFLOG is not set CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y # CONFIG_NETFILTER_XT_TARGET_RATEEST is not set # CONFIG_NETFILTER_XT_TARGET_TEE is not set # CONFIG_NETFILTER_XT_TARGET_TRACE is not set # CONFIG_NETFILTER_XT_TARGET_TCPMSS is not set # CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP is not set # # Xtables matches # # CONFIG_NETFILTER_XT_MATCH_ADDRTYPE is not set CONFIG_NETFILTER_XT_MATCH_COMMENT=y # CONFIG_NETFILTER_XT_MATCH_CPU is not set CONFIG_NETFILTER_XT_MATCH_DCCP=y # CONFIG_NETFILTER_XT_MATCH_DEVGROUP is not set # CONFIG_NETFILTER_XT_MATCH_DSCP is not set CONFIG_NETFILTER_XT_MATCH_ESP=y # CONFIG_NETFILTER_XT_MATCH_HASHLIMIT is not set CONFIG_NETFILTER_XT_MATCH_HL=y # CONFIG_NETFILTER_XT_MATCH_IPRANGE is not set CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y CONFIG_NETFILTER_XT_MATCH_MAC=y CONFIG_NETFILTER_XT_MATCH_MARK=y CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y # CONFIG_NETFILTER_XT_MATCH_OSF is not set # CONFIG_NETFILTER_XT_MATCH_OWNER is not set CONFIG_NETFILTER_XT_MATCH_POLICY=y # CONFIG_NETFILTER_XT_MATCH_PHYSDEV is not set CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y CONFIG_NETFILTER_XT_MATCH_QUOTA=y # CONFIG_NETFILTER_XT_MATCH_RATEEST is not set CONFIG_NETFILTER_XT_MATCH_REALM=y # CONFIG_NETFILTER_XT_MATCH_RECENT is not set CONFIG_NETFILTER_XT_MATCH_SCTP=y CONFIG_NETFILTER_XT_MATCH_STATISTIC=y CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y # CONFIG_NETFILTER_XT_MATCH_TIME is not set # CONFIG_NETFILTER_XT_MATCH_U32 is not set # CONFIG_IP_SET is not set # CONFIG_IP_VS is not set # # IP: Netfilter Configuration # # CONFIG_NF_DEFRAG_IPV4 is not set CONFIG_IP_NF_QUEUE=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_AH=y CONFIG_IP_NF_MATCH_ECN=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_TARGET_LOG=y CONFIG_IP_NF_TARGET_ULOG=y CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_TARGET_ECN=y CONFIG_IP_NF_TARGET_TTL=y CONFIG_IP_NF_RAW=y CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_ARPFILTER=y CONFIG_IP_NF_ARP_MANGLE=y # # IPv6: Netfilter Configuration # # CONFIG_NF_DEFRAG_IPV6 is not set # CONFIG_IP6_NF_QUEUE is not set CONFIG_IP6_NF_IPTABLES=y CONFIG_IP6_NF_MATCH_AH=y CONFIG_IP6_NF_MATCH_EUI64=y CONFIG_IP6_NF_MATCH_FRAG=y CONFIG_IP6_NF_MATCH_OPTS=y CONFIG_IP6_NF_MATCH_HL=y CONFIG_IP6_NF_MATCH_IPV6HEADER=y # CONFIG_IP6_NF_MATCH_MH is not set CONFIG_IP6_NF_MATCH_RT=y CONFIG_IP6_NF_TARGET_HL=y CONFIG_IP6_NF_TARGET_LOG=y CONFIG_IP6_NF_FILTER=y CONFIG_IP6_NF_TARGET_REJECT=y CONFIG_IP6_NF_MANGLE=y CONFIG_IP6_NF_RAW=y CONFIG_BRIDGE_NF_EBTABLES=y CONFIG_BRIDGE_EBT_BROUTE=y CONFIG_BRIDGE_EBT_T_FILTER=y CONFIG_BRIDGE_EBT_T_NAT=y CONFIG_BRIDGE_EBT_802_3=y CONFIG_BRIDGE_EBT_AMONG=y CONFIG_BRIDGE_EBT_ARP=y CONFIG_BRIDGE_EBT_IP=y # CONFIG_BRIDGE_EBT_IP6 is not set CONFIG_BRIDGE_EBT_LIMIT=y CONFIG_BRIDGE_EBT_MARK=y CONFIG_BRIDGE_EBT_PKTTYPE=y CONFIG_BRIDGE_EBT_STP=y CONFIG_BRIDGE_EBT_VLAN=y CONFIG_BRIDGE_EBT_ARPREPLY=y CONFIG_BRIDGE_EBT_DNAT=y CONFIG_BRIDGE_EBT_MARK_T=y CONFIG_BRIDGE_EBT_REDIRECT=y CONFIG_BRIDGE_EBT_SNAT=y CONFIG_BRIDGE_EBT_LOG=y CONFIG_BRIDGE_EBT_ULOG=y # CONFIG_BRIDGE_EBT_NFLOG is not set CONFIG_GHOSTIFICATION_NETFILTER=y CONFIG_GHOSTIFICATION_NETFILTER_ALL=y # CONFIG_IP_DCCP is not set CONFIG_IP_SCTP=y # CONFIG_SCTP_DBG_MSG is not set # CONFIG_SCTP_DBG_OBJCNT is not set # CONFIG_SCTP_HMAC_NONE is not set # CONFIG_SCTP_HMAC_SHA1 is not set CONFIG_SCTP_HMAC_MD5=y # CONFIG_RDS is not set # CONFIG_TIPC is not set # CONFIG_ATM is not set # CONFIG_L2TP is not set CONFIG_STP=y CONFIG_BRIDGE=y CONFIG_BRIDGE_IGMP_SNOOPING=y # CONFIG_NET_DSA is not set CONFIG_VLAN_8021Q=y # CONFIG_VLAN_8021Q_GVRP is not set # CONFIG_DECNET is not set CONFIG_LLC=y # CONFIG_LLC2 is not set # CONFIG_IPX is not set # CONFIG_ATALK is not set # CONFIG_X25 is not set # CONFIG_LAPB is not set # CONFIG_ECONET is not set # CONFIG_WAN_ROUTER is not set # CONFIG_PHONET is not set # CONFIG_IEEE802154 is not set # CONFIG_NET_SCHED is not set # CONFIG_DCB is not set # CONFIG_BATMAN_ADV is not set # # Network testing # # CONFIG_NET_PKTGEN is not set # CONFIG_HAMRADIO is not set # CONFIG_CAN is not set # CONFIG_IRDA is not set # CONFIG_BT is not set # CONFIG_AF_RXRPC is not set CONFIG_FIB_RULES=y CONFIG_WIRELESS=y # CONFIG_CFG80211 is not set # CONFIG_LIB80211 is not set # # CFG80211 needs to be enabled for MAC80211 # # CONFIG_WIMAX is not set # CONFIG_RFKILL is not set # CONFIG_NET_9P is not set # CONFIG_CAIF is not set # CONFIG_CEPH_LIB is not set # CONFIG_NFC is not set CONFIG_GHOSTIFICATION=y CONFIG_GHOSTIFICATION_NUM=8 CONFIG_GHOSTIFICATION_MESG=y CONFIG_GHOSTIFICATION_PRINTK=y # CONFIG_GHOSTIFICATION_DEBUG is not set # CONFIG_GHOSTIFICATION_DEVEL is not set # # UML Network Devices # CONFIG_UML_NET=y CONFIG_UML_NET_ETHERTAP=y CONFIG_UML_NET_TUNTAP=y CONFIG_UML_NET_SLIP=y CONFIG_UML_NET_DAEMON=y # CONFIG_UML_NET_VDE is not set CONFIG_UML_NET_MCAST=y # CONFIG_UML_NET_PCAP is not set CONFIG_UML_NET_SLIRP=y # # File systems # CONFIG_EXT2_FS=y CONFIG_EXT2_FS_XATTR=y CONFIG_EXT2_FS_POSIX_ACL=y # CONFIG_EXT2_FS_SECURITY is not set CONFIG_EXT2_FS_XIP=y CONFIG_EXT3_FS=y CONFIG_EXT3_DEFAULTS_TO_ORDERED=y CONFIG_EXT3_FS_XATTR=y CONFIG_EXT3_FS_POSIX_ACL=y # CONFIG_EXT3_FS_SECURITY is not set CONFIG_EXT4_FS=y CONFIG_EXT4_FS_XATTR=y CONFIG_EXT4_FS_POSIX_ACL=y # CONFIG_EXT4_FS_SECURITY is not set # CONFIG_EXT4_DEBUG is not set CONFIG_FS_XIP=y CONFIG_JBD=y CONFIG_JBD2=y CONFIG_FS_MBCACHE=y CONFIG_REISERFS_FS=y # CONFIG_REISERFS_CHECK is not set CONFIG_REISERFS_PROC_INFO=y CONFIG_REISERFS_FS_XATTR=y CONFIG_REISERFS_FS_POSIX_ACL=y # CONFIG_REISERFS_FS_SECURITY is not set CONFIG_JFS_FS=y CONFIG_JFS_POSIX_ACL=y # CONFIG_JFS_SECURITY is not set # CONFIG_JFS_DEBUG is not set CONFIG_JFS_STATISTICS=y CONFIG_XFS_FS=y # CONFIG_XFS_QUOTA is not set CONFIG_XFS_POSIX_ACL=y CONFIG_XFS_RT=y # CONFIG_XFS_DEBUG is not set # CONFIG_GFS2_FS is not set CONFIG_OCFS2_FS=y CONFIG_OCFS2_FS_O2CB=y CONFIG_OCFS2_DEBUG_MASKLOG=y # CONFIG_OCFS2_DEBUG_FS is not set CONFIG_BTRFS_FS=y CONFIG_BTRFS_FS_POSIX_ACL=y # CONFIG_NILFS2_FS is not set CONFIG_FS_POSIX_ACL=y CONFIG_EXPORTFS=y CONFIG_FILE_LOCKING=y CONFIG_FSNOTIFY=y CONFIG_DNOTIFY=y CONFIG_INOTIFY_USER=y # CONFIG_FANOTIFY is not set CONFIG_QUOTA=y # CONFIG_QUOTA_NETLINK_INTERFACE is not set CONFIG_PRINT_QUOTA_WARNING=y # CONFIG_QUOTA_DEBUG is not set CONFIG_QUOTA_TREE=y # CONFIG_QFMT_V1 is not set # CONFIG_QFMT_V2 is not set CONFIG_QUOTACTL=y CONFIG_AUTOFS4_FS=y CONFIG_FUSE_FS=y # CONFIG_CUSE is not set # # Caches # # CONFIG_FSCACHE is not set # # CD-ROM/DVD Filesystems # CONFIG_ISO9660_FS=y CONFIG_JOLIET=y CONFIG_ZISOFS=y CONFIG_UDF_FS=y CONFIG_UDF_NLS=y # # DOS/FAT/NT Filesystems # CONFIG_FAT_FS=y CONFIG_MSDOS_FS=y CONFIG_VFAT_FS=y CONFIG_FAT_DEFAULT_CODEPAGE=437 CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1" CONFIG_NTFS_FS=y # CONFIG_NTFS_DEBUG is not set CONFIG_NTFS_RW=y # # Pseudo filesystems # CONFIG_PROC_FS=y CONFIG_PROC_KCORE=y CONFIG_PROC_SYSCTL=y CONFIG_PROC_PAGE_MONITOR=y CONFIG_SYSFS=y CONFIG_TMPFS=y # CONFIG_TMPFS_POSIX_ACL is not set # CONFIG_TMPFS_XATTR is not set # CONFIG_HUGETLB_PAGE is not set CONFIG_CONFIGFS_FS=y CONFIG_MISC_FILESYSTEMS=y # CONFIG_ADFS_FS is not set # CONFIG_AFFS_FS is not set # CONFIG_HFS_FS is not set # CONFIG_HFSPLUS_FS is not set # CONFIG_BEFS_FS is not set # CONFIG_BFS_FS is not set # CONFIG_EFS_FS is not set # CONFIG_LOGFS is not set CONFIG_CRAMFS=y # CONFIG_SQUASHFS is not set # CONFIG_SQUASHFS_XATTR is not set # CONFIG_SQUASHFS_ZLIB is not set # CONFIG_SQUASHFS_LZO is not set # CONFIG_SQUASHFS_XZ is not set # CONFIG_SQUASHFS_4K_DEVBLK_SIZE is not set # CONFIG_SQUASHFS_EMBEDDED is not set # CONFIG_SQUASHFS_FRAGMENT_CACHE_SIZE is not set # CONFIG_VXFS_FS is not set CONFIG_MINIX_FS=y # CONFIG_OMFS_FS is not set # CONFIG_HPFS_FS is not set # CONFIG_QNX4FS_FS is not set CONFIG_ROMFS_FS=y CONFIG_ROMFS_BACKED_BY_BLOCK=y CONFIG_ROMFS_ON_BLOCK=y # CONFIG_PSTORE is not set # CONFIG_SYSV_FS is not set # CONFIG_UFS_FS is not set CONFIG_NETWORK_FILESYSTEMS=y CONFIG_NFS_FS=y CONFIG_NFS_V3=y # CONFIG_NFS_V3_ACL is not set # CONFIG_NFS_V4 is not set # CONFIG_ROOT_NFS is not set CONFIG_NFSD=y CONFIG_NFSD_V2_ACL=y CONFIG_NFSD_V3=y CONFIG_NFSD_V3_ACL=y # CONFIG_NFSD_V4 is not set CONFIG_LOCKD=y CONFIG_LOCKD_V4=y CONFIG_NFS_ACL_SUPPORT=y CONFIG_NFS_COMMON=y CONFIG_SUNRPC=y # CONFIG_CEPH_FS is not set CONFIG_CIFS=y CONFIG_CIFS_STATS=y CONFIG_CIFS_STATS2=y # CONFIG_CIFS_WEAK_PW_HASH is not set # CONFIG_CIFS_XATTR is not set # CONFIG_CIFS_DEBUG2 is not set # CONFIG_NCP_FS is not set # CONFIG_CODA_FS is not set # CONFIG_AFS_FS is not set # # Partition Types # CONFIG_PARTITION_ADVANCED=y # CONFIG_ACORN_PARTITION is not set # CONFIG_OSF_PARTITION is not set # CONFIG_AMIGA_PARTITION is not set # CONFIG_ATARI_PARTITION is not set # CONFIG_MAC_PARTITION is not set CONFIG_MSDOS_PARTITION=y CONFIG_BSD_DISKLABEL=y # CONFIG_MINIX_SUBPARTITION is not set # CONFIG_SOLARIS_X86_PARTITION is not set # CONFIG_UNIXWARE_DISKLABEL is not set CONFIG_LDM_PARTITION=y CONFIG_LDM_DEBUG=y # CONFIG_SGI_PARTITION is not set # CONFIG_ULTRIX_PARTITION is not set # CONFIG_SUN_PARTITION is not set # CONFIG_KARMA_PARTITION is not set # CONFIG_EFI_PARTITION is not set # CONFIG_SYSV68_PARTITION is not set CONFIG_NLS=y CONFIG_NLS_DEFAULT="iso8859-1" CONFIG_NLS_CODEPAGE_437=y # CONFIG_NLS_CODEPAGE_737 is not set # CONFIG_NLS_CODEPAGE_775 is not set CONFIG_NLS_CODEPAGE_850=y # CONFIG_NLS_CODEPAGE_852 is not set # CONFIG_NLS_CODEPAGE_855 is not set # CONFIG_NLS_CODEPAGE_857 is not set # CONFIG_NLS_CODEPAGE_860 is not set # CONFIG_NLS_CODEPAGE_861 is not set # CONFIG_NLS_CODEPAGE_862 is not set # CONFIG_NLS_CODEPAGE_863 is not set # CONFIG_NLS_CODEPAGE_864 is not set # CONFIG_NLS_CODEPAGE_865 is not set # CONFIG_NLS_CODEPAGE_866 is not set # CONFIG_NLS_CODEPAGE_869 is not set CONFIG_NLS_CODEPAGE_936=y CONFIG_NLS_CODEPAGE_950=y # CONFIG_NLS_CODEPAGE_932 is not set # CONFIG_NLS_CODEPAGE_949 is not set # CONFIG_NLS_CODEPAGE_874 is not set # CONFIG_NLS_ISO8859_8 is not set # CONFIG_NLS_CODEPAGE_1250 is not set # CONFIG_NLS_CODEPAGE_1251 is not set # CONFIG_NLS_ASCII is not set CONFIG_NLS_ISO8859_1=y # CONFIG_NLS_ISO8859_2 is not set # CONFIG_NLS_ISO8859_3 is not set # CONFIG_NLS_ISO8859_4 is not set # CONFIG_NLS_ISO8859_5 is not set CONFIG_NLS_ISO8859_6=y # CONFIG_NLS_ISO8859_7 is not set CONFIG_NLS_ISO8859_9=y # CONFIG_NLS_ISO8859_13 is not set # CONFIG_NLS_ISO8859_14 is not set # CONFIG_NLS_ISO8859_15 is not set # CONFIG_NLS_KOI8_R is not set # CONFIG_NLS_KOI8_U is not set CONFIG_NLS_UTF8=y # CONFIG_DLM is not set # # Security options # # CONFIG_KEYS is not set # CONFIG_SECURITY_DMESG_RESTRICT is not set # CONFIG_SECURITY is not set # CONFIG_SECURITYFS is not set CONFIG_DEFAULT_SECURITY_DAC=y CONFIG_DEFAULT_SECURITY="" CONFIG_CRYPTO=y # # Crypto core or helper # CONFIG_CRYPTO_ALGAPI=y CONFIG_CRYPTO_ALGAPI2=y CONFIG_CRYPTO_AEAD=y CONFIG_CRYPTO_AEAD2=y CONFIG_CRYPTO_BLKCIPHER=y CONFIG_CRYPTO_BLKCIPHER2=y CONFIG_CRYPTO_HASH=y CONFIG_CRYPTO_HASH2=y CONFIG_CRYPTO_RNG=y CONFIG_CRYPTO_RNG2=y CONFIG_CRYPTO_PCOMP2=y CONFIG_CRYPTO_MANAGER=y CONFIG_CRYPTO_MANAGER2=y # CONFIG_CRYPTO_USER is not set CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y # CONFIG_CRYPTO_GF128MUL is not set CONFIG_CRYPTO_NULL=y CONFIG_CRYPTO_WORKQUEUE=y # CONFIG_CRYPTO_CRYPTD is not set CONFIG_CRYPTO_AUTHENC=y # CONFIG_CRYPTO_TEST is not set # # Authenticated Encryption with Associated Data # # CONFIG_CRYPTO_CCM is not set # CONFIG_CRYPTO_GCM is not set # CONFIG_CRYPTO_SEQIV is not set # # Block modes # CONFIG_CRYPTO_CBC=y # CONFIG_CRYPTO_CTR is not set # CONFIG_CRYPTO_CTS is not set CONFIG_CRYPTO_ECB=y # CONFIG_CRYPTO_LRW is not set # CONFIG_CRYPTO_PCBC is not set # CONFIG_CRYPTO_XTS is not set # # Hash modes # CONFIG_CRYPTO_HMAC=y # CONFIG_CRYPTO_XCBC is not set # CONFIG_CRYPTO_VMAC is not set # # Digest # CONFIG_CRYPTO_CRC32C=y # CONFIG_CRYPTO_GHASH is not set CONFIG_CRYPTO_MD4=y CONFIG_CRYPTO_MD5=y CONFIG_CRYPTO_MICHAEL_MIC=y # CONFIG_CRYPTO_RMD128 is not set # CONFIG_CRYPTO_RMD160 is not set # CONFIG_CRYPTO_RMD256 is not set # CONFIG_CRYPTO_RMD320 is not set CONFIG_CRYPTO_SHA1=y CONFIG_CRYPTO_SHA256=y CONFIG_CRYPTO_SHA512=y CONFIG_CRYPTO_TGR192=y CONFIG_CRYPTO_WP512=y # # Ciphers # CONFIG_CRYPTO_AES=y CONFIG_CRYPTO_AES_586=y CONFIG_CRYPTO_ANUBIS=y CONFIG_CRYPTO_ARC4=y CONFIG_CRYPTO_BLOWFISH=y CONFIG_CRYPTO_BLOWFISH_COMMON=y # CONFIG_CRYPTO_CAMELLIA is not set CONFIG_CRYPTO_CAST5=y CONFIG_CRYPTO_CAST6=y CONFIG_CRYPTO_DES=y # CONFIG_CRYPTO_FCRYPT is not set CONFIG_CRYPTO_KHAZAD=y # CONFIG_CRYPTO_SALSA20 is not set # CONFIG_CRYPTO_SALSA20_586 is not set # CONFIG_CRYPTO_SEED is not set CONFIG_CRYPTO_SERPENT=y CONFIG_CRYPTO_TEA=y CONFIG_CRYPTO_TWOFISH=y CONFIG_CRYPTO_TWOFISH_COMMON=y # CONFIG_CRYPTO_TWOFISH_586 is not set # # Compression # CONFIG_CRYPTO_DEFLATE=y # CONFIG_CRYPTO_ZLIB is not set # CONFIG_CRYPTO_LZO is not set # # Random Number Generation # CONFIG_CRYPTO_ANSI_CPRNG=y # CONFIG_CRYPTO_USER_API_HASH is not set # CONFIG_CRYPTO_USER_API_SKCIPHER is not set CONFIG_CRYPTO_HW=y # CONFIG_BINARY_PRINTF is not set # # Library routines # CONFIG_BITREVERSE=y CONFIG_GENERIC_FIND_FIRST_BIT=y CONFIG_CRC_CCITT=y CONFIG_CRC16=y # CONFIG_CRC_T10DIF is not set CONFIG_CRC_ITU_T=y CONFIG_CRC32=y # CONFIG_CRC7 is not set CONFIG_LIBCRC32C=y # CONFIG_CRC8 is not set CONFIG_ZLIB_INFLATE=y CONFIG_ZLIB_DEFLATE=y CONFIG_LZO_COMPRESS=y CONFIG_LZO_DECOMPRESS=y CONFIG_XZ_DEC=y CONFIG_XZ_DEC_X86=y CONFIG_XZ_DEC_POWERPC=y CONFIG_XZ_DEC_IA64=y CONFIG_XZ_DEC_ARM=y CONFIG_XZ_DEC_ARMTHUMB=y CONFIG_XZ_DEC_SPARC=y CONFIG_XZ_DEC_BCJ=y # CONFIG_XZ_DEC_TEST is not set CONFIG_DECOMPRESS_GZIP=y CONFIG_DECOMPRESS_BZIP2=y CONFIG_DECOMPRESS_LZMA=y CONFIG_DECOMPRESS_XZ=y CONFIG_DECOMPRESS_LZO=y CONFIG_TEXTSEARCH=y CONFIG_TEXTSEARCH_KMP=y CONFIG_TEXTSEARCH_BM=y CONFIG_TEXTSEARCH_FSM=y CONFIG_NLATTR=y # CONFIG_AVERAGE is not set # CONFIG_CORDIC is not set # # Kernel hacking # # CONFIG_PRINTK_TIME is not set CONFIG_DEFAULT_MESSAGE_LOGLEVEL=4 CONFIG_ENABLE_WARN_DEPRECATED=y CONFIG_ENABLE_MUST_CHECK=y CONFIG_FRAME_WARN=2048 # CONFIG_STRIP_ASM_SYMS is not set # CONFIG_UNUSED_SYMBOLS is not set # CONFIG_DEBUG_FS is not set # CONFIG_DEBUG_SECTION_MISMATCH is not set CONFIG_DEBUG_KERNEL=y # CONFIG_DEBUG_SHIRQ is not set # CONFIG_LOCKUP_DETECTOR is not set # CONFIG_HARDLOCKUP_DETECTOR is not set # CONFIG_DETECT_HUNG_TASK is not set CONFIG_SCHED_DEBUG=y # CONFIG_SCHEDSTATS is not set # CONFIG_TIMER_STATS is not set # CONFIG_DEBUG_OBJECTS is not set # CONFIG_DEBUG_SLAB is not set # CONFIG_DEBUG_RT_MUTEXES is not set # CONFIG_RT_MUTEX_TESTER is not set # CONFIG_DEBUG_SPINLOCK is not set # CONFIG_DEBUG_MUTEXES is not set # CONFIG_SPARSE_RCU_POINTER is not set # CONFIG_DEBUG_ATOMIC_SLEEP is not set # CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set # CONFIG_DEBUG_STACK_USAGE is not set # CONFIG_DEBUG_KOBJECT is not set CONFIG_DEBUG_BUGVERBOSE=y CONFIG_DEBUG_INFO=y # CONFIG_DEBUG_INFO_REDUCED is not set # CONFIG_DEBUG_VM is not set # CONFIG_DEBUG_WRITECOUNT is not set CONFIG_DEBUG_MEMORY_INIT=y # CONFIG_DEBUG_LIST is not set # CONFIG_TEST_LIST_SORT is not set # CONFIG_DEBUG_SG is not set # CONFIG_DEBUG_NOTIFIERS is not set # CONFIG_DEBUG_CREDENTIALS is not set CONFIG_FRAME_POINTER=y # CONFIG_BOOT_PRINTK_DELAY is not set # CONFIG_RCU_TORTURE_TEST is not set # CONFIG_BACKTRACE_SELF_TEST is not set # CONFIG_DEBUG_BLOCK_EXT_DEVT is not set # CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set # CONFIG_FAULT_INJECTION is not set # CONFIG_SYSCTL_SYSCALL_CHECK is not set # CONFIG_DEBUG_PAGEALLOC is not set # CONFIG_ATOMIC64_SELFTEST is not set # CONFIG_SAMPLES is not set # CONFIG_TEST_KSTRTOX is not set # CONFIG_GPROF is not set # CONFIG_GCOV is not set CONFIG_EARLY_PRINTK=y marionnet-0.90.6+bzr508.orig/uml/kernel/linux-3.4.%.compile_with_ARCH_um_SUBARCH_i386.diff0000644000175000017500000000143013175722671027173 0ustar lucaslucas*** linux-3.2.13.original/arch/x86/um/Makefile 2012-03-19 17:03:17.000000000 +0100 --- linux-3.2.13.modified/arch/x86/um/Makefile 2013-04-30 18:09:48.000000000 +0200 *************** *** 19,25 **** obj-y += checksum_32.o obj-$(CONFIG_BINFMT_ELF) += elfcore.o ! subarch-y = ../lib/string_32.o ../lib/atomic64_32.o ../lib/atomic64_cx8_32.o subarch-$(CONFIG_RWSEM_XCHGADD_ALGORITHM) += ../lib/rwsem.o subarch-$(CONFIG_HIGHMEM) += ../mm/highmem_32.o --- 19,27 ---- obj-y += checksum_32.o obj-$(CONFIG_BINFMT_ELF) += elfcore.o ! subarch-y = ../lib/string_32.o ../lib/atomic64_32.o ../lib/atomic64_cx8_32.o \ ! ../lib/atomic64_386_32.o ../lib/cmpxchg8b_emu.o ! subarch-$(CONFIG_RWSEM_XCHGADD_ALGORITHM) += ../lib/rwsem.o subarch-$(CONFIG_HIGHMEM) += ../mm/highmem_32.o marionnet-0.90.6+bzr508.orig/uml/kernel/CONFIG-3.0.80000644000175000017500000004600313175722671020216 0ustar lucaslucas# # Automatically generated make config: don't edit # Linux Kernel Configuration # CONFIG_DEFCONFIG_LIST="arch/$ARCH/defconfig" CONFIG_UML=y CONFIG_MMU=y CONFIG_NO_IOMEM=y # CONFIG_TRACE_IRQFLAGS_SUPPORT is not set CONFIG_LOCKDEP_SUPPORT=y # CONFIG_STACKTRACE_SUPPORT is not set CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_CLOCKEVENTS=y CONFIG_IRQ_RELEASE_METHOD=y CONFIG_HZ=100 # # UML-specific options # # # Host processor type and features # # CONFIG_CMPXCHG_LOCAL is not set # CONFIG_M486 is not set # CONFIG_M586 is not set # CONFIG_M586TSC is not set # CONFIG_M586MMX is not set CONFIG_M686=y # CONFIG_MPENTIUMII is not set # CONFIG_MPENTIUMIII is not set # CONFIG_MPENTIUMM is not set # CONFIG_MPENTIUM4 is not set # CONFIG_MK6 is not set # CONFIG_MK7 is not set # CONFIG_MK8 is not set # CONFIG_MCRUSOE is not set # CONFIG_MEFFICEON is not set # CONFIG_MWINCHIPC6 is not set # CONFIG_MWINCHIP3D is not set # CONFIG_MELAN is not set # CONFIG_MGEODEGX1 is not set # CONFIG_MGEODE_LX is not set # CONFIG_MCYRIXIII is not set # CONFIG_MVIAC3_2 is not set # CONFIG_MVIAC7 is not set # CONFIG_MCORE2 is not set # CONFIG_MATOM is not set # CONFIG_X86_GENERIC is not set CONFIG_X86_INTERNODE_CACHE_SHIFT=5 CONFIG_X86_CMPXCHG=y CONFIG_X86_L1_CACHE_SHIFT=5 CONFIG_X86_XADD=y CONFIG_X86_PPRO_FENCE=y CONFIG_X86_WP_WORKS_OK=y CONFIG_X86_INVLPG=y CONFIG_X86_BSWAP=y CONFIG_X86_POPAD_OK=y CONFIG_X86_USE_PPRO_CHECKSUM=y CONFIG_X86_TSC=y CONFIG_X86_CMPXCHG64=y CONFIG_X86_CMOV=y CONFIG_X86_MINIMUM_CPU_FAMILY=5 CONFIG_CPU_SUP_INTEL=y CONFIG_CPU_SUP_CYRIX_32=y CONFIG_CPU_SUP_AMD=y CONFIG_CPU_SUP_CENTAUR=y CONFIG_CPU_SUP_TRANSMETA_32=y CONFIG_CPU_SUP_UMC_32=y CONFIG_UML_X86=y # CONFIG_64BIT is not set CONFIG_X86_32=y # CONFIG_X86_64 is not set # CONFIG_RWSEM_XCHGADD_ALGORITHM is not set CONFIG_RWSEM_GENERIC_SPINLOCK=y # CONFIG_3_LEVEL_PGTABLES is not set CONFIG_ARCH_HAS_SC_SIGNALS=y CONFIG_ARCH_REUSE_HOST_VSYSCALL_AREA=y # CONFIG_SMP_BROKEN is not set CONFIG_GENERIC_HWEIGHT=y CONFIG_STATIC_LINK=y CONFIG_SELECT_MEMORY_MODEL=y CONFIG_FLATMEM_MANUAL=y CONFIG_FLATMEM=y CONFIG_FLAT_NODE_MEM_MAP=y CONFIG_PAGEFLAGS_EXTENDED=y CONFIG_SPLIT_PTLOCK_CPUS=4 # CONFIG_COMPACTION is not set # CONFIG_PHYS_ADDR_T_64BIT is not set CONFIG_ZONE_DMA_FLAG=0 CONFIG_VIRT_TO_BUS=y # CONFIG_KSM is not set CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 CONFIG_NEED_PER_CPU_KM=y # CONFIG_CLEANCACHE is not set CONFIG_TICK_ONESHOT=y CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y CONFIG_GENERIC_CLOCKEVENTS_BUILD=y CONFIG_LD_SCRIPT_STATIC=y CONFIG_BINFMT_ELF=y CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y CONFIG_HAVE_AOUT=y # CONFIG_BINFMT_AOUT is not set CONFIG_BINFMT_MISC=y CONFIG_HOSTFS=y # CONFIG_HPPFS is not set CONFIG_MCONSOLE=y CONFIG_MAGIC_SYSRQ=y CONFIG_KERNEL_STACK_ORDER=0 CONFIG_NO_DMA=y # # General setup # CONFIG_EXPERIMENTAL=y CONFIG_BROKEN_ON_SMP=y CONFIG_INIT_ENV_ARG_LIMIT=128 CONFIG_CROSS_COMPILE="" CONFIG_LOCALVERSION="-ghost" CONFIG_LOCALVERSION_AUTO=y CONFIG_DEFAULT_HOSTNAME="(none)" CONFIG_SWAP=y CONFIG_SYSVIPC=y CONFIG_SYSVIPC_SYSCTL=y CONFIG_POSIX_MQUEUE=y CONFIG_POSIX_MQUEUE_SYSCTL=y CONFIG_BSD_PROCESS_ACCT=y # CONFIG_BSD_PROCESS_ACCT_V3 is not set # CONFIG_FHANDLE is not set # CONFIG_TASKSTATS is not set # CONFIG_AUDIT is not set CONFIG_HAVE_GENERIC_HARDIRQS=y # # IRQ subsystem # CONFIG_GENERIC_HARDIRQS=y CONFIG_GENERIC_IRQ_SHOW=y # # RCU Subsystem # CONFIG_TINY_RCU=y # CONFIG_PREEMPT_RCU is not set # CONFIG_RCU_TRACE is not set # CONFIG_TREE_RCU_TRACE is not set CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y CONFIG_LOG_BUF_SHIFT=14 # CONFIG_CGROUPS is not set CONFIG_NAMESPACES=y CONFIG_UTS_NS=y CONFIG_IPC_NS=y # CONFIG_USER_NS is not set # CONFIG_PID_NS is not set CONFIG_NET_NS=y # CONFIG_SCHED_AUTOGROUP is not set CONFIG_SYSFS_DEPRECATED=y # CONFIG_SYSFS_DEPRECATED_V2 is not set # CONFIG_RELAY is not set # CONFIG_BLK_DEV_INITRD is not set CONFIG_CC_OPTIMIZE_FOR_SIZE=y CONFIG_SYSCTL=y CONFIG_ANON_INODES=y # CONFIG_EXPERT is not set CONFIG_UID16=y CONFIG_SYSCTL_SYSCALL=y CONFIG_KALLSYMS=y # CONFIG_KALLSYMS_ALL is not set CONFIG_HOTPLUG=y CONFIG_PRINTK=y CONFIG_BUG=y CONFIG_ELF_CORE=y CONFIG_BASE_FULL=y CONFIG_FUTEX=y CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_SHMEM=y CONFIG_AIO=y # CONFIG_EMBEDDED is not set # # Kernel Performance Events And Counters # CONFIG_VM_EVENT_COUNTERS=y CONFIG_COMPAT_BRK=y CONFIG_SLAB=y # CONFIG_SLUB is not set # CONFIG_PROFILING is not set # # GCOV-based kernel profiling # # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set CONFIG_SLABINFO=y CONFIG_RT_MUTEXES=y CONFIG_BASE_SMALL=0 # CONFIG_MODULES is not set CONFIG_BLOCK=y CONFIG_LBDAF=y # CONFIG_BLK_DEV_BSG is not set # CONFIG_BLK_DEV_INTEGRITY is not set # # IO Schedulers # CONFIG_IOSCHED_NOOP=y CONFIG_IOSCHED_DEADLINE=y CONFIG_IOSCHED_CFQ=y # CONFIG_DEFAULT_DEADLINE is not set CONFIG_DEFAULT_CFQ=y # CONFIG_DEFAULT_NOOP is not set CONFIG_DEFAULT_IOSCHED="cfq" # CONFIG_INLINE_SPIN_TRYLOCK is not set # CONFIG_INLINE_SPIN_TRYLOCK_BH is not set # CONFIG_INLINE_SPIN_LOCK is not set # CONFIG_INLINE_SPIN_LOCK_BH is not set # CONFIG_INLINE_SPIN_LOCK_IRQ is not set # CONFIG_INLINE_SPIN_LOCK_IRQSAVE is not set CONFIG_INLINE_SPIN_UNLOCK=y # CONFIG_INLINE_SPIN_UNLOCK_BH is not set CONFIG_INLINE_SPIN_UNLOCK_IRQ=y # CONFIG_INLINE_SPIN_UNLOCK_IRQRESTORE is not set # CONFIG_INLINE_READ_TRYLOCK is not set # CONFIG_INLINE_READ_LOCK is not set # CONFIG_INLINE_READ_LOCK_BH is not set # CONFIG_INLINE_READ_LOCK_IRQ is not set # CONFIG_INLINE_READ_LOCK_IRQSAVE is not set CONFIG_INLINE_READ_UNLOCK=y # CONFIG_INLINE_READ_UNLOCK_BH is not set CONFIG_INLINE_READ_UNLOCK_IRQ=y # CONFIG_INLINE_READ_UNLOCK_IRQRESTORE is not set # CONFIG_INLINE_WRITE_TRYLOCK is not set # CONFIG_INLINE_WRITE_LOCK is not set # CONFIG_INLINE_WRITE_LOCK_BH is not set # CONFIG_INLINE_WRITE_LOCK_IRQ is not set # CONFIG_INLINE_WRITE_LOCK_IRQSAVE is not set CONFIG_INLINE_WRITE_UNLOCK=y # CONFIG_INLINE_WRITE_UNLOCK_BH is not set CONFIG_INLINE_WRITE_UNLOCK_IRQ=y # CONFIG_INLINE_WRITE_UNLOCK_IRQRESTORE is not set # CONFIG_MUTEX_SPIN_ON_OWNER is not set # CONFIG_FREEZER is not set CONFIG_BLK_DEV=y CONFIG_BLK_DEV_UBD=y # CONFIG_BLK_DEV_UBD_SYNC is not set CONFIG_BLK_DEV_COW_COMMON=y CONFIG_BLK_DEV_LOOP=y # CONFIG_BLK_DEV_CRYPTOLOOP is not set # # DRBD disabled because PROC_FS, INET or CONNECTOR not selected # CONFIG_BLK_DEV_NBD=y # CONFIG_BLK_DEV_RAM is not set # CONFIG_ATA_OVER_ETH is not set # CONFIG_BLK_DEV_RBD is not set # # Character Devices # CONFIG_STDERR_CONSOLE=y CONFIG_STDIO_CONSOLE=y CONFIG_SSL=y CONFIG_NULL_CHAN=y CONFIG_PORT_CHAN=y CONFIG_PTY_CHAN=y CONFIG_TTY_CHAN=y CONFIG_XTERM_CHAN=y # CONFIG_NOCONFIG_CHAN is not set CONFIG_CON_ZERO_CHAN="fd:0,fd:1" CONFIG_CON_CHAN="xterm" CONFIG_SSL_CHAN="pts" CONFIG_UNIX98_PTYS=y CONFIG_LEGACY_PTYS=y # CONFIG_RAW_DRIVER is not set CONFIG_LEGACY_PTY_COUNT=32 # CONFIG_WATCHDOG is not set CONFIG_UML_SOUND=y CONFIG_SOUND=y CONFIG_SOUND_OSS_CORE=y CONFIG_HOSTAUDIO=y # CONFIG_HW_RANDOM is not set CONFIG_UML_RANDOM=y # CONFIG_MMAPPER is not set # # Generic Driver Options # CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" # CONFIG_DEVTMPFS is not set CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y CONFIG_FW_LOADER=y CONFIG_FIRMWARE_IN_KERNEL=y CONFIG_EXTRA_FIRMWARE="" # CONFIG_DEBUG_DRIVER is not set # CONFIG_DEBUG_DEVRES is not set # CONFIG_SYS_HYPERVISOR is not set CONFIG_NET=y # # Networking options # CONFIG_PACKET=y CONFIG_UNIX=y CONFIG_XFRM=y # CONFIG_XFRM_USER is not set # CONFIG_XFRM_SUB_POLICY is not set # CONFIG_XFRM_MIGRATE is not set # CONFIG_XFRM_STATISTICS is not set # CONFIG_NET_KEY is not set CONFIG_INET=y # CONFIG_IP_MULTICAST is not set # CONFIG_IP_ADVANCED_ROUTER is not set # CONFIG_IP_PNP is not set # CONFIG_NET_IPIP is not set # CONFIG_NET_IPGRE_DEMUX is not set # CONFIG_ARPD is not set # CONFIG_SYN_COOKIES is not set # CONFIG_INET_AH is not set # CONFIG_INET_ESP is not set # CONFIG_INET_IPCOMP is not set # CONFIG_INET_XFRM_TUNNEL is not set # CONFIG_INET_TUNNEL is not set CONFIG_INET_XFRM_MODE_TRANSPORT=y CONFIG_INET_XFRM_MODE_TUNNEL=y CONFIG_INET_XFRM_MODE_BEET=y # CONFIG_INET_LRO is not set CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y # CONFIG_TCP_CONG_ADVANCED is not set CONFIG_TCP_CONG_CUBIC=y CONFIG_DEFAULT_TCP_CONG="cubic" # CONFIG_TCP_MD5SIG is not set # CONFIG_IPV6 is not set # CONFIG_NETWORK_SECMARK is not set # CONFIG_NETWORK_PHY_TIMESTAMPING is not set # CONFIG_NETFILTER is not set # CONFIG_IP_DCCP is not set # CONFIG_IP_SCTP is not set # CONFIG_RDS is not set # CONFIG_TIPC is not set # CONFIG_ATM is not set # CONFIG_L2TP is not set # CONFIG_BRIDGE is not set # CONFIG_NET_DSA is not set # CONFIG_VLAN_8021Q is not set # CONFIG_DECNET is not set # CONFIG_LLC2 is not set # CONFIG_IPX is not set # CONFIG_ATALK is not set # CONFIG_X25 is not set # CONFIG_LAPB is not set # CONFIG_ECONET is not set # CONFIG_WAN_ROUTER is not set # CONFIG_PHONET is not set # CONFIG_IEEE802154 is not set # CONFIG_NET_SCHED is not set # CONFIG_DCB is not set # CONFIG_BATMAN_ADV is not set # # Network testing # # CONFIG_NET_PKTGEN is not set # CONFIG_HAMRADIO is not set # CONFIG_CAN is not set # CONFIG_IRDA is not set # CONFIG_BT is not set # CONFIG_AF_RXRPC is not set CONFIG_WIRELESS=y # CONFIG_CFG80211 is not set # CONFIG_LIB80211 is not set # # CFG80211 needs to be enabled for MAC80211 # # CONFIG_WIMAX is not set # CONFIG_RFKILL is not set # CONFIG_NET_9P is not set # CONFIG_CAIF is not set # CONFIG_CEPH_LIB is not set CONFIG_GHOSTIFICATION=y CONFIG_GHOSTIFICATION_NUM=8 CONFIG_GHOSTIFICATION_MESG=y CONFIG_GHOSTIFICATION_PRINTK=y # CONFIG_GHOSTIFICATION_DEBUG is not set # CONFIG_GHOSTIFICATION_DEVEL is not set # # UML Network Devices # CONFIG_UML_NET=y CONFIG_UML_NET_ETHERTAP=y CONFIG_UML_NET_TUNTAP=y CONFIG_UML_NET_SLIP=y CONFIG_UML_NET_DAEMON=y # CONFIG_UML_NET_VDE is not set CONFIG_UML_NET_MCAST=y # CONFIG_UML_NET_PCAP is not set # CONFIG_UML_NET_SLIRP is not set CONFIG_NETDEVICES=y CONFIG_DUMMY=y # CONFIG_BONDING is not set # CONFIG_MACVLAN is not set # CONFIG_EQUALIZER is not set CONFIG_TUN=y # CONFIG_VETH is not set # CONFIG_MII is not set # CONFIG_PHYLIB is not set CONFIG_WLAN=y # CONFIG_HOSTAP is not set # # Enable WiMAX (Networking options) to see the WiMAX drivers # # CONFIG_WAN is not set # # CAIF transport drivers # CONFIG_PPP=y # CONFIG_PPP_MULTILINK is not set # CONFIG_PPP_FILTER is not set # CONFIG_PPP_ASYNC is not set # CONFIG_PPP_SYNC_TTY is not set # CONFIG_PPP_DEFLATE is not set # CONFIG_PPP_BSDCOMP is not set # CONFIG_PPP_MPPE is not set # CONFIG_PPPOE is not set CONFIG_SLIP=y # CONFIG_SLIP_COMPRESSED is not set CONFIG_SLHC=y # CONFIG_SLIP_SMART is not set # CONFIG_SLIP_MODE_SLIP6 is not set # CONFIG_NETCONSOLE is not set # CONFIG_NETPOLL is not set # CONFIG_NET_POLL_CONTROLLER is not set # CONFIG_CONNECTOR is not set # # File systems # CONFIG_EXT2_FS=y # CONFIG_EXT2_FS_XATTR is not set # CONFIG_EXT2_FS_XIP is not set CONFIG_EXT3_FS=y CONFIG_EXT3_DEFAULTS_TO_ORDERED=y # CONFIG_EXT3_FS_XATTR is not set # CONFIG_EXT4_FS is not set CONFIG_JBD=y CONFIG_REISERFS_FS=y # CONFIG_REISERFS_CHECK is not set # CONFIG_REISERFS_PROC_INFO is not set # CONFIG_REISERFS_FS_XATTR is not set # CONFIG_JFS_FS is not set # CONFIG_XFS_FS is not set # CONFIG_GFS2_FS is not set # CONFIG_BTRFS_FS is not set # CONFIG_NILFS2_FS is not set # CONFIG_FS_POSIX_ACL is not set CONFIG_FILE_LOCKING=y CONFIG_FSNOTIFY=y CONFIG_DNOTIFY=y CONFIG_INOTIFY_USER=y # CONFIG_FANOTIFY is not set CONFIG_QUOTA=y # CONFIG_QUOTA_NETLINK_INTERFACE is not set CONFIG_PRINT_QUOTA_WARNING=y # CONFIG_QUOTA_DEBUG is not set # CONFIG_QFMT_V1 is not set # CONFIG_QFMT_V2 is not set CONFIG_QUOTACTL=y CONFIG_AUTOFS4_FS=y # CONFIG_FUSE_FS is not set # # Caches # # CONFIG_FSCACHE is not set # # CD-ROM/DVD Filesystems # CONFIG_ISO9660_FS=y CONFIG_JOLIET=y # CONFIG_ZISOFS is not set # CONFIG_UDF_FS is not set # # DOS/FAT/NT Filesystems # # CONFIG_MSDOS_FS is not set # CONFIG_VFAT_FS is not set # CONFIG_NTFS_FS is not set # # Pseudo filesystems # CONFIG_PROC_FS=y CONFIG_PROC_KCORE=y CONFIG_PROC_SYSCTL=y CONFIG_PROC_PAGE_MONITOR=y CONFIG_SYSFS=y CONFIG_TMPFS=y # CONFIG_TMPFS_POSIX_ACL is not set # CONFIG_TMPFS_XATTR is not set # CONFIG_HUGETLB_PAGE is not set # CONFIG_CONFIGFS_FS is not set CONFIG_MISC_FILESYSTEMS=y # CONFIG_ADFS_FS is not set # CONFIG_AFFS_FS is not set # CONFIG_HFS_FS is not set # CONFIG_HFSPLUS_FS is not set # CONFIG_BEFS_FS is not set # CONFIG_BFS_FS is not set # CONFIG_EFS_FS is not set # CONFIG_LOGFS is not set # CONFIG_CRAMFS is not set # CONFIG_SQUASHFS is not set # CONFIG_VXFS_FS is not set # CONFIG_MINIX_FS is not set # CONFIG_OMFS_FS is not set # CONFIG_HPFS_FS is not set # CONFIG_QNX4FS_FS is not set # CONFIG_ROMFS_FS is not set # CONFIG_PSTORE is not set # CONFIG_SYSV_FS is not set # CONFIG_UFS_FS is not set CONFIG_NETWORK_FILESYSTEMS=y # CONFIG_NFS_FS is not set # CONFIG_NFSD is not set # CONFIG_CEPH_FS is not set # CONFIG_CIFS is not set # CONFIG_NCP_FS is not set # CONFIG_CODA_FS is not set # CONFIG_AFS_FS is not set # # Partition Types # # CONFIG_PARTITION_ADVANCED is not set CONFIG_MSDOS_PARTITION=y CONFIG_NLS=y CONFIG_NLS_DEFAULT="iso8859-1" # CONFIG_NLS_CODEPAGE_437 is not set # CONFIG_NLS_CODEPAGE_737 is not set # CONFIG_NLS_CODEPAGE_775 is not set # CONFIG_NLS_CODEPAGE_850 is not set # CONFIG_NLS_CODEPAGE_852 is not set # CONFIG_NLS_CODEPAGE_855 is not set # CONFIG_NLS_CODEPAGE_857 is not set # CONFIG_NLS_CODEPAGE_860 is not set # CONFIG_NLS_CODEPAGE_861 is not set # CONFIG_NLS_CODEPAGE_862 is not set # CONFIG_NLS_CODEPAGE_863 is not set # CONFIG_NLS_CODEPAGE_864 is not set # CONFIG_NLS_CODEPAGE_865 is not set # CONFIG_NLS_CODEPAGE_866 is not set # CONFIG_NLS_CODEPAGE_869 is not set # CONFIG_NLS_CODEPAGE_936 is not set # CONFIG_NLS_CODEPAGE_950 is not set # CONFIG_NLS_CODEPAGE_932 is not set # CONFIG_NLS_CODEPAGE_949 is not set # CONFIG_NLS_CODEPAGE_874 is not set # CONFIG_NLS_ISO8859_8 is not set # CONFIG_NLS_CODEPAGE_1250 is not set # CONFIG_NLS_CODEPAGE_1251 is not set # CONFIG_NLS_ASCII is not set # CONFIG_NLS_ISO8859_1 is not set # CONFIG_NLS_ISO8859_2 is not set # CONFIG_NLS_ISO8859_3 is not set # CONFIG_NLS_ISO8859_4 is not set # CONFIG_NLS_ISO8859_5 is not set # CONFIG_NLS_ISO8859_6 is not set # CONFIG_NLS_ISO8859_7 is not set # CONFIG_NLS_ISO8859_9 is not set # CONFIG_NLS_ISO8859_13 is not set # CONFIG_NLS_ISO8859_14 is not set # CONFIG_NLS_ISO8859_15 is not set # CONFIG_NLS_KOI8_R is not set # CONFIG_NLS_KOI8_U is not set # CONFIG_NLS_UTF8 is not set # # Security options # # CONFIG_KEYS is not set # CONFIG_SECURITY_DMESG_RESTRICT is not set # CONFIG_SECURITY is not set # CONFIG_SECURITYFS is not set CONFIG_DEFAULT_SECURITY_DAC=y CONFIG_DEFAULT_SECURITY="" CONFIG_CRYPTO=y # # Crypto core or helper # # CONFIG_CRYPTO_FIPS is not set CONFIG_CRYPTO_ALGAPI=y CONFIG_CRYPTO_ALGAPI2=y CONFIG_CRYPTO_RNG=y CONFIG_CRYPTO_RNG2=y # CONFIG_CRYPTO_MANAGER is not set # CONFIG_CRYPTO_MANAGER2 is not set # CONFIG_CRYPTO_GF128MUL is not set # CONFIG_CRYPTO_NULL is not set # CONFIG_CRYPTO_CRYPTD is not set # CONFIG_CRYPTO_AUTHENC is not set # # Authenticated Encryption with Associated Data # # CONFIG_CRYPTO_CCM is not set # CONFIG_CRYPTO_GCM is not set # CONFIG_CRYPTO_SEQIV is not set # # Block modes # # CONFIG_CRYPTO_CBC is not set # CONFIG_CRYPTO_CTR is not set # CONFIG_CRYPTO_CTS is not set # CONFIG_CRYPTO_ECB is not set # CONFIG_CRYPTO_LRW is not set # CONFIG_CRYPTO_PCBC is not set # CONFIG_CRYPTO_XTS is not set # # Hash modes # # CONFIG_CRYPTO_HMAC is not set # CONFIG_CRYPTO_XCBC is not set # CONFIG_CRYPTO_VMAC is not set # # Digest # # CONFIG_CRYPTO_CRC32C is not set # CONFIG_CRYPTO_GHASH is not set # CONFIG_CRYPTO_MD4 is not set # CONFIG_CRYPTO_MD5 is not set # CONFIG_CRYPTO_MICHAEL_MIC is not set # CONFIG_CRYPTO_RMD128 is not set # CONFIG_CRYPTO_RMD160 is not set # CONFIG_CRYPTO_RMD256 is not set # CONFIG_CRYPTO_RMD320 is not set # CONFIG_CRYPTO_SHA1 is not set # CONFIG_CRYPTO_SHA256 is not set # CONFIG_CRYPTO_SHA512 is not set # CONFIG_CRYPTO_TGR192 is not set # CONFIG_CRYPTO_WP512 is not set # # Ciphers # CONFIG_CRYPTO_AES=y # CONFIG_CRYPTO_AES_586 is not set # CONFIG_CRYPTO_AES_NI_INTEL is not set # CONFIG_CRYPTO_ANUBIS is not set # CONFIG_CRYPTO_ARC4 is not set # CONFIG_CRYPTO_BLOWFISH is not set # CONFIG_CRYPTO_CAMELLIA is not set # CONFIG_CRYPTO_CAST5 is not set # CONFIG_CRYPTO_CAST6 is not set # CONFIG_CRYPTO_DES is not set # CONFIG_CRYPTO_FCRYPT is not set # CONFIG_CRYPTO_KHAZAD is not set # CONFIG_CRYPTO_SALSA20 is not set # CONFIG_CRYPTO_SALSA20_586 is not set # CONFIG_CRYPTO_SEED is not set # CONFIG_CRYPTO_SERPENT is not set # CONFIG_CRYPTO_TEA is not set # CONFIG_CRYPTO_TWOFISH is not set # CONFIG_CRYPTO_TWOFISH_586 is not set # # Compression # # CONFIG_CRYPTO_DEFLATE is not set # CONFIG_CRYPTO_ZLIB is not set # CONFIG_CRYPTO_LZO is not set # # Random Number Generation # CONFIG_CRYPTO_ANSI_CPRNG=y # CONFIG_CRYPTO_USER_API_HASH is not set # CONFIG_CRYPTO_USER_API_SKCIPHER is not set CONFIG_CRYPTO_HW=y # CONFIG_BINARY_PRINTF is not set # # Library routines # CONFIG_BITREVERSE=y CONFIG_GENERIC_FIND_FIRST_BIT=y # CONFIG_CRC_CCITT is not set # CONFIG_CRC16 is not set # CONFIG_CRC_T10DIF is not set # CONFIG_CRC_ITU_T is not set CONFIG_CRC32=y # CONFIG_CRC7 is not set # CONFIG_LIBCRC32C is not set # CONFIG_XZ_DEC is not set # CONFIG_XZ_DEC_BCJ is not set CONFIG_NLATTR=y # CONFIG_AVERAGE is not set # # SCSI device support # CONFIG_SCSI_MOD=y # CONFIG_RAID_ATTRS is not set # CONFIG_SCSI is not set # CONFIG_SCSI_DMA is not set # CONFIG_SCSI_NETLINK is not set # CONFIG_MD is not set # CONFIG_NEW_LEDS is not set # CONFIG_INPUT is not set # # Kernel hacking # # CONFIG_PRINTK_TIME is not set CONFIG_DEFAULT_MESSAGE_LOGLEVEL=4 CONFIG_ENABLE_WARN_DEPRECATED=y CONFIG_ENABLE_MUST_CHECK=y CONFIG_FRAME_WARN=1024 # CONFIG_STRIP_ASM_SYMS is not set # CONFIG_UNUSED_SYMBOLS is not set # CONFIG_DEBUG_FS is not set # CONFIG_DEBUG_SECTION_MISMATCH is not set CONFIG_DEBUG_KERNEL=y # CONFIG_DEBUG_SHIRQ is not set # CONFIG_LOCKUP_DETECTOR is not set # CONFIG_HARDLOCKUP_DETECTOR is not set # CONFIG_DETECT_HUNG_TASK is not set CONFIG_SCHED_DEBUG=y # CONFIG_SCHEDSTATS is not set # CONFIG_TIMER_STATS is not set # CONFIG_DEBUG_OBJECTS is not set # CONFIG_DEBUG_SLAB is not set # CONFIG_DEBUG_RT_MUTEXES is not set # CONFIG_RT_MUTEX_TESTER is not set # CONFIG_DEBUG_SPINLOCK is not set # CONFIG_DEBUG_MUTEXES is not set # CONFIG_SPARSE_RCU_POINTER is not set # CONFIG_DEBUG_SPINLOCK_SLEEP is not set # CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set # CONFIG_DEBUG_STACK_USAGE is not set # CONFIG_DEBUG_KOBJECT is not set CONFIG_DEBUG_BUGVERBOSE=y CONFIG_DEBUG_INFO=y # CONFIG_DEBUG_INFO_REDUCED is not set # CONFIG_DEBUG_VM is not set # CONFIG_DEBUG_WRITECOUNT is not set CONFIG_DEBUG_MEMORY_INIT=y # CONFIG_DEBUG_LIST is not set # CONFIG_TEST_LIST_SORT is not set # CONFIG_DEBUG_SG is not set # CONFIG_DEBUG_NOTIFIERS is not set # CONFIG_DEBUG_CREDENTIALS is not set CONFIG_FRAME_POINTER=y # CONFIG_BOOT_PRINTK_DELAY is not set # CONFIG_RCU_TORTURE_TEST is not set # CONFIG_BACKTRACE_SELF_TEST is not set # CONFIG_DEBUG_BLOCK_EXT_DEVT is not set # CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set # CONFIG_FAULT_INJECTION is not set # CONFIG_SYSCTL_SYSCALL_CHECK is not set # CONFIG_DEBUG_PAGEALLOC is not set # CONFIG_ATOMIC64_SELFTEST is not set # CONFIG_SAMPLES is not set # CONFIG_TEST_KSTRTOX is not set # CONFIG_GPROF is not set # CONFIG_GCOV is not set CONFIG_EARLY_PRINTK=y marionnet-0.90.6+bzr508.orig/uml/ethghost/0000755000175000017500000000000013175722671017224 5ustar lucaslucasmarionnet-0.90.6+bzr508.orig/uml/ethghost/ethghost-interface.c0000644000175000017500000002232513175722671023157 0ustar lucaslucas/* * This file is a part of the tool ethghost to the * Marionnet project * * Copyright (C) 2009 Jonathan Roudiere * Licence GPLv2+ : GNU GPL version 2 or later; * * This program is free software: you can redistribute it and/or * modify it under the terms of the GNU General Public License as * published by the Free Software Foundation, either version 2 of * the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * * This is the revision of 2009-07-07. * Minor changes by Jean-Vincent Loddo 2013/04/12 (ghost2 -> ethghost) */ #include #include #include #include #include #include #include #include #include #include #include "ethghost-interface.h" /* * functions used internally by __{create,destroy}_socket and * __{un,}ghostify to display and explained errors. * origcode - variable use by the caller to identify itself * nerror - errno provide by the caller * return - nerror */ static int on_error (int origcode, int nerror) { switch (origcode) { /* * If we can not create socket then we send a generic message * with the original system error message between parentheses. */ case (ESOCKCREATE) : dinfo; fprintf(stderr, "ethghost: Error: couldn't create socket (%s)\n",strerror(nerror)); break; /* * If we can not destroy socket then we send a generic message * with the original system error message between parentheses. */ case (ESOCKDELETE) : dinfo; fprintf(stderr, "ethghost: Error: couldn't destroy socket (%s)\n",strerror(nerror)); break; /* * If errors occur during the ghostification or the unghostification * operation, we be able to provide (in general) a more explicit message * than the system (which don't know ghost operations). */ case (EGHOSTIFY) : dinfo; switch (nerror) { /* * This error code is send by the ghostification kernel code if * the lenght of the iface that we try to ghositify is null or * greater than IFNAMSIZ(16) and like this tools already take care * this case then kernel don't support ghost ops. */ case (EINVAL) : fprintf(stderr, "ethghost: Error: couldn't ghostify interface; are you sure that your kernel supports Ghostification?\n"); break; /* * This error code is send by the ghostification kernel code * if the specified interface exist and is already ghositifed. */ case (EEXIST) : fprintf(stderr, "ethghost: Error: the specified interface is already ghostified.\n"); break; /* * This error code is send by the ghostification kernel code * if the specified interface (really) doesn't exist. */ case (ENODEV) : fprintf(stderr, "ethghost: Error: the specified interface doesn't exist (ghostify).\n"); break; /* * This error code is send by the ghostification kernel code if the * specified interface exist but it cann't be ghositfied because the * maximum number of interface ghostified has already been reached. */ case (ENOMEM) : fprintf(stderr, "ethghost: Error: the maximum number of ghostified interfaces has been reached.\n"); break; /* * A unknown error took place (not return but the ghostification * kernel code) so we return a generic message with the original * system error message between parentheses. */ default : fprintf(stderr, "ethghost: Error: an error occurred during ghostification (%s).\n",strerror(nerror)); } break; case (EUNGHOSTIFY) : dinfo; switch (nerror) { /* * This error code is send by the ghostification kernel code * if the interface specified (really) doesn't exist and so * it cann't be ghostified. */ case (ENODEV) : fprintf(stderr, "ethghost: Error: the specified interface doesn't exist (unghostify).\n"); break; /* * This error occurs when the specified interface is not * ghostified (but it exists) */ case (ESRCH) : fprintf(stderr, "ethghost: Error: the specified interface isn't ghostified.\n"); break; /* * This error code cann't be sent by the ghostification kernel * code and arguments of the ioctl request should therefore be * valid then certainly it is the kernel which does not support * ghostification operations. */ case (EINVAL) : fprintf(stderr, "ethghost: Error: couldn't unghostify interface; are you sure that your kernel supports Ghostification?\n"); break; /* * A unknown error took place (not return but the ghostification * kernel code) so we return a generic message with the original * system error message between parentheses. */ default : fprintf(stderr, "ethghost: Error: an error occurred during unghostification (%s).\n",strerror(nerror)); } break; default : dinfo; fprintf(stderr, "ethghost: Error: an unexpected error took place (EBUG).\n"); return (EBUG); } return (nerror); } /* * Create socket to {ghostify,unghostify}_iface, this socket will be * used as file descriptor (*sk) to the ioctl request, this function * returns EXIT_SUCCESS on success, errno on error. */ static unsigned int __create_socket (int *sk) { errno = 0; dinfo; if ((*sk = socket(AF_INET,SOCK_DGRAM,0)) < 0) { return (on_error(ESOCKCREATE, errno)); } return (EXIT_SUCCESS); } /* * Destroy socket (*sk) which has been created by the function * __create_socket, this function returns EXIT_SUCCESS on success, * errno on error. */ static unsigned int __destroy_socket (int *sk) { errno = 0; dinfo; if ((close((int)*sk) < 0)) { return (on_error(ESOCKDELETE, errno)); } return (EXIT_SUCCESS); } /* * Function used to Ghostify an interface (iface) by using ioctl * request, return EXIT_SUCCESS on success and errno on error. */ static unsigned int __ghostify (int *sk, const char *iface) { errno = 0; dinfo; if ((ioctl(*sk, SIOCGIFGHOSTIFY, iface)) < 0 ) { return (on_error(EGHOSTIFY, errno)); } return (EXIT_SUCCESS); } /* * Function used to UnGhostify an interface (iface) by using ioctl * request, return EXIT_SUCCESS on success and errno on error. */ static unsigned int __unghostify (int *sk, const char *iface) { errno = 0; dinfo; if ((ioctl(*sk, SIOCGIFUNGHOSTIFY, iface)) < 0 ) { return (on_error(EUNGHOSTIFY, errno)); } return (EXIT_SUCCESS); } /* * Function ghostify_iface, used to ghotify an interface, call internally * __create_socket to get a file descriptor, call __ghostify to make an * ioctl request and ghostify iface (if kenrel support Ghostification) * and finally call __destroy_socket. Return errno provide by a funtion * call internally on error or EXIT_SUCCESS on success. */ unsigned int ghostify_iface (const char *iface) { int sk = 0; int error = 0; int errorp = 0; /* debug */ dinfo; /* 1) create socket */ if ((error = __create_socket(&sk)) != 0 ) { fprintf(stderr, "ethghost: Error: in %s , Exit!!\n",__FUNCTION__); return error; } /* debug */ dprintf("Socket created with success, goto __ghostify"); /* 2) ghostify iface */ if ((error =__ghostify(&sk, iface)) != 0) { fprintf(stderr, "ethghost: Error: in %s : interface %s, Exit!!\n",__FUNCTION__,iface); /* to preserve original error (if possible) */ errorp = __destroy_socket(&sk); return errorp ? errorp : error; } /* 3) destroy socket*/ if ((error = __destroy_socket(&sk)) != 0 ) { fprintf(stderr, "ethghost: Error: in %s , Exit!!\n",__FUNCTION__); } /* debug */ dprintf("Socket deleted with success, goto main"); /* return error to main for user (0 on succes) */ return (error); } /* * Function unghostify_iface, used to unghotify an interface, call internally * __create_socket to get a file descriptor, call __unghostify to make an * ioctl request and unghostify iface (if kenrel support Ghostification) * and finally call __destroy_socket. Return errno provide by a funtion * call internally on error or EXIT_SUCCESS on success. */ unsigned int unghostify_iface (const char *iface) { int sk = 0; int error = 0; int errorp = 0; /* debug */ dinfo; /* 1) create socket */ if ((error = __create_socket(&sk)) != 0 ) { fprintf(stderr, "ethghost: Error: in %s , Exit!!\n",__FUNCTION__); return error; } /* debug */ dprintf("Socket created with success, goto __unghostify"); /* 2) unghostify iface */ if ((error =__unghostify(&sk, iface)) != 0) { fprintf(stderr, "ethghost: Error: in %s about the interface %s. Exit!!\n",__FUNCTION__,iface); /* to preserve original error (if possible) */ errorp = __destroy_socket(&sk); return errorp ? errorp : error; } /* 3) destroy socket*/ if ((error = __destroy_socket(&sk)) != 0 ) { fprintf(stderr, "ethghost: Error: in %s. Exit!!\n",__FUNCTION__); } /* debug */ dprintf("Socket deleted with success, goto main"); /* return error to main for user (0 on succes) */ return (error); } marionnet-0.90.6+bzr508.orig/uml/ethghost/ethghost-interface.h0000644000175000017500000000466013175722671023166 0ustar lucaslucas/* * This file is a part of the tool ethghost to the * Marionnet project * * Copyright (C) 2009 Jonathan Roudiere * Licence GPLv2+ : GNU GPL version 2 or later; * * This program is free software: you can redistribute it and/or * modify it under the terms of the GNU General Public License as * published by the Free Software Foundation, either version 2 of * the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * * This is the revision of 2009-07-07. * Minor changes by Jean-Vincent Loddo 2013/04/12 (ghost2 -> ethghost) */ /* * Interface for ghostification */ #ifndef _ETHGHOST_INTERFACE_H_ #define _ETHGHOST_INTERFACE_H_ /* Macro debug */ #ifdef GHOST_DEBUG #define dinfo printf("DEBUG: file(%s): line(%03d): funct(%s): -- info debug -- \n",basename(__FILE__),__LINE__,__FUNCTION__) #define dprintf(msg,args...) printf("DEBUG: file(%s): line(%03d): funct(%s): " msg "\n",basename(__FILE__),__LINE__,__FUNCTION__,##args) #else #define dinfo #define dprintf(msg,args...) #endif /* some variable */ #define __ETHGHOST_VERSION__ "2.0" /* version of this soft */ /* see include/linux/sockio.h in the Linux Kernel sources */ #define SIOKLOG 0x894D /* Write a string to the log */ #define SIOCGIFGHOSTIFY 0x894E /* Make a network device 'ghost' */ #define SIOCGIFUNGHOSTIFY 0x894F /* Make a network device 'unghost' */ /* * Internals variables (put here to EBUG in main()) */ enum { ESOCKCREATE, #define ESOCKCREATE ESOCKCREATE ESOCKDELETE, #define ESOCKDELETE ESOCKDELETE EGHOSTIFY, #define EGHOSTIFY EGHOSTIFY EUNGHOSTIFY, #define EUNGHOSTIFY EUNGHOSTIFY EBUG #define EBUG EBUG }; /* * Fonction to ghostify an interface. * iface : name of the network interface * that you want to ghostify */ unsigned int ghostify_iface (const char *iface); /* * Fonction to unghostify an interface. * iface : name of the network interface * that you want to unghostify */ unsigned int unghostify_iface (const char *iface); #endif /* _ETHGHOST_INTERFACE_H */ marionnet-0.90.6+bzr508.orig/uml/ethghost/Makefile0000644000175000017500000000342113175722671020664 0ustar lucaslucas# This file is a part of the tool ethghost to the # Marionnet project # Copyright (C) 2011 Luca Saiu # Licence GPLv2+ : GNU GPL version 2 or later; # This program is free software: you can redistribute it and/or # modify it under the terms of the GNU General Public License as # published by the Free Software Foundation, either version 2 of # the License, or (at your option) any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program. If not, see . # Shall we use Autotools here? The thing is really small, and # probably inherently non-portable: it only makes sense on GNU/Linux # with our kernel patch... So I don't think using the Autotools is # worth the hassle here. For the time being I've written this trivial # Makefile. -- Luca Saiu, October 2011 CC = gcc CFLAGS = -g -O2 all: ethghost ethghost: ethghost.o ethghost-interface.o $(CC) $(CFLAGS) -o $@ $^ ethghost.o: ethghost.c ethghost-interface.h $(CC) $(CFLAGS) -c -o $@ $< ethghost-interface.o: ethghost-interface.c ethghost-interface.h $(CC) $(CFLAGS) -c -o $@ $< clean: rm -f *.o ethghost *~ # DESTDIR may be set by the caller, for instance: # make DESTDIR=/usr/local install # (suitable for buildroot) install: cp ethghost $(DESTDIR)/bin/ethghost # Used by `pupisto' to know the package version to include in the buildroot's image print_version: @awk * * Copyright (C) 2009 Jonathan Roudiere * Licence GPLv2+ : GNU GPL version 2 or later; * * This program is free software: you can redistribute it and/or * modify it under the terms of the GNU General Public License as * published by the Free Software Foundation, either version 2 of * the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * * This is the revision of 2009-07-07. */ #include #include #include #include /* need to IFNAMSIZ */ #include /* Ghostification interface */ #include "ethghost-interface.h" static int usage(void) { fprintf(stderr, "ethghost (%s) usage :\n\n", __ETHGHOST_VERSION__); fprintf(stderr, "ethghost -h, --help this help message\n"); fprintf(stderr, " -v, --version get the version\n"); fprintf(stderr, " -g, --ghostify DEVICE ghostify this interface\n"); fprintf(stderr, " -u, --unghostify DEVICE unghostify this interface\n\n"); fprintf(stderr, "DEVICE : is the name of a network interface (like : eth0, lo)\n"); return (EXIT_SUCCESS); } static int version(void) { printf("\nethghost " __ETHGHOST_VERSION__ " \n"); printf("Copyright (C) 2009 Jonathan Roudiere\n"); printf("Copyright (C) 2009, 2013 Université Paris 13\n"); printf("License GPLv2: GNU GPL version 2 or later \n"); printf("\nThis is free software: you are free to change and redistribute it.\n"); printf("There is NO WARRANTY, to the extent permitted by law.\n\n"); return (EXIT_SUCCESS); } int main (int argc, char *argv[]) { int error = 0; char *prog; unsigned int (*act)(const char *iface); /* Get the binary name */ prog = basename(argv[0]); /* debug */ dprintf("Start of %s ",argv[0]); /* Verify number of args, if need show version/help */ if (argc == 1) { dinfo; fprintf(stderr, "%s: Error, no args. Exit!!\n\n",prog); usage(); return (EXIT_FAILURE); } else { dinfo; /* the one and only case where we accept one option */ if (argc == 2) { /* Look if version is asked */ dprintf("argc = %i and argv[%i] = %s, look if (-v,--version) has been provided.", argc, argc, argv[argc - 1]); if ((!(strcmp(argv[1],"-v"))) || (!(strcmp(argv[1],"--version")))) { version(); return (EXIT_SUCCESS); } else { /* Look if help is asked */ dprintf("argc = %i and argv[%i] = %s, look if (-h,--help) has been provided.", argc, argc, argv[argc - 1]); if ((!(strcmp(argv[1],"-h"))) || (!(strcmp(argv[1],"--help")))) { usage(); return (EXIT_SUCCESS); } else { fprintf(stderr, "%s: Error, unknown option. Exit!!\n\n",prog); usage(); return (EXIT_FAILURE); } } } if (argc != 3) { fprintf(stderr, "%s: Error, bad number of arguments. Exit!!\n\n",prog); usage(); return (EXIT_FAILURE); } } /* Search options used */ /* debug */ dprintf("argc = %i, argv[1] = %s and argv[2] = %s, search options used.", argc, argv[1], argv[2]); /* put in act pointer toward appropriate function */ if ((!(strcmp(argv[1],"-g"))) || (!(strcmp(argv[1],"--ghostify")))) { dprintf("Function call to act : act = &(ghostify_iface);"); act = &(ghostify_iface); } else { if ((!(strcmp(argv[1],"-u"))) || (!(strcmp(argv[1],"--unghostify")))) { dprintf("Function call to act : act = &(unghostify_iface);"); act = &(unghostify_iface); } else { fprintf(stderr, "%s: Error, unknown option. Exit!!\n\n",prog); usage(); return (EXIT_FAILURE); } } /* Verify lenght of the second args */ if (strlen(argv[2]) >= IFNAMSIZ) { fprintf(stderr, "%s: Error, invalid interface name. Exit!!\n",prog); return (EXIT_FAILURE); } /* Act */ if ((error = act(argv[2])) == 0) { dprintf("Act exit without error (%i)", error); if (act == (&ghostify_iface)) { printf("ethghost: SUCCESS, the interface %s has been ghostified!!\n", argv[2]); } else { if (act == (&unghostify_iface)) { printf("ethghost: SUCCESS, the interface %s has been unghostified!!\n", argv[2]); } else { /* debug, never come here */ fprintf(stderr, "\nethghost: Error, an unexpected error (bug?) took place. Exit!!\n"); return (EBUG); } } return (EXIT_SUCCESS); } else { dprintf("Act exit with error (%i)", error); /* explicit exit message have already been done */ return (error); /* report real error code to the user */ } /* Not necessary - BUG */ return (EBUG); } marionnet-0.90.6+bzr508.orig/.bzrignore0000644000175000017500000000003013175722671016575 0ustar lucaslucasicons_forge /**/_build* marionnet-0.90.6+bzr508.orig/README0000644000175000017500000000140613175722671015463 0ustar lucaslucasThis file is part of Marionnet, a virtual network laboratory. Copyright (C) 2008 Luca Saiu Copyright (C) 2008 Jean-Vincent Loddo This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . [To do: write this README.] marionnet-0.90.6+bzr508.orig/configure0000644000175000017500000000222513175722671016507 0ustar lucaslucas#!/bin/sh # This file is part of our build system for OCaml projects # Copyright (C) 2008 Luca Saiu # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program. If not, see . # To do: this should be copied to buildsystem/ echo "Sorry, there is no automatic configuration system, as of now." echo if [ -e etc ]; then echo "Now please edit the \"CONFIGME\" file and the files in etc/, using" echo "your favorite text editor." else echo "Now please edit the \"CONFIGME\" file, using your favorite text editor." fi # Exit with failure: it should be evident that the configuration is not # automatic: exit -1 marionnet-0.90.6+bzr508.orig/router.ml0000644000175000017500000014210513175722671016457 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2009-2017 Jean-Vincent Loddo Copyright (C) 2009-2017 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) open Gettext;; IFNDEF OCAML4_04_OR_LATER THEN let lowercase = String.lowercase let uppercase = String.uppercase ELSE let lowercase = String.lowercase_ascii let uppercase = String.uppercase_ascii ENDIF (** Gui-related stuff for the user-level component "router". *) (* The module containing the add/update dialog is defined later, using the syntax extension "where" *) #load "where_p4.cmo" ;; type port_number = int (* Router related constants: *) (* TODO: make it configurable! *) module Const = struct let port_no_default = 4 let port_no_min = 4 let port_no_max = 16 let port_0_ipv4_config_default : Ipv4.config = Initialization.router_port0_default_ipv4_config let port_0_ipv6_config_default : Ipv6.config option = Initialization.router_port0_default_ipv6_config let memory_default = 48 (* Unix-related configuration (not Quagga-related!) *) let initial_content_for_rcfiles_UNIX = "#!/bin/bash # --- # This script will be executed (sourced) as final step # of the virtual machine bootstrap process. # --- # Several variables are set at this point. # Examples: (some values depend on your settings) # --- # hostname='R1' # mem='48M' # virtualfs_kind='router' # virtualfs_name='router-guignol-45228' # mac_address_eth0='02:04:06:15:ad:0a' # mtu_eth0='1500' # PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' # --- # Your effective user and group IDs are uid=0 (root), gid=0 (root), # and the current working directory is '/', that is to say PWD='/' # --- " ;; let initial_content_for_rcfiles_ZEBRA = "!--- ! ZEBRA configuration file (Quagga port 2601) !--- ! IP routing manager ! See: http://www.nongnu.org/quagga/docs/quagga.html !--- ! Note: leave passwords unchanged or change them in the same way for ! all selected services (zebra, rip, ripng, ospf, bgp, ospf6, isis) password zebra enable password zebra !log file /var/quagga/zebra.log ! !=== INTERFACE CONFIGURATION === !interface IFNAME ! ip address ADDRESS/PREFIX ! ipv6 address ADDRESS/PREFIX ! .. !exit !=== STATIC ROUTING === !ip forwarding !ipv6 forwarding !ip route ADDRESS/PREFIX GATEWAY !ipv6 route ADDRESS/PREFIX GATEWAY ! !=== EXAMPLES (tip: uncomment and adapt) === !interface eth1 ! ip address 10.10.0.5/16 ! ipv6 address 2001:db9::5/64 !exit !ip route 11.11.11.0/24 10.10.255.254 !ipv6 route 2001:db8::/64 2001:db9::ff !--- " ;; let initial_content_for_rcfiles_RIP = "!--- ! RIP configuration file (Quagga port 2602) !--- ! RFC2453, RFC1058 (RIP is Routing Information Protocol v.2) ! See: http://www.nongnu.org/quagga/docs/quagga.html !--- ! Note: leave passwords unchanged or change them in the same way for ! all selected services (zebra, rip, ripng, ospf, bgp, ospf6, isis) password zebra enable password zebra router rip !log file /var/quagga/ripd.log ! ! network ADDRESS/PREFIX ! network IFNAME ! !=== EXAMPLES (tip: uncomment and adapt) === ! ! network 10.0.0.0/8 ! network eth0 ! " ;; let initial_content_for_rcfiles_RIPNG = "!--- ! RIPNG configuration file (Quagga port 2603) !--- ! RFC2080 (RIP protocol for IPv6) ! See: http://www.nongnu.org/quagga/docs/quagga.html !--- ! Note: leave passwords unchanged or change them in the same way for ! all selected services (zebra, rip, ripng, ospf, bgp, ospf6, isis) password zebra enable password zebra router ripng !log file /var/quagga/ripngd.log ! ! network ADDRESS/PREFIX ! network IFNAME ! route ADDRESS/PREFIX ! " ;; let initial_content_for_rcfiles_OSPF = "!--- ! OSPF configuration file (Quagga port 2604) !--- ! RFC2328 (OSPF is Open Shortest Path First v.2) ! See: http://www.nongnu.org/quagga/docs/quagga.html !--- ! Note: leave passwords unchanged or change them in the same way for ! all selected services (zebra, rip, ripng, ospf, bgp, ospf6, isis) password zebra enable password zebra router ospf !log file /var/quagga/ospfd.log ! ! network ADDRESS/PREFIX area ADDRESS ! area ADDRESS range ADDRESS/PREFIX [substitute ADDRESS/PREFIX] ! !=== EXAMPLES (tip: uncomment and adapt) === ! ! network 192.168.1.0/24 area 0.0.0.0 ! network 10.0.0.0/8 area 0.0.0.10 ! area 0.0.0.10 range 10.0.0.0/8 substitute 11.0.0.0/8 ! " ;; let initial_content_for_rcfiles_OSPF6 = "!--- ! OSPF6 configuration file (Quagga port 2606) !--- ! RFC2740 (OSPF6 is Open Shortest Path First v.3 for IPv6) ! See: http://www.nongnu.org/quagga/docs/quagga.html !--- ! Note: leave passwords unchanged or change them in the same way for ! all selected services (zebra, rip, ripng, ospf, bgp, ospf6, isis) password zebra enable password zebra router ospf6 !log file /var/quagga/ospf6d.log ! !=== EXAMPLES (tip: uncomment and adapt) === ! !! Example of for one interface and area: ! ! interface eth0 ! ipv6 ospf6 instance-id 0 ! ! router ospf6 ! router-id 212.17.55.53 ! area 0.0.0.0 range 2001:770:105:2::/64 ! interface eth0 area 0.0.0.0 ! " ;; let initial_content_for_rcfiles_BGP = "!--- ! BGP configuration file (Quagga port 2605) !--- ! RFC1771, RFC2858 (BGP is Border Gateway Protocol v.4) ! See: http://www.nongnu.org/quagga/docs/quagga.html !--- ! Note: leave passwords unchanged or change them in the same way for ! all selected services (zebra, rip, ripng, ospf, bgp, ospf6, isis) password zebra enable password zebra !log file /var/quagga/bgpd.log ! !=== EXAMPLES (tip: uncomment and adapt) === ! !! Example of a session to an upstream, advertising !! only one prefix to it: ! ! router bgp 64512 ! bgp router-id 10.236.87.1 ! network 10.236.87.0/24 ! neighbor upstream peer-group ! neighbor upstream remote-as 64515 ! neighbor upstream capability dynamic ! neighbor upstream prefix-list pl-allowed-adv out ! neighbor 10.1.1.1 peer-group upstream ! neighbor 10.1.1.1 description ACME ISP ! ! ip prefix-list pl-allowed-adv seq 5 permit 82.195.133.0/25 ! ip prefix-list pl-allowed-adv seq 10 deny any ! " ;; let initial_content_for_rcfiles_ISIS = "!--- ! ISIS configuration file (Quagga port 2608) !--- ! ISIS is Intermediate System to Intermediate System ! ISO10589, RFC1195, RFC5308 ! See: http://www.nongnu.org/quagga/docs/quagga.html !--- ! Note: leave passwords unchanged or change them in the same way for ! all selected services (zebra, rip, ripng, ospf, bgp, ospf6, isis) password zebra enable password zebra !log file /var/quagga/isisd.log ! !=== EXAMPLES (tip: uncomment and adapt) === ! !! A simple example, with MD5 authentication enabled: ! ! interface eth0 ! ip router isis FOO ! isis network point-to-point ! isis circuit-type level-2-only ! ! router isis FOO ! net 47.0023.0000.0000.0000.0000.0000.0000.1900.0004.00 ! metric-style wide ! is-type level-2-only ! " ;; (* Will be used as key: "zebra" "rip" "ripng" "ospf" "bgp" "ospf6" "isis" *) type quagga_lowercase_acronym = string (* A simple constant data structure (object), with some methods to deal about alternatives, indexes and related port numbers: *) let quagga_alternatives : < message_list : string list; (* [ "ZEBRA (port 2601)"; ... ; "ISIS (port 2608)" ] *) uppercase_acronym_array : string array; (* [| "ZEBRA"; "RIP"; "RIPNG"; "OSPF"; "BGP"; "OSPF6"; "ISIS"; |] *) lowercase_acronym_array : string array; (* [| "zebra"; "rip"; "ripng"; "ospf"; "bgp"; "ospf6"; "isis"; |] *) lowercase_acronym_list : string list; (* --- *) index_of_message : string -> int; index_of_lowercase_acronym : string -> int; index_of_port : port_number -> int; valid_port : port_number -> bool; (* --- *) port_of_message : string -> port_number; uppercase_acronym_of_port : port_number -> string; (* --- *) initial_content_for_rcfiles : string array; rc_config_initialization : (string * (bool * string)) list; config_file_of_lowercase_acronym : string -> string; (* "zebra" -> "/etc/quagga/zebra.conf" *) config_content_of_lowercase_acronym : string -> string; (* "zebra" -> "!ZEBRA configuration file\n..." *) port_of_lowercase_acronym : string -> port_number (* --- *) > = let initial_content_for_rcfiles = [| initial_content_for_rcfiles_ZEBRA; initial_content_for_rcfiles_RIP; initial_content_for_rcfiles_RIPNG; initial_content_for_rcfiles_OSPF; initial_content_for_rcfiles_BGP; initial_content_for_rcfiles_OSPF6; initial_content_for_rcfiles_ISIS; |] in let message_port_list = [ ("ZEBRA (port 2601)", 2601); ("RIP (port 2602)" , 2602); ("RIPNG (port 2603)", 2603); ("OSPF (port 2604)" , 2604); ("BGP (port 2605)" , 2605); ("OSPF6 (port 2606)", 2606); ("ISIS (port 2608)" , 2608); ] in let config_files = [| "zebra.conf"; "ripd.conf"; "ripngd.conf"; "ospfd.conf"; "bgpd.conf"; "ospf6d.conf"; "isisd.conf"; |] in let message_list, port_list = List.split message_port_list in let message_array, port_array = (Array.of_list message_list, Array.of_list port_list) in let uppercase_acronym_array = Array.map (fun m -> Scanf.sscanf m "%s" (fun s->s)) message_array in let lowercase_acronym_array = Array.map (lowercase) uppercase_acronym_array in let lowercase_acronym_list = Array.to_list (lowercase_acronym_array) in (* "zebra" -> content; .. ; "isis" -> content *) let initial_content_for_rcfiles_assoc_list = List.combine (Array.to_list lowercase_acronym_array) (Array.to_list initial_content_for_rcfiles) in (* ---*) object (self) (* ---*) method message_list = message_list method uppercase_acronym_array = uppercase_acronym_array method lowercase_acronym_array = lowercase_acronym_array method lowercase_acronym_list = lowercase_acronym_list method initial_content_for_rcfiles = initial_content_for_rcfiles (* array => index -> content *) (* ---*) method index_of_port p = fst (ListExtra.findi ((=)p) (port_list)) (* ---*) method index_of_message msg = fst (ListExtra.findi ((=)msg) (message_list)) (* ---*) method index_of_lowercase_acronym k = fst (ArrayExtra.findi ((=)k) (lowercase_acronym_array)) (* ---*) method port_of_message msg = let index = self#index_of_message msg in port_array.(index) (* ---*) method uppercase_acronym_of_port p = let index = self#index_of_port p in uppercase_acronym_array.(index) (* ---*) method valid_port x = not (x<2601 || x>2608 || x=2607) (* ---*) method rc_config_initialization = (* here false means "unselected" *) List.map (fun (key, content) -> (key, (false, content))) (initial_content_for_rcfiles_assoc_list) (* ---*) method config_file_of_lowercase_acronym (acronym) = let index = self#index_of_lowercase_acronym (acronym) in Printf.sprintf "/etc/quagga/%s" config_files.(index) (* ---*) method config_content_of_lowercase_acronym (acronym) = let index = self#index_of_lowercase_acronym (acronym) in initial_content_for_rcfiles.(index) (* ---*) method port_of_lowercase_acronym (acronym) = let index = self#index_of_lowercase_acronym (acronym) in port_array.(index) (* ---*) end (* object `quagga_alternatives' *) end (* The type of data returned by the dialog: *) module Data = struct type t = { name : string; label : string; port_0_ipv4_config : Ipv4.config; port_0_ipv6_config : Ipv6.config option; port_no : int; distribution : string; (* epithet *) variant : string option; kernel : string; (* epithet *) (* --- *) show_unix_terminal : bool; rc_config_unix : bool * string; (* run commands (rc) file configuration *) (* --- *) quagga_selected_srvs : (Const.quagga_lowercase_acronym list); show_quagga_terminal : (Const.quagga_lowercase_acronym list); rc_config_quagga : (Const.quagga_lowercase_acronym * (bool * string)) list; (* run commands (rc) file configuration *) (* --- *) old_name : string; } let to_string t = "" (* TODO? *) end (* Data *) module Make_menus (Params : sig val st : State.globalState val packing : [ `toolbar of GButton.toolbar | `menu_parent of Menu_factory.menu_parent ] end) = struct open Params module Toolbar_entry = struct let imagefile = "ico.router.palette.png" let tooltip = (s_ "Router") let packing = Params.packing end module Add = struct include Data let key = Some GdkKeysyms._R let ok_callback t = Gui_bricks.Ok_callback.check_name t.name t.old_name st#network#name_exists t let dialog () = let name = st#network#suggestedName "R" in Dialog_add_or_update.make ~title:(s_ "Add router") ~name ~ok_callback () let reaction { name = name; label = label; port_0_ipv4_config = port_0_ipv4_config; port_0_ipv6_config = port_0_ipv6_config; port_no = port_no; distribution = distribution; variant = variant; kernel = kernel; show_unix_terminal = show_unix_terminal; rc_config_unix = rc_config_unix; quagga_selected_srvs = quagga_selected_srvs; show_quagga_terminal = show_quagga_terminal; rc_config_quagga = rc_config_quagga; old_name = _ ; } = let action () = ignore ( new User_level_router.router (* defined later with WHERE *) ~network:st#network ~name ~label ~port_0_ipv4_config ~port_0_ipv6_config ~epithet:distribution ?variant:variant ~kernel ~port_no ~show_unix_terminal ~rc_config_unix ~quagga_selected_srvs ~show_quagga_terminal ~rc_config_quagga ()) in st#network_change action (); end (* Add *) module Properties = struct include Data let dynlist () = st#network#get_node_names_that_can_startup ~devkind:`Router () let dialog name () = let r = (st#network#get_node_by_name name) in let r = ((Obj.magic r):> User_level_router.router) in let title = (s_ "Modify router")^" "^name in let label = r#get_label in let distribution = r#get_epithet in let variant = r#get_variant in let kernel = r#get_kernel in let show_unix_terminal = r#get_show_unix_terminal in let rc_config_unix = r#get_rc_config_unix in let quagga_selected_srvs = r#get_quagga_selected_srvs in let show_quagga_terminal = r#get_show_quagga_terminal in let rc_config_quagga = r#get_rc_config_quagga in let port_no = r#get_port_no in let port_0_ipv4_config = r#get_port_0_ipv4_config in let port_0_ipv6_config = r#get_port_0_ipv6_config in (* The user cannot remove receptacles used by a cable. *) let port_no_min = st#network#port_no_lower_of (r :> User_level.node) in Dialog_add_or_update.make ~title ~name ~label ~distribution ?variant ~show_unix_terminal ~rc_config_unix ~quagga_selected_srvs ~show_quagga_terminal ~rc_config_quagga ~port_no ~port_no_min ~port_0_ipv4_config ~port_0_ipv6_config ~kernel ~updating:() (* the user cannot change the distrib & variant *) ~ok_callback:Add.ok_callback () let reaction { name = name; label = label; port_0_ipv4_config = port_0_ipv4_config; port_0_ipv6_config = port_0_ipv6_config; port_no = port_no; kernel = kernel; show_unix_terminal = show_unix_terminal; rc_config_unix = rc_config_unix; quagga_selected_srvs = quagga_selected_srvs; show_quagga_terminal = show_quagga_terminal; rc_config_quagga = rc_config_quagga; old_name = old_name; } = let d = (st#network#get_node_by_name old_name) in let r = ((Obj.magic d):> User_level_router.router) in let action () = r#update_router_with ~name ~label ~port_0_ipv4_config ?port_0_ipv6_config ~port_no ~kernel ~show_unix_terminal ~rc_config_unix ~quagga_selected_srvs ~show_quagga_terminal ~rc_config_quagga () in st#network_change action (); end (* Properties *) module Remove = struct type t = string (* just the name *) let to_string = (Printf.sprintf "name = %s\n") let dynlist = Properties.dynlist let dialog name () = Gui_bricks.Dialog.yes_or_cancel_question ~title:(s_ "Remove") ~markup:(Printf.sprintf (f_ "Are you sure that you want to remove %s\nand all the cables connected to this %s?") name (s_ "router")) ~context:name () let reaction name = let d = (st#network#get_node_by_name name) in let r = ((Obj.magic d):> User_level_router.router) in let action () = r#destroy in st#network_change action (); end module Startup = struct type t = string (* just the name *) let to_string = (Printf.sprintf "name = %s\n") let dynlist = Properties.dynlist let dialog = Menu_factory.no_dialog_but_simply_return_name let reaction name = (st#network#get_node_by_name name)#startup end module Stop = struct type t = string (* just the name *) let to_string = (Printf.sprintf "name = %s\n") let dynlist () = st#network#get_node_names_that_can_gracefully_shutdown ~devkind:`Router () let dialog = Menu_factory.no_dialog_but_simply_return_name let reaction name = (st#network#get_node_by_name name)#gracefully_shutdown end module Suspend = struct type t = string (* just the name *) let to_string = (Printf.sprintf "name = %s\n") let dynlist () = st#network#get_node_names_that_can_suspend ~devkind:`Router () let dialog = Menu_factory.no_dialog_but_simply_return_name let reaction name = (st#network#get_node_by_name name)#suspend end module Resume = struct type t = string (* just the name *) let to_string = (Printf.sprintf "name = %s\n") let dynlist () = st#network#get_node_names_that_can_resume ~devkind:`Router () let dialog = Menu_factory.no_dialog_but_simply_return_name let reaction name = (st#network#get_node_by_name name)#resume end module Create_entries = Gui_toolbar_COMPONENTS_layouts.Layout_for_network_node (Params) (Toolbar_entry) (Add) (Properties) (Remove) (Startup) (Stop) (Suspend) (Resume) (* Subscribe this kind of component to the network club: *) st#network#subscribe_a_try_to_add_procedure Eval_forest_child.try_to_add_router; end (*-----*) WHERE (*-----*) module Dialog_add_or_update = struct (* This function may be useful for testing the widget creation without recompiling the whole project. *) let make ?(title="Add a router") ?(name="") ?label ?(port_0_ipv4_config=Const.port_0_ipv4_config_default) ?(port_0_ipv6_config=Const.port_0_ipv6_config_default) ?(port_no=Const.port_no_default) ?(port_no_min=Const.port_no_min) ?(port_no_max=Const.port_no_max) ?distribution ?variant ?kernel ?(updating:unit option) (* --- *) ?(show_unix_terminal=false) ?(rc_config_unix=(false, Const.initial_content_for_rcfiles_UNIX)) (* --- *) ?(quagga_selected_srvs=Const.quagga_alternatives#lowercase_acronym_list) ?(show_quagga_terminal=[]) ?(rc_config_quagga=Const.quagga_alternatives#rc_config_initialization) (* --- *) ?(help_callback=help_callback) (* defined backward with "WHERE" *) ?(ok_callback=(fun data -> Some data)) ?(dialog_image_file=Initialization.Path.images^"ico.router.dialog.png") () :'result option = let old_name = name in let ((b1,b2,b3,b4),b5) = port_0_ipv4_config in let port_0_ipv6_config : bool * string (* User representation *) = match port_0_ipv6_config with | None -> (false, "2001:db9::ff/32") | Some v -> (true, Ipv6.string_of_config v) in let vm_installations = Lazy_perishable.force (Disk.get_router_installations) in let (dialog_router,_,name,label) = Gui_bricks.Dialog_add_or_update.make_window_image_name_and_label ~title ~image_file:dialog_image_file ~image_tooltip:(s_ "Router") ~name ~name_tooltip:(s_ "Router name. This name must be unique in the virtual network. Suggested: R1, R2, ...") ?label () in let ((s1,s2,s3,s4,s5), port_0_ipv6_config_obj, port_no, distribution_variant_kernel, rc_config_unix, show_unix_terminal, quagga_widgets) = let vbox = GPack.vbox ~homogeneous:false ~border_width:20 ~spacing:10 ~packing:dialog_router#vbox#add () in let form = Gui_bricks.make_form_with_labels ~packing:vbox#add [(s_ "Ports number"); (s_ "Port 0 IPv4 address"); (s_ "Port 0 Ipv6 address"); (s_ "Distribution"); (s_ "Variant"); (s_ "Kernel"); (s_ "Startup configuration"); (s_ "Show Unix terminal"); (s_ "Services"); ] in form#add_section ~no_line:() "Hardware"; (* --- *) let on_distrib_change = ref [] (* a list of callbacks *) in (* --- *) let port_no = Gui_bricks.spin_byte ~lower:port_no_min ~upper:port_no_max ~step_incr:2 ~packing:(form#add_with_tooltip (s_ "Number of router ports" )) port_no in (* --- *) let port_0_ipv4_config = Gui_bricks.spin_ipv4_address_with_cidr_netmask ~packing:(form#add_with_tooltip ~just_for_label:() (s_ "IPv4 configuration of the first router port (0)")) b1 b2 b3 b4 b5 in (* --- *) let port_0_ipv6_config_obj : < active : bool; content : string; hbox : GPack.box; check_button : GButton.toggle_button; entry : GEdit.entry > = let (active, text) = port_0_ipv6_config in Gui_bricks.activable_entry ~packing:(form#add_with_tooltip (s_ "Optional IPv6 configuration of the first router port (0). For instance 2001:db9::ff/32")) ~active ~text ~red_text_condition:(fun x -> not (Ipv6.String.is_valid_config x)) () in (* --- *) form#add_section "Software"; (* --- *) let distribution_variant_kernel = let packing_distribution = form#add_with_tooltip (s_ "GNU/Linux distribution installed on the router." ) in let packing_variant = form#add_with_tooltip (s_ "Initial hard disk state. The router will start by default with this variant of the chosen distribution." ) in let packing_kernel = form#add_with_tooltip (s_ "Linux kernel version used for this router." ) in let packing = (packing_distribution, packing_variant, packing_kernel) in Gui_bricks.make_combo_boxes_of_vm_installations ~on_distrib_change:(fun distrib -> List.iter (fun f -> f distrib) !on_distrib_change) ?distribution ?variant ?kernel ?updating ~packing vm_installations in (* --- *) let rc_config_unix = Gui_bricks.make_rc_config_widget ~width:800 ~filter_names:[`BASH; `RC; `ALL] ~parent:(dialog_router :> GWindow.window_skel) ~packing:(form#add_with_tooltip (s_ "Check to activate a startup configuration" )) ~active:(fst rc_config_unix) ~content:(snd rc_config_unix) ~device_name:(old_name) ~language:("sh") () in (* --- *) (* Register and call the "Port 0 Ipv6 address" + "Startup configuration" callback according to current distribution: *) let () = let callback d = let sensitive = (vm_installations#marionnet_relay_supported_by d) in begin form#set_sensitive ~label_text:(s_ "Port 0 Ipv6 address") (sensitive); form#set_sensitive ~label_text:(s_ "Startup configuration") (sensitive); end in (* --- *) on_distrib_change := (callback)::!on_distrib_change; let current = distribution_variant_kernel#selected in callback (current) in (* --- *) form#add_section "Access"; (* --- *) let show_unix_terminal = GButton.check_button ~active:show_unix_terminal ~packing:(form#add_with_tooltip (s_ "Do you want access the router also by a Unix terminal?" )) () in (* --- *) let _services_label = GMisc.label ~packing:(form#add_with_tooltip (s_ "Configure Quagga's services" )) () in (* --- *) let quagga_textkey_and_forms (* : array of (acronym, ("%s startup config.", form)) *) = Array.map (* --- *) (fun acronym -> let u = (uppercase acronym) in let text_startup_config : string = Printf.sprintf (f_ "%s startup config.") u in (* dynamically sensitive *) let text_show_terminal : string = Printf.sprintf (f_ "Show %s terminal") u in let form = Gui_bricks.make_form_with_labels [ text_startup_config; text_show_terminal ; ] in (acronym, (text_startup_config, form))) (* --- *) (Const.quagga_alternatives#lowercase_acronym_array) in (* --- *) let quagga_rc_config_widgets = Array.map (* --- *) (fun (acronym, (text_startup_config, (subform: Gui_bricks.form))) -> (* Make the widget: *) let widget = let rc_config = List.assoc acronym rc_config_quagga in Gui_bricks.make_rc_config_widget ~width:800 ~height:600 (* 800x600 *) ~filter_names:[`CONF; `RC; `TXT; `ALL] ~parent:(dialog_router :> GWindow.window_skel) ~packing:(subform#add_with_tooltip (s_ "Check to activate a startup configuration" )) ~active:(fst rc_config) ~content:(snd rc_config) ~device_name:(Printf.sprintf "%s (%s)" old_name (uppercase acronym)) ~language:("quagga_zebra") (* special syntax TODO: ("quagga_"^acronym) *) () in (* Register and call the "Startup configuration" callback according to current distribution: *) let () = let callback d = let sensitive = (vm_installations#marionnet_relay_supported_by d) in begin subform#set_sensitive ~label_text:text_startup_config (sensitive); (* <=== text key (text_startup_config) used here *) widget#set_sensitive (sensitive); end in (* --- *) on_distrib_change := (callback)::!on_distrib_change; let current = distribution_variant_kernel#selected in callback (current) in (acronym, widget)) (* --- *) quagga_textkey_and_forms in let quagga_terminal_widgets = Array.map (* --- *) (fun (acronym, (_text_startup_config, (subform: Gui_bricks.form))) -> let widget = GButton.check_button ~active:(List.mem acronym show_quagga_terminal) ~packing:(subform#add_with_tooltip (s_ "Do you want access the router also by a Quagga terminal (CISCO-IOS-like commands)?" )) () in (acronym, widget)) (* --- *) quagga_textkey_and_forms in (* --- *) let quagga_notebook : (Const.quagga_lowercase_acronym * GButton.toggle_button) list = let assoc_array = Array.map (fun (acronym, (_, form)) -> (acronym, (List.mem acronym quagga_selected_srvs), form#coerce)) (quagga_textkey_and_forms) in let tbs : GButton.toggle_button array = Gui_bricks.make_notebook_of_assoc_array_with_check_buttons ~homogeneous_tabs:true ~packing:vbox#add (assoc_array) in (* --- *) (* Distribution-related callback: *) let () = let callback d = let sensitive = (vm_installations#marionnet_relay_supported_by d) in begin Array.iter (fun b -> b#misc#set_sensitive (sensitive)) tbs end in (* --- *) on_distrib_change := (callback)::!on_distrib_change; let current = distribution_variant_kernel#selected in callback (current) in (* --- *) List.combine (Const.quagga_alternatives#lowercase_acronym_list) (Array.to_list tbs) in (* --- *) let quagga_widgets = (quagga_notebook, quagga_rc_config_widgets, quagga_terminal_widgets) in (* --- *) (port_0_ipv4_config, port_0_ipv6_config_obj, port_no, distribution_variant_kernel, rc_config_unix, show_unix_terminal, quagga_widgets) in (* --- *) let get_widget_data () :'result = let name = name#text in let label = label#text in let port_0_ipv4_config = let s1 = int_of_float s1#value in let s2 = int_of_float s2#value in let s3 = int_of_float s3#value in let s4 = int_of_float s4#value in let s5 = int_of_float s5#value in ((s1,s2,s3,s4),s5) in let port_0_ipv6_config = let obj = port_0_ipv6_config_obj in if not obj#active then None else try Some (Ipv6.config_of_string obj#content) with _ -> None in let port_no = int_of_float port_no#value in let distribution = distribution_variant_kernel#selected in let variant = distribution_variant_kernel#slave0#selected in let kernel = distribution_variant_kernel#slave1#selected in let variant = match variant with | "none" -> None | x -> Some x in (* --- *) let rc_config_unix = (rc_config_unix#active, rc_config_unix#content) in (* --- *) let (quagga_notebook, quagga_rc_config_widgets, quagga_terminal_widgets) = quagga_widgets in (* --- *) (* We look at the structure: quagga_notebook : (quagga_lowercase_acronym * GButton.toggle_button) list *) let quagga_selected_srvs = ListExtra.filter_map (fun (k,b) -> if b#active then Some k else None) (quagga_notebook) in (* --- *) let rc_config_quagga : (Const.quagga_lowercase_acronym * (bool * string)) list = let xs = Array.map (fun (acronym, rc_config) -> (acronym, (rc_config#active, rc_config#content))) (quagga_rc_config_widgets) in Array.to_list xs (* TODO: reduce space removing values bound to false (or do it when saving project) *) in (* --- *) let show_quagga_terminal : Const.quagga_lowercase_acronym list = let xs = Array.map (fun (acronym, show_terminal) -> (acronym, show_terminal#active)) (quagga_terminal_widgets) in let xs = ListExtra.filter_map (fun (acronym, b) -> if b then Some acronym else None) (Array.to_list xs) in xs in (* --- *) let show_unix_terminal = show_unix_terminal#active in (* --- *) { Data.name = name; Data.label = label; Data.port_0_ipv4_config = port_0_ipv4_config; Data.port_0_ipv6_config = port_0_ipv6_config; Data.port_no = port_no; Data.distribution = distribution; Data.variant = variant; Data.kernel = kernel; Data.show_unix_terminal = show_unix_terminal; Data.rc_config_unix = rc_config_unix; Data.quagga_selected_srvs = quagga_selected_srvs; Data.rc_config_quagga = rc_config_quagga; Data.show_quagga_terminal = show_quagga_terminal; Data.old_name = old_name; } (* --- *) in (* The result of make is the result of the dialog loop (of type 'result option): *) Gui_bricks.Dialog_run.ok_or_cancel (dialog_router) ~ok_callback ~help_callback ~get_widget_data () (*-----*) WHERE (*-----*) let help_callback = let title = (s_ "ADD OR MODIFY A ROUTER") in let msg = (s_ "\ In this dialog window you can define the name of an IP router \ and set many parameters for it:\n\n\ - Label: a string appearing near the router icon in the network graph; \ this field is exclusively for graphic purposes, is not taken in consideration \ for the configuration.\n\ - Nb of Ports: the number of ports of the router (default 4); this number must \ not be increased without a reason, because the number of processes needed for the \ device emulation is proportional to his ports number.\n\n\ The emulation of this device is realised with the program 'quagga' derived from \ the project 'zebra'.\n\n\ Every interface of the router can be configured in the tab \ 'Interfaces'. Once started, the router will answer to the telnet \ protocol on every configured interface, on the following tcp ports:\n\n\ zebra\t\t2601/tcp\t\t# zebra vty\n\ ripd\t\t\t2602/tcp\t\t# RIPd vty\n\ ripngd\t\t2603/tcp\t\t# RIPngd vty\n\ ospfd\t\t2604/tcp\t\t# OSPFd vty\n\ bgpd\t\t2605/tcp\t\t# BGPd vty\n\ ospf6d\t\t2606/tcp\t\t# OSPF6d vty\n\ isisd\t\t\t2608/tcp\t\t# ISISd vty\n\n\ Password: zebra") in Simple_dialogs.help title msg ;; end (*-----*) WHERE (*-----*) module Eval_forest_child = struct let try_to_add_router (network:User_level.network) ((root,children):Xforest.tree) = try (match root with | ("router", attrs) -> let name = List.assoc "name" attrs in let port_no = int_of_string (List.assoc "port_no" attrs) in Log.printf2 "Importing router \"%s\" with %d ports...\n" name port_no; let x = new User_level_router.router ~network ~name ~port_no () in x#from_tree ("router", attrs) children; Log.printf1 "Router \"%s\" successfully imported.\n" name; true (* backward compatibility *) | ("device", attrs) -> let name = List.assoc "name" attrs in let port_no = int_of_string (List.assoc "eth" attrs) in let kind = List.assoc "kind" attrs in (match kind with | "router" -> Log.printf2 "Importing router \"%s\" with %d ports...\n" name port_no; let r = new User_level_router.router ~network ~name ~port_no () in let x = (r :> User_level.node_with_ledgrid_and_defects) in x#from_tree ("device", attrs) children ; Log.printf1 "Router \"%s\" successfully imported.\n" name; true | _ -> false ) | _ -> false ) with _ -> false end (* module Eval_forest_child *) (*-----*) WHERE (*-----*) module User_level_router = struct class router ~(network:User_level.network) ~name ?(port_0_ipv4_config=Const.port_0_ipv4_config_default) ?(port_0_ipv6_config=Const.port_0_ipv6_config_default) ?label ?epithet ?variant ?kernel (* --- *) ?(show_unix_terminal=false) ?(rc_config_unix=(false,"")) (* --- *) ?(quagga_selected_srvs=Const.quagga_alternatives#lowercase_acronym_list) ?(show_quagga_terminal=[]) ?(rc_config_quagga=Const.quagga_alternatives#rc_config_initialization) (* --- *) ?terminal ~port_no () = let vm_installations = Lazy_perishable.force (Disk.get_router_installations) in let network_alias = network in (* The ifconfig treeview wants a port 0 configuration at creation time:*) let ifconfig_port_row_completions = let ipv4_binding = let ipv4_config = Ipv4.string_of_config (port_0_ipv4_config) in (* the class parameter *) ("IPv4 address", Treeview.Row_item.String ipv4_config) in let ipv6_binding = let ipv6_config = Option.extract_map_or (port_0_ipv6_config) (* the class parameter *) Ipv6.string_of_config "" in ("IPv6 address", Treeview.Row_item.String ipv6_config) in [ ("port0", [ipv4_binding; ipv6_binding]) ] in object (self) inherit OoExtra.destroy_methods () inherit User_level.node_with_ledgrid_and_defects ~network ~name ?label ~devkind:`Router ~port_no ~port_no_min:Const.port_no_min ~port_no_max:Const.port_no_max ~port_prefix:"port" () as self_as_node_with_ledgrid_and_defects inherit User_level.virtual_machine_with_history_and_ifconfig ~network:network_alias ?epithet ?variant ?kernel ?terminal ~history_icon:"router" ~ifconfig_device_type:"router" ~ifconfig_port_row_completions ~vm_installations () as self_as_virtual_machine_with_history_and_ifconfig method polarity = User_level.MDI method string_of_devkind = "router" method ledgrid_label = "Router" method defects_device_type = "router" method dotImg iconsize = let imgDir = Initialization.Path.images in (imgDir^"ico.router."^(self#string_of_simulated_device_state)^"."^iconsize^".png") (** Get the full host pathname to the directory containing the guest hostfs filesystem: *) method hostfs_directory_pathname = let d = ((Option.extract !simulated_device) :> User_level.node Simulation_level.device) in d#hostfs_directory_pathname val mutable show_quagga_terminal : (Const.quagga_lowercase_acronym list) = show_quagga_terminal method get_show_quagga_terminal = show_quagga_terminal method set_show_quagga_terminal x = show_quagga_terminal <- x val mutable show_unix_terminal : bool = show_unix_terminal method get_show_unix_terminal = show_unix_terminal method set_show_unix_terminal x = show_unix_terminal <- x val mutable rc_config_unix : bool * string = rc_config_unix method get_rc_config_unix = rc_config_unix method set_rc_config_unix x = rc_config_unix <- x val mutable rc_config_quagga : (Const.quagga_lowercase_acronym * (bool * string)) list = rc_config_quagga method get_rc_config_quagga = rc_config_quagga method set_rc_config_quagga x = rc_config_quagga <- x val mutable quagga_selected_srvs : (Const.quagga_lowercase_acronym list) = quagga_selected_srvs method get_quagga_selected_srvs = quagga_selected_srvs method set_quagga_selected_srvs x = quagga_selected_srvs <- x (** Create the simulated device *) method private make_simulated_device = let id = self#id in let cow_file_name, dynamically_get_the_cow_file_name_source = self#create_cow_file_name_and_thunk_to_get_the_source in let rcfile_unix_content = match self#get_rc_config_unix with | false, _ -> None | true, content -> Some content in let rcfile_quagga_contents : (Const.quagga_lowercase_acronym * string) list = (* ListExtra.filter_map (fun (k,(b,c)) -> if b then Some (k,c) else None) self#get_rc_config_quagga *) List.map (fun (k,(b,c)) -> if b then (k,c) else (* continue: *) (* Get the default content (configuration) for the key `k': *) let c0 = Const.quagga_alternatives#config_content_of_lowercase_acronym (k) in (k,c0) ) self#get_rc_config_quagga in let () = Log.printf4 "About to start the router %s\n with filesystem: %s\n cow file: %s\n kernel: %s\n" self#name self#get_filesystem_file_name cow_file_name self#get_kernel_file_name in let device = new Simulation_level.router ~parent:self ~kernel_file_name:self#get_kernel_file_name ?kernel_console_arguments:self#get_kernel_console_arguments ?filesystem_relay_script:self#get_filesystem_relay_script ~filesystem_file_name:self#get_filesystem_file_name ~dynamically_get_the_cow_file_name_source ~cow_file_name ~states_directory:(self#get_states_directory) ~ethernet_interface_no:self#get_port_no ~umid:self#get_name ~id ~show_unix_terminal:self#get_show_unix_terminal ?rcfile_unix_content ~quagga_selected_srvs:self#get_quagga_selected_srvs ~show_quagga_terminal:self#get_show_quagga_terminal ~rcfile_quagga_contents ~working_directory:(network#working_directory) ~unexpected_death_callback:self#destroy_because_of_unexpected_death () in (device :> User_level.node_with_ports_card Simulation_level.device) (** Here we also have to manage cow files... *) method private gracefully_shutdown_right_now = self_as_node_with_ledgrid_and_defects#gracefully_shutdown_right_now; (* We have to manage the hostfs stuff (when in exam mode) and destroy the simulated device, so that we can use a new cow file the next time: *) Log.printf1 "Calling hostfs_directory_pathname on %s...\n" self#name; let hostfs_directory_pathname = self#hostfs_directory_pathname in Log.printf "Ok, we're still alive\n"; (* If we're in exam mode then make the report available in the texts treeview: *) (if Initialization.are_we_in_exam_mode then begin let treeview_documents = Treeview_documents.extract () in Log.printf1 "Adding the report on %s to the texts interface\n" self#name; treeview_documents#import_report ~machine_or_router_name:self#name ~pathname:(hostfs_directory_pathname ^ "/report.html") (); Log.printf1 "Added the report on %s to the texts interface\n" self#name; end); (* ...And destroy, so that the next time we have to re-create the process command line can use a new cow file (see the make_simulated_device method) *) self#destroy_right_now (** Here we also have to manage LED grids and, for routers, cow files: *) method private poweroff_right_now = self_as_node_with_ledgrid_and_defects#poweroff_right_now; (* Destroy, so that the next time we have to re-create a simulated device, and we start with a new cow: *) self#destroy_right_now method to_tree = Forest.tree_of_leaf ("router", [ ("name" , self#get_name ); ("label" , self#get_label); ("distrib" , self#get_epithet ); ("variant" , self#get_variant_as_string); ("kernel" , self#get_kernel ); ("show_unix_terminal" , string_of_bool (self#get_show_unix_terminal)); ("show_quagga_terminal", Marshal.to_string (self#get_show_quagga_terminal) []); ("rc_config_unix", Marshal.to_string self#get_rc_config_unix []); ("rc_config_quagga" , Marshal.to_string self#get_rc_config_quagga []); ("quagga_selected_srvs", Marshal.to_string self#get_quagga_selected_srvs []); ("terminal" , self#get_terminal ); ("port_no" , (string_of_int self#get_port_no)) ; ]) (** A machine has just attributes (no children) in this version. *) method eval_forest_attribute = function | ("name" , x ) -> self#set_name x | ("label" , x ) -> self#set_label x | ("distrib" , x ) -> self#set_epithet x | ("variant" , "") -> self#set_variant None | ("variant" , x ) -> self#set_variant (Some x) | ("kernel" , x ) -> self#set_kernel x | ("show_unix_terminal", x ) -> self#set_show_unix_terminal (bool_of_string x) | ("show_quagga_terminal", x ) -> self#set_show_quagga_terminal (Marshal.from_string x 0) | ("rc_config_unix", x ) -> self#set_rc_config_unix (Marshal.from_string x 0) | ("rc_config_quagga", x ) -> self#set_rc_config_quagga (Marshal.from_string x 0) | ("quagga_selected_srvs", x ) -> self#set_quagga_selected_srvs (Marshal.from_string x 0) | ("terminal" , x ) -> self#set_terminal x | ("port_no" , x ) -> self#set_port_no (int_of_string x) | _ -> () (* Forward-comp. *) method private get_assoc_list_from_ifconfig ~key = List.map (fun i -> (i,network#ifconfig#get_port_attribute_by_index self#get_name i key)) (ListExtra.range 0 (self#get_port_no - 1)) method get_mac_addresses = self#get_assoc_list_from_ifconfig ~key:"MAC address" method get_ipv4_addresses = self#get_assoc_list_from_ifconfig ~key:"IPv4 address" method get_port_0_ipv4_config : Ipv4.config = let name = self#get_name in let x = network#ifconfig#get_port_attribute_by_index name 0 "IPv4 address" in match (Ipv4.import x) with | Some (Either.Right config) -> config | Some (Either.Left address) -> (address, 24) | None -> Const.port_0_ipv4_config_default method get_port_0_ipv6_config : Ipv6.config option = let name = self#get_name in let x = network#ifconfig#get_port_attribute_by_index name 0 "IPv6 address" in try Some (Ipv6.config_of_string x) with _ -> Const.port_0_ipv6_config_default method set_port_0_ipv4_config (port_0_ipv4_config : Ipv4.config) = network#ifconfig#set_port_string_attribute_by_index self#get_name 0 "IPv4 address" (Ipv4.string_of_config port_0_ipv4_config); method set_port_0_ipv6_config (port_0_ipv6_config : Ipv6.config option) = network#ifconfig#set_port_string_attribute_by_index self#get_name 0 "IPv6 address" (Option.extract_map_or (port_0_ipv6_config) (Ipv6.string_of_config) ""); method update_router_with ~name ~label ~port_0_ipv4_config ?port_0_ipv6_config ~port_no ~kernel ~show_unix_terminal ~show_quagga_terminal ~rc_config_unix ~rc_config_quagga ~quagga_selected_srvs () = (* first action: *) self_as_virtual_machine_with_history_and_ifconfig#update_virtual_machine_with ~name ~port_no kernel; (* then we can set the object property "name" (read by #get_name): *) self_as_node_with_ledgrid_and_defects#update_with ~name ~label ~port_no; self#set_port_0_ipv4_config (port_0_ipv4_config); self#set_port_0_ipv6_config (port_0_ipv6_config); self#set_show_quagga_terminal (show_quagga_terminal); self#set_show_unix_terminal (show_unix_terminal); self#set_rc_config_unix (rc_config_unix); self#set_rc_config_quagga (rc_config_quagga); self#set_quagga_selected_srvs (quagga_selected_srvs); end;; end (* module User_level_router *) (*-----*) WHERE (*-----*) module Simulation_level = struct class virtual ['parent] device = ['parent] Simulation_level.device (** A router: just a [machine_or_router] with [router = true] *) class ['parent] router = fun ~(parent:'parent) ~dynamically_get_the_cow_file_name_source ~(cow_file_name) ~states_directory ~(kernel_file_name) ?(kernel_console_arguments) ?(filesystem_relay_script) ~(filesystem_file_name) ~(ethernet_interface_no) ?umid ~id ~show_unix_terminal ?rcfile_unix_content ~quagga_selected_srvs ~show_quagga_terminal ~rcfile_quagga_contents ~working_directory ~unexpected_death_callback () -> (* --- *) (* A unique file will contain all initialization files (one per quagga protocol) Note that the type of rcfile_contents is (quagga_lowercase_acronym * string) list *) let rcfile_content = let xs = List.map (fun (acronym, content) -> (* Example "/etc/quagga/zebra.conf" => TODO: LEGGERE NEI PARAMETRI DELLA MV!! *) let config_file = Const.quagga_alternatives#config_file_of_lowercase_acronym (acronym) in match (List.mem acronym quagga_selected_srvs) with | true -> Printf.sprintf "cat >%s < Printf.sprintf "if [[ -e '%s' ]]; then mv -f %s %s.backup; fi" (config_file) (config_file) (config_file) ) (rcfile_quagga_contents) in (* --- *) (* The Unix rc-file will be executed (sourced) BEFORE the quagga settings. In this way we can define some Bash variables in the script and use them in the .conf files (Ex: "zebra password $PASSWORD") *) let xs = match rcfile_unix_content with None -> xs | Some content -> content::xs in (* --- *) if xs = [] then None else Some (String.concat "\n" xs) in (* --- *) object(self) inherit ['parent] Simulation_level.machine_or_router_with_accessory_processes ~parent ~router:true ~filesystem_file_name(* :"/usr/marionnet/filesystems/router.debian.lenny.sid.fs" *) ~kernel_file_name ?kernel_console_arguments ?filesystem_relay_script ?rcfile_content ~dynamically_get_the_cow_file_name_source ~cow_file_name ~states_directory ~ethernet_interface_no ~memory:Const.memory_default ?umid (* Change this when debugging the router device *) ~console_no:1 ~console:"none" (* To do: this should be "none" for releases and "xterm" for debugging *) ~id ~show_unix_terminal ~xnest:false ~working_directory ~unexpected_death_callback () as super method device_type = "router" initializer (* NOTE: show_quagga_terminal : (quagga_lowercase_acronym list); *) List.iter (* --- *) (fun acronym -> let name = parent#get_name in let host = self#ip_address_eth42 in let protocol = uppercase acronym in let port_number = Const.quagga_alternatives#port_of_lowercase_acronym (acronym) in let xterm_title = Printf.sprintf "%s Quagga terminal (CISCO-IOS-like %s)" name (protocol) in self#add_accessory_process (new Simulation_level.telnet_process ~xterm_title ~host ~port_number ~delay:2. (* not necessary, could be 0. *) ~unexpected_death_callback: (fun i _ -> Death_monitor.stop_monitoring i; Log.printf2 "Terminal of router %s closed (pid %d).\n" name i) ())) (* --- *) (show_quagga_terminal) end (* object router *) end (* module Simulation_level *) (** Just for testing: *) let test = Dialog_add_or_update.make marionnet-0.90.6+bzr508.orig/icon.ml0000644000175000017500000000211313175722671016061 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2007, 2008 Luca Saiu Copyright (C) 2010 Jean-Vincent Loddo Copyright (C) 2007, 2008, 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) let icon_pixbuf = GdkPixbuf.from_file (if Initialization.are_we_in_exam_mode then Initialization.Path.images^"launcher-icons/marionnet-exam-launcher.png" else Initialization.Path.images^"launcher-icons/marionnet-launcher.png");; marionnet-0.90.6+bzr508.orig/gettext.ml0000644000175000017500000000553513175722671016630 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2010 Jean-Vincent Loddo Copyright (C) 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) let text_domain = "marionnet" let file_dot_mo = (text_domain ^ ".mo") (** A simple heuristics to infer the location of the `locale' directory in desperate situations, when both MARIONNET_LOCALEPREFIX and Meta.localeprefix do not contain a file `marionnet.mo' : *) let try_to_infer_localeprefix_searching_marionnet_dot_mo_in_usr () = let (locale_dirs,_) = UnixExtra.find ~kind:'d' ~maxdepth:3 ~basename:"locale" ["/usr"] in UnixExtra.find_first_and_map ~kind:'f' ~maxdepth:3 ~basename:file_dot_mo (fun d _ -> d) locale_dirs ;; (** The method deciding the locale prefix: *) let localeprefix = (* Try to search `marionnet.mo' in MARIONNET_PREFIX and Meta.localeprefix: *) let localeprefix_candidates = let l1 = Option.to_list (Configuration.get_string_variable "MARIONNET_LOCALEPREFIX") in let l2 = [Meta.localeprefix] in List.append l1 l2 in let locale = UnixExtra.find_first_and_map ~kind:'f' ~maxdepth:3 ~basename:file_dot_mo (fun d _ -> d) localeprefix_candidates in match locale with | Some dir -> Log.printf1 "Gettext: `%s' found as expected in a candidate directory\n" file_dot_mo; dir | None -> (* It's a desperate situation, but we try to find it ourself: *) (match try_to_infer_localeprefix_searching_marionnet_dot_mo_in_usr () with | Some dir -> Log.printf1 "Gettext: `%s' found in a /usr sub-directory\n" file_dot_mo; dir | None -> Log.printf1 "Gettext: Warning: `%s' not found\n" file_dot_mo; List.hd localeprefix_candidates (* so much for that... *) ) ;; (* Gettext is disable for `utop'. See the bzr commit message, revno 459, for details about this workaround: *) IFDEF DOCUMENTATION_OR_DEBUGGING THEN let s_ x = x;; let f_ x = x;; Log.printf "Gettext disable for testing (compatibility with utop)\n" ;; ELSE (** Build the module, now: *) include Gettext_builder.Make(struct let text_domain = text_domain let directory = localeprefix end);; ENDIF Log.printf1 "Gettext instanciated with directory `%s'\n" localeprefix;; marionnet-0.90.6+bzr508.orig/COPYING0000644000175000017500000004311013175722671015634 0ustar lucaslucas GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Library General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. , 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Library General Public License instead of this License. marionnet-0.90.6+bzr508.orig/descendants_monitor.ml0000644000175000017500000000431313175722671021177 0ustar lucaslucas(* This file is part of Marionnet Copyright (C) 2013 Jean-Vincent Loddo Copyright (C) 2013 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) module Mtx = MutexExtra.Just_give_me_an_apply_with_mutex (struct end) let apply_with_mutex = Mtx.apply_with_mutex module Process_set = SetExtra.Destructive.Make (struct type t = int * int64 let compare = Pervasives.compare end) let start_monitor_and_get_kill_method ?(pid=Unix.getpid ()) ?(wake_up_interval=4.) ?(garbage_collection_frequence=5) () = let pset = Process_set.create () in let add_list ?(garbage_collection=false) xs = begin List.iter (fun elt -> Process_set.add elt pset) xs ; let () = if garbage_collection then Process_set.filter (fun (pid,_starttime) -> UnixExtra.is_process_alive pid) pset in Log.printf1 ~v:2 "Descendants monitor: %d descendants currently observed\n" (Process_set.cardinal pset); end in let rec loop i = let ds = Linux.Process.get_descendant_stats ~pid () in let pid_starttime_list = List.map (fun s -> s.Linux.Process.pid, s.Linux.Process.starttime) ds in let garbage_collection = (i mod garbage_collection_frequence = 0) in let () = apply_with_mutex (add_list ~garbage_collection) pid_starttime_list in let () = Thread.delay (wake_up_interval) in loop (i+1) in let _ = Thread.create (loop) 0 in (* Method provided to the main thread: *) let kill_process_set () = let kill_action (pid,_starttime) = begin try Unix.kill pid Sys.sigkill with _ -> (); end in apply_with_mutex (Process_set.iter kill_action) pset in kill_process_set marionnet-0.90.6+bzr508.orig/Makefile.local0000644000175000017500000002023513175722671017335 0ustar lucaslucas# This -*- makefile -*- is part of Marionnet, a virtual network laboratory # Copyright (C) 2008, 2009 Luca Saiu # Copyright (C) 2010, 2013 Jean-Vincent Loddo # Copyright (C) 2008, 2009, 2010, 2013 Université Paris 13 # Updated in 2008 by Marco Stronati # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program. If not, see . OCAMLBUILD_OPTIONS= -quiet -X uml COMPILE_OPTIONS += -g -w x DIRECTORIES_TO_INCLUDE = camlp4 threads lablgtk2 lablglade lablgtksourceview2 ocamlbricks LIBRARIES_TO_LINK = unix threads str lablgtk lablglade lablgtksourceview2 ocamlbricks C_OBJECTS_TO_LINK += EXCLUDE_FROM_SOURCE_FINDING=uml OCAMLBRICKS=$(LIBRARYPREFIX)/ocamlbricks # Transmit the information about the compiler version in order to activate conditional compilation: # Empty for OCaml 3.x.y series, set to "-DOCAML4_02_OR_LATER" for 4.02.y or later: OCAML4_02_OR_LATER=$(shell if grep -q "^\([5-9]\)\|\(4[.]\([1-9]\|0[2-9]\)\)" <<<"$(OCAML_VERSION)"; then echo "-DOCAML4_02_OR_LATER"; fi) # Empty for OCaml 3.x.y series, set to "-DOCAML4_04_OR_LATER" for 4.04.y or later: OCAML4_04_OR_LATER=$(shell if grep -q "^\([5-9]\)\|\(4[.]\([1-9]\|0[4-9]\)\)" <<<"$(OCAML_VERSION)"; then echo "-DOCAML4_04_OR_LATER"; fi) PP_OPTION = camlp4of $(OCAML4_02_OR_LATER) $(OCAML4_04_OR_LATER) -I $(OCAMLBRICKS) gettext_extract_pot_p4.cmo option_extract_p4.cmo raise_p4.cmo log_module_loading_p4.cmo OBJECTS_TO_LINK = gtkThread BYTE_PROGRAMS = marionnet.byte ROOT_BYTE_PROGRAMS = marionnet-daemon.byte # !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! BYTE_LIBRARY_NAME = marionnet.cma native: marionnet.native marionnet-daemon.native byte: marionnet.byte marionnet-daemon.byte # To do: these should be enabled for release, but they take too long to # build every time... NATIVE_PROGRAMS = marionnet.native ROOT_NATIVE_PROGRAMS = marionnet-daemon.native ROOT_PROGRAMS = marionnet-daemon.byte marionnet-daemon.native OTHER_PROGRAMS_TO_INSTALL = scripts/marionnet_telnet.sh # menu_factory.ml menu_factory.mli are not documented because they # get ocamldoc (with -pp camlp4of) confused UNDOCUMENTED=version.ml gui.ml # Before building the main targets we have to create the machine-generated # sources: MANUALLY_PRE_COPY_IN_build = \ gettext_extract_pot_p4.conf \ scripts/can-directory-host-sparse-files.sh MANUALLY_PRE_MAKE_IN_build = MANUALLY_POST_MAKE_IN_build = marionnet.byte marionnet.native : manually_pre_actions version.ml gui.ml compile_for_testing: @if grep -q "DDOCUMENTATION_OR_DEBUGGING" $(LOGFILE); then echo "Fine, already compiled for testing."; else make clean; fi; \ make PP_OPTION="$(PP_OPTION) -DDOCUMENTATION_OR_DEBUGGING" ########## Manually generated targets (not through ocamlbuild) run: marionnet.byte (export WORKING=`pwd`; OCAMLRUNPARAM="b" $$WORKING/_build/marionnet.byte) | tee /tmp/LOG runexam: marionnet.byte (export WORKING=`pwd`; OCAMLRUNPARAM="b" $$WORKING/_build/marionnet.byte --exam) | tee /tmp/LOG runopt: marionnet.native (export WORKING=`pwd`; $$WORKING/_build/marionnet.native) | tee /tmp/LOG run-daemon: marionnet-daemon.byte sudo _build/marionnet-daemon.byte # version.ml is automatically generated: version.ml: VERSION BUILD-TIME @(echo -e "(* This file is automatically generated. Please don't edit it. *)" > $@; \ echo -e "" >> $@; \ echo -en "let version = \"" >> $@; \ for x in `cat VERSION`; do echo -n "$$x" >> $@; done; \ echo -e "\";;" >> $@; \ echo -en "let build_time = \"" >> $@; \ for x in `cat BUILD-TIME`; do echo -n "$$x " >> $@; done; \ echo -e "\";;" >> $@) VERSION: META @($(call READ_META, name, version); \ echo "$$version" > $@) BUILD-TIME: @(echo 'built in '`date +"%B %Y"` > $@) # We need to patch the file generated by Glade, so that image pathnames # follow our conventions: share/gui.glade.patched: gui/gui.xml @(cat gui/gui.xml | \ sed s/name=\"pixbuf\"\>/name=\"pixbuf\"\>images\\//g | \ sed s/name=\"icon\"\>/name=\"icon\"\>images\\//g > $@) # This is the name of the Glade->OCaml code generator: GLADE2ML = lablgladecc2 # gui.ml is automatically generated from the patched Glade file: gui.ml: share/gui.glade.patched @(cd share; $(GLADE2ML) gui.glade.patched > ../$@) gui-help: gui.ml ocamlc -i -I +lablgtk2 lablgtk.cma gui.ml | grep -v "val" | grep -v "[0-9]" # Clean all the automatically-generated sources: clean-local: clean-mo clean-doc @(rm -f VERSION BUILD-TIME version.ml; \ rm -f share/gui.glade.patched gui.ml) # ==============gettext stuff============= install-data-local: copy-failsafe-marionnet.conf install-local: install-mo uninstall-local: uninstall-mo copy-failsafe-marionnet.conf: cp etc/marionnet.conf share/ _build/marionnet.pot: marionnet.byte @msgcat -s --use-first $(shell find _build/ -name "*.ml.pot") > $@ pot: _build/marionnet.pot cp _build/marionnet.pot po/messages.pot main-local: pot # Useful to discover widgets containing translatable strings gui.po: gui/gui.xml xml2po $< > /tmp/$@ @echo "Generated file: /tmp/$@" # We can take the list of supported languages from po/LINGUAS. # Notice that this macro is always invoked from the po/ subdirectory: LANGUAGES = $$( grep -v ^\#.*$$ LINGUAS ) compile-mo: @(cd po/; \ for i in $(call LANGUAGES); \ do (msgfmt $$i.po && mv messages.mo $$i.mo || exit -1) && \ echo "Compiled "$$i.mo; \ done;) update-po: pot @(cd po/; \ for i in $(call LANGUAGES); \ do (msgmerge --no-fuzzy-matching -s --update $$i.po messages.pot || exit -1) && \ echo "Updated "$$i.po; \ done;) install-mo: CONFIGME compile-mo @($(call READ_CONFIG,localeprefix); \ cd po/; \ for i in $(call LANGUAGES); \ do ((mkdir -p $$localeprefix/$$i/LC_MESSAGES && cp $$i.mo $$localeprefix/$$i/LC_MESSAGES/marionnet.mo) || exit -1) && \ echo "Installed "$$i; \ done;) clean-mo: @(cd po/; \ rm -rf *.mo *~ ;) uninstall-mo: CONFIGME @($(call READ_CONFIG,localeprefix); \ for i in $(call LANGUAGES); \ do rm -f $$localeprefix/$$i/LC_MESSAGES/marionnet.mo; \ echo "Uninstalled "$$i; \ done;) ######### documentation ############## #build texinfo developer documentation in one default format documentation-local: documentation-html-no-split #build texinfo developer documentation in one all formats documentation-all: documentation-pdf documentation-html-split documentation-html-no-split #multi page html output #the makeinfo command need to be executed in the same directory as img, otherwise it doesn't find any image documentation-html-split: @(cd doc-src; \ makeinfo --html --force --no-validate \ documentation.texi -o ../doc/documentation/; \ cp -r img/ ../doc/documentation/; \ cd ..;) #one page html output documentation-html-no-split: @(cd doc-src; \ makeinfo --html --force --no-validate --no-split \ documentation.texi -o ../doc/documentation.html; \ cp -r img/ ../doc/; \ cd ..;) #pdf output documentation-pdf: @(cd doc-src; \ texi2dvi --pdf -E --build=local \ documentation.texi -o ../doc/documentation.pdf; \ rm -f documentation.aux documentation.cp documentation.cps \ documentation.fn documentation.ky documentation.log \ documentation.pg documentation.toc documentation.tp \ documentation.vr;) clean-doc: @(rm -rf doc/* ) #convert and resize images from ps and eps to png images: dot @(mkdir doc/img; \ cp doc-src/img/*.png doc/img/; \ for i in $$(ls doc-src/img-src/*{ps,eps}); \ do convert $$i doc/img/$$(basename $${i%.*}.png); \ done) # #compile dot sources dot: @(for i in $$(ls doc-src/img-src/*.dot); \ do dot -Tsvg $$i -o doc-src/img-src/$$(basename $$i .dot).svg; \ convert -geometry 300x300 -density 150 -antialias doc-src/img-src/$$(basename $$i .dot).svg \ doc-src/img/$$(basename $$i .dot).png; \ done; \ #rm doc-src/img-src/*.svg \ ) marionnet-0.90.6+bzr508.orig/global_options.ml0000644000175000017500000000764013175722671020156 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2007, 2008 Luca Saiu Copyright (C) 2010, 2017 Jean-Vincent Loddo Copyright (C) 2007, 2008, 2010, 2017 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) module Recursive_mutex = MutexExtra.Recursive ;; let mutex = Recursive_mutex.create ();; (** Here we only use one mutex; let's not specify it every time: *) let with_mutex thunk = Recursive_mutex.with_mutex mutex thunk;; (** Debug mode related functions are accessible also from this module: *) module Debug_level = Initialization.Debug_level;; (** Automatically generate IP addresses: *) let autogenerate_ip_addresses_default = false (*false*);; let autogenerate_ip_addresses = ref autogenerate_ip_addresses_default;; let set_autogenerate_ip_addresses value = with_mutex (fun () -> autogenerate_ip_addresses := value);; let get_autogenerate_ip_addresses () = with_mutex (fun () -> !autogenerate_ip_addresses);; (** Work-around the wirefilter bug (which is probably due to my patches to VDE): *) let workaround_wirefilter_problem_default = true;; (* true *) let workaround_wirefilter_problem = ref workaround_wirefilter_problem_default;; let set_workaround_wirefilter_problem value = with_mutex (fun () -> workaround_wirefilter_problem := value);; let get_workaround_wirefilter_problem () = with_mutex (fun () -> !workaround_wirefilter_problem);; (** The name of the host bridge device used to implement the "world bridge" component: *) let ethernet_world_bridge_name = let default = "br0" in Configuration.extract_string_variable_or ~default "MARIONNET_BRIDGE" ;; let make_understandable_source_of_world_bridge_configuration () = match (Configuration.get_string_variable_with_source "MARIONNET_BRIDGE") with | None | Some (_, `Environment) -> "marionnet.conf" | Some (_, `Filename fname) -> fname ;; let check_bridge_existence_and_warning () : unit = let bridge_name = ethernet_world_bridge_name in let cmd = Printf.sprintf "brctl showmacs %s 1>/dev/null 2>/dev/null" (bridge_name) in if (Unix.system cmd) <> (Unix.WEXITED 0) then (* warning: *) let title = Printf.sprintf (Gettext.f_ "Ethernet bridge \"%s\" not found") bridge_name in let source = make_understandable_source_of_world_bridge_configuration () in let message = Printf.sprintf (Gettext.f_ "The Ethernet bridge \"%s\" specified in the file\n\n%s\n\nwas not found on your system. Please ask your administrator to set up this bridge with commands like:\n\nsudo brctl addbr %s\nsudo brctl addif %s %s # or another interface(s)\nsudo ifconfig %s up\n\nOtherwise, there will be no chance to run a world bridge component properly on your system.") (bridge_name) (source) (bridge_name) (bridge_name) ("eth0") (bridge_name) in Simple_dialogs.warning ~modal:true title message () ;; (** Keyboard layout in Xnest sessions; `None' means `don't set anything' *) let keyboard_layout = Configuration.get_string_variable "MARIONNET_KEYBOARD_LAYOUT" ;; module Keep_all_snapshots_when_saving = Stateful_modules.Variable (struct type t = bool let name = Some "keep_all_snapshots_when_saving" end);; let () = Keep_all_snapshots_when_saving.set Initialization.keep_all_snapshots_when_saving ;; marionnet-0.90.6+bzr508.orig/disk.ml0000644000175000017500000006135013175722671016073 0ustar lucaslucas(* This file is part of marionnet Copyright (C) 2010 Jean-Vincent Loddo Copyright (C) 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) open Gettext (* `epithet' is almost a phantom type (almost because it is not abstract): *) type 'a epithet = string type variant = string type filename = string type dirname = string type realpath = string let string_of_epithet_kind = function | `distrib -> "distribution" | `variant -> "variant" | `kernel -> "kernel" | _ -> assert false class terminal_manager () = let hostxserver_name = "X HOST" in let xnest_name = "X NEST" in let nox_name = "No X" in object (self) method get_choice_list = [ hostxserver_name; xnest_name; nox_name ] method get_default = hostxserver_name method is_valid_choice x = List.mem x self#get_choice_list method is_hostxserver = ((=)hostxserver_name) method is_xnest = ((=)xnest_name) method is_nox = ((=)nox_name) end (** Some name filters (predicates on strings): *) module Filter = struct let ending_with_dot_relay = StrExtra.First.matchingp (Str.regexp "[.]relay\\($\\|[._-][a-zA-Z0-9._-]*[~]?$\\)") let ending_with_dot_conf = StrExtra.First.matchingp (Str.regexp "[.]conf[~]?$") let exclude_names_ending_with_dot_conf_or_dot_relay x = not ((ending_with_dot_conf x) || (ending_with_dot_relay x)) end (* Filter *) (** Read the given directory searching for names like [~prefix ^ "xxxxx"]; return the list of epithets ["xxxxx"]. *) (* let read_epithet_list ?(name_filter=fun _ -> true) ~prefix ~dir () = *) let read_epithet_list ?(name_filter=Filter.exclude_names_ending_with_dot_conf_or_dot_relay) ~prefix ~dir () = let prefix_length = String.length prefix in let remove_prefix s = String.sub s prefix_length ((String.length s) - prefix_length) in let name_filter file_name = (name_filter file_name) && ((String.length file_name) > prefix_length) && ((String.sub file_name 0 prefix_length) = prefix) in let xs = SysExtra.readdir_as_list ~only_not_directories:() ~name_filter ~name_converter:remove_prefix dir in Log.printf1 ~v:2 "Searching in %s:\n" dir; List.iter (fun x -> Log.printf2 ~v:2 " - found %s%s\n" prefix x) xs; xs let machine_prefix = "machine-" let router_prefix = "router-" let kernel_prefix = "linux-" let root_filesystem_searching_list = [ Initialization.Path.filesystems; ] let user_filesystem_searching_list = [ Initialization.Path.user_filesystems; ] (* In the order of priority: *) let kernel_searching_list = [ Initialization.Path.user_kernels; Initialization.Path.kernels; ] module String_map = MapExtra.String_map (* For a given choice the last binding with a directory will wins building the mapping. So we reverse the searching list: *) let make_epithet_to_dir_mapping ~kind ?realpath ~prefix ~directory_searching_list () = Log.printf2 "Searching for a (%s) prefix: \"%s\"\n" (string_of_epithet_kind kind) prefix; let normalize_dir = match realpath with | None -> (fun x -> Some x) | Some () -> (fun x -> UnixExtra.realpath x) in let searching_list = List.rev directory_searching_list in let xss = List.map (fun dir -> let epithet_list = read_epithet_list ~prefix ~dir () in List.map (fun x -> (x, (normalize_dir dir))) epithet_list ) searching_list in let yss = List.flatten xss in let yss = List.filter (fun (e,d)->d<>None) yss in let yss = List.map (function (e, Some dir)->(e,dir) | _ -> assert false) yss in (List.iter (function (e,d) -> Log.printf2 "* %s -> %s\n" e d) yss); String_map.of_list yss (** epithet -> (variant list) * dir *) let make_epithet_to_variant_list_and_dir_mapping ~prefix ~epithet_to_dir_mapping = String_map.mapi (fun epithet dir -> let dir = Printf.sprintf "%s/%s%s_variants" dir prefix epithet in ((read_epithet_list ~prefix:"" ~dir), dir) ) epithet_to_dir_mapping class type ['a] epithet_manager_object = object (* Constructor's arguments: *) method directory_searching_list : dirname list method prefix : string (* "machine-", "router-", "kernel-", "" (nothing for variants) *) (* Public interface: *) method get_epithet_list : 'a epithet list method get_default_epithet : 'a epithet option method epithet_exists : 'a epithet -> bool method realpath_of_epithet : 'a epithet -> realpath method resolve_epithet_symlink : 'a epithet -> 'a epithet (* Morally private methods: *) method epithets_of_filename : ?no_symlinks:unit -> filename -> ('a epithet) list method epithets_sharing_the_same_realpath_of : ?no_symlinks:unit -> ('a epithet) -> ('a epithet) list method filename_of_epithet : ('a epithet) -> filename method realpath_exists : string -> bool method filter : ('a epithet -> bool) -> unit end class ['a] epithet_manager : ?default_epithet:('a epithet) -> ?filter:('a epithet->bool) -> kind: [> `distrib | `kernel | `variant ] -> directory_searching_list:string list -> prefix:string -> unit -> ['a] epithet_manager_object = fun ?(default_epithet="default") ?filter ~kind ~directory_searching_list ~prefix (* "machine-", "router-", "linux-", "" (for variants), ... *) () -> let epithet_to_dir_mapping = make_epithet_to_dir_mapping ~kind ~realpath:() ~prefix ~directory_searching_list () in (* Filter the list if required with the optional parameter `filter': *) let epithet_to_dir_mapping = match filter with | None -> epithet_to_dir_mapping | Some f -> String_map.filter (fun epth _dir -> f epth) epithet_to_dir_mapping in object (self) (* The version stored in the object is the destructive (non-persistent) version of the same mapping: *) val mutable epithet_to_dir_mapping = epithet_to_dir_mapping (* Destructive filter application: *) method filter f = epithet_to_dir_mapping <- String_map.filter (fun epth _dir -> f epth) (epithet_to_dir_mapping) method directory_searching_list = directory_searching_list method prefix = prefix method get_epithet_list : 'a epithet list = String_map.domain epithet_to_dir_mapping method epithet_exists (epithet:'a epithet) : bool = String_map.mem epithet epithet_to_dir_mapping method (*private*) filename_of_epithet (epithet:'a epithet) = let dir = String_map.find epithet epithet_to_dir_mapping in (Printf.sprintf "%s/%s%s" dir prefix epithet) method realpath_of_epithet (epithet:'a epithet) : realpath = let filename = (self#filename_of_epithet epithet) in match (UnixExtra.realpath filename) with | Some x -> x | None -> filename method (*private*) epithets_of_filename ?no_symlinks (filename:string) : ('a epithet) list = let realpath = Option.extract (UnixExtra.realpath filename) in let pred = match no_symlinks with | None -> (fun e -> (self#realpath_of_epithet e) = realpath) | Some () -> (fun e -> (not (UnixExtra.is_symlink (self#filename_of_epithet e))) && ((self#realpath_of_epithet e) = realpath)) in (List.filter pred self#get_epithet_list) (* [machine-]default -> [machine-]debian-51426 *) method resolve_epithet_symlink (epithet:'a epithet) : 'a epithet = let filename = self#filename_of_epithet epithet in match UnixExtra.is_symlink filename with | false -> epithet | true -> (match (self#epithets_of_filename ~no_symlinks:() filename) with | [] -> epithet | epithet'::_ -> epithet' (* we get the first *) ) method epithets_sharing_the_same_realpath_of ?(no_symlinks:unit option) (epithet:'a epithet) : ('a epithet) list = let filename = self#filename_of_epithet epithet in self#epithets_of_filename ?no_symlinks filename method realpath_exists filename = let xs = List.map (self#filename_of_epithet) self#get_epithet_list in List.mem filename xs (* When a machine is created, we call this method to set a default epithet.*) method get_default_epithet : 'a epithet option = if self#epithet_exists default_epithet then (Some default_epithet) else let xs = self#get_epithet_list in match xs with | [] -> None | x::_ -> Some x (* We get the first as default... *) end (* class epithet_manager *) let get_and_parse_SUPPORTED_KERNELS (t : Configuration_files.t) : string -> (unit, string option) Either.t = let x = Configuration_files.get_string_list_variable "SUPPORTED_KERNELS" t in let brackets = (Str.regexp "^\\[\\(.*\\)\\]$") in let slashes = (Str.regexp "^/\\(.*\\)/$") in let extract result = let (_,_,groups) = Option.extract result in List.hd groups in let rec loop acc = function | [] -> (List.rev acc) | x::xs when (StrExtra.First.matchingp brackets x) -> let brackets_content = extract (StrExtra.First.matching brackets x) in loop ((`Brackets brackets_content)::acc) xs | x::xs when (StrExtra.First.matchingp slashes x) -> let slashes_content = extract (StrExtra.First.matching slashes x) in loop ((`Slashes slashes_content)::acc) xs | x::xs -> loop ((`AString x)::acc) xs in let token_list : ([`Brackets of string | `Slashes of string | `AString of string] list) option = Option.map (loop []) x in let rec collapse_AString acc = function | [] -> List.rev acc | (`AString x)::(`AString y)::zs -> collapse_AString acc ((`AString (String.concat " " [x;y]))::zs) | x::ys -> collapse_AString (x::acc) ys in let token_list = Option.map (collapse_AString []) token_list in let rec parse acc = function | [] -> List.rev acc | (`Brackets x)::(`AString y)::zs -> parse (((`kernel_epithet x), Some y)::acc) zs | (`Brackets x)::zs -> parse (((`kernel_epithet x), None)::acc) zs | (`Slashes x)::(`AString y)::zs -> parse (((`kernel_regexpr (Str.regexp x)), Some y)::acc) zs | (`Slashes x)::zs -> parse (((`kernel_regexpr (Str.regexp x)), None)::acc) zs | (`AString x)::_ -> let msg = Printf.sprintf "Parsing variable SUPPORTED_KERNELS: unexpected string `%s'" x in failwith msg in let parsing_result : ([> `kernel_epithet of string | `kernel_regexpr of Str.regexp ] * string option) list option = Option.map (parse []) token_list in let parsing_result_as_predicate_list : ((string -> bool) * string option) list option = let epithet_predicate_of = function | `kernel_epithet x -> ((=)x) | `kernel_regexpr r -> (StrExtra.First.matchingp r) in Option.map (List.map (fun (k,so) -> ((epithet_predicate_of k),so))) parsing_result in function epithet -> match parsing_result_as_predicate_list with | None -> Either.Right (None) (* The epithet is ok, without special console options *) | Some pred_so_list -> begin match (ListExtra.search (fun (pred,so) -> pred epithet) pred_so_list) with | None -> Either.Left () (* The epithet will be not accepted *) | Some (_,options) -> Either.Right (options) (* The epithet is ok, may be with options *) end (* end of get_and_parse_SUPPORTED_KERNELS() *) class virtual_machine_installations ?(user_filesystem_searching_list = user_filesystem_searching_list) ?(root_filesystem_searching_list = root_filesystem_searching_list) ?(kernel_searching_list=kernel_searching_list) ?(kernel_prefix = kernel_prefix) ?(kernel_default_epithet:[`kernel] epithet option) ?(filesystem_default_epithet:[`distrib] epithet option) ~prefix (* "machine-", "router-", ... *) () = (* The actual filesystem searching list is the merge of user (prioritary) and root lists: *) let filesystem_searching_list = List.append user_filesystem_searching_list root_filesystem_searching_list in (* The manager of all filesystem epithets: *) let filesystems : [`distrib] epithet_manager = new epithet_manager ~filter:Filter.exclude_names_ending_with_dot_conf_or_dot_relay ~kind:`distrib ~prefix ~directory_searching_list:filesystem_searching_list ?default_epithet:filesystem_default_epithet () in (* The manager of all kernel epithets: *) let kernels : [`kernel] epithet_manager = new epithet_manager ~filter:Filter.exclude_names_ending_with_dot_conf_or_dot_relay ~kind:`kernel ~prefix:kernel_prefix ~directory_searching_list:kernel_searching_list ?default_epithet:kernel_default_epithet () in (* The kit of managers (one per filesystem epithet) for variant epithets. This mapping is created from `filesystems#get_epithet_list' *) let filesystem_variants_mapping = let epithet_manager_of filesystem_epithet : [`variant] epithet_manager = begin let directory_searching_list_of e = List.map (fun dir -> Printf.sprintf "%s/%s%s_variants" dir prefix e) filesystem_searching_list in let directory_searching_list = let epithets = filesystems#epithets_sharing_the_same_realpath_of filesystem_epithet in let epithets = ListExtra.lift_to_the_top_positions ((=)filesystem_epithet) epithets in List.flatten (List.map directory_searching_list_of epithets) in new epithet_manager ~kind:`variant ~prefix:"" ~directory_searching_list () end in let assoc_list : ([`distrib] epithet * [`variant] epithet_manager) list = List.map (fun e -> (e,epithet_manager_of e)) filesystems#get_epithet_list in String_map.of_list assoc_list in (* Now we build the mapping filesystem-epithet -> Configuration_files.t option *) let filesystem_config_mapping = let mill = fun filesystem_epithet -> let filename = filesystems#filename_of_epithet (filesystem_epithet) in let config_file = Printf.sprintf "%s.conf" (filename) in let result = match Sys.file_exists (config_file) with | false -> None | true -> let () = Log.printf1 "configuration file found for \"%s\"\n" filesystem_epithet in let config = Configuration_files.make ~dont_read_environment:() ~file_names:[config_file] ~variables:[ "MD5SUM"; "AUTHOR"; "DATE"; "MTIME"; "SUPPORTED_KERNELS"; "X11_SUPPORT"; "MEMORY_MIN_SIZE"; "MEMORY_SUGGESTED_SIZE"; "MULTIPLE_CONSOLES_SUPPORT"; "RC_RELAY_SUPPORT"; "BINARY_LIST"; ] () in Some (config) in result (* end mill () *) in String_map.of_list (List.map (fun e -> (e, mill e)) filesystems#get_epithet_list) in (* Now we build the mapping filesystem-epithet -> marionnet_relay-script list *) let filesystem_relay_script_mapping = let mill = fun filesystem_epithet -> let filename = filesystems#filename_of_epithet (filesystem_epithet) in let dot_relay_file = Printf.sprintf "%s.relay" (filename) in let result = match Sys.file_exists (dot_relay_file) with | false -> None | true -> let () = Log.printf1 "relay script found for \"%s\"\n" filesystem_epithet in Some (dot_relay_file) in result (* end mill () *) in String_map.of_list (List.map (fun e -> (e, mill e)) filesystems#get_epithet_list) in (* Now the mapping filesystem-epithet -> [(kernel1, console-options1); (kernel2, console-options2);...] option *) let filesystem_kernels_mapping = let mill = fun filesystem_epithet -> let config = String_map.find (filesystem_epithet) (filesystem_config_mapping) in Option.bind config (fun config_t -> try let filter : [`kernel] epithet -> (unit, string option) Either.t = get_and_parse_SUPPORTED_KERNELS config_t in let ks = kernels#get_epithet_list in let ks = List.map (fun k -> (k, filter k)) ks in let ks = List.filter (fun (k,r) -> r <> Either.Left ()) ks in let ks = List.map (fun (k,r) -> (k, Either.extract r)) ks in let () = Log.printf2 "Selected kernels for \"%s\": [%s]\n" filesystem_epithet (String.concat " " (List.map fst ks)) in (Some ks) with Failure msg -> let () = Log.printf2 "%s => \"%s\" config file ignored!\n" msg filesystem_epithet in None) in String_map.of_list (List.map (fun e -> (e, mill e)) filesystems#get_epithet_list) in (* The manager for terminal (X support): *) let terminal_manager = new terminal_manager () in object (self) method filesystem_searching_list = filesystem_searching_list method kernel_searching_list = kernel_searching_list method kernel_prefix = kernel_prefix method prefix = prefix method filesystems = filesystems method kernels = kernels method variants_of filesystem_epithet = String_map.find (filesystem_epithet) (filesystem_variants_mapping) method relay_script_of filesystem_epithet = String_map.find (filesystem_epithet) (filesystem_relay_script_mapping) (* Here, if we replace the first two lines of the following definition by: --- method supported_kernels_of (filesystem_epithet:[`distrib] epithet) : ([`kernel] epithet * (string option)) list = --- we obtain an error message about the method's type: [ `distrib ] epithet -> ('c epithet * string option) list where 'c is unbound *) method supported_kernels_of : [`distrib] epithet -> ([`kernel] epithet * (string option)) list = fun filesystem_epithet -> match String_map.find (filesystem_epithet) (filesystem_kernels_mapping) with | None -> List.map (fun k -> (k,None)) kernels#get_epithet_list | Some ks -> ks (* Do not propose any filesystems which haven't at least one compatible installed kernel: *) initializer filesystems#filter (fun e -> (self#supported_kernels_of e)<>[]) method get_kernel_console_arguments : [`distrib] epithet -> [`kernel] epithet -> string option = fun filesystem_epithet kernel_epithet -> try let ks = self#supported_kernels_of (filesystem_epithet) in List.assoc (kernel_epithet) ks with Not_found -> let () = Log.printf2 "Disk.virtual_machine_installations#get_kernel_console_arguments: couple (%s,%s) unknown!\n" (filesystem_epithet) (kernel_epithet) in None (** Terminal choices to handle uml machines. The list doesn't depend on the choosen distribution (in this version): *) method terminal_manager_of (_: [`distrib] epithet) = terminal_manager method root_export_dirname epithet = let root_dir = List.hd root_filesystem_searching_list in (Printf.sprintf "%s/%s%s_variants" root_dir prefix epithet) method user_export_dirname epithet = let user_dir = List.hd user_filesystem_searching_list in (Printf.sprintf "%s/%s%s_variants" user_dir prefix epithet) method multiple_consoles_supported_by epithet = let config = String_map.find (epithet) (filesystem_config_mapping) in if config = None then false else (* continue: *) let x = Configuration_files.get_bool_variable "MULTIPLE_CONSOLES_SUPPORT" (Option.extract config) in (x = Some true) (* The relevant configuration variable here is RC_RELAY_SUPPORT. However, if the .conf file doesn't contain a binding for such variable, we consider the binding MULTIPLE_CONSOLES_SUPPORT=true as an equivalent condition. *) method marionnet_relay_supported_by (epithet) = let config = String_map.find (epithet) (filesystem_config_mapping) in if config = None then false else (* continue: *) let config = (Option.extract config) in match Configuration_files.get_bool_variable "RC_RELAY_SUPPORT" config with | Some answer -> answer | None -> (* If there's not a binding for RC_RELAY_SUPPORT, we look at MULTIPLE_CONSOLES_SUPPORT: *) let x = Configuration_files.get_bool_variable "MULTIPLE_CONSOLES_SUPPORT" config in (x = Some true) method memory_min_size_of epithet = let config = String_map.find (epithet) (filesystem_config_mapping) in Option.bind config (Configuration_files.get_int_variable "MEMORY_MIN_SIZE") method memory_suggested_size_of epithet = let config = String_map.find (epithet) (filesystem_config_mapping) in Option.bind config (Configuration_files.get_int_variable "MEMORY_SUGGESTED_SIZE") method check_filesystems_MTIME_consistency () = let check = fun filesystem_epithet -> let config = String_map.find (filesystem_epithet) (filesystem_config_mapping) in if config = None then () else (* continue: *) let mtime = Configuration_files.get_int_variable "MTIME" (Option.extract config) in Option.iter (fun expected_mtime -> let realpath = filesystems#realpath_of_epithet (filesystem_epithet) in let actual_mtime = int_of_float ((Unix.stat realpath).Unix.st_mtime) in if actual_mtime = expected_mtime then () else (* warning: *) let title = (s_ "Modification time (MTIME) inconsistency") in let message = Printf.sprintf (f_ "The filesystem `%s%s' has the mtime %d, but the expected value was %d.\nPlease run the command:\n\nsudo touch -d @%d %s\n\nin order to fix this inconsistency. Otherwise, machines or routers with this filesystem defined in a project created elsewhere can not be restarted.") (prefix) (filesystem_epithet) (actual_mtime) (expected_mtime) (expected_mtime) (realpath) in Simple_dialogs.warning title message ()) mtime in List.iter (check) filesystems#get_epithet_list end let find_router_installations ?(user_filesystem_searching_list = user_filesystem_searching_list) ?(root_filesystem_searching_list = root_filesystem_searching_list) ?(kernel_searching_list=kernel_searching_list) ?(kernel_prefix = kernel_prefix) ?(kernel_default_epithet=Initialization.router_kernel_default_epithet) ?(filesystem_default_epithet=Initialization.router_filesystem_default_epithet) ?(lifetime=60.) (* seconds *) () = Lazy_perishable.create (fun () -> new virtual_machine_installations ~prefix:"router-" ~kernel_default_epithet ~filesystem_default_epithet ()) lifetime let get_router_installations = find_router_installations () let find_machine_installations ?(user_filesystem_searching_list = user_filesystem_searching_list) ?(root_filesystem_searching_list = root_filesystem_searching_list) ?(kernel_searching_list=kernel_searching_list) ?(kernel_prefix = kernel_prefix) ?(kernel_default_epithet=Initialization.machine_kernel_default_epithet) ?(filesystem_default_epithet=Initialization.machine_filesystem_default_epithet) ?(lifetime=60.) (* seconds *) () = Lazy_perishable.create (fun () -> new virtual_machine_installations ~prefix:"machine-" ~kernel_default_epithet ~filesystem_default_epithet ()) lifetime let get_machine_installations = find_machine_installations () let vm_installations_and_epithet_of_prefixed_filesystem prefixed_filesystem = try let p = String.index prefixed_filesystem '-' in let prefix = String.sub prefixed_filesystem 0 (p+1) in let epithet = String.sub prefixed_filesystem (p+1) ((String.length prefixed_filesystem)-(p+1)) in let vm_installations = (match prefix with | "machine-" -> Lazy_perishable.force (get_machine_installations) | "router-" -> Lazy_perishable.force (get_router_installations) | _ -> (assert false) ) in (vm_installations, epithet) with _ -> failwith (Printf.sprintf "vm_installations_and_epithet_of_prefixed_filesystem: %s" prefixed_filesystem) let user_export_dirname_of_prefixed_filesystem prefixed_filesystem = let (vm_installations, epithet) = vm_installations_and_epithet_of_prefixed_filesystem prefixed_filesystem in vm_installations#user_export_dirname epithet let root_export_dirname_of_prefixed_filesystem prefixed_filesystem = let (vm_installations, epithet) = vm_installations_and_epithet_of_prefixed_filesystem prefixed_filesystem in vm_installations#root_export_dirname epithet module Make_and_check_installations (Unit:sig end) = struct let machines = Lazy_perishable.force (get_machine_installations) let routers = Lazy_perishable.force (get_router_installations) let () = begin machines#check_filesystems_MTIME_consistency (); routers#check_filesystems_MTIME_consistency (); end end (* Make_and_check_installations *) marionnet-0.90.6+bzr508.orig/treeview_ifconfig.ml0000644000175000017500000005110213175722671020631 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2007, 2008 Luca Saiu Copyright (C) 2009, 2010 Jean-Vincent Loddo Copyright (C) 2007, 2008, 2009, 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) (* Note: this data structure may be inspected interactively (test_with_utop.sh + F5), exploiting the toplevel printer, with something like: let f = Forest.to_treelist (Marionnet.treeview_ifconfig#get_forest) ;; *) open Gettext;; module Row_item = Treeview.Row_item ;; module Row = Treeview.Row ;; type port_row_completions = (string * (string * Row_item.t) list) list class t = fun ~packing ~method_directory ~method_filename ~after_user_edit_callback () -> object(self) inherit Treeview.treeview_with_a_primary_key_Name_column ~packing ~method_directory ~method_filename ~hide_reserved_fields:true () as super val uneditable_header = "_uneditable" method get_row_uneditable = self#get_CheckBox_field (uneditable_header) val type_header = "Type" method get_row_type = self#get_Icon_field (type_header) method set_row_type = self#set_Icon_field (type_header) val mac_address_header = "MAC address" method get_row_mac_address = self#get_String_field (mac_address_header) method set_row_mac_address = self#set_String_field (mac_address_header) val mtu_header = "MTU" method get_row_mtu = self#get_String_field (mtu_header) method set_row_mtu = self#set_String_field (mtu_header) val ipv4_address_header = "IPv4 address" method get_row_ipv4_address = self#get_String_field (ipv4_address_header) method set_row_ipv4_address = self#set_String_field (ipv4_address_header) val ipv4_gateway_header = "IPv4 gateway" method get_row_ipv4_gateway = self#get_String_field (ipv4_gateway_header) method set_row_ipv4_gateway = self#set_String_field (ipv4_gateway_header) val ipv6_address_header = "IPv6 address" method get_row_ipv6_address = self#get_String_field (ipv6_address_header) method set_row_ipv6_address = self#set_String_field (ipv6_address_header) val ipv6_gateway_header = "IPv6 gateway" method get_row_ipv6_gateway = self#get_String_field (ipv6_gateway_header) method set_row_ipv6_gateway = self#set_String_field (ipv6_gateway_header) method private currently_used_mac_addresses : string list = let xs = List.flatten (Forest.to_list self#get_forest) in let xs = ListExtra.filter_map (function | header, (Row_item.String s) when header=mac_address_header -> Some s | _ -> None ) xs in (List.tl xs) (* Discard the first line (header) *) (** The three leftmost octects are used as the trailing part of automatically-generated MAC addresses. Interesting side note: we can't use four because of OCaml runtime type tagging (yes, Jean: I was also surprised when I discovered it, but it was made that way to support precise GC, which can't rely on conservative pointer finding). *) method private generate_mac_address = let b0 = Random.int 256 in let b1 = Random.int 256 in let b2 = Random.int 256 in let result = Printf.sprintf "02:04:06:%02x:%02x:%02x" b2 b1 b0 in (* Try again if we generated an invalid or already allocated address: *) if not (List.mem result self#currently_used_mac_addresses) then begin Log.printf1 "Generated MAC address: %s\n" result; result end else begin Log.printf1 "Generated MAC address: %s already in use!\n" result; self#generate_mac_address end (** This follows exactly the same logic as automatic MAC address generation. Two octects are used for a B class network: *) val next_ipv4_address_as_int = ref 1 method private generate_ipv4_address = let ipv4_address_as_int = !next_ipv4_address_as_int in next_ipv4_address_as_int := ipv4_address_as_int + 1; let result = Printf.sprintf "10.10.%i.%i" (ipv4_address_as_int / 256) (ipv4_address_as_int mod 256) in (* Try again if we generated an invalid address: *) if Ipv4.String.is_valid_ipv4 result then result else self#generate_ipv4_address (** This follows exactly the same logic as automatic MAC address generation. Two octects are used for a B class network: *) val next_ipv6_address_as_int = ref Int64.one method private generate_ipv6_address = let ipv6_address_as_int = !next_ipv6_address_as_int in next_ipv6_address_as_int := Int64.succ ipv6_address_as_int; let result = Printf.sprintf "fc42::%04x:%04x" (* fc00::/7 => site local *) (Int64.to_int (Int64.div ipv6_address_as_int (Int64.of_int (256 * 256)))) (Int64.to_int (Int64.rem ipv6_address_as_int (Int64.of_int (256 * 256)))) in (* Try again if we generated an invalid address: *) if self#is_a_valid_ipv6_address result then result else self#generate_ipv6_address method add_device ?port_row_completions device_name device_type port_no = let row_id = self#add_row [ name_header, Row_item.String device_name; type_header, Row_item.Icon device_type; uneditable_header, Row_item.CheckBox true; mtu_header, Row_item.String ""; mac_address_header, Row_item.String ""; ipv4_address_header, Row_item.String ""; ipv4_gateway_header, Row_item.String ""; ipv6_address_header, Row_item.String ""; ipv6_gateway_header, Row_item.String ""; ] in self#update_port_no ?port_row_completions device_name port_no; self#collapse_row row_id; method port_no_of ~device_name = self#children_no_of ~parent_name:device_name method private add_port ?port_row_completions device_name = let device_row_id = self#unique_row_id_of_name (device_name) in let current_port_no = self#port_no_of (device_name) in let port_type = match self#get_row_type (device_row_id) with | "machine" | "world_bridge" -> "machine-port" | "gateway" (* retro-compatibility *) -> "machine-port" | "router" -> "router-port" | _ -> "other-device-port" in let port_prefix = match self#get_row_type (device_row_id) with "machine" | "world_bridge" -> "eth" | "gateway" (* retro-compatibility *) -> "eth" | _ -> "port" in let port_name = (Printf.sprintf "%s%i" port_prefix current_port_no) in let port_row_standard = [ name_header, Row_item.String port_name; type_header, Row_item.Icon port_type; ] in let port_row = match port_row_completions with | None -> port_row_standard | Some lst -> (try let port_row_specific_settings = (List.assoc port_name lst) in List.append (port_row_standard) (port_row_specific_settings) with Not_found -> port_row_standard) in ignore (self#add_row ~parent_row_id:device_row_id port_row) method update_port_no ?port_row_completions device_name new_port_no = let add_child_of = self#add_port ?port_row_completions in self#update_children_no ~add_child_of ~parent_name:device_name new_port_no (* To do: these validation methods suck. *) method private is_a_valid_mac_address address = try Scanf.sscanf address "%x:%x:%x:%x:%x:%x" (fun _ _ _ _ _ _ -> Scanf.sscanf address "%c%c:%c%c:%c%c:%c%c:%c%c:%c%c" (fun _ _ _ _ _ _ _ _ _ _ _ _ -> true)) with _ -> false method private is_a_valid_ipv4_address x = (Ipv4.String.is_valid_ipv4 x) || (* without CIDR, ex: 192.168.0.1 *) (Ipv4.String.is_valid_config x) (* with CIDR, ex: 192.168.0.1/24 *) (* The config (netmask) must be given or deductible: *) method private is_a_valid_ipv4_address_for_router x = match (Ipv4.import x) with | Some (Either.Right config) -> true | _ -> false method private is_a_valid_ipv4_gateway x = Ipv4.String.is_valid_ipv4 x method private is_a_valid_ipv6_address x = (Ipv6.String.is_valid_ipv6 x) || (* without CIDR, ex: fe80::1 *) (Ipv6.String.is_valid_config x) (* with CIDR, ex: fe80::1/32 *) method private is_a_valid_ipv6_gateway x = Ipv6.String.is_valid_ipv6 x method private is_a_valid_mtu x = if x = "" then true else try (int_of_string x) >= 0 && (int_of_string x) <= 1521 (* constant MAXPACKET in vde2 (src/lib/libvdeplug.c) *) with _ -> false method get_port_data ~device_name ~port_name = self#get_row_of_child ~parent_name:device_name ~child_name:port_name (** Return all the non-reserved data of a given port *index* (for example 2 stands for "eth2" or "port2", in our usual alist format: *) (* TODO: remove it *) method get_port_data_by_index ~device_name ~port_index = (* First try with the "eth" prefix: *) let port_name = Printf.sprintf "eth%i" port_index in try self#get_port_data device_name port_name with _ -> (* We failed. Ok, now try with the "port" prefix, before bailing out: *) let port_name = Printf.sprintf "port%i" port_index in self#get_port_data ~device_name ~port_name (** Return a single port attribute as an item: *) method get_port_attribute ~device_name ~port_name ~field = let row = (self#get_port_data ~device_name ~port_name) in (Row.String_field.get ~field row) (** Return a single port attribute as an item: *) (* TODO: remove it and remove also get_port_data_by_index *) method get_port_attribute_by_index ~device_name ~port_index ~field = let row = (self#get_port_data_by_index ~device_name ~port_index) in (Row.String_field.get ~field row) (** Update a single port attribute: *) method set_port_attribute_by_index ~device_name ~port_index ~field value = let port_name = Printf.sprintf "port%i" port_index in let row = self#get_complete_row_of_child ~parent_name:device_name ~child_name:port_name in let row_id = Row.get_id row in self#set_row_field row_id field value; (** Update a single port attribute of type string: *) method set_port_string_attribute_by_index ~device_name ~port_index ~field value = self#set_port_attribute_by_index ~device_name ~port_index ~field (Row_item.String value) (** Clear the interface and set the full internal state back to its initial value: *) method clear = super#clear; next_ipv4_address_as_int := 1; next_ipv6_address_as_int := Int64.one val counters_marshaler = new Oomarshal.marshaller method save ?with_forest_treatment () = (* Save the forest, as usual: *) super#save ?with_forest_treatment (); (* ...but also save the counters used for generating fresh addresses: *) let counters_file_name = (self#filename)^"-counters" in (* For forward compatibility: *) let _OBSOLETE_mac_address_as_int = Random.int (256*256*256) in counters_marshaler#to_file (_OBSOLETE_mac_address_as_int, !next_ipv4_address_as_int, !next_ipv6_address_as_int) counters_file_name; (* The treeview `ifconfig' may be used to derive the informations about the project version. This may be done inspecting the existence and the content of its related files. This method is useful in the class`state' to correctly load the set of all treeviews. *) method try_to_understand_in_which_project_version_we_are : [ `v0 | `v1 | `v2 ] option = (* --- *) let new_file_name = (self#filename) in (* states/ifconfig *) let () = Log.printf1 "treeview_ifconfig#try_to_understand_in_which_project_version_we_are: new_file_name: %s\n" new_file_name in if (Sys.file_exists new_file_name) then Some `v2 else (* continue: *) (* --- *) let old_file_name = Filename.concat (Filename.dirname new_file_name) "ports" in let () = Log.printf1 "treeview_ifconfig#try_to_understand_in_which_project_version_we_are: old_file_name: %s\n" old_file_name in if not (Sys.file_exists old_file_name) then None else (* continue: *) (* --- *) let regexp_v0 = "IPv6 address.*IPv4 netmask.*IPv4 address.*MAC address.*MTU.*Type.*Name" in let regexp_v1 = "IPv6 gateway.*IPv6 address.*IPv4 gateway.*IPv4 address.*MAC address.*MTU.*Type" in let x = StringExtra.of_charlist (PervasivesExtra.get_first_chars_of_file old_file_name 250) in if StrExtra.First.matchingp (Str.regexp regexp_v0) x then Some `v0 else (* continue:*) if StrExtra.First.matchingp (Str.regexp regexp_v1) x then Some `v1 else (* continue:*) None method private load_counters ?(base_name = self#filename) () = try let counters_file_name = (base_name)^"-counters" in (* _OBSOLETE_mac_address_as_int read for backward compatibility: *) let _OBSOLETE_mac_address_as_int, the_next_ipv4_address_as_int, the_next_ipv6_address_as_int = counters_marshaler#from_file counters_file_name in next_ipv4_address_as_int := the_next_ipv4_address_as_int; next_ipv6_address_as_int := the_next_ipv6_address_as_int with _ -> () (* Method redefinition, because we have also to load the counters. And we have also to understand which is precisely the file to load (according to the project version). This treeview was previously saved into states/ports and now is saved into states/ifconfig. This choice prevents old binaries from seg-faults reading projects in the new format. *) method load ?file_name ~project_version () = let file_name, apply_changes_automatically_once_loaded = let do_nothing = lazy () in match file_name with | Some x -> x, (do_nothing) | None -> let new_file_name = self#filename in let old_file_name = Filename.concat (Filename.dirname new_file_name) "ports" in let file_name = match project_version with | `v0 | `v1 -> old_file_name (* but the format is different: v1 and v2 files are similar *) | `v2 -> new_file_name in let action = if (file_name = old_file_name) then lazy (Unix.unlink old_file_name) else do_nothing in (file_name, action) in if not (Sys.file_exists file_name) then failwith (Printf.sprintf "treeview_ifconfig#load: file %s not found" file_name) else (* continue: *) (* Load the forest, as usual: *) let () = super#load ~file_name ~project_version () in (* ...but also load the counters used for generating fresh addresses: *) let () = self#load_counters ~base_name:(file_name) () in (* Apply necessary changes according to the project version: *) let () = Lazy.force apply_changes_automatically_once_loaded in () initializer let _ = self#add_checkbox_column ~header:uneditable_header ~hidden:true ~default:(fun () -> Row_item.CheckBox false) () in let _ = self#add_icon_column ~header:type_header ~shown_header:(s_ "Type") ~strings_and_pixbufs:[ "machine", Initialization.Path.images^"treeview-icons/machine.xpm"; "router", Initialization.Path.images^"treeview-icons/router.xpm"; "machine-port", Initialization.Path.images^"treeview-icons/network-card.xpm"; "router-port", Initialization.Path.images^"treeview-icons/port.xpm"; "other-device-port", Initialization.Path.images^"treeview-icons/port.xpm"; ] () in let _ = self#add_editable_string_column ~header:mac_address_header ~shown_header:(s_ "MAC address") ~default:(fun () -> Row_item.String self#generate_mac_address) ~constraint_predicate:(fun i -> let s = Row_item.extract_String i in (self#is_a_valid_mac_address s) || s = "") () in let _ = self#add_editable_string_column ~header:mtu_header ~default:(fun () -> Row_item.String "1500") ~constraint_predicate:(fun i -> let s = Row_item.extract_String i in (self#is_a_valid_mtu s) || s = "") () in let _ = self#add_editable_string_column ~header:ipv4_address_header ~shown_header:(s_ "IPv4 address") ~default:(fun () -> if Global_options.get_autogenerate_ip_addresses () then Row_item.String self#generate_ipv4_address else Row_item.String "") ~constraint_predicate:(fun i -> let s = Row_item.extract_String i in (self#is_a_valid_ipv4_address s) || s = "") () in let _ = self#add_editable_string_column ~header:ipv4_gateway_header ~shown_header:(s_ "IPv4 gateway") ~default:(fun () -> if Global_options.get_autogenerate_ip_addresses () then Row_item.String "10.10.0.254" else Row_item.String "") ~constraint_predicate:(fun i -> let s = Row_item.extract_String i in (self#is_a_valid_ipv4_gateway s) || s = "") () in let _ = self#add_editable_string_column ~header:ipv6_address_header ~shown_header:(s_ "IPv6 address") ~default:(fun () -> if Global_options.get_autogenerate_ip_addresses () then Row_item.String self#generate_ipv6_address else Row_item.String "") ~constraint_predicate:(fun i -> let s = Row_item.extract_String i in (self#is_a_valid_ipv6_address s) || s = "") () in let _ = self#add_editable_string_column ~header:ipv6_gateway_header ~shown_header:(s_ "IPv6 gateway") ~default:(fun () -> if Global_options.get_autogenerate_ip_addresses () then Row_item.String self#generate_ipv6_address else Row_item.String "") ~constraint_predicate:(fun i -> let s = Row_item.extract_String i in (self#is_a_valid_ipv6_gateway s) || s = "") () in self#add_row_constraint ~name:(s_ "you should choose a port to define this parameter") (fun row -> let uneditable = Row.CheckBox_field.get ~field:uneditable_header row in (not uneditable) || (List.for_all (fun (name, value) -> name = name_header || name = type_header || name = uneditable_header || self#is_column_reserved name || value = Row_item.String "") row)); self#add_row_constraint ~name:(s_ "the router first port must always have a valid configuration address") (fun row -> let port_name = (Row.get_name row) in let port_type = (Row.Icon_field.get ~field:type_header row) in let address = (Row.String_field.get ~field:ipv4_address_header row) in (port_name <> "port0") || (port_type <> "router-port") || ((self#is_a_valid_ipv4_address_for_router address))); (* In this treeview the involved device is the parent: *) self#set_after_update_callback (fun row_id -> after_user_edit_callback (self#get_row_parent_name row_id)); (* Make internal data structures: no more columns can be added now: *) self#create_store_and_view; (* Setup the contextual menu: *) self#set_contextual_menu_title "Network interface's configuration"; end;; (** Ugly kludge to make a single global instance visible from all modules linked *after* this one. Not having mutually-recursive inter-compilation-unit modules is a real pain. *) class treeview = t module The_unique_treeview = Stateful_modules.Variable (struct type t = treeview let name = Some "treeview_ifconfig" end) let extract = The_unique_treeview.extract let make ~(window:GWindow.window) ~(hbox:GPack.box) ~after_user_edit_callback ~method_directory ~method_filename () = let result = new t ~packing:(hbox#add) ~after_user_edit_callback ~method_directory ~method_filename () in let _toolbar = Treeview.add_expand_and_collapse_button ~window ~hbox (result:>Treeview.t) in The_unique_treeview.set result; result ;; marionnet-0.90.6+bzr508.orig/marionnet-toplevel0000755000175000017500000001035313175722671020356 0ustar lucaslucas#!/bin/bash # This file is part of Marionnet, a virtual network laboratory # Copyright (C) 2010 Jean-Vincent Loddo # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . set -e if [[ $1 = "--help" || $1 = "-h" || $1 = "-help" ]]; then echo "Usage: $(basename $0) [[/][.ml]] [OCAML_OPTIONS]" echo ' Launch marionnet in a toplevel or test a specific module. Internally, the script gets (from the ocamlbuild log) the correct command line for compiling marionnet.byte as defined by ocamlbuild, then it simply replaces "ocamlc.opt" by "ocamlmktop" and the target "marionnet.byte" by the temporary name of the toplevel. If a module pattern (ex: gui_router_dialog_widget) or a module filename (ex: gui/gui_router_dialog_widget.ml) is provided as argument, the script builds a toplevel that will load just the required modules for this argument (it deletes modules cited after the pattern in the command line defined by ocamlbuild). Furthermore, the toplevel will call a function called "make", with the actual (), supposed defined in the module. This is not a strict requirement: we can also test modules which have not this function. In this case, the call to "make" will simply fail, without any undesirable effect.' | fmt echo echo -e "Examples: \t./$(basename $0) \t./$(basename $0) gui/gui_router_dialog_widget.ml \t./$(basename $0) gui_hub \t./$(basename $0) splash" exit 0 fi TOP=/tmp/$(basename $0) make marionnet.byte # Get the correct command line for compiling marionnet.byte # then replace "ocamlc.opt" by "ocamlmktop" # and the target "marionnet.byte" by $TOP CMD=$(grep 'ocamlc.opt .*-o marionnet.byte' _build/_build/_log \ | sed -e 's/\/usr\/bin\/ocamlc.opt/ocamlmktop -I _build/' \ | sed -e "s/marionnet.byte/\/tmp\/$(basename $0)/" ) # Manage the optional argument (if it isn't an option) if [[ -n "$1" && "$1" = "${1#-}" ]]; then MODULE_BASENAME=$(basename ${1%.*}) CMD=$(echo "$CMD" \ | tr ' ' '\n' \ | awk "/$MODULE_BASENAME/ {print; stop=1} (stop != 1) {print}" \ | tr '\n' ' ') CMD+=" -o $TOP" INIT="-init $TOP.init" MODULE_NAME=$(echo "$MODULE_BASENAME" | sed 's/\<./\u&/') if [[ -n "$2" ]]; then FUNCTION_NAME=$2 shift else FUNCTION_NAME="test" fi cat >$TOP.init <$TOP.init </dev/null; then rlwrap $TOP $INCLUDES $INIT "$@" elif which ledit &>/dev/null; then ledit $TOP $INCLUDES $INIT "$@" else eval $TOP $INCLUDES $INIT "$@" rm -f $TOP fi # The executable is not removed from /tmp/ in order to reuse the history # of commands (managed by rlwrap and ledit) marionnet-0.90.6+bzr508.orig/task_runner.mli0000644000175000017500000000263613175722671017647 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2007, 2008 Luca Saiu Copyright (C) 2009, 2010, 2017 Jean-Vincent Loddo Copyright (C) 2007, 2008, 2009, 2010, 2017 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) type thunk = unit -> unit and task = thunk val do_in_parallel : thunk list -> unit exception Kill_task_runner class task_runner : object method prepend : ?name:string -> task -> unit method run : string -> task -> unit method schedule : ?name:string -> task -> unit method schedule_parallel : (string * task) list -> unit method schedule_tasks : (string * string list * task) list -> unit (* --- *) method wait_for_all_currently_scheduled_tasks : unit end val the_task_runner : task_runner marionnet-0.90.6+bzr508.orig/progress_bar.ml0000644000175000017500000000726013175722671017631 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2007, 2008, 2009 Luca Saiu Copyright (C) 2009, 2010 Jean-Vincent Loddo Copyright (C) 2007, 2008, 2009, 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) (* Authors: * - Luca Saiu: initial version * - Jean-Vincent Loddo: make_progress_bar_dialog generalization and re-styling *) open Gettext;; type kind = Pulse | Fill of (unit -> float) let progress_bars : (GWindow.window * GRange.progress_bar * kind) list ref = ref [] let update_interval = 200;; (* in milliseconds *) let destroy_progress_bar_dialog window = begin Log.printf "A progress bar dialog window was destroyed.\n"; window#destroy (); progress_bars := List.filter (fun (w,_,_)->w!=window) !progress_bars end (** Make a dialog with the following layout: +----------------------------------------------+ | title | +----------------------------------------------+ | (info) text_on_label | | text_on_sub_label | | [ progress_bar ] | +----------------------------------------------+ *) let make_progress_bar_dialog ?title:(title=(s_ "A slow operation is in progress")) ?(text_on_label=(s_ "A slow operation is in progress")) ?(text_on_sub_label="") ?text_on_bar:(text_on_bar=(s_ "Please wait...")) ?kind:(kind=Pulse) ?(modal=false) ?(position=(if modal then `CENTER else `NONE)) () = let window = GWindow.window ~title ~modal ~position ~border_width:10 ~resizable:false () in if modal then ignore (window#event#connect#delete ~callback:(fun _ -> true)) else (); window#set_icon (Some Icon.icon_pixbuf); (* Table 2x3 *) let table = GPack.table ~columns:2 ~rows:3 ~row_spacings:10 ~col_spacings:10 ~packing:window#add () in let attach (x,y) = table#attach ~left:x ~top:y ~expand:`X ~fill:`BOTH in (* Icon *) let _icon = GMisc.image ~file:(Initialization.Path.images^"ico.info.orig.png") ~xalign:0. ~packing:(attach (1,1)) () in (* Label *) let label = (GMisc.label ~xalign:0. ~packing:(attach (2,1)) ()) in let () = (label#set_use_markup true); (label#set_label text_on_label) in (* Sub label *) if text_on_sub_label <> "" then let sub_label = (GMisc.label ~xalign:0. ~packing:(attach (2,2)) ()) in (sub_label#set_use_markup true); (sub_label#set_label text_on_sub_label) else (); (* Progress bar *) let progress_bar = GRange.progress_bar ~pulse_step:0.1 () ~packing:(attach (2,3)) in progress_bar#set_text text_on_bar; let destroy_callback : unit -> unit = fun () -> destroy_progress_bar_dialog window in ignore (window#connect#destroy ~callback:destroy_callback); window#show (); progress_bars := (window, progress_bar, kind) :: !progress_bars; window ;; let _ = let action (_, progress_bar, kind) = match kind with | Pulse -> progress_bar#pulse () | Fill f -> progress_bar#set_fraction (f ()) in GMain.Timeout.add ~ms:update_interval ~callback:(fun () -> (List.iter action !progress_bars); true) ;; (* call this again at the next interval *) marionnet-0.90.6+bzr508.orig/descendants_monitor.mli0000644000175000017500000000244613175722671021355 0ustar lucaslucas(* This file is part of Marionnet Copyright (C) 2013 Jean-Vincent Loddo Copyright (C) 2013 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) (** Follow the descendance of a process in order to clean the process table when exiting. *) (** Start the thread monitoring a pid descendance. The result is the thunk killing the still running processes. *) val start_monitor_and_get_kill_method : ?pid:int -> (* Default: Unix.getpid () *) ?wake_up_interval:float -> (* Default: 4. (seconds) *) ?garbage_collection_frequence:int -> (* Default: 4 (remove death processes each 4 cycles => each 16 seconds by default) *) unit -> (unit -> unit) marionnet-0.90.6+bzr508.orig/user_level.mli0000644000175000017500000006516213175722671017464 0ustar lucaslucas type devkind = [ `Machine | `Hub | `Switch | `Router | `World_gateway | `World_bridge | `Cloud ] ;; type nodename = string type receptname = string type name = string type label = string type iconsize = string type simulated_device_automaton_state = NoDevice | DeviceOff | DeviceOn | DeviceSleeping exception ForbiddenTransition val raise_forbidden_transition : string -> 'a module Recursive_mutex : MutexExtra.Extended_signature with type t = MutexExtra.Recursive.t class virtual ['a] simulated_device : unit -> object (* --- *) constraint 'a = < get_name : string; .. > method virtual get_name : string method virtual make_simulated_device : 'a Simulation_level.device method private virtual add_destroy_callback : unit lazy_t -> unit (* --- *) val mutex : Recursive_mutex.t method private destroy_because_of_unexpected_death : unit -> unit method automaton_state_as_string : string (* --- *) method can_gracefully_shutdown : bool method can_poweroff : bool method can_resume : bool method can_startup : bool method can_suspend : bool (* --- *) method create : unit method create_right_now : unit method destroy_my_simulated_device : unit method destroy_right_now : unit method get_hublet_process_of_port : int -> Simulation_level.hublet_process method gracefully_restart : unit method gracefully_shutdown : unit method gracefully_shutdown_right_now : unit method has_hublet_processes : bool method is_correct : bool method next_simulated_device_state : simulated_device_automaton_state option method poweroff : unit method poweroff_right_now : unit method resume : unit method resume_right_now : unit method set_next_simulated_device_state : simulated_device_automaton_state option -> unit method simulated_device_state : simulated_device_automaton_state method startup : unit method startup_right_now : unit method string_of_simulated_device_state : string method suspend : unit method suspend_right_now : unit end class id_name_label : ?name:string -> ?label:string -> unit -> object method id : int method name : string method get_label : string method set_label : string -> unit method get_name : string method set_name : string -> unit end class virtual component : network:(< .. > as 'a) -> ?name:string -> ?label:string -> unit -> object val network : 'a (* --- *) inherit id_name_label (* --- *) method virtual suspend : unit method virtual resume : unit method virtual can_resume : bool method virtual can_suspend : bool method virtual to_tree : Xforest.tree (* --- *) method eval_forest_attribute : Xforest.attribute -> unit method eval_forest_child : Xforest.tree -> unit method from_tree : Xforest.node -> Xforest.forest -> unit method to_forest : Xforest.forest end class port : port_prefix:string -> internal_index:int -> user_port_offset:int -> unit -> object method internal_index : int method user_index : int method user_name : string end type defects = < duplication: float; flip: float; loss: float; max_delay: float; min_delay: float > class ['a] ports_card : network:< defects : Treeview_defects.t; .. > -> parent:'a -> port_no:int -> port_prefix:string -> ?user_port_offset:int -> unit -> object constraint 'a = < get_name : string; .. > method get_my_inward_defects_by_index : int -> defects method get_my_outward_defects_by_index : int -> defects method internal_index_of_user_port_name : string -> int method port_no : int method port_prefix : string method user_port_index_of_internal_index : int -> int method user_port_index_of_user_port_name : string -> int method user_port_name_list : string list method user_port_name_of_internal_index : int -> string method user_port_offset : int end type polarity = MDI | MDI_X | MDI_Auto class virtual node_with_ports_card : network:(< (*defects : Treeview_defects.t;*) defects : < get_port_attribute_of : device_name:string -> port_prefix:string -> port_index:int -> user_port_offset:int -> port_direction:Treeview_defects.port_direction -> column_header:string -> unit -> float; .. >; get_cables_involved_by_node_name : string -> (< decrement_alive_endpoint_no : 'd; increment_alive_endpoint_no : 'e; show : string -> string; .. > as 'c) list; .. > as 'b) -> name:string -> ?label:string -> devkind:devkind -> port_no:int -> port_prefix:string -> port_no_min:int -> port_no_max:int -> ?user_port_offset:int -> ?has_ledgrid:bool -> unit -> object ('a) val automaton_state : simulated_device_automaton_state ref val id : int val mutable label : string val mutex : Recursive_mutex.t val mutable name : string val network : 'b val next_automaton_state : simulated_device_automaton_state option ref val mutable ports_card : 'a ports_card option val simulated_device : node_with_ports_card Simulation_level.device option ref method private virtual add_destroy_callback : unit lazy_t -> unit method automaton_state_as_string : string method can_gracefully_shutdown : bool method can_poweroff : bool method can_resume : bool method can_startup : bool method can_suspend : bool method create : unit method create_right_now : unit method virtual destroy : unit method private destroy_because_of_unexpected_death : unit -> unit method destroy_my_simulated_device : unit method destroy_right_now : unit method devkind : devkind method virtual dotImg : iconsize -> string method dotLabelForEdges : string -> string method dotPortForEdges : string -> string method dotTrad : ?nodeoptions:string -> iconsize -> string method dot_fontsize_statement : string method private enqueue_task_with_progress_bar : string -> (unit -> unit) -> unit method eval_forest_attribute : Xforest.attribute -> unit method eval_forest_child : Xforest.tree -> unit method from_tree : Xforest.node -> Xforest.forest -> unit method get_hublet_process_of_port : int -> Simulation_level.hublet_process method get_label : string method get_name : string method get_port_no : int method gracefully_restart : unit method gracefully_shutdown : unit method gracefully_shutdown_right_now : unit method has_hublet_processes : bool method has_ledgrid : bool method id : int method is_correct : bool method label_for_dot : string method leds_relative_subdir : string method virtual make_simulated_device : node_with_ports_card Simulation_level.device method name : string method next_simulated_device_state : simulated_device_automaton_state option method virtual polarity : polarity method port_no_max : int method port_no_min : int method port_prefix : string method ports_card : 'a ports_card method poweroff : unit method poweroff_right_now : unit method resume : unit method resume_right_now : unit method set_label : string -> unit method set_name : string -> unit method set_next_simulated_device_state : simulated_device_automaton_state option -> unit method set_port_no : int -> unit method simulated_device_state : simulated_device_automaton_state method startup : unit method startup_right_now : unit method virtual string_of_devkind : string method string_of_simulated_device_state : string method suspend : unit method suspend_right_now : unit method to_forest : Xforest.forest method virtual to_tree : Xforest.tree method user_port_offset : int end class type virtual node = node_with_ports_card class virtual node_with_defects_zone : network:< defects : Treeview_defects.t; .. > -> unit -> object method virtual add_destroy_callback : unit Lazy.t -> unit method private add_my_defects : unit method virtual defects_device_type : string method private defects_update_port_no : int -> unit method private destroy_my_defects : unit method virtual get_name : string method virtual get_port_no : int method virtual port_prefix : string method virtual user_port_offset : int end class virtual node_with_defects : network:(< add_node : node -> 'c; defects : Treeview_defects.t; del_node_by_name : string -> unit; get_cables_involved_by_node_name : string -> < decrement_alive_endpoint_no : 'd; increment_alive_endpoint_no : 'e; show : string -> string; .. > list; .. > as 'b) -> name:string -> ?label:string -> devkind:devkind -> port_no:int -> port_no_min:int -> port_no_max:int -> ?user_port_offset:int -> port_prefix:string -> unit -> object ('a) val automaton_state : simulated_device_automaton_state ref val id : int val mutable label : string val mutex : Recursive_mutex.t val mutable name : string val network : 'b val next_automaton_state : simulated_device_automaton_state option ref val mutable ports_card : 'a ports_card option val simulated_device : node_with_ports_card Simulation_level.device option ref method virtual add_destroy_callback : unit Lazy.t -> unit method private add_my_defects : unit method automaton_state_as_string : string method can_gracefully_shutdown : bool method can_poweroff : bool method can_resume : bool method can_startup : bool method can_suspend : bool method create : unit method create_right_now : unit method virtual defects_device_type : string method private defects_update_port_no : int -> unit method virtual destroy : unit method private destroy_because_of_unexpected_death : unit -> unit method private destroy_my_defects : unit method destroy_my_simulated_device : unit method destroy_right_now : unit method devkind : devkind method virtual dotImg : iconsize -> string method dotLabelForEdges : string -> string method dotPortForEdges : string -> string method dotTrad : ?nodeoptions:string -> iconsize -> string method dot_fontsize_statement : string method private enqueue_task_with_progress_bar : string -> (unit -> unit) -> unit method eval_forest_attribute : Xforest.attribute -> unit method eval_forest_child : Xforest.tree -> unit method from_tree : Xforest.node -> Xforest.forest -> unit method get_hublet_process_of_port : int -> Simulation_level.hublet_process method get_label : string method get_name : string method get_port_no : int method gracefully_restart : unit method gracefully_shutdown : unit method gracefully_shutdown_right_now : unit method has_hublet_processes : bool method has_ledgrid : bool method id : int method is_correct : bool method label_for_dot : string method leds_relative_subdir : string method virtual make_simulated_device : node_with_ports_card Simulation_level.device method name : string method next_simulated_device_state : simulated_device_automaton_state option method virtual polarity : polarity method port_no_max : int method port_no_min : int method port_prefix : string method ports_card : 'a ports_card method poweroff : unit method poweroff_right_now : unit method resume : unit method resume_right_now : unit method set_label : string -> unit method set_name : string -> unit method set_next_simulated_device_state : simulated_device_automaton_state option -> unit method set_port_no : int -> unit method simulated_device_state : simulated_device_automaton_state method startup : unit method startup_right_now : unit method virtual string_of_devkind : string method string_of_simulated_device_state : string method suspend : unit method suspend_right_now : unit method to_forest : Xforest.forest method virtual to_tree : Xforest.tree method update_with : name:string -> label:string -> port_no:int -> unit method user_port_offset : int end class virtual node_with_ledgrid_and_defects : network:(< add_node : node -> 'c; busy_port_indexes_of_node : node_with_ports_card -> int list; defects : Treeview_defects.t; del_node_by_name : string -> unit; get_cables_involved_by_node_name : string -> < decrement_alive_endpoint_no : 'd; increment_alive_endpoint_no : 'e; show : string -> string; .. > list; ledgrid_manager : Ledgrid_manager.ledgrid_manager; .. > as 'b) -> name:string -> ?label:string -> devkind:devkind -> port_no:int -> port_no_min:int -> port_no_max:int -> ?user_port_offset:int -> port_prefix:string -> unit -> object ('a) val automaton_state : simulated_device_automaton_state ref val id : int val mutable label : string val mutex : Recursive_mutex.t val mutable name : string val network : 'b val next_automaton_state : simulated_device_automaton_state option ref val mutable ports_card : 'a ports_card option val simulated_device : node_with_ports_card Simulation_level.device option ref method virtual add_destroy_callback : unit Lazy.t -> unit method private add_my_defects : unit method add_my_ledgrid : unit method automaton_state_as_string : string method can_gracefully_shutdown : bool method can_poweroff : bool method can_resume : bool method can_startup : bool method can_suspend : bool method create : unit method create_right_now : unit method virtual defects_device_type : string method private defects_update_port_no : int -> unit method virtual destroy : unit method private destroy_because_of_unexpected_death : unit -> unit method private destroy_my_defects : unit method destroy_my_ledgrid : unit method destroy_my_simulated_device : unit method destroy_right_now : unit method devkind : devkind method virtual dotImg : iconsize -> string method dotLabelForEdges : string -> string method dotPortForEdges : string -> string method dotTrad : ?nodeoptions:string -> iconsize -> string method dot_fontsize_statement : string method private enqueue_task_with_progress_bar : string -> (unit -> unit) -> unit method eval_forest_attribute : Xforest.attribute -> unit method eval_forest_child : Xforest.tree -> unit method from_tree : Xforest.node -> Xforest.forest -> unit method get_hublet_process_of_port : int -> Simulation_level.hublet_process method get_label : string method get_name : string method get_port_no : int method gracefully_restart : unit method gracefully_shutdown : unit method gracefully_shutdown_right_now : unit method has_hublet_processes : bool method has_ledgrid : bool method id : int method is_correct : bool method label_for_dot : string method ledgrid_image_directory : string method virtual ledgrid_label : string method ledgrid_title : string method leds_relative_subdir : string method virtual make_simulated_device : node_with_ports_card Simulation_level.device method name : string method next_simulated_device_state : simulated_device_automaton_state option method virtual polarity : polarity method port_no_max : int method port_no_min : int method port_prefix : string method ports_card : 'a ports_card method poweroff : unit method poweroff_right_now : unit method resume : unit method resume_right_now : unit method set_label : string -> unit method set_name : string -> unit method set_next_simulated_device_state : simulated_device_automaton_state option -> unit method set_port_no : int -> unit method simulated_device_state : simulated_device_automaton_state method startup : unit method startup_right_now : unit method virtual string_of_devkind : string method string_of_simulated_device_state : string method suspend : unit method suspend_right_now : unit method to_forest : Xforest.forest method virtual to_tree : Xforest.tree method update_with : name:string -> label:string -> port_no:int -> unit method user_port_offset : int end class virtual virtual_machine_with_history_and_ifconfig : network:< history : Treeview_history.t; ifconfig : Treeview_ifconfig.t; .. > -> ?epithet:[ `distrib ] Disk.epithet -> ?variant:string -> ?kernel:[ `kernel ] Disk.epithet -> ?terminal:string -> history_icon:string -> ifconfig_device_type:string -> ?ifconfig_port_row_completions:Treeview_ifconfig.port_row_completions -> vm_installations:Disk.virtual_machine_installations -> unit -> object val mutable epithet : [ `distrib ] Disk.epithet val mutable kernel : [ `kernel ] Disk.epithet val mutable terminal : string val mutable variant : [ `variant ] Disk.epithet option method private virtual add_destroy_callback : unit lazy_t -> unit method add_my_history : unit method add_my_ifconfig : ?port_row_completions:Treeview_ifconfig.port_row_completions -> int -> unit method private banner : string method private check_epithet : [ `distrib ] Disk.epithet -> [ `distrib ] Disk.epithet method private check_kernel : [ `kernel ] Disk.epithet -> [ `kernel ] Disk.epithet method private check_terminal : string -> string method private check_variant : [ `variant ] Disk.epithet -> [ `variant ] Disk.epithet method create_cow_file_name_and_thunk_to_get_the_source : string * (unit -> Disk.realpath option) method destroy_my_history : unit method destroy_my_ifconfig : unit method failwith : ('a, unit, string, string) format4 -> 'b method get_epithet : [ `distrib ] Disk.epithet method get_filesystem_file_name : Disk.realpath method get_filesystem_relay_script : Disk.filename option method get_kernel : [ `kernel ] Disk.epithet method get_kernel_console_arguments : string option method get_kernel_file_name : Disk.realpath method private virtual get_name : string method private virtual get_port_no : int method get_states_directory : string method get_terminal : string method get_variant : [ `variant ] Disk.epithet option method get_variant_as_string : [ `variant ] Disk.epithet method get_variant_realpath : Disk.realpath option method history_icon : Treeview.Row_item.Icon_prj_inj.a method ifconfig_device_type : string method is_xnest_enabled : bool method private prefixed_epithet : string method set_epithet : [ `distrib ] Disk.epithet -> unit method set_kernel : [ `kernel ] Disk.epithet -> unit method set_terminal : string -> unit method set_variant : string option -> unit method sprintf : ('a, unit, string, string) format4 -> 'a method update_virtual_machine_with : name:string -> port_no:int -> [ `kernel ] Disk.epithet -> unit end class type endpoint = object method involved_node_and_port_index : node * int method node : node method port_index : int method user_port_index : int method user_port_name : string end class type virtual cable = object val automaton_state : simulated_device_automaton_state ref val id : int val mutable label : string val mutex : Recursive_mutex.t val mutable name : string val network : < .. > val next_automaton_state : simulated_device_automaton_state option ref val simulated_device : component Simulation_level.device option ref method private virtual add_destroy_callback : unit lazy_t -> unit method automaton_state_as_string : string method can_gracefully_shutdown : bool method can_poweroff : bool method can_resume : bool method can_startup : bool method can_suspend : bool method create : unit method create_right_now : unit method crossover : bool method decrement_alive_endpoint_no : unit method destroy : unit method private destroy_because_of_unexpected_death : unit -> unit method destroy_my_simulated_device : unit method destroy_right_now : unit method dot_traduction : curved_lines:bool -> labeldistance:float -> string method private enqueue_task_with_progress_bar : string -> (unit -> unit) -> unit method eval_forest_attribute : Xforest.attribute -> unit method eval_forest_child : Xforest.tree -> unit method from_tree : Xforest.node -> Xforest.forest -> unit method get_hublet_process_of_port : int -> Simulation_level.hublet_process method get_label : string method get_left : endpoint method get_name : string method get_right : endpoint method gracefully_restart : unit method gracefully_shutdown : unit method gracefully_shutdown_right_now : unit method has_hublet_processes : bool method id : int method increment_alive_endpoint_no : unit method involved_node_and_port_index_list : (node * int) list method is_connected : bool method is_correct : bool method is_node_involved : string -> bool method is_reversed : bool method virtual make_simulated_device : component Simulation_level.device method name : string method next_simulated_device_state : simulated_device_automaton_state option method poweroff : unit method poweroff_right_now : unit method resume : unit method resume_right_now : unit method set_label : string -> unit method set_name : string -> unit method set_next_simulated_device_state : simulated_device_automaton_state option -> unit method set_reversed : bool -> unit method show : string -> string method simulated_device_state : simulated_device_automaton_state method startup : unit method startup_right_now : unit method string_of_simulated_device_state : string method suspend : unit method suspend_right_now : unit method to_forest : Xforest.forest method virtual to_tree : Xforest.tree end class network : project_working_directory: (unit -> string option) -> unit -> object ('a) method ifconfig : Treeview_ifconfig.t method defects : Treeview_defects.t method history : Treeview_history.t method working_directory : string method ledgrid_manager : Ledgrid_manager.ledgrid_manager method dotoptions : Sketch.tuning (* --- *) method nodes : node Queue.t Cortex.t method cables : cable Queue.t Cortex.t (* --- *) method add_node : node -> unit method add_cable : cable -> unit (* --- *) method names : string list method name_exists : string -> bool method components : component list method components_of_kind : ?kind:[ `Cable | `Node ] -> unit -> component list method get_component_by_name : ?kind:[ `Cable | `Node ] -> string -> component method get_component_names_that_can_suspend_or_resume : unit -> (string * [ `Cable | `Node ] * bool) list method disjoint_union_of_nodes_and_cables : (component * [ `Cable | `Node ]) list (* --- *) method node_exists : string -> bool method get_node_by_name : string -> node method get_node_list : node list method set_node_list : node list -> unit method is_node_list_empty : bool method del_node_by_name : string -> unit method get_node_names : string list method get_node_names_that_can_gracefully_shutdown : ?devkind:devkind -> unit -> string list method get_node_names_that_can_resume : ?devkind:devkind -> unit -> string list method get_node_names_that_can_startup : ?devkind:devkind -> unit -> string list method get_node_names_that_can_suspend : ?devkind:devkind -> unit -> string list method get_nodes_such_that : ?devkind:devkind -> (node -> bool) -> node list method get_nodes_that_can_gracefully_shutdown : ?devkind:devkind -> unit -> node list method get_nodes_that_can_resume : ?devkind:devkind -> unit -> node list method get_nodes_that_can_startup : ?devkind:devkind -> unit -> node list method get_nodes_that_can_suspend : ?devkind:devkind -> unit -> node list method change_node_name : string -> string -> unit method involved_node_and_port_index_list : (node * int) list method busy_port_indexes_of_node : node -> int list method max_busy_port_index_of_node : node -> int method port_no_lower_of : node -> int (* --- *) method cable_exists : string -> bool method get_cable_by_name : string -> cable method get_cable_list : cable list method set_cable_list : cable list -> unit method is_cable_list_empty : bool method del_cable_by_name : string -> unit method get_cables_involved_by_node_name : string -> cable list method get_crossover_cable_names : string list method get_crossover_cables : cable list method get_direct_cable_names : string list method get_direct_cables : cable list method reversed_cable_set : bool -> string -> unit method reversed_cables : string list method are_there_almost_2_free_endpoints : bool (* --- *) method destroy_process_before_quitting : unit -> unit method dotTrad : unit -> string method eval_forest_attribute : Xforest.attribute -> unit method eval_forest_child : Xforest.tree -> unit method free_endpoint_list_humanly_speaking : ?force_to_be_included:(string * string) list -> (string * string) list method free_port_indexes_of_node : ?force_to_be_included:int list -> node -> int list method free_user_port_names_of_node : ?force_to_be_included:string list -> node -> string list method from_tree : Xforest.node -> Xforest.forest -> unit method reset : ?scheduled:bool -> unit -> unit method restore_from_buffers : unit method save_to_buffers : unit method show : unit method subscribe_a_try_to_add_procedure : ('a -> Xforest.tree -> bool) -> unit method suggestedName : string -> string method to_forest : Xforest.forest method to_tree : Xforest.tree end module Xml : sig val network_marshaller : Xforest.t Oomarshal.marshaller val load_network : project_version:[ `v0 | `v1 | `v2 ] -> network -> string -> unit val save_network : network -> string -> unit end marionnet-0.90.6+bzr508.orig/death_monitor.ml0000644000175000017500000001607613175722671020002 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2007, 2008, 2009 Luca Saiu Copyright (C) 2010 Jean-Vincent Loddo Copyright (C) 2007, 2008, 2009, 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) open Unix;; open Sys;; open Mutex;; (** This functionality allows the user to register a callback to invoke in the event of the unexpected death of each given process. When a process death is detected the callback is invoked, and the process is automatically un-registered. Process death is not detected immediately, as the implementation is based on polling. *) (** Define an associative map with pids as keys: *) module OrderedInt = struct type t = int;; let compare = compare;; end;; module Map = Map.Make(OrderedInt);; type process_name = string;; type map = (process_name * (* name of the executable program we're monitoring *) (int -> bool) * (* how to check whether we should invoke the callback *) (int -> process_name -> unit)) (* the callback *) Map.t;; let linearize_map (map : map) = Map.fold (fun (pid : int) (name, predicate, thunk) list -> (pid, (name, predicate, thunk)) :: list) map [];; (** A map mapping each pid into the callback to invoke when the process dies: *) let processes_to_be_monitored : map ref = ref Map.empty;; let poll_interval = ref 1.0;; (* in seconds *) let map_size = ref 0;; (** The death_monitor_mutex protecting processes_to_be_monitored from concurrent accesses, poll_interval and map_size: *) let death_monitor_mutex = Mutex.create ();; (** Return true iff we are currently monitoring the given process. Not thread-safe, only for internal use *) let __are_we_monitoring pid = Map.mem pid !processes_to_be_monitored;; (** Return true iff we are currently monitoring the given process.*) let are_we_monitoring pid = lock death_monitor_mutex; let result = __are_we_monitoring pid in unlock death_monitor_mutex; result;; (** The predefined predicate returning true if we should invoke the callback: *) let default_predicate pid = not (UnixExtra.is_process_alive pid);; (** Start monitoring the process with the given pid. Call the given function if it ever dies, using the pid and process name as its parameters. This is thread-safe. *) let start_monitoring ?(predicate=default_predicate) pid name callback = lock death_monitor_mutex; (if Map.mem pid !processes_to_be_monitored then begin Log.printf1 "WARNING (THIS MAY BE SERIOUS): death_monitor: I was already monitoring %d\n" pid; end else begin processes_to_be_monitored := Map.add pid (name, predicate, callback) !processes_to_be_monitored; map_size := !map_size + 1; (* We don't want to create zombies: let's asynchronously call waitpid on the process; this is important, otherwise other implementation of is_process_alive using kill with a 0 value for the signal will see the process as existing. *) let _ = Thread.create (fun () -> UnixExtra.Process.waitpid_non_intr ~wait_flags:[] pid) () in (); end); unlock death_monitor_mutex;; (** Stop monitoring the process with the given pid. Not thread-safe, only for internal use. Users should call stop_monitoring instead. *) let __stop_monitoring pid = if Map.mem pid !processes_to_be_monitored then begin processes_to_be_monitored := Map.remove pid !processes_to_be_monitored; map_size := !map_size - 1; end else begin Log.printf1 "WARNING: death_monitor: I was not monitoring %d\n" pid; end;; (** Stop monitoring the process with the given pid. Thread-safe. *) let stop_monitoring pid = lock death_monitor_mutex; try __stop_monitoring pid; unlock death_monitor_mutex; with e -> begin (* Don't leave the death_monitor_mutex locked when raising: *) unlock death_monitor_mutex; (* Re-raise: *) Log.printf1 "stop_monitoring: re-raising %s.\n" (Printexc.to_string e); raise e; end;; (** Check the status of all processes which were registered, and invoke callbacks if needed. Thread-safe, but only for internal use. *) let poll () = lock death_monitor_mutex; let thunks = List.map (fun (pid, (name, predicate, callback)) -> (fun () -> try if predicate pid then (* Only invoke the callback if we are *still* monitoring the process. Of processes tend to die in clusters, due to the fact that we often kill ALL the processes implementing a device if any single one fails. *) if are_we_monitoring pid then callback pid name with _ -> ())) (linearize_map !processes_to_be_monitored) in unlock death_monitor_mutex; List.iter (fun thunk -> thunk ()) thunks;; (** Update the poll interval length, which will become effective after the current poll intervall expires. Using a zero or negative parameter causes the polling loop to terminate. Thread-safe. *) let set_poll_interval seconds = lock death_monitor_mutex; poll_interval := seconds; unlock death_monitor_mutex;; (** Get the current poll interval. Thread-safe. *) let get_poll_interval seconds = lock death_monitor_mutex; let result = !poll_interval in unlock death_monitor_mutex; result;; let rec poll_in_a_loop interval_length = if interval_length <= 0.0 then begin Log.printf "Exiting from the infinite polling loop.\n"; end else begin poll (); (try Thread.delay interval_length; with _ -> ()); (* we don't care very much if sleep is interrupted by a signal *) let interval_length = get_poll_interval () in poll_in_a_loop interval_length; end;; (** Start polling in a loop: *) let start_polling_loop () = Log.printf "Starting the infinite polling loop.\n"; poll_in_a_loop (get_poll_interval ());; (** Stop polling (at the end of the current interval). This version locks death_monitor_death_monitor_mutex, so it is thread safe. *) let stop_polling_loop () = Log.printf "Stopping the infinite polling loop (locked). If the program hangs at this point then you are probably using the locked version within a callback. See the comment in death_monitor.ml .\n"; set_poll_interval (-1.0);; (** See the comment before stop_polling_loop. Non thread-safe. *) let __stop_polling_loop () = Log.printf "Stopping the infinite polling loop (non-locked).\n"; poll_interval := -1.0;; (* this does not touch the death_monitor_mutex *) let _ = Thread.create (fun () -> start_polling_loop ()) ();; marionnet-0.90.6+bzr508.orig/Makefile0000644000175000017500000010674013175722671016252 0ustar lucaslucas# This -*- makefile -*- is part of our build system for OCaml projects # Copyright (C) 2008, 2009 Luca Saiu # Copyright (C) 2008, 2010, 2016 Jean-Vincent Loddo # Copyright (C) 2008, 2009, 2010, 2016 Université Paris 13 # Updated in 2008 by Jonathan Roudiere # Thanks to JulioJu (https://github.com/JulioJu) for the patch # about prefix_install # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program. If not, see . # This is the revision of 2016-06-07. ###################################################################### # This make file is general-purpose: the actual project-dependant part # should be written for each specific project in a 'Makefile.local' # file. # # This contains some (simple) makefile magic which is only supported # by GNU Make. Don't even try to use other make implementations. ###################################################################### ###################################################################### # Implementation of targets. Note that the user is *not* supposed to # override these, but only to define the project-dependant '-local' # versions: # Makefiles (this one as those in other parts) use extensively the bash shell SHELL=/bin/bash OCAMLBUILD = $$( $(call OCAMLBUILD_COMMAND_LINE) ) LIBRARYPREFIX=$(shell $(call READ_CONFIG, libraryprefix); echo $$libraryprefix) OCAML_VERSION=$(shell $(call READ_CONFIG, ocaml_version); echo $$ocaml_version) OCAML_LIBRARYPREFIX=$(shell $(call READ_CONFIG, ocaml_libraryprefix); echo $$ocaml_libraryprefix) # The main target. Its implementation is entirely project-dependant: main: ocamlbuild-stuff manually_pre_actions main-local data libraries programs manually_post_actions @(echo "Success.") # Build C modules (no one, by default): c-modules: @(mkdir _build &> /dev/null || true) && \ for x in $(C_OBJECTS_TO_LINK); do \ make _build/$$x.o; \ done BUILD_FROM_STUFF = \ @( echo "Building $(1)..."; \ shopt -s execfail; set -e; \ for x in $(2); do \ echo "Building \"$$x\"..."; \ if $(MAKE) $$x; then \ echo "Ok, \"$$x\" was built with success."; \ else \ echo "FAILED when building \"$$x\"."; \ exit -1; \ fi; \ done; \ echo "Success: $(1) were built.") # Build only data: data: ocamlbuild-stuff data-local $(DATA) $(call BUILD_FROM_STUFF, data, $(DATA)) # Build only native libraries: native-libraries: ocamlbuild-stuff c-modules native-libraries-local $(NATIVE_LIBRARIES) $(call BUILD_FROM_STUFF, native-libraries, $(NATIVE_LIBRARIES)) # Build only bytecode libraries: byte-libraries: ocamlbuild-stuff c-modules byte-libraries-local $(BYTE_LIBRARIES) $(call BUILD_FROM_STUFF, byte-libraries, $(BYTE_LIBRARIES)) # Build libraries; bytecode, native, or both: libraries: c-modules libraries-local @($(call BUILD_NATIVE_ANDOR_BYTECODE,libraries) ) # Spaces are ok # Build programs; bytecode, native, or both: programs: c-modules programs-local @($(call BUILD_NATIVE_ANDOR_BYTECODE,programs) ) # Spaces are ok # Build the native and/or bytecode version of $(1). $(1) may be either # "libraries" or "programs". *Don't* put a space before the argument. BUILD_NATIVE_ANDOR_BYTECODE = \ (if [ "$$( $(call NATIVE) )" == 'native' ]; then \ echo "Building native $(1)..."; \ if $(MAKE) native-$(1); then \ echo "Success: native $(1) were built."; \ else \ echo "FAILURE: could not build native $(1)."; \ exit -1; \ fi; \ else \ echo "NOT building native $(1)..."; \ fi; \ if [ "$$( $(call BYTE) )" == 'byte' ]; then \ echo "Builing bytecode $(1)..."; \ if $(MAKE) byte-$(1); then \ echo "Success: bytecode $(1) were built."; \ else \ echo "FAILURE: could not build bytecode $(1)."; \ exit -1; \ fi; \ else \ echo "NOT building bytecode $(1)..."; \ fi) # Build only native programs: native-programs: ocamlbuild-stuff native-programs-local $(NATIVE_PROGRAMS) $(ROOT_NATIVE_PROGRAMS) $(call BUILD_FROM_STUFF, native-programs, $(NATIVE_PROGRAMS) $(ROOT_NATIVE_PROGRAMS)) # Build only bytecode programs: byte-programs: ocamlbuild-stuff byte-programs-local $(BYTE_PROGRAMS) $(ROOT_BYTE_PROGRAMS) $(call BUILD_FROM_STUFF, byte-programs, $(BYTE_PROGRAMS) $(ROOT_BYTE_PROGRAMS)) # 'all' is just an alias for 'main': all: main # In some projects we may need to build something more than 'main', # but we do nothing more by default: world: world-local main @(echo 'Success.') ############################################################################ # Support for manually generated files (i.e. not generated with ocamlbuild) ############################################################################ # Example: (in your Makefile.local) # # foo.byte : manually_pre_actions # foo.native : manually_pre_actions # # MANUALLY_PRE_COPY_IN_build = include_as_string_p4.ml USAGE.txt # MANUALLY_PRE_MAKE_IN_build = include_as_string_p4.cmo # # _build/include_as_string_p4.cmo: include_as_string_p4.ml # ocamlc -c -I +camlp4 camlp4lib.cma -pp camlp4of -o $@ $< .PHONY : manually_pre_actions manually_post_actions ################################# PRE-ACTIONS support # Files that must be copied in _build/ *before* the ocamlbuild processing. MANUALLY_PRE_COPY_IN_build = # Targets that must be created in _build/ *before* the ocamlbuild processing. # For each foo.bar that appears in this list, you have to write a rule # _build/foo.bar in your Makefile.local MANUALLY_PRE_MAKE_IN_build = manually_pre_actions: $(call PERFORM_MANUALLY_PRE_ACTIONS, $(MANUALLY_PRE_COPY_IN_build),$(MANUALLY_PRE_MAKE_IN_build)) # Detect if "make clean" is required or copy and build manually targets # specified in MANUALLY_PRE_COPY_IN_build and MANUALLY_PRE_MAKE_IN_build PERFORM_MANUALLY_PRE_ACTIONS = \ @(\ if test -d _build/; \ then \ echo "Checking if files manually copied in _build/ have been modified..."; \ for x in $(1); do \ echo "Checking \"$$x\"..."; \ test ! -f _build/$$x || \ diff -q $$x _build/$$x 2>/dev/null || \ { echo -e "********************\nmake clean required!\n********************"; exit 1; } ;\ done; \ else \ mkdir _build/; \ fi; \ for x in $(1); do echo "Manually pre-copying \"$$x\"..."; cp --parent -f $$x _build/; done; \ for y in $(2); do echo "Manually pre-building \"$$y\"..."; make _build/$$y || exit 1; done; \ ) ################################# POST-ACTIONS support # Files that must be copied in _build/ *after* the ocamlbuild processing. MANUALLY_POST_COPY_IN_build = # Targets that must be created in _build/ *after* the ocamlbuild processing. # For each foo.bar that appears in this list, you have to write a rule # _build/foo.bar in your Makefile.local MANUALLY_POST_MAKE_IN_build = manually_post_actions: $(call PERFORM_MANUALLY_POST_ACTIONS, $(MANUALLY_POST_COPY_IN_build), $(MANUALLY_POST_MAKE_IN_build)) PERFORM_MANUALLY_POST_ACTIONS = \ @(\ for x in $(1); do echo "Manually post-copying \"$$x\"..."; cp --parent -f $$x _build/; done; \ for y in $(2); do echo "Manually post-building \"$$y\"..."; make _build/$$y || exit 1; done; \ ) ############################################################################ # Other entries # Edit all ml/mli files and Makefile.local with your $EDITOR edit: test -n "$$EDITOR" && eval $$EDITOR Makefile.local $$(find . \( -name "_build*" -o -name "meta.ml" -o -name "$(EXCLUDE_FROM_EDITING)" -o -name "version.ml" -o -name "gui.ml" -o -name myocamlbuild.ml \) -prune -o -type f -a \( -name "*.ml" -o -name "*.mli" \) -print) & # Create the documentation documentation: world documentation-local chmod +x Makefile.d/doc.sh Makefile.d/doc.sh -pp "$(PP_OPTION)" -e "$(UNDOCUMENTED)" -i $(DIRECTORIES_TO_INCLUDE) doc: documentation INDEX_HTML=_build/doc/html/index.html browse: test -f $(INDEX_HTML) || make documentation test -n "$$BROWSER" && $$BROWSER $(INDEX_HTML) # Install programs and libraries: install: install-programs install-libraries install-data install-configuration install-documentation install-local @(echo 'Success.') # The user is free to override this to add custom targets to install into the # $prefix_install/share/$name installation directory: OTHER_DATA_TO_INSTALL = # The user is free to override this to add custom targets to install into the # $documentationprefix/$name installation directory: OTHER_DOCUMENTATION_TO_INSTALL = # Install the documentation from this package (_build/doc) into $prefix_install/share/$name: install-documentation: META CONFIGME install-documentation-local @($(call READ_CONFIG, documentationprefix); \ $(call READ_META, name); \ directory=$$documentationprefix/$$name; \ shopt -s nullglob; \ if [ -e _build/doc ]; then \ documentationifany=`ls -d _build/doc/*`; \ else \ documentationifany=''; \ fi; \ if [ "$$documentationifany" == "" ]; then \ echo "No documentation to install: ok, no problem..."; \ else \ echo "Installing $$name documentation into $$directory ..."; \ echo "Creating $$directory ..."; \ if mkdir -p $$directory; then \ echo "The directory $$directory was created with success."; \ else \ echo "Could not create $$directory"; \ exit -1; \ fi; \ echo "Copying $$name documentation to $$directory ..."; \ for x in COPYING README $$documentationifany $(OTHER_DOCUMENTATION_TO_INSTALL); do \ if cp -af $$x $$directory; then \ echo "Installed $$x into $$directory/"; \ else \ echo "Could not write $$directory/$$x."; \ exit -1; \ fi; \ done; \ echo "Documentation installation for $$name was successful."; \ fi) # Just a handy alias: install-doc: install-documentation # Install the data from this package into $prefix_install/share/$name: install-data: META CONFIGME main install-data-local @($(call READ_CONFIG, prefix_install); \ $(call READ_META, name); \ directory=$$prefix_install/share/$$name; \ shopt -s nullglob; \ if [ -e share ]; then \ dataifany=`ls -d share/*`; \ else \ dataifany=''; \ fi; \ if [ "$$dataifany" == "" ]; then \ echo "No data to install: ok, no problem..."; \ else \ echo "Installing $$name data into $$directory ..."; \ echo "Creating $$directory ..."; \ if mkdir -p $$directory; then \ echo "The directory $$directory was created with success."; \ else \ echo "Could not create $$directory"; \ exit -1; \ fi; \ echo "Copying $$name data to $$directory ..."; \ for x in COPYING README $$dataifany $(OTHER_DATA_TO_INSTALL); do \ if cp -af $$x $$directory; then \ echo "Installed $$x into $$directory/"; \ else \ echo "Could not write $$directory/$$x."; \ exit -1; \ fi; \ done; \ echo "Data installation for $$name was successful."; \ fi) # Install the software configuration files, if any: install-configuration: META CONFIGME install-configuration-local @($(call READ_CONFIG, configurationprefix); \ $(call READ_META, name); \ if [ -e etc ]; then \ echo "Installing configuration files into $$configurationprefix/$$name..."; \ mkdir -p $$configurationprefix/$$name; \ shopt -s nullglob; \ for file in etc/*; do \ basename=`basename $$file`; \ echo "Installing $$basename into $$configurationprefix/$$name..."; \ if ! cp $$file $$configurationprefix/$$name/; then \ echo "ERROR: Could not install $$basename into $$configurationprefix/$$name"; \ exit -1; \ fi; \ done; \ else \ echo "We don't have any configuration files to install."; \ fi) # Uninstall the software configuration files, if any: uninstall-configuration: CONFIGME uninstall-configuration-local @($(call READ_CONFIG, configurationprefix); \ if [ -e etc ]; then \ echo "Removing configuration files from $$configurationprefix..."; \ shopt -s nullglob; \ for file in etc/*; do \ basename=`basename $$file`; \ echo "Uninstalling $$basename from $$configurationprefix..."; \ if ! rm -f $$configurationprefix/$$basename; then \ echo "ERROR: Could not remove $$basename from $$configurationprefix"; \ exit -1; \ fi; \ done; \ else \ echo "We don't have any configuration files to remove."; \ fi) # Remove the data of this package from $prefix_install/share/$name: uninstall-data: META CONFIGME uninstall-data-local @( ($(call READ_CONFIG, prefix_install); \ $(call READ_META, name); \ directory=$$prefix_install/share/$$name; \ echo "Removing $$name data from $$prefix_install/share/..."; \ shopt -s nullglob; \ if rm -rf $$directory; then \ echo "The entire directory $$directory was removed."; \ else \ echo "Could not delete $$directory"; \ exit -1; \ fi); \ echo 'Data uninstallation was successful.') # Remove the documentation of this package from $documentationprefix/$name: uninstall-documentation: META CONFIGME uninstall-documentation-local @( ($(call READ_CONFIG, documentationprefix); \ $(call READ_META, name); \ directory=$$documentationprefix/$$name; \ echo "Removing $$name documentation from $$documentationprefix..."; \ shopt -s nullglob; \ if rm -rf $$directory; then \ echo "The entire directory $$directory was removed."; \ else \ echo "Could not delete $$directory"; \ exit -1; \ fi); \ echo 'Documentation uninstallation was successful.') # The user is free to override this to add custom targets to install into the # $prefix_install/bin installation directory; the typical use of this would be # installing scripts. OTHER_PROGRAMS_TO_INSTALL = # These are programs to be installed into $prefix_install/sbin # instead of $prefix_install/bin: ROOT_NATIVE_PROGRAMS = ROOT_BYTE_PROGRAMS = # Install the programs from this package into $prefix_install/bin: install-programs: META CONFIGME programs install-programs-local @($(call READ_CONFIG, prefix_install); \ $(call READ_META, name); \ echo "Creating $$prefix_install/bin/..."; \ (mkdir -p $$prefix_install/bin &> /dev/null || true); \ echo "Creating $$prefix_install/sbin/..."; \ (mkdir -p $$prefix_install/sbin &> /dev/null || true); \ echo "Installing programs from $$name into $$prefix_install/bin/..."; \ shopt -s nullglob; \ for file in $(OTHER_PROGRAMS_TO_INSTALL) _build/*.byte _build/*.native; do \ basename=`basename $$file`; \ if echo " $(ROOT_NATIVE_PROGRAMS) $(ROOT_BYTE_PROGRAMS) " | grep -q " $$basename "; then \ echo "Installing "`basename $$file`" as a \"root program\" into $$prefix_install/sbin..."; \ cp -a $$file $$prefix_install/sbin/; \ chmod +x $$prefix_install/sbin/$$basename; \ else \ echo "Installing "`basename $$file`" into $$prefix_install/bin..."; \ cp -a $$file $$prefix_install/bin/; \ chmod +x $$prefix_install/bin/$$basename; \ fi; \ done) && \ echo 'Program installation was successful.' # Remove the programs from this package from $prefix_install/bin: uninstall-programs: META CONFIGME main uninstall-programs-local @($(call READ_CONFIG, prefix_install); \ $(call READ_META, name); \ echo "Removing $$name programs..."; \ shopt -s nullglob; \ for file in $(OTHER_PROGRAMS_TO_INSTALL) _build/*.byte _build/*.native; do \ basename=`basename $$file`; \ if echo " $(ROOT_NATIVE_PROGRAMS) $(ROOT_BYTE_PROGRAMS) " | grep -q " $$basename "; then \ echo -e "Removing the \"root program\" $$basename from $$prefix_install/sbin..."; \ export pathname=$$prefix_install/sbin/`basename $$file`; \ else \ echo -e "Removing $$basename from $$prefix_install/bin..."; \ export pathname=$$prefix_install/bin/`basename $$file`; \ fi; \ rm -f $$pathname; \ done) && \ echo 'Program uninstallation was successful.' # The user is free to override this to add custom targets to install into the # library installation directory: OTHER_LIBRARY_FILES_TO_INSTALL = # Install the library in this package into the path chosen at configuration time: install-libraries: libraries install-libraries-local @($(call READ_META,name); \ if [ "$(NATIVE_LIBRARIES) $(BYTE_LIBRARIES)" == " " ]; then \ echo "There are no native libraries to install: ok, no problem..."; \ else \ (echo "Installing $$name libraries into "$(LIBRARYPREFIX)"/$$name/..."; \ (mkdir -p $(LIBRARYPREFIX)/$$name &> /dev/null || true); \ shopt -s nullglob; \ cp -f META $(OTHER_LIBRARY_FILES_TO_INSTALL) \ _build/*.cma _build/*.cmxa _build/*.a _build/*.so \ `find _build/ -name \*.cmi | grep -v /myocamlbuild` \ `find _build/ -name \*.mli | grep -v /myocamlbuild` \ $(LIBRARYPREFIX)/$$name/) && \ if test -d $(LIBRARYPREFIX)/stublibs/; then \ find _build/ -name "dll*.so" -exec cp -f "{}" $(LIBRARYPREFIX)/stublibs/ ";" ; \ fi; \ echo 'Library installation was successful.'; \ fi) # Uninstall programs and libraries: uninstall: uninstall-programs uninstall-libraries uninstall-data uninstall-configuration uninstall-documentation uninstall-local @(echo 'Success.') # Remove the library from the installation path chosen at configuration time: uninstall-libraries: main uninstall-libraries-local @(($(call READ_META,name); \ echo "Uninstalling $$name libraries from "$(LIBRARYPREFIX)" ..."; \ shopt -s nullglob; \ rm -rf $(LIBRARYPREFIX)/$$name/) && \ echo 'Library uninstallation was successful.') # Make a source tarball: dist: clean dist-local @($(call READ_META, name, version); \ $(call FIX_VERSION); \ echo "Making the source tarball _build/$$name-$$version.tar.gz ..."; \ if [ -d .bzr ]; then \ $(MAKE) meta.ml.released; \ $(MAKE) ChangeLog; \ fi; \ mkdir -p _build/$$name-$$version; \ cp -af * _build/$$name-$$version/ &> /dev/null; \ (tar --exclude=_build --exclude=meta.ml --exclude=.bzr -C _build -czf \ _build/$$name-$$version.tar.gz $$name-$$version/ && \ rm -rf _build/$$name-$$version)) && \ if [ -d .bzr ]; then \ rm -f meta.ml.released ChangeLog; \ fi; \ echo "Success." # These files are included also in binary tarballs: FILES_TO_ALWAYS_DISTRIBUTE = \ COPYING README INSTALL AUTHORS THANKS META Makefile Makefile.local CONFIGME \ REQUIREMENTS NEWS ChangeLog # Make a binary tarball: dist-binary: dist-binary-local main documentation @(($(call READ_META, name, version); \ $(call FIX_VERSION); \ architecture=$$(echo `uname -o`-`uname -m` | sed 's/\//-/g'); \ directoryname=$$name-$$version--binary-only--$$architecture; \ filename=$$directoryname.tar.gz; \ echo "Making the binary tarball _build/$$filename ..."; \ $(MAKE) ChangeLog; \ mkdir -p _build/$$directoryname; \ mkdir -p _build/$$directoryname/_build; \ shopt -s nullglob; \ for x in $(FILES_TO_ALWAYS_DISTRIBUTE) share doc etc; do \ cp $$x _build/$$directoryname &> /dev/null; \ done; \ for x in $(NATIVE_PROGRAMS) $(NATIVE_LIBRARIES) $(BYTE_PROGRAMS) $(BYTE_LIBRARIES); do \ cp _build/$$x _build/$$directoryname/_build; \ done; \ for x in `find _build/ -name \*.cmi | grep -v /my$(OCAMLBUILD) | grep -v _build/$$directoryname` \ `find _build/ -name \*.mli | grep -v /my$(OCAMLBUILD) | grep -v _build/$$directoryname` \ `find _build/ -name \*.cma | grep -v /my$(OCAMLBUILD) | grep -v _build/$$directoryname` \ `find _build/ -name \*.cmxa | grep -v /my$(OCAMLBUILD) | grep -v _build/$$directoryname` \ `find _build/ -name \*.a | grep -v /my$(OCAMLBUILD) | grep -v _build/$$directoryname` \ `find _build/ -name \*.byte | grep -v /my$(OCAMLBUILD) | grep -v _build/$$directoryname` \ `find _build/ -name \*.native | grep -v /my$(OCAMLBUILD) | grep -v _build/$$directoryname` \ ; do \ cp $$x _build/$$directoryname/_build; \ done; \ for x in _build/*.docdir; do \ cp -af $$x _build/$$directoryname; \ done; \ for x in main main-local install-libraries-local install-programs-local \ install-local install-data-local clean clean-local \ documentation documentation-local install-documentation-local \ ocamlbuild-stuff \ ; do \ echo "This dummy file prevents make from building the \"$$x\" target." \ > _build/$$directoryname/$$x; \ done; \ (tar czf _build/$$filename -C _build $$directoryname/ && \ (rm -rf _build/$$directoryname && \ rm -f ChangeLog))) && \ echo "Success.") # Automatically generate a nice ChangeLog from bzr's history: ChangeLog: @(if ! [ -d .bzr ]; then \ echo 'No ChangeLog available (bzr metadata are missing)' > $@; \ else \ bzr log --gnu-changelog > $@; \ fi) # Remove generated stuff (the ChangeLog is only removed if we have Darcs # metadata to re-generate it): clean: clean-local @(rm -rf _build; \ find -name "_build*" -prune -o -type f -name \*~ -exec rm -f {} \;; \ find -name "_build*" -prune -o -type f -name \#\*\# -exec rm -f {} \;; \ find -name "_build*" -prune -o -type f -name core -exec rm -f {} \;; \ rm -f _tags meta.ml myocamlbuild.ml; \ if [ -d .bzr ]; then \ rm -f meta.ml.released ChangeLog; \ fi; \ echo "Success.") # Meta-help about the targets defined in this make file: targets: @cat Makefile Makefile.local | grep -B 1 "^[a-z0-9_-]*[:]" | \ awk '/BEGIN/ {r=""} /^[#]/ { r=substr($$0,2); next; } /^[a-z0-9_-]*[-]local[:]/ {r=""; next} /^[a-z0-9_-]*[:]/{split($$0,a,/:/); printf("%s\r\t\t\t--- %s\n",a[1],r); r=""; next} {r=""}' | sort ###################################################################### # Default implementation for '-local' targets: # All the user-definable '-local' targets have an empty implementation # by default: main-local: world-local: data-local: native-libraries-local: byte-libraries-local: libraries-local: native-programs-local: byte-programs-local: programs-local: install-local: uninstall-local: install-programs-local: uninstall-programs-local: install-libraries-local: uninstall-libraries-local: install-data-local: uninstall-data-local: install-configuration-local: uninstall-configuration-local: install-documentation-local: uninstall-documentation-local: dist-local: dist-binary-local: documentation-local: clean-local: # Let's avoid confusion between all and main: they're the same thing # for us, and we only support main-local: all-local: echo 'all-local does not exist. Use main-local instead' exit 1 ##################################################################### # Default compilation flags. The user *is* expected to override or # extend these: DATA = NATIVE_LIBRARIES = BYTE_LIBRARIES = NATIVE_PROGRAMS = BYTE_PROGRAMS = COMPILE_OPTIONS = -thread PP_OPTION = DIRECTORIES_TO_INCLUDE = LIBRARIES_TO_LINK = OBJECTS_TO_LINK = C_OBJECTS_TO_LINK = ##################################################################### # Default rules: # Bytecode libraries: %.cma: ocamlbuild-stuff c-modules @($(OCAMLBUILD) $@) # Native libraries: %.cmxa: ocamlbuild-stuff c-modules @($(OCAMLBUILD) $@) # Bytecode programs: %.byte: ocamlbuild-stuff c-modules @($(call BUILD_WITH_OCAMLBUILD, $@) ) # Native programs: %.native: ocamlbuild-stuff c-modules @($(call BUILD_WITH_OCAMLBUILD, $@) ) # Build the target $(1) using OCamlBuild. ocamlbuild-stuff is assumed # to be already generated. BUILD_WITH_OCAMLBUILD = \ $(OCAMLBUILD) $@; \ if [ -e $@ ]; then \ rm $@; \ echo "Success: $@ was built"; \ else \ echo "FAILURE when building $@"; \ exit -1; \ fi ##################################################################### # Some macros, used internally and possibly by Makefile.local: ##################################################################### # Return 'native' if we have a native compiler available, otherwise # ''. NATIVE = \ (if which ocamlopt.opt &> /dev/null || which ocamlopt &> /dev/null ; then \ echo 'native'; \ else \ echo ''; \ fi) # Return 'byte' if we have a bytecode compiler available, otherwise # ''. BYTE = \ (if which ocamlc.opt &> /dev/null || which ocamlc &> /dev/null; then \ echo 'byte'; \ else \ echo ''; \ fi) # Return 'native' if we have a native compiler available, otherwise # 'byte' if we have a byte compiler; otherwise fail. NATIVE_OR_BYTE = \ (if [ "$$( $(call NATIVE) )" == 'native' ]; then \ echo 'native'; \ elif [ "$$( $(call BYTE) )" == 'byte' ]; then \ echo 'byte'; \ else \ echo 'FATAL ERROR: could not find an ocaml compiler' ">$$native< >$$byte<"; \ exit -1; \ fi) PROCESSOR_NO = $(shell grep "^processor.*:" /proc/cpuinfo | sort | uniq | wc -l) # The log location with respect to the directory _build/ # So, with respect to the Makefile, the log location is _build/_build/_log OCAMLBUILD_LOG=_build/_log LOGFILE=_build/$(OCAMLBUILD_LOG) # Return the proper command line for ocamlbuild, including an option # -byte-plugin if needed: OCAMLBUILD_COMMAND_LINE = \ (if [ $$( $(call NATIVE_OR_BYTE) ) == 'byte' ]; then \ echo 'ocamlbuild -j $(PROCESSOR_NO) -byte-plugin -verbose 2 -log $(OCAMLBUILD_LOG) $(OCAMLBUILD_OPTIONS)'; \ else \ echo 'ocamlbuild -j $(PROCESSOR_NO) -verbose 2 -log $(OCAMLBUILD_LOG) $(OCAMLBUILD_OPTIONS)'; \ fi) # Macro extracting, via source, the value associated to some keys # $(2),..,$(9) in a file $(1). # Example: # $(call SOURCE_AND_TEST,CONFIGME,prefix); # $(call SOURCE_AND_TEST,CONFIGME,prefix,libraryprefix); SOURCE_AND_TEST = \ if ! source $(1) &> /dev/null; then \ echo 'Evaluating $(1) failed.'; \ exit 1; \ fi; \ for i in $(2) $(3) $(4) $(5) $(6) $(7) $(8) $(9) $(10); do \ CMD="VAL=$$`echo $$i`"; eval $$CMD; \ if test -z "$$VAL"; then \ echo "FATAL: $${i} is undefined in $(1)."; \ exit 1; \ fi; \ done; \ unset CMD VAL i # Macro extracting, via grep, the value associated to keys # $(2),..,$(9) in a file $(1). # Examples: # $(call GREP_AND_TEST,META,name); # $(call GREP_AND_TEST,META,name,version); GREP_AND_TEST = \ for i in $(2) $(3) $(4) $(5) $(6) $(7) $(8) $(9) $(10); do \ if ! CMD=`grep "^$$i=" $(1)`; then \ echo "FATAL: $$i is undefined in $(1)."; \ exit 1; \ fi; \ eval $$CMD; \ done; \ unset CMD i # Instance of SOURCE_AND_TEST: source the file "CONFIGME" and test # if the given names are defined # Example: # $(call READ_CONFIG,prefix,libraryprefix); # READ_CONFIG = \ $(call SOURCE_AND_TEST,CONFIGME,$(1),$(2),$(3),$(4),$(5),$(6),$(7),$(8),$(9),$(10)) # Instance of GREP_AND_TEST: read the file "META" searching for a names # for all given names. # Example: # $(call READ_META,name,version); # READ_META = \ $(call GREP_AND_TEST,META,$(1),$(2),$(3),$(4),$(5),$(6),$(7),$(8),$(9),$(10)) # If the value of the 'version' variable contains the substring 'snapshot' then # append to its value the current date, in hacker format. 'version' must be already # defined. No arguments, no output. FIX_VERSION = \ if echo $$version | grep snapshot &> /dev/null; then \ version="$$version-"`date +"%Y-%m-%d"`; \ fi # A simple macro automatically finding all the subdirectories containing ML sources, # setting the variable 'sourcedirectories' to a string containing all such # subdirectories, alphabetically sorted, separated by spaces, and finally echo'ing # the value of sourcedirectories: SOURCE_SUBDIRECTORIES = \ sourcedirectories=''; \ for d in `find \( -path "_build*" -o -name "[.]bzr" -o -name "$(EXCLUDE_FROM_SOURCE_FINDING)" \) -prune -o -type d \ | grep -v /_build\$$ | grep -v /_build/ \ | grep -v ^.$$ | sort`; do \ if ls $$d/*.ml &> /dev/null || \ ls $$d/*.mli &> /dev/null || \ ls $$d/*.mll &> /dev/null || \ ls $$d/*.mly &> /dev/null ; then \ sourcedirectories+="$$d "; \ fi; \ done; \ echo $$sourcedirectories # Set the shell variable $(1) as the string obtained by prefixing each token # in $(2) with the prefix $(3): for example if the shell variable # 'sourcedirectories' is set to './A ./B' then # $(call ADD_PREFIX_TO_EACH_WORD, includes, $$sourcedirectories, -I) # sets the shell variable 'includes' to '-I ./A -I ./B '. # The value of $(1) is finally echo'ed. ADD_PREFIX_TO_EACH_WORD = \ $(call SOURCE_SUBDIRECTORIES); \ result=''; \ for element in $(2); do \ result+="$(3) $$element "; \ done; \ $(1)=$$result; \ echo $$result # This macro expands to the project name, extracted from META. No parameters. # Example: # echo "$(call PROJECT_NAME) is beautiful." PROJECT_NAME = \ $$( $(call GREP_AND_TEST,META,name); \ echo $$name ) # Automatically generate _tags and the $(OCAMLBUILD) plugin. Note that the # target name is never created as a file. This is intentional: those # two targets should be re-generated every time. ocamlbuild-stuff: _tags myocamlbuild.ml meta.ml # We automatically generate the _tags file needed by OCamlBuild. # Every subdirectory containing sources is included. This may be more than what's needed, # but it will always work and require no per-project customization. sed is used to remove # the initial './' from each directory. We refer some settings implemented in our (still # automatically generated) $(OCAMLBUILD) plugin. _tags: @(echo -e "# This file is automatically generated. Please don't edit it.\n" > $@; \ for directory in $$( $(call SOURCE_SUBDIRECTORIES) ); do \ directory=`echo $$directory | sed s/^.\\\\///`; \ echo "<$$directory>: include" >> $@; \ done; \ echo >> $@; \ echo "<**/*.byte>: ourincludesettings, ourbytelinksettings, ourcmodules" >> $@; \ echo "<**/*.{ml,mli,byte,native,cma,cmxa}>: ourincludesettings" >> $@; \ echo "<**/*.{native,cma,cmxa}>: ourcmodules" >> $@ ; \ echo "<**/*.cmx>: ournativecompilesettings" >> $@; \ echo "<**/*.cmo>: ourbytecompilesettings" >> $@; \ echo "<**/*.native>: ourincludesettings, ournativelinksettings" >> $@; \ echo "<**/*.{ml,mli}>: ourocamldocsettings" >> $@ ; \ echo "<**/*.{ml,mli}>: ourppsettings" >> $@) # We automatically generate the $(OCAMLBUILD) plugin customizing the build process # with our user-specified options, include directories, etc.: myocamlbuild.ml: @(echo -e "(* This file is automatically generated. Please don't edit it. *)\n" > $@; \ echo -e "open Ocamlbuild_plugin;;" >> $@; \ echo -e "open Command;;" >> $@; \ echo -e "open Arch;;" >> $@; \ echo -e "open Format;;\n" >> $@; \ echo -en "let our_pp_options = [ " >> $@; \ echo "Just for debugging: PP_OPTION is \"$(PP_OPTION)\""; \ echo "Just for debugging: OCAML_LIBRARYPREFIX is \"$(OCAML_LIBRARYPREFIX)\""; \ echo "Just for debugging: LIBRARYPREFIX is \"$(LIBRARYPREFIX)\""; \ for x in $(PP_OPTION); do \ echo -en "A \"$$x\"; " >> $@; \ done; \ echo -e "];;" >> $@; \ echo -en "let our_compile_options = [ " >> $@; \ for x in $(COMPILE_OPTIONS); do \ echo -en "A \"$$x\"; " >> $@; \ done; \ echo -e "];;" >> $@; \ echo -en "let our_byte_compile_options = [ " >> $@; \ for x in $(BYTE_COMPILE_OPTIONS); do \ echo -en "A \"$$x\"; " >> $@; \ done; \ echo -e "];;" >> $@; \ echo -en "let our_native_compile_options = [ " >> $@; \ for x in $(NATIVE_COMPILE_OPTIONS); do \ echo -en "A \"$$x\"; " >> $@; \ done; \ echo -e "];;" >> $@; \ echo -en "let our_include_options = [ " >> $@; \ echo -en "A \"-I\"; A \"$(OCAML_LIBRARYPREFIX)\"; " >> $@; \ for x in $(DIRECTORIES_TO_INCLUDE); do \ if test -d $(OCAML_LIBRARYPREFIX)/$$x; then echo -en "A \"-I\"; A \"$(OCAML_LIBRARYPREFIX)/$$x\"; " >> $@; fi; \ done; \ for x in $(DIRECTORIES_TO_INCLUDE); do \ if test -d $(LIBRARYPREFIX)/$$x; then echo -en "A \"-I\"; A \"$(LIBRARYPREFIX)/$$x\"; " >> $@; fi; \ done; \ for x in $(DIRECTORIES_TO_INCLUDE); do \ if test -d ./$$x; then echo -en "A \"-I\"; A \"../$$x\"; " >> $@; fi; \ done; \ echo -e "];;" >> $@; \ echo -en "let our_c_modules = [ " >> $@; \ for x in $(C_OBJECTS_TO_LINK); do \ echo -en "A \"$$x.o\"; " >> $@; \ done; \ echo -e "];;" >> $@; \ echo -en "let our_c_modules_options = our_c_modules @ [ " >> $@; \ for x in $(C_OBJECTS_TO_LINK_OPTIONS); do \ echo -en "A \"$$x\"; " >> $@; \ done; \ echo -e "];;" >> $@; \ echo -en "let our_byte_link_options = our_include_options @ [ " >> $@; \ for x in $(LIBRARIES_TO_LINK); do \ echo -en "A \"$$x.cma\"; " >> $@; \ done; \ for x in $(OBJECTS_TO_LINK); do \ echo -en "A \"$$x.cmo\"; " >> $@; \ done; \ echo -e "];;" >> $@; \ echo -en "let our_native_link_options = our_include_options @ [ " >> $@; \ for x in $(LIBRARIES_TO_LINK); do \ echo -en "A \"$$x.cmxa\"; " >> $@; \ done; \ for x in $(OBJECTS_TO_LINK); do \ echo -en "A \"$$x.cmx\"; " >> $@; \ done; \ echo -e "];;\n" >> $@; \ echo -e "dispatch (function After_rules ->" >> $@; \ echo -e " flag [\"ocaml\"; \"compile\"; \"ourincludesettings\"]" >> $@; \ echo -e " (S (our_compile_options @ our_include_options));" >> $@; \ echo -e " flag [\"ocaml\"; \"compile\"; \"ourbytecompilesettings\"]" >> $@; \ echo -e " (S (our_byte_compile_options));" >> $@; \ echo -e " flag [\"ocaml\"; \"compile\"; \"ournativecompilesettings\"]" >> $@; \ echo -e " (S (our_native_compile_options));" >> $@; \ echo -e " flag [\"ocaml\"; \"pp\"; \"ourppsettings\"]" >> $@; \ echo -e " (S our_pp_options);" >> $@; \ echo -e " flag [\"ocaml\"; \"link\"; \"ourbytelinksettings\"]" >> $@; \ echo -e " (S (our_compile_options @ our_byte_link_options));" >> $@; \ echo -e " flag [\"ocaml\"; \"link\"; \"ournativelinksettings\"]" >> $@; \ echo -e " (S (our_compile_options @ our_native_link_options));" >> $@; \ echo -e " flag [\"ocaml\"; \"doc\"; \"ourocamldocsettings\"]" >> $@; \ echo -e " (S ([A \"-keep-code\"; A \"-colorize-code\"] @ our_include_options));" >> $@; \ echo -e " flag [\"ocaml\"; \"link\"; \"ourcmodules\"]" >> $@; \ echo -e " (S our_c_modules_options);" >> $@; \ echo -e " | _ -> ());;" >> $@) # Auto-generate a source file including meta information and configuration-time # settings, which become accessible at runtime: meta.ml: META CONFIGME @(echo "Building $@..." && \ $(call READ_META, name, version); \ $(call READ_CONFIG, prefix, prefix_install, configurationprefix, documentationprefix localeprefix); \ echo -e "(** Automatically generated meta-informations about the project and its building. *)" > $@ && \ echo -e "(* This file is automatically generated; please don't edit it. *)\n" >> $@ && \ echo -e "let name = \"$$name\";;" >> $@ && \ echo -e "let version = \"$$version\";;" >> $@ && \ echo -e "let prefix = \"$$prefix\";;" >> $@ && \ echo -e "let prefix_install = \"$$prefix_install\";;" >> $@ && \ echo -e "let ocaml_version = \"$(OCAML_VERSION)\";;" >> $@ && \ echo -e "let ocaml_libraryprefix = \"$(OCAML_LIBRARYPREFIX)\";;" >> $@ && \ echo -e "let libraryprefix = \"$(LIBRARYPREFIX)\";;" >> $@ && \ echo -e "let configurationprefix = \"$$configurationprefix\";;" >> $@ && \ echo -e "let localeprefix = \"$$localeprefix\";;" >> $@ && \ echo -e "let documentationprefix = \"$$documentationprefix\";;" >> $@ && \ echo -e "let uname = \"$(shell uname -srvmo)\";;" >> $@ && \ echo -e "let build_date = \"$(shell date '+%Y-%m-%d %k:%M:%S %z')\";;" >> $@ && \ if [ -d .bzr ]; then \ echo -e "let revision = \"$$(bzr revno)\";;" >> $@ && \ echo -e "let source_date = \"$$(bzr info --verbose | /bin/grep 'latest revision' | cut -d: -f2- | cut -d' ' -f3-)\";;" >> $@ && \ echo -e "let source_date_utc_yy_mm_dd = \"$$(./Makefile.d/bzr_date -- -u "+%Y-%m-%d")\";;" >> $@ ; \ else \ grep "let revision" > $@ && \ grep "let source_date" > $@ ; \ grep "let source_date_utc_yy_mm_dd" > $@ ; \ fi &&\ echo "Success.") meta.ml.released: meta.ml if [ -d .bzr ]; then \ cp $< $@; \ fi; \ ########################################################################### # Include the project-dependant file (if any) which implements the '-local' # targets: -include Makefile.local -include RPMS/Makefile marionnet-0.90.6+bzr508.orig/TODO0000644000175000017500000007765113175722671015312 0ustar lucaslucasTo do: ====== + DVD support: added a missing 'linux-default' link referring the default virtual computer filesystem, and another one for the router. This doesn't imply any source changes, but we write this entry here so that it is recorded in our 'history'. This is a change against the 0.50.0-pre1 DVD, which we explicitly *DON't* support, because it's a prerelease. + Moved the Xnest keyboard layout setting support from the host to the guest. + Added keyboard layout choosing support in Xnest guest sessions, via the new environment variable MARIONNET_KEYBOARD_LAYOUT. + 'Change working directory' now fails when given a path mounted on a filesystem without sparse file support, as it should + Now also *directory* names (and not only file names) are checked for the absence of funny characters, in 'Change working directory', 'New project', 'Save As' and 'Copy Into'. + Hidden the 'work-around the wirefilter problem' menu item + Routers need an implicit variant, which is always selected if it exists. + Bugfix: I was using memq in several places, without knowing it compared by identity. + Minor bugfix: non-existing cow files (i.e. clean-state filesystems) can now be exported as variants without the interface complaining. + The gateway tap name is now randomly chosen. + Treeview_defects, Treeview_ifconfig: minor refactoring + Exam mode: reports importing is now supported also for routers. + Made the Ethernet socket host bridge name configurable via the new environment variable MARIONNET_BRIDGE. If the variable is not defined the name defaults to "marbre". The `run' make target now executes Marionnet with the bridge name set to `br0'. Jean-Vincent can easily imagine why :-). + Simple_dialogs, Talking: made question and confirm dialogs unclosable: now the only way to close them is by pushing a button. + When in exam mode the shell history is now imported as a document at shutdown time, just like the report (this requires the new machine filesystem I've uploaded to marionnettix) + Bumped version number + Minor translation changes + Updated the Ethernet plug icons + Now the 'marbre' bridge is setup at startup time + No, not any more :-) + Minor treeview changes. + Texts treeview: added HTML support + Minor refactoring. + Automatically import exam reports into the text treeview + Added a toggle button or clickable pixmap to ledgrid windows so that they can be made always-on-top + Auto-generated IPv6 addressed: used a shorter and more beautiful default + Details treeview: moved the `MAC address' column + User interface: added the file name constraint also to: + ``Save As'' + ``Copy into'' + Refactored the related code + Disabled UML terminal for routers (look for "Change this when debugging the router device" in simulated_network.ml) +- JUST BEFORE THE RELEASE: + enable the splash screen (marionnet.ml, at the end) + Autogenerate IP addresses: set the default to false + Add a link to Marionnet in the UML wiki (most of the projects we mentioned in the article are already there): http://uml.jfdi.org/uml/Wiki.jsp?page=Tools + bisogna ricordarsi di mettere a zero (cat /dev/zero >> zeros; rm zeros) lo spazio non utilizzato di tutti i filesystems di backend. La cosa importante per snellire la piattaforma, sia in casi come quello della sala Q203 dell'IUT, sia per un'immagine knoppix un po' pi snella => c' gi un vecchio script che fa bene questo lavoro (setfs) che devo integrare agli strumenti di lavoro (bob.marionnet.* ?) - About dialog: write our e-mail addresses with domain marionnet.org, as soon as they exist and work :-) +- GUI: de-activate the interface controlling unimplemented features - Check that the plug can be used with a guest ``dhclient'' without the UML process crashing. This happened to me on mccarthy when using a new kernel (2.6.22.9) *without* CONFIG_COMPAT_VDSO. - Be sure that the guest not supporting NAT kernel is not distributed; it's now useless and it has problems. + Turn on the wirefilter problem workaround thing, but with a long interval + Router: support a `suggested' variant which is the only used one, if it exists. + Bugfix (deadlock). To trigger: startup two machines and a switch with a and S1 connected by a cable, and then shut down everything *after everything is up*. The thing does not happen without the cable. I suspect it's a deadlock in the new cable logic. + Solved this and other stuff with some very ugly kludges. Synchronization added as an afterthought is a mess; we knew it. [In Freiburg] + Worked around a problem with uml_console: it succeeds when sending a 'cad' message to a UML process which has just started; however the UML doesn't die. [In Freiburg] + Progress bar dialogs: made them unresizable + Bug: startup two machines and a switch with a and S1 connected by a cable, and then shut down everything *after everything is up*. The thing does not happen without the cable. I suspect it's a deadlock in the new cable logic. [In Freiburg] + Solved this and other stuff with some very ugly kludges. Synchronization added as an afterthought is a mess; we knew it. [In Freiburg] + Worked around a problem with uml_console: it succeeds when sending a 'cad' message to a UML process which has just started; however the UML doesn't die. [In Freiburg] + Progress bar dialogs: made them unresizable + Show a superimposed state indicator on device icons + Added the next_simulated_device_state method to simulated device, and updated the internal state when appropriate. The method returns a simulated_device_automaton_state option, using None to mean 'no transition is in course'. + Use this information in refresh_sketch [J.V.] + Prevent ``incorrect'' cables from working: + Essentially done, and in a clean and general way. + Now I only need the predicate telling whether a device is ``correct''. +- gateway + simulation infrastructure + GUI bindings - filtering; user-provided IP address - Don't use a bridge?? +- Routers: add variant support + Done, except for the interface + Done in mariokit + Done in the filesystem history treeview: states can be exported as variants + Support variants in the GUI? Is it a good idea? [No, it isn't. --L.] + Routers: make them work [J.V.] +- Translate the rest of the user interface into French - Gateway and host X server: use a non-hardwired bridge name [Well, by now I'd just say no :-) --L., in Freiburg] + Added guest swap partition support (thanks to Jean for some information I lacked) + Guest system: added a nice xfce installation to be run in Xnest sessions + Per-guest Xnest support + Some changes in the distribution were needed for this + Support more than one host X server, for concurrent Marionnet instances. + Added x.ml to implement what's needed for this + Experimented with ocaml-gettext + Found it to be a bit messy; we're gonna use something simpler. + Gateway: dynamically compute host tap name + Host X server access control: now it is granted and revoked more selectively, without any need for something ugly and insecure like "xhost +". + Fixed default values for IPv4 netmask and broadcast address + Defects: automatic device shutdown at defects update - "Unexpected environment received from dialog": sometimes I get this at exit time. - Do I *still* get it? Maybe not... + About: move the reference to the University from 'Authors' to 'Thanks'. - Cleanly exit from the main thread (with exit code EXIT_SUCCESS, of course, in case of no errors). + mariokit: updated some old support for variants, which had a different rationale + Implemented filesystem variants + in the GUI + in mariokit + in filesystem_history - Do it also for routers + Interface: forbid distribution change for any machine with existing non-clean states + Done the same also for variants + Nasty bug fix: for a filesystem foo, $MARIONNET_HOME/filesystems/foo_variants was also considered a filesystem image, even if it is always a directory. + Hide the 'Image DOT source' tab. +- cloud (2 endpoints; delay and ttl decreased by a random amount in [min, max]. + Fixed the interface code to agree with itself about how endpoints should be named :-) + Simulation part + Defects on by default - Implementation: do it as a further modification to VDE, in a special hublet altering the ttl field in IP packets and dropping the frame if needed +-+ -->->|H|-+--> +-+ + IPv6: probably netmask and broadcast are not (explicitly) used. Fields should be different (I think that just an 'IPv6 address' with an updated column constraint would suffice). + Ask Jean-Vincent about this. - fix constraint predicate for IPv6 address validation - test on the guest + Marionnet Logo: replace Suse's logo with Mandriva's logo -+ UI: by default the first port to connect should be the one with minimum index. - [I'm not sure it always works as I want it] + Let's set on a convention for cable colors (for example red = crossover, blue = straight, green = serial), and stick to it. It would be very useful in the 'Network details' page. If we want to support B/W printing we can choose colors which look "different enough" when printed (e.g. black and light green), or use both color and thickness. + [tentatively: red for cross-over, blue for straight, black for serial. This convention is used in the defects interface] + Do it for the graph [J.V.] + Added a 'reboot' functionality for devices. + Treeview: added whole-row "after update" callback + UML process: non-graceful startup is now implemented first with uml_mconsole halt, and --if this fails-- with signals. Also hung UMLs should be correctly killed this way. + Reduced progress bar pusling overhead + Hublet spawn: get rid of the sleep kludge. This is actually *unsafe*, and can fail with large networks. + The new version is safe and also way faster. + Killing processes: also UML appears to be resistent to SIGINT in some cases. Always send a SIGKILL if needed. + Parallelized process spawning and termination when possible, within a single device. + Death monitor: made the unexpected-death callback non-optional named parameters, also for process subclasses and not only for device subclasses + Death monitor: show a different message on unexpected death, much friendlier and more accurate in the case of cables. + Saving: add a progress bar + [No, it's complicated: it should be done in a separate thread, but it would interact with *everything* in the application] + Cable disconnection: test it. The interface bug doesn't seem limited to the interface + Quickly fixed with a kludgish work-around in the Glade part... + ...and a more important fix in can_resume for Ethernet cables: see mariokit.ml + Cable disconnection: it works, but the interface allows to disconnect a cable more than once. This bug is completely harmless, but ugly. [No, it wasn't harmless --L.] + LED grids: added the Marionnet icon. Unfortunately it's nontrivial to add it to virtual terminals. + Death monitor: in case of unexpected death we need to poweroff devices at the level of mariokit, and not simply in simulated_network: in order to implement this all devices in simulated_network need to be passed an *unexpected_death_callback* parameter at construction time. + Remove old defects GUI - I've not removed the logic dealing with XML. I could break something... It's better to leave that alone by now. + Defects: automatically highlight defective interfaces (and possibly also devices), so that defective parts are readily visible. I think this can make the interface friendlier. + Options|Autoconfigure IP addresses + Treeview: don't hide headings when scolling + Also added horizontal scrolling + Defects: fix bit flipping probablity + Also give a warning when the user sets it very high + Progress bars have a noticeable overhead when they are many. Use only one shared timer instead of one timer per progress bar. + Startup/Shutdown/Poweroff everything: parallelize. + Modify a connected cable, changing an endpoint: a new cable is correctly created with refcount 3, but its process is not spawned. Investigate. + Get rid of all the SIGCHLD indebuggable stuff, and re-implement the death monitor with polling. + Signals: Look for this in the glibc manual, there's an example which is exactly what we need: ----------------------------------------------------------------------- Here's an example of how to use `waitpid' to get the status from all child processes that have terminated, without ever waiting. This function is designed to be a handler for `SIGCHLD', the signal that indicates that at least one child process has terminated. ----------------------------------------------------------------------- + Removed waitpid() calls from everywhere except the new SIGCHLD handler, whose task is to get notified when any child dies; in order to avoid the merged signal 'feature' (see the GNU libc manual) the handler calls waitpid() in a loop. This saves the need to use waitpid() to avoid zombies, and avoids nasty interactions between kill() and waitpid(), or several concurrent waitpid() calls. This kind of debugging is so fun :-). + Other funny signal problem: system() is implemented with waitpid()... (see umix.ml, in the OCaml sources); hence I have to temporarily block the SIGCHLD handler when using Unix.system. + Done the same also for run (implemented with Unix.system), as defined in UnixExtra... + Shutdown everything should have a confirm dialog + Add "power-off everything" + ...with a confirm dialog + Fix this: connecting two interfaces of the same device with a crossover doesn't work (the cable is not added). + Fixed a nasty bug related to device creation order and defects, in talking.ml. In some cases a cable was instantiated *before* its defects were added to the defects treeview, hence failing when the instantiation procedure looked for the defects. + Implement defects in the simulated network + done for everything except machine-router + done it for machine_or_router + guest-side network configuration script using boot_parameters - To do: port it to the router + Network details: automatically save at any caller-level modification + Network defects: automatically save at any caller-level modification + Network details: bind to the interface in talking. + machine + router + cloud + gateway + Network details: also marshal/unmarshal the counters used for generating fresh addresses. + Removed old debug prints scattered thru the code + hostfs support (especially to work around the kernel command line length limitation): from the guest: mount none /.host -t hostfs -o HOSTDIRECTORY + Recorded the guest name into hostfs; it's useful from the host side. + boot_parameters script supplied to each guest via hostfs + Refactor: all GUI code should be able to show a dialog displaying an error message. + Added a facility allowing to show a progress bar dialog + Treeview: add a general-purpose method row_ids_such_that + Filesystem history: the most recent state of each device is now always highlighted. + Build system: added a kludgish Makefile in OCAMLBRICKS, ugly but useful. + states interface: reimplemented with the new treeview + Fail immediately if MARIONNET_HOME is not set. + Fail immediately if the UID is not 0 - Support pathnames with spaces + Some images pathnames should be made relative + Rationalize image file paths - Remove checkboxes from dynamic menu items - Bug in my ghostification patch: adding a default gateway allows to (implicitly) set a route thru the ghost interface (and the route is impossible to remove later: this is correct). The problem is that the ghost interface name can't be computed from ADDRT ioctl parameters without looking at the current routing tables (conditionally implemented in two different ways). This should not harm users who don't know about all of this stuff, but could be exploited as an unauthorized way to communicate with the host. Nontrivial to fix. -+ UI: also show cables endpoint names + Done for defects + Do it for the main Hardware UI [No, now we show cable names in the network graph. It's even better] + global communication LEDgrid [No, it's not needed. Single-device LEDgrids are enough.] - In some cases the ".mar" suffix is not appended when saving a file. When? + I think it doesn't happen any more. I haven't seen this for a long time. + machine: alter implementation adding one more level of hublets, to be able to implement defects - serial connection + defect + new subtab of 'Materiel', with port detailed configuration [Done, but it's unrelated to defects...] + new subtab of 'Materiel', with defects for ports and wires (resolution: each direction of each port and cable) - teacher -> students - Allow the user to shutdown machines with halt from within UML without messing up our state - Correct hublet aynchronous initialization without sleeping: it can be done with a datagram socket, just like blinking - Asynchronous startup/shutdown with threads - project GPG signatures - assisted mode / student mode + UML filesystems: add support for a swap file, dynamically created at startup and destroyed on shutdown + [No: I tried, but it's problematic: cow files (as it should be expected) become *very* big. And swap files can't be on hostfs or NFS. I don't see any easy solution. --L.] + Bug in my ghostification patch: another (relatively subtle) case of missing copy_from_user(), in the SIOCADDRT ioctl. + Bug in my ghostification patch: dhclient fails to add the default gateway: "The user aked to add a route involving the ghost interface . We make this operation fail" ^ | empty string! ----+ + Bug in my ghostification patch: can't acquire a spinlock in preemptable or SMP kernel without disabling interrupts. Testcase: while true; do dhclient; done + Too heaviweight locking in my ghostification patch: use rw_spinlocks to allow readers to execute concurrently. The read case is infinitely more common, as only ghostification and unghostification involve writing. + In some cases saving with a different name with 'Save As' (and 'Copy Into'?) seems to break the states interface. I think the states prefix path needs to be updated. + Start a machine and *immediately* shut down everything, before tha machine has actually started. The GUI hangs waiting forever that the process terminates, but its termination message hasn't arrived because uml_console just failed, and we didn't notice. + exam mode + eth42 + cable dynamic menu + connect/disconnect + remove default entries + Interface: forbid saving when there are machines or routers running + network element update, keeping identity + simulation level + static network graph level + LEDgrids: destroy and re-create them on update + states + more elaborate support for states + Ghostification patch: now that ugly stacktrace does not appear on startup any more. Also worked around a strange problem with arch/um/os-Linux/sys-i386/registers.c, using some macros like JB_PC, JB_SP and JB_BP -- which apparently should be defined in , but aren't. ----------------------------------------------------- ----------------- Riguardo alle uml ----------------- + emacs lentissimo a lanciarsi +- vi si comporta in maniera bizzarra con la tastiera ed inutilizzabile + (I think this has been solved by upgrading debian packages) - ifconfig eth? /(8|16|24) d un messaggio di errore strano - l'interfaccia sembra tuttavia ben configurata - non ho testato ma il sintomo potrebbe verificarsi solo quando il numero di bit accesi del netmask [8/16/24] non corrisponde alla classe convenzionale (per esempio se dico ifconfig eth0 192.168.1.3/8) - /etc/hosts da ripulire (ci sono linee con myrouter) - ping -b .. (broadcast) non funziona + route add .. eth? provoca un crash del kernel host (senza eth? no) -------------------- Riguardo a marionnet -------------------- - se marionnet viene lanciata da un terminale e quest'ultimo viene chiuso, l'interfaccia grafica impazzisce e non pi utilizzabile => si potrebbe risolvere utilizzando nohup nel marionnet_starter? + [Yes, good idea: nohup (plus a small modification I did) solves this. --L.] - Add nohup to marionnet_starter (I don't have a copy) + mancano crudelmente le barre di progressione per capire che l'applicazione sta lavorando e che non c' da preoccuparsi => si sistemer con il pilota dei processi + shutdown non parallelo delle macchine virtuali => si sistemer anche questo con e nel pilota dei processi + quando si fa Quitter, poi Annuler, esce ugualmente! - IDEA: per evitare il rischio di terminali bloccati, avviare sin dall'inizio una batteria di terminali per la stessa uml? Utilizzare una konsole con vari tab? Dare la possibilit nell'interfaccia di lanciare un nuovo terminale su una certa macchina (solo quando in esecuzione)? + IDEA: mettere da qualche parte ben visibile (titolo della finestra?) il nome del progetto sul quale si lavora + IDEA: mettere il logo Paris 13 nell'about, dopo i nostri nomi, magari preceduto da una frase tipo "Projet financ par l'UP13" - IDEA: sarebbe bene un commento o un'etichetta anche per la macchine (come per hub e switch). In questo modo si potrebbe mettere per esempio il numero IP (o uno schema di numero IP come per esempio 192.168.k.7 dove k un parametro che dipende dallo studente che deve fare l'esame) in modo che appaia chiaramente sullo sketch senza che lo studente abbia bisogno di rileggere l'enunciato del problema posto - IDEA: nella finestra di definizione di una macchina permettere con un pulsantino vicino alla scelta della distribuzione di sfogliare (chiamata ad un qualunque visualizzatore o editor esterno) la lista dei pacchetti installati (output di dpkg -l). Idem per il kernel; in questo caso si potr sfogliare il .config + nelle cose da fare bisogna aggiungere la "dinamicit" dello sketch (distinguere tra componenti in esecuzione, sospesi, inattivi,..) -------------------------------- Riguardo alla piattaforma (host) -------------------------------- + le finestre dei terminali delle macchine virtuali non si sistemano automaticamente nello spazio libero del desktop; al contrario si accumulano una sull'altra => opzione di lanciamento del terminale o opzione di X? [This should be possible to set *in a global way* if we can configure the window manager. It's doable for networked classrooms and LiveDVD, not for normal user installation --L.] ------------------------------------------------------ Riguardo alle cose che avrei tanto desiderato testare e che ho dimenticato di testare ------------------------------------------------------ - controllare che tcpdump sia sincrono e se non lo cercare di capire per quale ragione non lo (pi) + [Now it appears to be synchronous. We might have "solved" the problem by recompiling the kernel with a different configuration. --L.] - No, I can reproduce the problem again now [--L., September 2007] + About: thank the artist who drew our logo + Logo and splash image: blurred Mandriva's logo to make it blend with the painting in a more natural way + Guest filesystem: + set the xterm title at early boot time (added /etc/init.d/marionnet-xterm-title.sh) + updated the distribution + compiled Emacs from sources (unicode-2 branch from CVS). This solves the slow boot problem. + Death monitor: don't popup a warning window per process when a cluster of processes implementing a single device is killed by a callback; just show the one which actually failed. + Added an automatically generated version.ml - Initialization: check that /tmp is a filesystem suitable to handle cow's; do the same at working-directory change. - Allow to change the working directory - Explain the xterm Ctrk+Button3 trick in the user manual - Xephyr: modify it to be able to set the window title and disable the grab feature. + newMachine simplified constructor: removed an old use of "X host" as a string, which is now replaced by an agebraic type + Treeviews: fixed a nasty bug which prevented undumping + Removed some old debug prints + Treeviews: forward-compatibility in file dumps (old Marionnets can read new files by simply not using unknown fields, when all row and column constraints are respected) + Treeviews: backward-compatibility in file dumps (new Marionnets can read old files, providing defaults for new fields not specified in files) + Treeview: column headers are now internally stored in English, but an internationalized translation may be shown: see the new optional parameter ?shown_header in `column' and its subclasses. + Minor aesthetical changes + New treeview for texts + Texts treeview: removed partial copies in case of import error + Added a quick and easy forest-undumping facility + Made hublet termination even more paranoidly safe + UI: Gtk callbacks sometimes raise exceptions when creating cables which can not be connected due to their kind or to port availability: "In callback for signal activate, uncaught exception: Failure("getNodeByName \"\"")" Recipe to reproduce: create a new straight cable in an empty network + Bugfix: now it's again possible to set a label for straight Ethernet cables + Bugfix: updated the 'Add cable' menu item sensitivity also on machine edit. Added the method update_add_cable_sensitivity to state, replacing the previous kludge which tied this feature to each sketch update. + Fixed a pernicious bug involving how router ports should be named (portX rather than ethX) - The progress bar dialog 'shutting down machine' also appears for machines which are not running at project close/open. [This is only noticeable when using variants, because of the copying/removing latency. In other cases the window flashes just for a moment, or Gtk doesn't even have the time to draw it before it's destroyed --L.]. + Talking: added some missing calls to st#update_cable_sensitivity + Bugfix: remove machine: delete all cow's + Bugfix: correctly save and restore filesystem history + Talking: now the sketch is refreshed at cable connection/disconnection + Ledgrid manager: made LEDgrid windows not resizable + simple_dialogs.ml: Added the fancy ask_text_dialog + strExtra: trivial generalization of wellFormedName + Cable treeview icons: updated colors; now they are coherent with the graph conventions + GUI, talking: added the Marionnet icon to all dialogs which still lacked it. + Makefile: trivial changes + Minor cosmetic changes + Bugfix: filesystem history: ``startup in this state'' did not generate a child in the correct position within the forest. + Bugfix: when removing a device implies removing some cables, such cables must also be removed from defects + Filesystem history: moved the tab to 'Hardware' + Sketch: added synchronization + Connected/disconnected cables in the sketch: fixed a buglet + Filesystem history: implmenent ``Export as variant'' + Filesystem history: minor refactoring + Translated the Glade part of the user interface into French + Starting up a network with no computers is now allowed. + Update the Dot image to show more detailed state (suspended devices, disconnected cables, ... [and cable names, I'd say --L.]) [J.V.] + Implement the new variant semantics: + (i) if there exists a symlink [or non-symlink file] named `suggested' in the appropriate variant directory, than make the GUI select *that* as the initial entry, when creating a new machine; ['no variant' comes as the second element when 'suggested' exists] (ii) If no such link exists then `no variant' is the initial entry (iii) In any case it must be possible to select `no variant' + Remove the `default' variant [easy: there was no `default' variant :-)] + Rename `clean' to 'no variant' (for variants, not filesystem states) + At machine [and router] creation time use `readlink' to resolve the variant name if it's a symlink, and store the resolved name instead of the link name, for any link + The constraint on variant read-only-ness at machine update is ok. + Gateway GUI: made the IP number textboxes non-sensitive + Treeview: added view-detaching support. Load should be faster. - Document the filesystem name convention: names should contain a never-changing checksum. + Solved more synchronization problems. + Added a very beautiful message-passing synchronization in wait_for_all_currently_scheduled_tasks. enqueue/dequeue replace both lock/unlock and wait/signal, they're higher level and easy to use. + Bugfix: "Save as" and "Copy into" did't append the ".mar" extension to the given pathname. + Fixed several concurrency-related problems, including some quite serious ones manifesting at project close time. + task_runner: added the method wait_for_all_currently_scheduled_tasks . + Sometimes cables seem to hang using 100% CPU [and, just to be clear, it's most probably due to my own patches to VDE. --L.]. This could be worked around by restarting them every k seconds, with a smallish k like 10. I needed the new more elaborate synchronization support to be able to do this. [in Freiburg] + Also added a user option to toggle this behavior. [in Freiburg] + mariokit: added some more needed (and some non-needed, just to play it safe) synchronization in class cable + Other minor cleanups [in Freiburg] + ...synchronization: added a recursive mutex implementation. Not optimized (and very defensive for such a low-level thing), but it seems to work. Very delicate stuff, but useful. + Mariokit: other dangerous synchronization changes :-) + wirefilter processes survive a Marionnet close operation when the project is not closed. [Not any more, I think --L., in Freiburg] + Mariokit: added some needed synchronization + Synchronization: bugfix on cable connect/disconnect + Machine dialog: the default kernel should be 'default', when it exists. +- It's already that way, apparently. Mmm, I think to have observed a different behavior, but I'm not sure. + Interface: redundant 'Power off' menu entries were hidden, and 'Shutdown' menu entries were relabeled to 'Power off', keeping the 'Stop' stock icon. This was done for: hub, switch, cloud, gateway (i.e. Ethernet plug) + (Seemingly) easy user interface changes: + change the default label locations so that both device names *and* interface names are visible in the network graph [J.V.] + switch icon: the 'off' version is taller than the 'on' version; I don't think it's intentional, as this is not true for either the hub or the router. The switch 'on' icon should be re-cropped. [J.V.] + Removed the Ethernet cloud and the Ethernet plug from the details interface. +- Removed the correct-crossedness constraint on cables: now the interface allows to add ``incorrect'' cables + Prevent ``incorrect'' cables from working + Added all the needed infrastructure, now also in the `network' class in mariokit + Just used the new method `would_a_cable_be_correct_between' at cable construction time (modification is implemented as destruction + re-construction) - Conditionally restore the old behavior, where the GUI prevents the user from doing mistakes + Constrained project names: they must be ``identifiers''; of course we still accept an explicitly supplied ".mar" extension, and we still silently add it when missing. -+ The main process exit code should be 0 -+ [No, I tried handling SIGINT and SIGTERM and it worked in many cases, but it's too dangerous: sometimes the interface just hangs and some threads remain alive. As of now I've just slightly cleaned the code but the strategy is essentially the same as before. --L.] + Treeview: + a just-added tree should be collapsed by default + all trees are now collpsed at undump time marionnet-0.90.6+bzr508.orig/Makefile.d/0000755000175000017500000000000013175722671016541 5ustar lucaslucasmarionnet-0.90.6+bzr508.orig/Makefile.d/bzr_date0000755000175000017500000000341413175722671020263 0ustar lucaslucas#!/bin/bash # This file is part of marionnet # Copyright (C) 2010 Jean-Vincent Loddo # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # Parsing command line arguments FORMAT='r:' function parse_cmdline { unset ARGS while [[ $# -gt 0 ]]; do OPTIND=1 while getopts ":h$FORMAT" flag; do [[ ! $flag = '?' ]] || { echo "*** Illegal option -$OPTARG."; exit 1; } eval "option_${flag}=$OPTIND" eval "option_${flag}_arg='$OPTARG'" done for ((index=1; index. # Usage: # doc.sh -pp "$(PP_OPTION)" -e "$(UNDOCUMENTED)" -i $(DIRECTORIES_TO_INCLUDE) ################################ # Set ocamldoc parameters # ################################ UNDOCUMENTED="meta.ml myocamlbuild.ml" function usage { echo 'Usage (in a Makefile):' echo 'doc.sh -pp "$(PP_OPTION)" -e "$(UNDOCUMENTED)" -i $(DIRECTORIES_TO_INCLUDE)' exit 1 } set -x # The first argument may be empty but must be present. [[ $1 = "-pp" ]] || usage PP_OPTION=$(echo $2) if [[ $PP_OPTION != "" ]]; then PP_OPTION="-pp '$2'" fi shift 2 [[ $1 = "-e" ]] || usage UNDOCUMENTED+=" "$(echo $2) for i in $UNDOCUMENTED; do UNDOCUMENTED_FILTER+=" -a ! -name $i" done shift 2 [[ $1 = "-i" ]] || usage shift for i in "$@"; do INCLUDE_LIBS+=" -I +$i" done # ocamldoc parameters: SOURCES=$(builtin cd _build/ && find . \( -name "*.ml" -o -name "*.mli" \) $UNDOCUMENTED_FILTER) INCLUDES=$(builtin cd _build/ && find . -type d -printf "-I %p\n") PROJECT=$(basename $PWD) ################################ # Make header and footer # ################################ cd _build/ mkdir -p doc/html # Make header.gif function enrich_index_html { which dot || { echo "Warning: you need dot (graphviz) in order to generated the documentation header."; return 0 } # Get user-defined header and footer [[ -f ../header.html ]] && HEADER_FILE=$(< ../header.html) [[ -f ../footer.html ]] && FOOTER_FILE=$(< ../footer.html) [[ -f ../AUTHORS ]] && AUTHORS_FILE=$(< ../AUTHORS) [[ -f ../AUTHORS ]] && AUTHORS_FILE=$(awk <../AUTHORS '/$/ {print; print "
    "; }') # Make dependencies graph set -x; eval ocamldoc $PP_OPTION -dot -d doc/html/ -o doc/html/header0.dot -colorize-code $INCLUDES $INCLUDE_LIBS $SOURCES set +x echo 'Ok, the dependencies graph was built with success.' pushd doc/html >/dev/null grep -v "rankdir=\|size=\|rotate=" header0.dot > header.dot dot header.dot -Tgif -o header.gif HEADER=$(cat < Project

    $PROJECT


    Dependencies License and authors $HEADER_FILE
    EOF ) FOOTER=$(cat <

    Dependencies


    Dependencies

    $FOOTER_FILE

    License and authors


    $AUTHORS_FILE

    EOF ) cat index.html | awk -v h="$HEADER" -v f="$FOOTER" ' /^

    .*<.h1><.center>/ {print h; next} /^<\/body>/ {print f ""; next} {print} ' > index1.html mv -f index1.html index.html popd >/dev/null echo 'Ok, header and footer have been included into index.html.' } ################################ # Call ocamldoc # ################################ set -x eval ocamldoc -t $PROJECT $PP_OPTION -sort -m A -keep-code -html -colorize-code -d doc/html/ $INCLUDES $INCLUDE_LIBS $SOURCES set +x echo 'Ok, the documentation was built with success.' enrich_index_html echo 'The documentation has been built with success under _build/doc/html' marionnet-0.90.6+bzr508.orig/version.mli0000644000175000017500000000005513175722671016772 0ustar lucaslucasval version : string val build_time : string marionnet-0.90.6+bzr508.orig/motherboard_builder.mli0000644000175000017500000000021313175722671021315 0ustar lucaslucasmodule Make : functor (S : sig val st : State.globalState end) -> sig val sensitive_widgets_initializer : unit -> unit end marionnet-0.90.6+bzr508.orig/gettext_extract_pot_p4.conf0000644000175000017500000000014513175722671022154 0ustar lucaslucasproject_id_version = marionnet report_bugs_to = https://bugs.launchpad.net/marionnet charset = utf-8 marionnet-0.90.6+bzr508.orig/cloud.ml0000644000175000017500000002514613175722671016252 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2010 Jean-Vincent Loddo Copyright (C) 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) (** "cloud" component implementation. *) #load "where_p4.cmo" ;; open Gettext (* Cloud related constants: *) (* TODO: make it configurable! *) module Const = struct let port_no_default = 2 let port_no_min = 2 let port_no_max = 2 end (* The type of data exchanged with the dialog: *) module Data = struct type t = { name : string; label : string; old_name : string; } let to_string t = "" (* TODO? *) end (* Data *) module Make_menus (Params : sig val st : State.globalState val packing : [ `toolbar of GButton.toolbar | `menu_parent of Menu_factory.menu_parent ] end) = struct open Params module Toolbar_entry = struct let imagefile = "ico.cloud.palette.png" let tooltip = s_ "Unknown layer 2 sub-network" let packing = Params.packing end module Add = struct include Data let key = None let ok_callback t = Gui_bricks.Ok_callback.check_name t.name t.old_name st#network#name_exists t let dialog () = let name = st#network#suggestedName "N" in Dialog_add_or_update.make ~title:(s_ "Add cloud") ~name ~ok_callback () let reaction { name = name; label = label } = let action () = ignore ( new User_level_cloud.cloud ~network:st#network ~name ~label ()) in st#network_change action (); end module Properties = struct include Data let dynlist () = st#network#get_node_names_that_can_startup ~devkind:`Cloud () let dialog name () = let d = (st#network#get_node_by_name name) in let title = (s_ "Modify cloud")^" "^name in let label = d#get_label in Dialog_add_or_update.make ~title ~name ~label ~ok_callback:Add.ok_callback () let reaction { name = name; label = label; old_name = old_name } = let d = (st#network#get_node_by_name old_name) in let h = ((Obj.magic d):> User_level_cloud.cloud) in let action () = h#update_cloud_with ~name ~label in st#network_change action (); end module Remove = struct type t = string (* just the name *) let to_string = (Printf.sprintf "name = %s\n") let dynlist = Properties.dynlist let dialog name () = Gui_bricks.Dialog.yes_or_cancel_question ~title:(s_ "Remove") ~markup:(Printf.sprintf (f_ "Are you sure that you want to remove %s\nand all the cables connected to this %s?") name (s_ "cloud")) ~context:name () let reaction name = let d = (st#network#get_node_by_name name) in let h = ((Obj.magic d):> User_level_cloud.cloud) in let action () = h#destroy in st#network_change action (); end module Startup = struct type t = string (* just the name *) let to_string = (Printf.sprintf "name = %s\n") let dynlist = Properties.dynlist let dialog = Menu_factory.no_dialog_but_simply_return_name let reaction name = (st#network#get_node_by_name name)#startup end module Stop = struct type t = string (* just the name *) let to_string = (Printf.sprintf "name = %s\n") let dynlist () = st#network#get_node_names_that_can_gracefully_shutdown ~devkind:`Cloud () let dialog = Menu_factory.no_dialog_but_simply_return_name let reaction name = (st#network#get_node_by_name name)#gracefully_shutdown end module Suspend = struct type t = string (* just the name *) let to_string = (Printf.sprintf "name = %s\n") let dynlist () = st#network#get_node_names_that_can_suspend ~devkind:`Cloud () let dialog = Menu_factory.no_dialog_but_simply_return_name let reaction name = (st#network#get_node_by_name name)#suspend end module Resume = struct type t = string (* just the name *) let to_string = (Printf.sprintf "name = %s\n") let dynlist () = st#network#get_node_names_that_can_resume ~devkind:`Cloud () let dialog = Menu_factory.no_dialog_but_simply_return_name let reaction name = (st#network#get_node_by_name name)#resume end module Create_entries = Gui_toolbar_COMPONENTS_layouts.Layout_for_network_node (Params) (Toolbar_entry) (Add) (Properties) (Remove) (Startup) (Stop) (Suspend) (Resume) (* Subscribe this kind of component to the network club: *) st#network#subscribe_a_try_to_add_procedure Eval_forest_child.try_to_add_cloud; end (*-----*) WHERE (*-----*) module Dialog_add_or_update = struct (* This function may be useful for testing the widget creation without recompiling the whole project. *) let make ?(title="Add cloud") ?(name="") ?label ?(help_callback=help_callback) (* defined backward with "WHERE" *) ?(ok_callback=(fun data -> Some data)) ?(dialog_image_file=Initialization.Path.images^"ico.cloud.dialog.png") () :'result option = let old_name = name in let (w,_,name,label) = Gui_bricks.Dialog_add_or_update.make_window_image_name_and_label ~title ~image_file:dialog_image_file ~image_tooltip:(s_ "Unknown layer 2 sub-network") ~name ~name_tooltip:(s_ "Sub-network name. This name must be unique in the virtual network. Suggested: N1, N2, ... ") ?label () in let get_widget_data () :'result = let name = name#text in let label = label#text in { Data.name = name; Data.label = label; Data.old_name = old_name; } in (* The result of make is the result of the dialog loop (of type 'result option): *) Gui_bricks.Dialog_run.ok_or_cancel w ~ok_callback ~help_callback ~get_widget_data () (*-----*) WHERE (*-----*) let help_callback = let title = (s_ "ADD OR MODIFY A CLOUD" ) in let msg = (s_ "In this dialog window you can define the name of a cloud. \ This component is an Ethernet network with an unknown internal \ structure introducing delays and other anomalies when packets \ pass through.\n\ Once the cloud is defined, use the tab 'Anomalies' to control delays, \ frame loss and the other anomalies.") in Simple_dialogs.help title msg end (*-----*) WHERE (*-----*) module Eval_forest_child = struct let try_to_add_cloud (network:User_level.network) ((root,children):Xforest.tree) = try (match root with | ("cloud", attrs) -> let name = List.assoc "name" attrs in Log.printf1 "Importing cloud \"%s\"...\n" name; let x = new User_level_cloud.cloud ~network ~name () in x#from_tree ("cloud", attrs) children ; Log.printf1 "Cloud \"%s\" successfully imported.\n" name; true | _ -> false ) with _ -> false end (* module Eval_forest_child *) (*-----*) WHERE (*-----*) module User_level_cloud = struct class cloud = fun ~network ~name ?label () -> object (self) inherit OoExtra.destroy_methods () inherit User_level.node_with_defects ~network ~name ?label ~devkind:`Cloud ~port_no:Const.port_no_default ~port_no_min:Const.port_no_min ~port_no_max:Const.port_no_max ~user_port_offset:0 ~port_prefix:"port" () as self_as_node_with_defects method defects_device_type = "cloud" method polarity = User_level.MDI_Auto (* Because it is didactically meaningless *) method string_of_devkind = "cloud" method dotImg iconsize = let imgDir = Initialization.Path.images in (imgDir^"ico.cloud."^(self#string_of_simulated_device_state)^"."^iconsize^".png") method update_cloud_with ~name ~label = self_as_node_with_defects#update_with ~name ~label ~port_no:2; (** Create the simulated device *) method private make_simulated_device = ((new Simulation_level_cloud.cloud ~parent:self ~working_directory:(network#working_directory) ~unexpected_death_callback:self#destroy_because_of_unexpected_death ()) :> User_level.node Simulation_level.device) method to_tree = Forest.tree_of_leaf ("cloud", [ ("name" , self#get_name ); ("label" , self#get_label); ]) method eval_forest_attribute = function | ("name" , x ) -> self#set_name x | ("label" , x ) -> self#set_label x | _ -> () (* Forward-comp. *) end (* class cloud *) end (* module User_level_cloud *) (*-----*) WHERE (*-----*) module Simulation_level_cloud = struct open Daemon_language class ['parent] cloud = fun (* ~id *) ~(parent:'parent) ~working_directory ~unexpected_death_callback () -> object(self) inherit ['parent] Simulation_level.device ~parent ~hublet_no:2 ~working_directory ~unexpected_death_callback () as super method device_type = "cloud" val internal_cable_process = ref None method private get_internal_cable_process = match !internal_cable_process with Some internal_cable_process -> internal_cable_process | None -> failwith "cloud: get_the_internal_cable_process was called when there is no such process" initializer () method spawn_processes = (* Create the internal cable process and spawn it: *) let the_internal_cable_process = Simulation_level.make_ethernet_cable_process ~left_end:(self#get_hublet_process_of_port 0) ~right_end:(self#get_hublet_process_of_port 1) ~leftward_defects:(parent#ports_card#get_my_inward_defects_by_index 0) ~rightward_defects:(parent#ports_card#get_my_outward_defects_by_index 0) ~unexpected_death_callback:self#execute_the_unexpected_death_callback () in internal_cable_process := Some the_internal_cable_process; the_internal_cable_process#spawn method terminate_processes = (* Terminate the internal cable process: *) (try self#get_internal_cable_process#terminate with _ -> ()); (* Unreference it: *) internal_cable_process := None; (** As clouds are stateless from the point of view of the user, stop/continue aren't distinguishable from terminate/spawn: *) method stop_processes = self#terminate_processes method continue_processes = self#spawn_processes end;; end (* module Simulation_level_cloud *) (** Just for testing: *) let test = Dialog_add_or_update.make marionnet-0.90.6+bzr508.orig/xforest.ml0000644000175000017500000001050313175722671016625 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2007 Jean-Vincent Loddo Copyright (C) 2008 Luca Saiu Copyright (C) 2007, 2008 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) (** A forest concretization very close to XML. The type of nodes is [string * (string * string list)] where the first element is the tag and the second is the list of attributes, i.e. bindings in the form (key,value) where both key and value are strings. *) type tag = string ;; type attribute = (string * string) ;; type attributes = attribute list ;; type node = tag * attributes ;; (** The forest concretization and its aliases. *) type forest = node Forest.t ;; type t = forest ;; type tree = node * forest ;; (* the root and its children *) (* *************************** * Class interpreter * *************************** *) (** An Xforest interpreter is an object able to update itself reading an Xforest and, conversely, able to encode itself into an Xforest *) class virtual interpreter () = object (self) (** Interpret a tree. The tag is ignored here. *) method from_tree ((tag,attrs):node) (children:forest) = begin (* Interpret attributes *) Log.printf1 "About to interpret *attributes* with tag \"%s\"\n" tag; List.iter self#eval_forest_attribute attrs; (* Interpret children *) Log.printf1 "About to interpret *children* with tag \"%s\"\n" tag; let l = Forest.to_treelist children in List.iter (self#eval_forest_child) l end (** The default interpretation of an attribute is ignore. *) method eval_forest_attribute : (attribute -> unit) = fun attr -> () (** The default interpretation of a child is ignore. *) method eval_forest_child : (tree -> unit) = fun tree -> () (** Encode self into an xtree. Typically this method calls recursively the same method of its children in order to construct its representation as forest. *) method virtual to_tree : tree (** May be redefined. Otherwise, by default, is simply a call to the method constructing the tree which is transformed in a forest (singleton). *) method to_forest : forest = Forest.of_tree self#to_tree end;; (* class interpreter *) (** print_forest specialization for xforest *) let rec print_xforest ?level ~channel forest = let string_of_attr (name,value) = (name^"="^"\""^value^"\"") in let fold_strings = function | [] -> "" | [x] -> x | x::r -> List.fold_left (fun a b -> a ^ " " ^ b) x r in let string_of_attrs attrs = fold_strings (List.map string_of_attr attrs) in let string_of_node (tag,attrs) = ("<" ^ tag ^ "[" ^ (string_of_attrs attrs) ^ "]>") in Forest.print_forest ?level ~string_of_node ~channel forest ;; (** Facilities for encoding/decoding fields in an object which are not strings. *) let encode x = Marshal.to_string x [Marshal.No_sharing] ;; let decode y = Marshal.from_string y 0 ;; (** EXAMPLE 1 *) (* In a class, just add method like: method to_tree = Forest.leaf ("cable",[("name","xxx");("label","xxx")]);; method eval_forest_attribute : (string * string) -> unit = function | ("name",name) -> self#set_name name | ("kind",kind) -> self#set_kind kind | _ -> () *) (** EXAMPLE 2 *) (*method to_tree = let name = Forest.tree ("name",[]) (Forest.leaf ("xxx",[])) let kind = Forest.tree ("kind",[]) (Forest.leaf ("yyy",[])) in Forest.node ("cable",[]) (Forest.of_treelist [name; kind]) (** EXAMPLE 2 *) method eval_forest_child (root,children) = match root with | ("name", attrs) -> let name = new name () in (* nel new senza argomenti l'essenza della backward-compatibility *) name#from_tree x; (* chiamata ricorsiva al from_forest *) self#set_name = name; (* oppure potrei accumulare... *) ... | _ -> () *) marionnet-0.90.6+bzr508.orig/configuration.ml0000644000175000017500000000613713175722671020012 0ustar lucaslucas(* This file is part of marionnet Copyright (C) 2011 Jean-Vincent Loddo This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) (** Read configuration files: *) let configuration = (* Lowest priority first: *) let file_names = [ Printf.sprintf "%s/share/marionnet/marionnet.conf" Meta.prefix; (* failsafe copy *) Printf.sprintf "%s/etc/marionnet/marionnet.conf" Meta.prefix; "/etc/marionnet/marionnet.conf"; "~/.marionnet/marionnet.conf" ] in Configuration_files.make ~file_names ~variables:["MARIONNET_SOCKET_NAME"; "MARIONNET_BRIDGE";(* This is temporary: more than one bridge will be usable... *) "MARIONNET_KEYBOARD_LAYOUT"; "MARIONNET_DEBUG"; "MARIONNET_PDF_READER"; "MARIONNET_POSTSCRIPT_READER"; "MARIONNET_DVI_READER"; "MARIONNET_HTML_READER"; "MARIONNET_TEXT_EDITOR"; (* *Optional* configuration variables: *) "MARIONNET_TERMINAL"; "MARIONNET_PREFIX"; "MARIONNET_LOCALEPREFIX"; "MARIONNET_FILESYSTEMS_PATH"; "MARIONNET_KERNELS_PATH"; "MARIONNET_VDE_PREFIX"; "MARIONNET_ROUTER_FILESYSTEM"; "MARIONNET_ROUTER_KERNEL"; "MARIONNET_MACHINE_FILESYSTEM"; "MARIONNET_MACHINE_KERNEL"; "MARIONNET_ROUTER_PORT0_DEFAULT_IPV4_CONFIG"; "MARIONNET_ROUTER_PORT0_DEFAULT_IPV6_CONFIG"; "MARIONNET_DISABLE_WARNING_TEMPORARY_WORKING_DIRECTORY_AUTOMATICALLY_SET"; "MARIONNET_TMPDIR"; "MARIONNET_KEEP_ALL_SNAPSHOTS_WHEN_SAVING"; "MARIONNET_TIMEZONE"; ] ();; (* Convenient aliases: *) type varname = string let extract_bool_variable_or ~default varname = Configuration_files.Logging.extract_bool_variable_or ~default varname (configuration) let extract_string_variable_or ?k ?unsuitable_value ~default varname = Configuration_files.Logging.extract_string_variable_or ?k ?unsuitable_value ~default varname (configuration) let get_string_variable ?k ?unsuitable_value varname = Configuration_files.Logging.get_string_variable ?k ?unsuitable_value varname (configuration) type source = [ `Filename of string | `Environment ] (* Configuration_files.source *) let get_string_variable_with_source ?k ?unsuitable_value varname = Configuration_files.With_source.get_string_variable ?k ?unsuitable_value varname (configuration) marionnet-0.90.6+bzr508.orig/gui/0000755000175000017500000000000013175722671015366 5ustar lucaslucasmarionnet-0.90.6+bzr508.orig/gui/gui_bricks.mli0000644000175000017500000002306113175722671020214 0ustar lucaslucas(* This file is part of Marionnet Copyright (C) 2010 Jean-Vincent Loddo Copyright (C) 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) type form = < (* object *) add : GObj.widget -> unit; add_with_tooltip : ?just_for_label:unit -> string -> GObj.widget -> unit; add_section : ?fg:string -> ?size:string -> ?no_line:unit -> string -> unit; set_sensitive : label_text:string -> bool -> unit; coerce : GObj.widget; table : GPack.table; > val make_form_with_labels : ?section_no:int -> ?row_spacings:int -> ?col_spacings:int -> ?packing:(GObj.widget -> unit) -> string list -> form val wrap_with_label : ?tooltip:string -> ?packing:(GObj.widget -> unit) -> ?labelpos:[< `EAST | `NORTH | `SOUTH | `WEST > `NORTH ] -> string -> (< coerce : GObj.widget; .. > as 'a) -> 'a val entry_with_label : ?tooltip:string -> ?packing:(GObj.widget -> unit) -> ?max_length:int -> ?entry_text:string -> ?labelpos:[< `EAST | `NORTH | `SOUTH | `WEST > `NORTH ] -> string -> GEdit.entry val spin_byte : ?tooltip:string -> ?label:string -> ?labelpos:[< `EAST | `NORTH | `SOUTH | `WEST > `NORTH ] -> ?lower:int -> ?upper:int -> ?step_incr:int -> ?packing:(GObj.widget -> unit) -> int -> GEdit.spin_button val spin_ipv4_address : ?tooltip:string -> ?byte_tooltips: string array -> ?label:string -> ?labelpos:[< `EAST | `NORTH | `SOUTH | `WEST > `NORTH ] -> ?packing:(GObj.widget -> unit) -> int -> int -> int -> int -> GEdit.spin_button * GEdit.spin_button * GEdit.spin_button * GEdit.spin_button val spin_ipv4_address_with_cidr_netmask : ?tooltip:string -> ?byte_tooltips: string array -> ?label:string -> ?labelpos:[< `EAST | `NORTH | `SOUTH | `WEST > `NORTH ] -> ?packing:(GObj.widget -> unit) -> int -> int -> int -> int -> int -> GEdit.spin_button * GEdit.spin_button * GEdit.spin_button * GEdit.spin_button * GEdit.spin_button val activable_entry : ?packing:(GObj.widget -> unit) -> ?homogeneous:bool -> ?active:bool -> ?text:string -> ?red_text_condition:(string -> bool) -> unit -> < active : bool; content : string; hbox : GPack.box; check_button : GButton.toggle_button; entry : GEdit.entry > val make_tooltips_for_container : < connect : < destroy : callback:('a -> unit) -> 'b; .. >; .. > -> GObj.widget -> string -> unit module Ok_callback : sig val check_name : string -> string -> (string->bool) -> 'a -> 'a option end module Dialog_run : sig val ok_or_cancel : [ `CANCEL | `DELETE_EVENT | `HELP | `OK ] GWindow.dialog -> get_widget_data:(unit -> 'a) -> ok_callback:('a -> 'b option) -> ?help_callback:(unit -> unit) -> unit -> 'b option val yes_or_cancel : [ `CANCEL | `DELETE_EVENT | `HELP | `YES ] GWindow.dialog -> ?help_callback:(unit -> unit) -> context:'a -> unit -> 'a option val yes_no_or_cancel : [ `CANCEL | `DELETE_EVENT | `HELP | `NO | `YES ] GWindow.dialog -> ?help_callback:(unit -> unit) -> context:'a -> unit -> ('a * bool) option end (* Dialog_run *) module Dialog : sig val yes_or_cancel_question : ?title:string -> ?help_callback:(unit -> unit) -> ?image_filename:string -> ?markup:string -> ?text:string -> context:'a -> unit -> 'a option val yes_no_or_cancel_question : ?title:string -> ?help_callback:(unit -> unit) -> ?image_filename:string -> ?markup:string -> ?text:string -> context:'a -> unit -> ('a * bool) option end (* Dialog *) val set_marionnet_icon : [> ] GWindow.dialog -> unit (* < set_icon : GdkPixbuf.pixbuf option -> 'a; .. > -> 'a = *) type packing_function = GObj.widget -> unit val make_combo_boxes_of_vm_installations: ?on_distrib_change:(string -> unit) -> ?on_variant_change:(string -> unit) -> ?on_kernel_change:(string -> unit) -> ?distribution:string -> ?variant:string -> ?kernel:string -> ?updating:unit -> packing:(packing_function * packing_function * packing_function) -> Disk.virtual_machine_installations -> Widget.ComboTextTree.comboTextTree module Dialog_add_or_update : sig val make_window_image_name_and_label : title:string -> image_file:string -> image_tooltip : string -> name:string -> name_tooltip : string -> ?label:string -> ?label_tooltip : string -> unit -> [ `CANCEL | `DELETE_EVENT | `HELP | `OK ] GWindow.dialog * GMisc.image * GEdit.entry * GEdit.entry end module Reactive_widget : sig type abstract_combo_box_text = (item list) * (active_index option) and item = string and active_index = int (* 0..(n-1) *) and node = item and port = item class combo_box_text : strings:string list -> ?active:int -> ?width:int -> ?height:int -> ?packing:(GObj.widget -> unit) -> unit -> object method cortex : (abstract_combo_box_text) Cortex.t method activate_first : unit method get : string option method destroy : unit -> unit end type 'a power4 = 'a * 'a * 'a * 'a class cable_input_widget : ?n0:string -> ?p0:string -> ?n1:string -> ?p1:string -> ?width:int -> ?height:int -> ?packing_n0:(GObj.widget -> unit) -> ?packing_p0:(GObj.widget -> unit) -> ?packing_n1:(GObj.widget -> unit) -> ?packing_p1:(GObj.widget -> unit) -> free_node_port_list:(string * string) list -> unit -> object method destroy : unit method get_widget_data : (string option * string option) * (string option * string option) (* Just for debugging: *) method get_cortex_group : (abstract_combo_box_text) power4 Cortex.t method get_combo_boxes : (combo_box_text) power4 end val guess_humanly_speaking_enpoints : ?n0:string -> ?p0:string -> ?n1:string -> ?p1:string -> (node * port) list -> (node option * port option) * (node option * port option) end (* Reactive_widget *) val button_image : ?window:GWindow.window -> ?callback:(unit->unit) -> ?label:string -> ?label_position:[ `BOTTOM | `LEFT | `RIGHT | `TOP ] -> ?tooltip:string -> packing:(GObj.widget -> unit) -> ?stock:GtkStock.id -> ?stock_size:[ `BUTTON | `DIALOG | `DND | `INVALID | `LARGE_TOOLBAR | `MENU | `SMALL_TOOLBAR ] -> ?file:string -> unit -> GButton.button val button_image_popuping_a_menu : ?window:GWindow.window -> ?renewer:(GMenu.menu -> unit) -> ?label:string -> ?label_position:[ `BOTTOM | `LEFT | `RIGHT | `TOP ] -> ?tooltip:string -> packing:(GObj.widget -> unit) -> ?stock:GtkStock.id -> ?stock_size:[ `BUTTON | `DIALOG | `DND | `INVALID | `LARGE_TOOLBAR | `MENU | `SMALL_TOOLBAR ] -> ?file:string -> unit -> (GMenu.menu * GButton.button * GPack.box) val make_check_items_renewer_v1 : get_label_active_callback_list:(unit -> (string * bool * (bool -> unit)) list) -> unit -> (GMenu.menu -> unit) val make_check_items_renewer_v2 : get_label_active_list:(unit -> (string * bool) list) -> callback:(string -> bool -> unit) -> unit -> (GMenu.menu -> unit) (* Example of usage: make_rc_config_widget ~packing:(form#add_with_tooltip (s_ "Check to activate a startup configuration" )) ~active:(fst rc_config) ~content:(snd rc_config) ~device_name:(old_name) ~language:("bash") () *) val make_rc_config_widget : ?height:int -> ?width:int -> (* window paremeters *) ?filter_names:Talking.EDialog.filter_name list -> (* --- *) parent: GWindow.window_skel -> (* don't worry if the parent is a dialog: you can always perform (dialog :> GWindow.window_skel) *) packing:(GObj.widget -> unit) -> active: bool -> content:string -> device_name:string -> language:string -> unit -> (* object *) < active:bool; content:string; set_sensitive:bool->unit > (* end *) val make_check_button_with_related_alternatives : packing:(GObj.widget -> unit) -> active: bool -> ?active_alternative:int -> (* 0 *) ?use_markup:bool -> (* false *) alternatives:string list -> unit -> (* object *) < active:bool; selected_alternative:string option; set_sensitive:bool->unit > (* end *) (* Example of usage:: let notebook = let b1 = GButton.button ~label:"b1" () in let b2 = GButton.button ~label:"b2" () in make_notebook_of_assoc_list ~packing [("aaa", b1#coerce); ("bbb", b2#coerce)] ;; *) val make_notebook_of_assoc_list : ?homogeneous_tabs:bool -> packing:(GObj.widget -> unit) -> (string * GObj.widget) list -> GPack.notebook val make_notebook_of_assoc_array_with_check_buttons : ?tooltip:string -> (* s_ "Check to activate" *) ?homogeneous_tabs:bool -> packing:(GObj.widget -> unit) -> (string * bool * GObj.widget) array -> GButton.toggle_button array val test : unit -> char option marionnet-0.90.6+bzr508.orig/gui/gui_component-node-with-state.ml-template0000644000175000017500000000466013175722671025417 0ustar lucaslucas(** Gui completion for the MACHINE component. *) (* Shortcuts *) type env = string Environment.string_env let mkenv = Environment.make_string_env module Make_menus (State : sig val st:State.globalState end) = struct open State module Toolbar_entry = struct let imagefile = <> (* Ex: "ico.machine.palette.png" *) let tooltip = <> (* Ex: "Machine" *) end module Add = struct let key = <> (* Ex: Some GdkKeysyms._M *) let dialog = <> (* Ex: let module M = Gui_dialog_MACHINE.Make (State) in M.dialog ~title:"Machine ajout" ~update:None *) let reaction r = <> end module Properties = struct let dynlist = <> let dialog = fun name -> <> (* Ex: let m = (st#network#getMachineByName name) in let title = "Machine propriétés" in let module M = Gui_dialog_MACHINE.Make (State) in M.dialog ~title:(title^" "^name) ~update:(Some m) *) let reaction r = <> end module Remove = struct let dynlist = <> let dialog name = <> (* Ex: Talking.EDialog.ask_question ~help:None ~cancel:false ~enrich:(mkenv [("name",name)]) ~gen_id:"answer" ~title:"Supprimer" ~question:("Confirmez-vous la suppression de "^name^"\net de tous le cables éventuellement branchés à cette machine ?") *) let reaction r = <> end module Startup = struct let dynlist = <> let dialog = <> let reaction r = <> end module Stop = struct let dynlist = <> let dialog = <> let reaction r = <> end module Suspend = struct let dynlist = <> let dialog = <> let reaction r = <> end module Resume = struct let dynlist = <> let dialog = <> let reaction r = <> end module Ungracefully_stop = struct let dynlist = <> let dialog name = <> let reaction r = <> end module Create_entries_for_MY_COMPONENT = Gui_toolbar_COMPONENTS_layouts.Layout_for_network_node_with_state (State) (Toolbar_entry) (Add) (Properties) (Remove) (Startup) (Stop) (Suspend) (Resume) (Ungracefully_stop) end marionnet-0.90.6+bzr508.orig/gui/gui_toolbar_COMPONENTS_layouts.ml0000644000175000017500000001625113175722671023560 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2009, 2010 Jean-Vincent Loddo Copyright (C) 2009, 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) open Gettext;; (** Layouts for component-related menus. See the file gui_machine.ml for an example of application. *) (** Function which appends entries to a toolbar *) module Toolbar = struct (* Note that ~label:"" is very important in the call of GMenu.image_menu_item. Actually, it is a workaround of something that resemble to a bug in lablgtk: if not present, another external function is internally called by this function and the result is a menu entry with an horizontal line in background... *) let append_image_menu (toolbar:GButton.toolbar) filename tooltip = let slot = GButton.tool_item ~packing:toolbar#insert () in let menubar = GMenu.menu_bar ~border_width:0 ~width:0 ~height:56 (* 60 *) ~packing:(slot#add) () in let image = GMisc.image ~xalign:0.5 ~yalign:0.5 ~xpad:0 ~ypad:0 ~file:(Initialization.Path.images^filename) () in let result = GMenu.image_menu_item ~label:"" ~image ~packing:menubar#add () in let set_tooltip w text = (GData.tooltips ())#set_tip w ~text in result#image#misc#show (); set_tooltip slot#coerce tooltip; result end (* module Toolbar *) module type Toolbar_entry = sig val imagefile : string val tooltip : string val packing : [ `toolbar of GButton.toolbar | `menu_parent of Menu_factory.menu_parent ] end module type State = sig val st:State.globalState end module Layout_for_network_component (State : sig val st:State.globalState end) (Toolbar_entry : Toolbar_entry) (Add : Menu_factory.Entry_callbacks) (Properties : Menu_factory.Entry_with_children_callbacks) (Remove : Menu_factory.Entry_with_children_callbacks) = struct let menu_parent = match Toolbar_entry.packing with | `toolbar toolbar -> let image_menu_item = Toolbar.append_image_menu toolbar Toolbar_entry.imagefile Toolbar_entry.tooltip in Menu_factory.Menuitem (image_menu_item :> GMenu.menu_item_skel) | `menu_parent p -> p module F = Menu_factory.Make (struct let parent = menu_parent let window = State.st#mainwin#window_MARIONNET end) module Add' = struct include Add let text = (s_ "Add") let stock = `ADD end module Properties' = struct include Properties let text = (s_ "Modify") let stock = `PROPERTIES end module Remove' = struct include Remove let text = (s_ "Remove") let stock= `REMOVE end module Created_Add = Menu_factory.Make_entry (Add') (F) module Created_Properties = Menu_factory.Make_entry_with_children (Properties') (F) module Created_Remove = Menu_factory.Make_entry_with_children (Remove') (F) end module Layout_for_network_node (State : sig val st:State.globalState end) (Toolbar_entry : Toolbar_entry) (Add : Menu_factory.Entry_callbacks) (Properties : Menu_factory.Entry_with_children_callbacks) (Remove : Menu_factory.Entry_with_children_callbacks) (Startup : Menu_factory.Entry_with_children_callbacks) (Stop : Menu_factory.Entry_with_children_callbacks) (Suspend : Menu_factory.Entry_with_children_callbacks) (Resume : Menu_factory.Entry_with_children_callbacks) = struct module Startup' = struct include Startup let text = (s_ "Start") let stock = `EXECUTE end module Stop' = struct include Stop let text = (s_ "Stop") let stock = `MEDIA_STOP end module Suspend' = struct include Suspend let text = (s_ "Suspend") let stock = `MEDIA_PAUSE end module Resume' = struct include Resume let text = (s_ "Resume") let stock = `MEDIA_PLAY end module Created_entries_for_network_component = Layout_for_network_component (State) (Toolbar_entry) (Add) (Properties) (Remove) module F = Created_entries_for_network_component.F let () = F.add_separator () module Created_Startup = Menu_factory.Make_entry_with_children (Startup') (F) module Created_Stop = Menu_factory.Make_entry_with_children (Stop') (F) let () = F.add_separator () module Created_Suspend = Menu_factory.Make_entry_with_children (Suspend') (F) module Created_Resume = Menu_factory.Make_entry_with_children (Resume') (F) end module Layout_for_network_node_with_state (State : sig val st:State.globalState end) (Toolbar_entry : Toolbar_entry) (Add : Menu_factory.Entry_callbacks) (Properties : Menu_factory.Entry_with_children_callbacks) (Remove : Menu_factory.Entry_with_children_callbacks) (Startup : Menu_factory.Entry_with_children_callbacks) (Stop : Menu_factory.Entry_with_children_callbacks) (Suspend : Menu_factory.Entry_with_children_callbacks) (Resume : Menu_factory.Entry_with_children_callbacks) (Ungracefully_stop : Menu_factory.Entry_with_children_callbacks) = struct module Ungracefully_stop' = struct include Ungracefully_stop let text = (s_ "Power-off") let stock = `DISCONNECT end module Created_entries_for_network_node = Layout_for_network_node (State) (Toolbar_entry) (Add) (Properties) (Remove) (Startup) (Stop) (Suspend) (Resume) module F = Created_entries_for_network_node.F let () = F.add_separator () module Created_Ungracefully_stop = Menu_factory.Make_entry_with_children (Ungracefully_stop') (F) end module Layout_for_network_edge (State : sig val st:State.globalState end) (Toolbar_entry : Toolbar_entry) (Add : Menu_factory.Entry_callbacks) (Properties : Menu_factory.Entry_with_children_callbacks) (Remove : Menu_factory.Entry_with_children_callbacks) (Disconnect : Menu_factory.Entry_with_children_callbacks) (Reconnect : Menu_factory.Entry_with_children_callbacks) = struct module Disconnect' = struct include Disconnect let text = (s_ "Disconnect") let stock = `DISCONNECT end module Reconnect' = struct include Reconnect let text = (s_ "Re-connect") let stock = `CONNECT end module Created_entries_for_network_component = Layout_for_network_component (State) (Toolbar_entry) (Add) (Properties) (Remove) module F = Created_entries_for_network_component.F let () = F.add_separator () module Created_Disconnect = Menu_factory.Make_entry_with_children (Disconnect') (F) module Created_Reconnect = Menu_factory.Make_entry_with_children (Reconnect') (F) (* Cable sensitiveness *) module Created_Add = Created_entries_for_network_component.Created_Add let () = StackExtra.push (Created_Add.item#coerce) (State.st#sensitive_cable_menu_entries) end marionnet-0.90.6+bzr508.orig/gui/gui_component-node-without-state.ml-template0000644000175000017500000000437513175722671026152 0ustar lucaslucas(** Gui completion for the MACHINE component. *) (* Shortcuts *) type env = string Environment.string_env let mkenv = Environment.make_string_env module Make_menus (State : sig val st:State.globalState end) = struct open State module Toolbar_entry = struct let imagefile = <> (* Ex: "ico.hub.palette.png" *) let tooltip = <> (* Ex: "Répéteur (hub)" *) end module Add = struct let key = <> (* Ex: Some GdkKeysyms._M *) let dialog = <> (* Ex: let module M = Gui_dialog_MACHINE.Make (State) in M.dialog ~title:"Machine ajout" ~update:None *) let reaction r = <> end module Properties = struct let dynlist = <> let dialog = fun name -> <> (* Ex: let m = (st#network#getMachineByName name) in let title = "Machine propriétés" in let module M = Gui_dialog_MACHINE.Make (State) in M.dialog ~title:(title^" "^name) ~update:(Some m) *) let reaction r = <> end module Remove = struct let dynlist = <> let dialog name = <> (* Ex: Talking.EDialog.ask_question ~help:None ~cancel:false ~enrich:(mkenv [("name",name)]) ~gen_id:"answer" ~title:"Supprimer" ~question:("Confirmez-vous la suppression de "^name^"\net de tous le cables éventuellement branchés à cette machine ?") *) let reaction r = <> end module Startup = struct let dynlist = <> let dialog = <> let reaction r = <> end module Stop = struct let dynlist = <> let dialog = <> let reaction r = <> end module Suspend = struct let dynlist = <> let dialog = <> let reaction r = <> end module Resume = struct let dynlist = <> let dialog = <> let reaction r = <> end module Create_entries_for_MY_COMPONENT = Gui_toolbar_COMPONENTS_layouts.Layout_for_network_node (State) (Toolbar_entry) (Add) (Properties) (Remove) (Startup) (Stop) (Suspend) (Resume) end marionnet-0.90.6+bzr508.orig/gui/ledgrid.ml0000644000175000017500000004614613175722671017345 0ustar lucaslucas(* This file is part of our reusable OCaml BRICKS library Copyright (C) 2007, 2008 Luca Saiu This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) (** Ledgrid widgets. *) (** {2 Constants} Some global constant definitions, for fine-tuning. *) (** The duration of a LED light "flash", in milliseconds: *) let flash_duration = 80 (* 125 *) (** The duration of a LED light "blink", in milliseconds. The time is measured from the first to the last state change: *) let blink_duration = 250 (** How many times a LED light changes state during a blink. This includes both on->off and off->on transitions: *) let blink_toggles_no = 8 (* 4 times on + 4 times off *) (** {2 Exception} The ways this brick can fail. *) (** An exception raised whenever the user refers a non-existing LED light: in a LED grid *) exception Non_existing_led_light of int * int (** An exception raised whenever the user refers a non-existing port in a device LED grid: *) exception Non_existing_port of int (** {2 Utility stuff} *) (** Make a pixmap data structure (not a widget) from the given file: *) let make_pixmap_from_xpm_file ~file_name = GDraw.pixmap_from_xpm ~file:file_name () (** {2 A single LED light} Gtk+ simulation of just {e one} LED light. Particularly useful when arranged in a grid. *) (** A LED light is a widget mimicking a single physical LED light, whose state at any given moment can be on or off: its state is represented as a boolean value, and by convention 'true' means 'on'. A LED light keeps its default state until its state is explitly changed by the user. The user can simply set the object's state, or can set its state *also changing the default*. As soon as the current state changes the widget's appearance on screen is updated. A LED light can be also 'flashed', i.e. set to its non-default value for a short time, after which it automatically reverts to its default state, or 'blinked', i.e. ordered to repeatedly toggle its state very fast for a short time, before automatically reverting to its default state. Flashing and blinking are *asynchronous* operations: when the user requests them they are scheduled to be executed in background, and the user is immediately given back control. This allows us to use concurrency in an extremely simple way, without even exposing a thread interface. LED lights can be used in isolation, but they are mainly intended to be arranged within a grid, allowing for more complex behaviour. Note that already initialized Gtk+ pixmap objects of type GDraw.pixmap (and *not* widgets) must be explicitly supplied at construction time. Pixmaps can and should be shared among differnet LED lights. *) class led_light ?default:(default=false) ?x:(x= -1) ?y:(y= -1) ~off_pixmap ~on_pixmap ~packing () = object(self) (** A notebook with hidden tabs and border is the main widget: it contains two pages with the 'on' and 'off' pixmaps, and can easily change state by 'going' to a different page: *) val notebook = let notebook = GPack.notebook ~tab_pos:`TOP ~packing ~show_border:false ~show_tabs:false () in let _ = (* "on" pixmap widget *) GMisc.pixmap off_pixmap ~packing:(fun widget -> ignore (notebook#insert_page ~pos:0 widget)) () in let _ = (* "on" pixmap widget *) GMisc.pixmap on_pixmap ~packing:(fun widget -> ignore (notebook#insert_page ~pos:1 widget)) () in notebook (** Default state and current state; see above: *) val default = ref(default) val state = ref(false) (** Return the current default state: *) method get_default = !default (** Update the default state *and also the current state*; this changes the widget's appearance if the new value is different from the current state: *) method set_default value = default := value; self#set value; () (** Return the current state: *) method get = !state (** Update the current state, possibly changing the widget's appearance: *) method set value = state := value; notebook#goto_page (if value then 1 else 0); () (** Set the widget current state to be equal to its default. This may change the widget's appearance: *) method reset = self#set(!default); () (** Set the widget current state to be on if it's currently off, or vice-versa. This always changes the widget's appearance: *) method toggle = self#set(not self#get); () (** Return the widget position as it was set at creation time, or (-1, -1) if it was not set: *) method get_position = x, y (** Return the main Gtk+ widget making up the LED light: *) method get_widget = notebook (** Order the LED light to flash (see above) for the established time, and return immediately: *) method flash = self#set (not !default); ignore (GMain.Timeout.add flash_duration (function () -> self#reset; false)) (** Schedule the LED light to blink 'times' times, then to reset itself. This is internally used to implement blinking: *) method private blink_this_number_of_times times = if times = 0 then self#set(!default) else begin self#toggle; ignore (GMain.Timeout.add (blink_duration / blink_toggles_no) (fun () -> self#blink_this_number_of_times (times - 1); false)); end (** Order the LED light to blink (see above) for the established time, and return immediately: *) method blink = self#blink_this_number_of_times blink_toggles_no; () (** This just assures that the default state reflects what is visually displayed at creation time: *) initializer self#set !default end (** These variables are just used as parameters to Array.make so that types can be correctly inferred. useless_label's widget is never displayed: *) let useless_array_of_led_light_options = Array.make 0 None let useless_label = GMisc.label () (** {2 LED grid} Gtk+ simulation of a {e grid} of LED lights. *) (** A LED grid visually represents a matrix of LED lights, where each light is independently controllable. A light is identified by its 0-based coordinates, where the origin is top-left. The optional parameter no_leds_at represents a list of coordinates (such as [(0, 1); (3, 4)]) where *no* lights should be placed. Each end of each row and column contains an optional, user-settable text label. Vertical labels can be rotated, to allow for denser writing in vertical. The constructor expects three file names identifying the XPM images to use for the 'on' state, the 'off' state, and for representing the absence of a light. All three pixmaps should have the same size. *) class led_grid ?default:(default=false) ~on_xpm_file_name ~off_xpm_file_name ~nothing_xpm_file_name ~columns ~rows ~packing ?angle:(angle=90.0) ?no_leds_at:(no_leds_at=[]) () = object(self) (** The pixmap objects made from user-supplied files. Notice how the same three pixmaps are shared among all the lights (and 'holes'): *) val off_pixmap = make_pixmap_from_xpm_file ~file_name:off_xpm_file_name val on_pixmap = make_pixmap_from_xpm_file ~file_name:on_xpm_file_name val nothing_pixmap = make_pixmap_from_xpm_file ~file_name:nothing_xpm_file_name (** A two-dimensional matrix of led_light option: *) val led_lights_matrix = Array.make columns useless_array_of_led_light_options (** Arrays holding the label widgets decorating each end of rows and columns: *) val left_labels = Array.make rows useless_label val right_labels = Array.make rows useless_label val top_labels = Array.make columns useless_label val bottom_labels = Array.make columns useless_label (** The Gtk+ widget holding the whole grid: *) val table_widget = GPack.table ~columns:(columns + 2) ~rows:(rows + 2) ~row_spacings:0 ~col_spacings:0 ~border_width:0 ~packing () (* To do: use Jean's sets instead of this ugly hash: *) (** A set of positions which should be left empty. This structure must be accessed associatively at initialization time, and is more efficient than a list: *) val no_leds_at = let hash = Hashtbl.create (columns * rows) in List.iter (fun x_y -> Hashtbl.add hash x_y ()) no_leds_at; hash (** Initialize the complex state of the grid: *) initializer for x = 0 to columns - 1 do Array.set led_lights_matrix x (Array.make rows None); for y = 0 to rows - 1 do if Hashtbl.mem no_leds_at (x, y) then begin let _ = GMisc.pixmap nothing_pixmap ~packing:(table_widget#attach ~left:(x + 1) ~top:(y + 1) ~expand:`BOTH) () in Array.set (Array.get led_lights_matrix x) y None end else let new_led_light = new led_light ~packing:(table_widget#attach ~left:(x + 1) ~top:(y + 1) ~expand:`BOTH) ~off_pixmap ~on_pixmap ~default ~x ~y () in Array.set (Array.get led_lights_matrix x) y (Some new_led_light) done; done; for y = 0 to rows - 1 do let left_label = GMisc.label ~packing:(table_widget#attach ~left:0 ~top:(y + 1)) () in let right_label = GMisc.label ~packing:(table_widget#attach ~left:(columns + 1) ~top:(y + 1)) () in Array.set left_labels y left_label; Array.set right_labels y right_label; done; for x = 0 to columns - 1 do let top_label = GMisc.label ~packing:(table_widget#attach ~left:(x + 1) ~top:0) () in let bottom_label = GMisc.label ~packing:(table_widget#attach ~left:(x + 1) ~top:(rows + 1)) () in top_label#set_angle angle; bottom_label#set_angle angle; Array.set top_labels x top_label; Array.set bottom_labels x bottom_label; done (** Return the LED light identified by (x, y), or throw an exception if no light is present at that position: *) method get_led_light x y = match Array.get (Array.get led_lights_matrix x) y with None -> raise (Non_existing_led_light(x, y)) | Some(led_light) -> led_light method get = self#get_led_light (** Return a random LED light belonging to the grid, if it exists, or loop forever. This is useful for debugging (and for demos :-)): *) method get_random_led_light = let x, y = (Random.int columns, Random.int rows) in try self#get_led_light x y with Non_existing_led_light(_) -> self#get_random_led_light (** Get and set the text of each label. Notice that all arrays are 0-based: *) method get_top_label x = (Array.get top_labels x)#text method set_top_label x text = (Array.get top_labels x)#set_text text method get_bottom_label x = (Array.get bottom_labels x)#text method set_bottom_label x text = (Array.get bottom_labels x)#set_text text method get_left_label y = (Array.get left_labels y)#text method set_left_label y text = (Array.get left_labels y)#set_text text method get_right_label y = (Array.get right_labels y)#text method set_right_label y text = (Array.get right_labels y)#set_text text (* Set the rotation angle, (90.0 degrees by default) for column labels: *) method set_top_labels_angle alpha = for x = 0 to columns - 1 do (Array.get top_labels x)#set_angle alpha; done method set_bottom_labels_angle alpha = for x = 0 to columns - 1 do (Array.get bottom_labels x)#set_angle alpha; done (** Return the Gtk+ widget holding the whole grid: *) method get_widget = table_widget end (** To do: recycle this from Jean's library *) let rec range a b = if a > b then [] else a :: (range (a + 1) b) (** {2 Device LED Grid} A matrix of LED lights simulating the control panel of a phisical network device such as a switch or a router. *) (** A 'device LED grid' is a LED grid specialized as a realistic simulation of the control panel of a physical device such as a switch, a hub or a router. A device LED's appearance can be customized at creation time, and this class allows us to control each _port_, abstracting from the position of the light or lights representing the port state. Port information can be displayed in either one or two lines, and an optional "100Mb/s" array of lights can also be shown. The number of ports must be even when two lines are requested. Three pixmap file names are required at creation time, as for the LED grid. Labels are automatically set. Reflecting the interface of common network devices, it can be said that a port is either in 'connected' or 'disconnected' state, meaning that its associated lights are 'on' or 'off' (and discounting flashes and blinks). Notice that, as in most real-world switch and hubs, port numeration is 1-based. *) class device_led_grid ~on_xpm_file_name ~off_xpm_file_name ~nothing_xpm_file_name ?(show_100_mbs=true) ~ports ?(port_labelling_offset=0) ~packing ?(angle=90.0) ?(lines=1) () = (* Let's prevent stupid errors... *) let _ = assert(ports > 1) in let _ = assert(((ports mod 2) = 0) || (lines = 1)) in let _ = assert((lines = 1) || (lines = 2)) in object(self) inherit led_grid ~default:false ~on_xpm_file_name ~off_xpm_file_name ~nothing_xpm_file_name ~columns:(if lines = 1 then ports else ports / 2) ~angle ~rows:(match lines, show_100_mbs with | 1, false -> 1 | 1, true -> 2 | 2, false -> 3 | 2, true -> 5 | _ -> assert false) ~no_leds_at:(match lines, show_100_mbs with | 1, _ -> [] | 2, false -> List.map (function x -> x, 1) (range 0 (ports - 1)) | 2, true -> List.map (function x -> x, 2) (range 0 (ports / 2 - 1)) | _ -> assert false) ~packing () as super (** Initialize the complex state of this object: *) initializer for x = 0 to (if lines = 1 then ports - 1 else ports / 2 - 1) do (* self#set_top_label x (string_of_int (x + 1)); *) self#set_top_label x (string_of_int (x+port_labelling_offset)); (* 0-based numbering *) done; if lines = 2 then for x = ports / 2 to ports - 1 do self#set_bottom_label (x - ports / 2) (string_of_int (x+port_labelling_offset)); (* 0-based numbering *) done; self#set_right_label 0 "TX/RX"; match lines, show_100_mbs with 1, false -> () | 2, false -> self#set_right_label 2 "TX/RX" | 1, true -> self#set_right_label 1 "100Mb/s" | 2, true -> self#set_right_label 1 "100Mb/s"; self#set_right_label 3 "100Mb/s"; self#set_right_label 4 "TX/RX" | _ -> assert false; (** Given a port number, return a list of pairs of coordinates identifying the inolved lights: *) method private port_to_positions port = let port = port + 1 in (* kludge to implement 0-based numbering... *) match lines, show_100_mbs, port <= (ports / 2) with 1, false, _ -> [ port - 1, 0 ] | 2, false, true -> [ port - 1, 0 ] | 2, false, false -> [ port - (ports / 2) - 1, 2 ] | 1, true, _ -> [ port - 1, 0; port - 1, 1 ] | 2, true, true -> [ port - 1, 0; port - 1, 1 ] | 2, true, false -> [ port - (ports / 2) - 1, 3; port - (ports / 2) - 1, 4 ] | _ -> assert false (** Print the port->coordinates mapping before returning the result of calling port_to_positions: *) method private port_to_positions_ port = let positions = self#port_to_positions port in (*List.iter (function x, y -> print_int port; print_string " -> ("; print_int x; print_string ", "; print_int y; print_string ")\n") positions;*) positions (** Given a port number, return the list of LED lights representing it: *) method private port_to_led_lights port = let positions = self#port_to_positions port in List.map (function x, y -> super#get x y) positions (** For each LED light representing the given port, call the given function and return the list of results: *) method private for_each_led_light (f : led_light -> 'a) (port : int) : 'a list = List.map (function x, y -> f (super#get x y)) (self#port_to_positions port); (** Ask every LED light representing the given port to (asynchronously) flash: *) method flash port = ignore (self#for_each_led_light (function led -> led#flash) port) (** Ask every LED light representing the given port to (asynchronously) blink: *) method blink port = ignore (self#for_each_led_light (function led -> led#blink) port) (** Set the state of all LED lights representing a port, updating their default state: this is a good way to indicate a cable connection or disconnection: *) method set port value = ignore (self#for_each_led_light (function led -> led#set_default value) port) method connect port = self#set port true method disconnect port = self#set port false (** Return the number of a random port currently in the 'On' state, or loop forever if no such port exists. This is useful for debugging and demos :-) *) method random_connected_port = (* This does not terminate if there are no connected ports! *) (* let port = (Random.int ports) + 1 in *) let port = (Random.int ports) in (* 0-based numbering *) if self#is_connected port then port else self#random_connected_port (** Return true iff the given port is in connected state: *) method is_connected port = List.hd (List.map (function led -> led#get_default) (self#port_to_led_lights port)) end (** {3 Example} A trivial usage example. {[let main ports () = let window = GWindow.window ~title:"Switch n.2" ~border_width:0 () in window#connect#destroy ~callback:GMain.Main.quit; let grid = new device_led_grid ~packing:window#add ~ports ~show_100_mbs:true ~lines:2 ~off_xpm_file_name:"sample-files/off.xpm" ~on_xpm_file_name:"sample-files/on.xpm" ~nothing_xpm_file_name:"sample-files/nothing.xpm" () in for i = 1 to ports / 3 do grid#connect ((Random.int ports) + 1); done; (** Simulate a distinct communication between two ports every 50 milliseconds: *) GMain.Timeout.add 50 (function () -> grid#blink (grid#random_connected_port); grid#blink (grid#random_connected_port); true); window#show (); Main.main () let _ = main 64 ()]} *) (* To do: should any out-of-bounds access raise a non-existing-led-light exception? *) marionnet-0.90.6+bzr508.orig/gui/talking.mli0000644000175000017500000001020613175722671017521 0ustar lucaslucas(* This file is part of marionnet Copyright (C) 2010 Jean-Vincent Loddo Copyright (C) 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) val are_there_shell_special_chars : string -> bool val does_directory_support_sparse_files : string -> bool module Msg : sig val help_repertoire_de_travail : unit -> unit val error_saving_while_something_up : unit -> unit val help_nom_pour_le_projet : unit -> unit end val check_filename_validity_and_add_extension_if_needed : ?identifier:unit -> (* Force to use only identifiers i.e. letters, numbers, underscores and dashes *) ?extension:string -> (* By default "mar" *) string -> string module EDialog : sig type edialog = unit -> string Environments.string_env option exception BadDialog of string * string exception StrangeDialog of string * string * string Environments.string_env exception IncompleteDialog val compose : edialog list -> unit -> string Environments.string_env option val sequence : edialog list -> unit -> string Environments.string_env option val image_filter : unit -> GFile.filter val all_files : unit -> GFile.filter val script_filter : unit -> GFile.filter val mar_filter : unit -> GFile.filter val xml_filter : unit -> GFile.filter val jpeg_filter : unit -> GFile.filter val png_filter : unit -> GFile.filter type filter_name = [ `ALL | `DOT of Dot.output_format | `IMG | `JPEG | `MAR | `PNG | `SCRIPT | `BASH | `CONF | `RC | `TXT | `XML ] val allfilters : filter_name list val get_filter_by_name : filter_name -> GFile.filter val ask_for_file : ?parent: GWindow.window_skel -> ?enrich:string Environments.string_env -> ?title:string -> ?valid:(string -> bool) -> ?filter_names:filter_name list -> ?filters:GFile.filter list -> ?extra_widget:GObj.widget * (unit -> string) -> ?action:GtkEnums.file_chooser_action -> ?gen_id:string -> ?help:(unit -> unit) option -> unit -> string Environments.string_env option val ask_for_existing_writable_folder_pathname_supporting_sparse_files : ?parent: GWindow.window_skel -> ?enrich:Shell.filexpr Environments.string_env -> ?help:(unit -> unit) option -> title:string -> unit -> Shell.filexpr Environments.string_env option val ask_for_fresh_writable_filename : ?parent: GWindow.window_skel -> ?enrich:string Environments.string_env -> title:string -> ?filters:GFile.filter list -> ?filter_names:filter_name list -> ?extra_widget:GObj.widget * (unit -> string) -> ?help:(unit -> unit) option -> unit -> string Environments.string_env option val ask_for_existing_rw_filename : ?parent: GWindow.window_skel -> ?enrich:Shell.filexpr Environments.string_env -> title:string -> ?filter_names:filter_name list -> ?help:(unit -> unit) option -> unit -> string Environments.string_env option val ask_for_existing_importable_text_filename : ?parent: GWindow.window_skel -> ?enrich:Shell.filexpr Environments.string_env -> ?max_size_kb:int -> (* 1024 (i.e. 1 Mb)*) title:string -> ?filter_names:filter_name list -> ?help:(unit -> unit) option -> unit -> string Environments.string_env option val ask_question : ?enrich:string Environments.string_env -> ?title:string -> ?gen_id:string -> ?help:(unit -> unit) option -> ?cancel:bool -> question:string -> unit -> string Environments.string_env option end marionnet-0.90.6+bzr508.orig/gui/gui_source_editing.ml0000644000175000017500000001163113175722671021571 0ustar lucaslucas (* Ex: `id "sh" our `mime "text/x-ocaml" *) type language_identification = [ `id of string | `mime_type of string ] ;; (* Our `language_manager' is an object encapsulating a `GSourceView2.source_language_manager' with a convenient interface: *) let language_manager () = let m = GSourceView2.source_language_manager ~default:false in object (self) (* For debugging: *) method print_list = let i = ref 0 in List.iter (fun id -> incr i; match m#language id with Some lang -> let name = lang#name in let section = lang#section in Printf.kfprintf flush stdout "%2d: %-20s %-30s (section: %s)\n" !i id name section | None -> ()) m#language_ids method get_language_by_id id = (m#language id) method get_language_by_mime_type mime_type = (m#guess_language ~content_type:mime_type ()) method get_language (li:language_identification) = match li with | `id x -> self#get_language_by_id x | `mime_type x -> self#get_language_by_mime_type x method add_path ?(append:unit option) path = let current_list = m#search_path in let new_list = if append=None then path::current_list else List.append current_list [path] in m#set_search_path new_list initializer (* The file `vde_switch.lang' will be installed in the marionnet's home: *) self#add_path (Initialization.Path.marionnet_home) end (* object language_manager *) (* Redefined now as a lazy value: *) let language_manager = lazy (language_manager ()) let window ?(language:language_identification option) ?(font_name="Monospace 11") ?auto_indent ?(right_margin_position=80) ?(content="") ?modal ?(height=500) ?(width=650) ?(draw_spaces=[`SPACE; `NEWLINE]) ?close_means_cancel (* not as window (in order to be drawn on top of another dialog). This information carry out the window_skel parent: *) ?(create_as_dialog : GWindow.window_skel option) ?(position=`CENTER) ~title ~(result:(string option) Egg.t) () = let modal = Option.to_bool modal in let (win, vbox, win_connect_destroy) = match create_as_dialog with | None -> let win = GWindow.window ~modal ~title ~position () in let () = win#set_destroy_with_parent true in ((win :> GWindow.window_skel), GPack.vbox ~packing:win#add (), win#connect#destroy) | Some parent -> let win = GWindow.dialog ~parent ~destroy_with_parent:true ~modal ~title ~position () in ((win :> GWindow.window_skel), win#vbox, win#connect#destroy) in let scrolled_win = GBin.scrolled_window ~hpolicy:`AUTOMATIC ~vpolicy:`AUTOMATIC ~packing:vbox#add () in let source_view = GSourceView2.source_view ~auto_indent:(Option.to_bool auto_indent) ~insert_spaces_instead_of_tabs:true ~tab_width:2 ~show_line_numbers:true ~right_margin_position ~show_right_margin:true ~packing:scrolled_win#add ~height ~width () in let hbox = GPack.hbox ~packing:vbox#add ~homogeneous:true () in vbox#set_child_packing ~expand:false ~fill:false hbox#coerce; let button_cancel = GButton.button ~stock:`CANCEL ~packing:hbox#add () in let button_ok = GButton.button ~stock:`OK ~packing:hbox#add () in List.iter (fun w -> hbox#set_child_packing ~expand:false ~fill:false w#coerce) [button_cancel; button_ok]; let language_manager = Lazy.force language_manager in let lang = Option.bind language (language_manager#get_language) in (* let () = Option.iter (fun l -> Printf.kfprintf flush stderr "gui_source_editing: lang=%s\n" l#name) lang in *) win#set_allow_shrink true; source_view#misc#modify_font_by_name font_name; source_view#source_buffer#set_highlight_matching_brackets true; source_view#source_buffer#set_language lang; source_view#source_buffer#set_highlight_syntax true; source_view#set_smart_home_end `AFTER; source_view#set_draw_spaces draw_spaces; source_view#source_buffer#begin_not_undoable_action (); source_view#source_buffer#set_text content; source_view#source_buffer#end_not_undoable_action (); let get_text () = Some (source_view#source_buffer#get_text ()) in (* Callbacks. Note that the egg is released before destroying the window, because this action provoke the execution of the close_callback, that may release another result. Callbacks are linearized in order to prevent to call them twice (callback -> win#destroy -> callback). *) let cancel_callback = Thunk.linearize (fun () -> Egg.release result None; win#destroy ()) in let ok_callback = Thunk.linearize (fun () -> Egg.release result (get_text ()); win#destroy ()) in let close_callback = if close_means_cancel=None then ok_callback else cancel_callback in ignore (button_cancel#connect#clicked ~callback:cancel_callback); ignore (button_ok#connect#clicked ~callback:ok_callback); ignore (win_connect_destroy close_callback); (* --- *) win#misc#grab_focus (); win#show (); ;; marionnet-0.90.6+bzr508.orig/gui/ledgrid_manager.ml0000644000175000017500000003373513175722671021037 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2007, 2008, 2009 Luca Saiu Copyright (C) 2008, 2009, 2010 Jean-Vincent Loddo Copyright (C) 2007, 2008, 2009, 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) IFNDEF OCAML4_02_OR_LATER THEN module Bytes = struct let create = String.create let set = String.set end ENDIF let blinker_thread_socket_file_name = let result = UnixExtra.temp_file ~prefix:".marionnet-blinker-server-socket-" () in Log.printf1 "ledgrid_manager: The blinker server socket is %s\n" result; result;; class ledgrid_manager = object (self) (** Synchornization is automatically managed by methods, thus making ledgrid_manager a monitor *) val mutex = Mutex.create () method private lock = Mutex.lock mutex method private unlock = Mutex.unlock mutex val id_to_data = Hashmap.make () method blinker_thread_socket_file_name = blinker_thread_socket_file_name (** Return a tuple (window, device, name, connected_port_indices). This is {e unlocked}! *) method private lookup (id : int) = try Hashmap.lookup id_to_data id with _ -> begin failwith ("id_to_device: No device has id " ^ (string_of_int id)) end (** This is {e unlocked}! *) method private id_to_device (id : int) = let _, device, _, _ = self#lookup id in device (** This is {e unlocked}! *) method private id_to_window (id : int) = let window, _, _, _ = self#lookup id in window (** This is {e unlocked}! *) method private id_to_name (id : int) = let _, _, name, _ = self#lookup id in name (** This is {e unlocked}! *) method private id_to_connected_ports (id : int) = let _, _, _, connected_ports = self#lookup id in connected_ports method get_connected_ports ~id () = self#lock; let result = self#id_to_connected_ports id in self#unlock; result (** This is {e unlocked}! *) method private update_connected_ports (id : int) new_connected_ports = let window, device, name, _ = self#lookup id in Hashmap.replace id_to_data id (window, device, name, new_connected_ports) (** Make the given ledgrid window always on top, and visible (this is a harmless side effect of the implementation; we always need the window to be visible anyway when calling this method) *) method private set_always_on_top id value : unit = let window = self#id_to_window id in (* window#misc#set_property "keep-above" (`BOOL true); *) let is_window_visible = true (*window#misc#hidden*) in (if is_window_visible then window#misc#hide ()); (* window#misc#set_property "keep-above" (`BOOL true); *) window#set_type_hint (if value then `DIALOG else `NORMAL); window#set_position `MOUSE; (if is_window_visible then window#misc#show ()); (** This is {e unlocked}! *) method private make_widget ~id ~port_no ?port_labelling_offset ~title ~label ~image_directory () = let window = GWindow.window ~icon:Icon.icon_pixbuf ~title ~border_width:0 ~resizable:false () in let frame = GBin.frame ~label (* ~shadow_type:`ETCHED_OUT *) ~packing:window#add () in (* let box = GPack.box `HORIZONTAL ~packing:frame#add () in *) let vbox = GPack.box `VERTICAL ~packing:frame#add () in let box = GPack.box `HORIZONTAL ~packing:vbox#add () in let always_on_top_box = GPack.box `HORIZONTAL ~packing:vbox#add () in let check_button = GButton.check_button (*~stock:`CUT*) ~label:"Always on top" ~packing:always_on_top_box#add () in ignore (check_button#connect#clicked ~callback:(fun () -> let state = check_button#active in self#set_always_on_top id state)); (* Make a label which we don't need to name: *) ignore (GMisc.label ~text:"Activity" ~packing:box#add ()); ignore (window#event#connect#delete ~callback:(fun _ -> Log.printf "ledgrid_manager: Sorry, no, you can't\n"; true)); let device = new Ledgrid.device_led_grid ~packing:box#add ~ports:port_no ~show_100_mbs:false ~lines:(if port_no > 8 then 2 else 1) ~angle:(if port_no > 8 then 90.0 else 0.0) ~off_xpm_file_name:(image_directory^"/off.xpm") ~on_xpm_file_name:(image_directory^"/on.xpm") ?port_labelling_offset ~nothing_xpm_file_name:(image_directory^"/nothing.xpm") () in (* Note how the window is {e not} shown by default: it's appropriate to show it only when the device is started up. *) window, device method make_device_ledgrid ~id ~title ~label ~port_no ?port_labelling_offset ~image_directory ?connected_ports:(connected_ports=[])() = self#lock; Log.printf3 "ledgrid_manager: Making a ledgrid with title %s (id=%d) with %d ports.\n" title id port_no; let ledgrid_widget, window_widget = self#make_widget ~id ~port_no ?port_labelling_offset ~title ~label ~image_directory () in Hashmap.add id_to_data id (ledgrid_widget, window_widget, title, connected_ports); ignore (List.map (fun port -> self#set_port_connection_state ~id ~port ~value:true ()) connected_ports); Log.printf ~v:2 "ledgrid_manager: Ok, done.\n"; Log.printf1 ~v:2 "ledgrid_manager: Testing (1): is id=%d present in the table?...\n" id; (try let _ = self#id_to_device id in Log.printf ~v:2 "ledgrid_manager: Ok, passed.\n"; with _ -> Log.printf ~v:2 "ledgrid_manager: FAILED.\n"); Log.printf1 ~v:2 "ledgrid_manager: Testing (2): is id=%d present in the table?...\n" id; (try let _ = self#lookup id in Log.printf ~v:2 "ledgrid_manager: Ok, passed.\n"; with _ -> Log.printf ~v:2 "ledgrid_manager: FAILED.\n"); self#unlock method show_device_ledgrid ~id () = self#lock; (try (self#id_to_window id)#show (); with _ -> Log.printf1 "ledgrid_manager: Warning: id %d unknown in show_device_ledgrid\n" id); self#unlock method hide_device_ledgrid ~id () = self#lock; (try (self#id_to_window id)#misc#hide (); with _ -> Log.printf1 "ledgrid_manager: Warning: id %d unknown in show_device_ledgrid\n" id); self#unlock method destroy_device_ledgrid ~id () = self#lock; Log.printf1 "ledgrid_manager: Destroying the ledgrid with id %d\n" id; (try (self#id_to_window id)#misc#hide (); (self#id_to_window id)#destroy (); Hashmap.remove id_to_data id with _ -> Log.printf1 "ledgrid_manager: WARNING: failed in destroy_device_ledgrid: id is %d\n" id ); self#unlock method set_port_connection_state ~id ~port ~value () = self#lock; Log.printf3 "ledgrid_manager: Making the port %d of device %d %s\n" port id (if value then " connected" else " disconnected"); (try (self#id_to_device id)#set port value; let new_connected_ports = if value then port :: (self#id_to_connected_ports id) else List.filter (fun p -> p != port) (self#id_to_connected_ports id) in self#update_connected_ports id new_connected_ports; with _ -> Log.printf2 "ledgrid_manager: WARNING: failed in set_port_connection_state: id=%d port=%d\n" id port ); self#unlock method flash ~id ~port () = self#lock; (try (* Annoying for the world_gateway *) (* Log.print_string ("Flashing port " ^ (string_of_int port) ^ " of device " ^ *) (* (self#id_to_name id) ^ "\n"); *) (self#id_to_device id)#flash port; with _ -> ()) (* Log.printf "WARNING: failed in flashing (id: %i; port: %i)\n" id port) *); self#unlock (** Destroy all currently existing widgets and their data, so that we can start afresh with a new network: *) method reset = (* Log.print_string "\n\n*************** LEDgrid_manager: reset was called.\n\n"; *) let hashmap_as_alist = Hashmap.to_list id_to_data in ignore (List.map (fun (id, _) -> self#destroy_device_ledgrid ~id (); Hashmap.remove id_to_data id) hashmap_as_alist); val blinker_thread = ref None; method blinker_thread = match !blinker_thread with (Some blinker_thread) -> blinker_thread | None -> assert false method private make_blinker_thread = Log.printf ("ledgrid_manager: Making a blinker thread\n"); Thread.create (fun () -> Log.printf ("ledgrid_manager: Making the socket\n"); let socket = Unix.socket Unix.PF_UNIX Unix.SOCK_DGRAM 0 in let _ = try Unix.unlink blinker_thread_socket_file_name with _ -> () in Log.printf ("ledgrid_manager: Binding the socket\n"); let _ = Unix.bind socket (Unix.ADDR_UNIX blinker_thread_socket_file_name) in Log.printf ("ledgrid_manager: Still alive\n"); let maximum_message_size = 1000 in let buffer = Bytes.create maximum_message_size in Log.printf ("ledgrid_manager: Ok, entering the thread main loop\n"); while true; do (* ==== Beginning of the reasonable version ==== *) (** This commented-out version was absolutely reasonable and it worked with the old patched VDE, but for some strange reason I can't understand now recvfrom() fails, always receiving the correct message. The VDE code looks correct. Oh, well. This functionality is not critical anyway, and even one wrong blink every now and then would not be serious. Anyway, this seems to work perfectly. Go figure. *) (* Log.print_string ("\nWaiting for a string...\n"); *) (* let length = *) (* try *) (* let (length, _) = recvfrom socket buffer 0 maximum_message_size [] in length *) (* with Unix.Unix_error(error, string1, string2) -> begin *) (* Log.printf "SSSSSS recvfrom() failed: %s (\"%s\", \"%s\").\n" (Unix.error_message error) string1 string2; flush_all (); *) (* let message = String.sub buffer 0 (maximum_message_size - 1) in *) (* Log.printf "SSSSSS the possibly invalid message is >%s<\n" message; *) (* 0; *) (* end *) (* | e -> begin *) (* Log.printf "SSSSSS recvfrom() failed with a non-unix error: %s.\n" (Printexc.to_string e); flush_all (); *) (* 0; *) (* end in *) (* try *) (* let (id, port) = *) (* Scanf.sscanf message "%i %i" (fun id port -> (id, port)) *) (* in *) (* self#flash ~id ~port (); *) (* ==== End of the reasonable version ==== *) (* ==== Beginning of the unreasonable version ==== *) (try ignore (Unix.recvfrom socket buffer 0 maximum_message_size []) with _ -> ()); let length = try String.index buffer '\n' with _ -> 0 in let message = String.sub buffer 0 length in try let id1, port1, id2, port2 = (** This long formatted string is passed to VDE as a cable identifier. This allows us to easily understand which LEDs to work on when we receive a blinking command. *) Scanf.sscanf message "((id: %i; port: %i)(id: %i; port: %i))" (fun id1 port1 id2 port2 -> (id1, port1, id2, port2)) in self#flash ~id:id1 ~port:port1 (); self#flash ~id:id2 ~port:port2 (); (* ==== End of the unreasonable version ==== *) with _ -> try let _ = Scanf.sscanf message "please-die" (fun x -> x) in Log.printf ("ledgrid_manager: Exiting the LEDgrid manager blinker thread\n"); Unix.close socket; let _ = try Unix.unlink blinker_thread_socket_file_name with _ -> () in Thread.exit (); Log.printf ("ledgrid_manager: !!! This should never be reached !!!\n"); with _ -> Log.printf1 "ledgrid_manager: Warning: can't understand the message '%s'\n" message; done) () initializer blinker_thread := Some self#make_blinker_thread (** This should be called before termination *) method kill_blinker_thread = let client_socket = Unix.socket Unix.PF_UNIX Unix.SOCK_DGRAM 0 in let client_socket_file_name = Filename.temp_file "blinker-killer-client-socket-" "" in (try Unix.unlink client_socket_file_name with _ -> ()); Unix.bind client_socket (Unix.ADDR_UNIX client_socket_file_name); Log.printf "ledgrid_manager: Sending the message \"please-die\" to the blinker thread...\n"; let message = "please-die" in (try ignore (Unix.sendto client_socket message 0 ((String.length message)) [] (Unix.ADDR_UNIX blinker_thread_socket_file_name)); with _ -> begin Log.printf "ledgrid_manager: VERY SERIOUS: sending the message \"please-die\" to the blinker thread failed.\n"; end); Log.printf "ledgrid_manager: Ok.\n"; (* Make sure this arrives right now: *) (* flush_all (); *) (* Thread.join (self#blinker_thread); *) Log.printf "ledgrid_manager: Ok, the blinker thread has exited now.\n"; (try Unix.unlink client_socket_file_name with _ -> ()); (try Unix.unlink blinker_thread_socket_file_name with _ -> ()); (* Thread.kill self#blinker_thread *) end;; (** There must be exactly one instance of ledgrid_manager: *) let the_one_and_only_ledgrid_manager = new ledgrid_manager;; marionnet-0.90.6+bzr508.orig/gui/gui_dialog_toolkit.ml0000644000175000017500000001052213175722671021570 0ustar lucaslucasn(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2009, 2010 Jean-Vincent Loddo Copyright (C) 2009 Luca Saiu Copyright (C) 2009, 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) open Gettext;; (** Common tools for setting labels and tips in a dialog. *) module Make (Toplevel : sig val toplevel : GWindow.dialog_any end) = struct open Toplevel module Label = struct let set label text = label#set_use_markup true; label#set_label text end module Tooltip = struct let setter = let result = (GData.tooltips ()) in let _ = toplevel#connect#destroy ~callback:(fun _ -> result#destroy ()) in result let set w text = setter#set_tip w#coerce ~text let set_both w1 w2 text = List.iter (fun w -> setter#set_tip w ~text) [w1#coerce;w2#coerce] (* Common text for dialog's tooltips *) module Text = struct let component_label = (s_ "Label to be written in the network sketch, next to the element icon." ) let component_label_with_suggestion = component_label^" "^(s_ "It is advisable to use as label the IP address of the element (for example \"192.168.1.0/24\")." ) let append_label_suggestion_to msg = msg^" "^(s_ "It is advisable to use as label the IP address of the element (for example \"192.168.1.0/24\")." ) end (* Tooltip.Text *) end (* Tooltip *) type env = string Environments.string_env (* Moved from talking.ml. Generic dialog loop for component INSERT/UPDATE. The inserted or updated name must be unique in the network. *) let dialog_loop ?(help=None) dialog (scan_dialog:unit->env) (st:State.globalState) = let result = (ref None) in let cont = ref true in begin while (!cont = true) do begin match dialog#toplevel#run () with | `OK -> begin try let r = scan_dialog () in let (action,name,oldname) = (r#get("action"),r#get("name"),r#get("oldname")) in (* OK only if the name is not already used in the network (and not empty). *) if ((action="add") && (st#network#name_exists name)) or ((action="update") && (not (name=oldname)) && (st#network#name_exists name)) then (Simple_dialogs.error (s_ "Name conflict" ) (Printf.sprintf(f_ "The name '%s' is already used in the virtual network. The names of virtual network elements must be unique." ) name) ()) else (result := Some r ; cont := false) with | Talking.EDialog.IncompleteDialog -> cont := true | (Talking.EDialog.BadDialog (title,msg)) -> (Simple_dialogs.error title msg ()) | (Talking.EDialog.StrangeDialog (title,msg,r)) -> (*(Msg.warning title msg ()); *) begin match Talking.EDialog.ask_question ~gen_id:"answer" ~title:(s_ "CONFIRM") ~question:(msg^(s_ "\nDo you confirm this connection?" )) ~help:None ~cancel:false () with | Some e -> if (e#get("answer")="yes") then (result := Some r ; cont := false) else cont := true | None -> (*raise (Failure "Unexpected result of dialog ask_question")*) cont := true (* Consider as the answer "no" *) end end | `HELP -> (match help with | Some f -> f (); | None -> () ) | _ -> result := None ; cont := false end done; (* Close the dialog and return its result. *) dialog#toplevel#destroy (); !result end end (* Make *) marionnet-0.90.6+bzr508.orig/gui/glade-2.0.dtd0000644000175000017500000000417413175722671017442 0ustar lucaslucas marionnet-0.90.6+bzr508.orig/gui/menu_factory.ml0000644000175000017500000001544013175722671020417 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2009, 2010 Jean-Vincent Loddo Copyright (C) 2009, 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) (** Tools for making menus (with or without a menubar). *) #load "include_type_definitions_p4.cmo" ;; INCLUDE DEFINITIONS "gui/menu_factory.mli" let fresh_path = let x = ref 0 in function () -> let result = "/") in let () = incr x in result (** Make a module with tools for adding and managing items to a given parent (menubar or menuitem). If a menubar not provided, a fresh one is created just for the factory definition. In this case, the connection with the menu_item_skel parent will be fixed after the inclusion by a calling to the function get_menu (). *) module Make (M: Parents) = struct (* In the case of menu_item, this value will be defined immediately. *) let current_menu = ref None let accel_path = fresh_path () let create_shell_for_simple_menu menu = let result = (new GMenu.factory ~accel_path menu) in let () = M.window#add_accel_group result#accel_group in let () = (current_menu := Some result) in (result#menu :> GMenu.menu_shell) let create_subshell_for_menu_item mi = let simple_menu = GMenu.menu ~packing:(mi#set_submenu) () in create_shell_for_simple_menu simple_menu let shell = match M.parent with | Menubar mb -> mb | Menuitem mi -> create_subshell_for_menu_item mi | Menu m -> create_shell_for_simple_menu m let factory = new GMenu.factory ~accel_path shell let accel_group = factory#accel_group let () = M.window#add_accel_group accel_group (* This function is typically called only when the parent is a menu_item. *) let get_current_menu () = match !current_menu with | Some menu -> menu | None -> failwith "No current menu defined in this factory." (* Typically used for menubars *) let add_menu title = let menu = factory#add_submenu title in let result = new GMenu.factory menu ~accel_path ~accel_group in let () = (current_menu := Some result) in result (* Useful for dynamic submenus. *) let recreate_subshell () = match M.parent with | Menuitem mi -> let s = match mi#get_submenu with Some x -> x | None -> assert false in s#destroy (); create_subshell_for_menu_item mi | Menubar _ -> failwith "Not allowed action: this factory has been created for a menubar." | _ -> assert false (* Now tools: *) let not_implemented_yet _ = Log.printf "NOT IMPLEMENTED YET!!!!!\n" let monitor label _ = Log.printf1 "Menu entry with label \"%s\" selected by user\n" label let add_item ?(menu = get_current_menu ()) ?submenu ?(key=0) label ?(callback=(monitor label)) () = let result = menu#add_item label ~key ~callback in let () = match submenu with None -> () | Some submenu -> (result#set_submenu submenu) in result let add_stock_item ?(menu = get_current_menu ()) ?submenu ?(key=0) label ~stock ?(callback=(monitor label)) () = let result = menu#add_image_item ~image:(GMisc.image ~stock ())#coerce ~key ~callback ~label () in let () = match submenu with None -> () | Some submenu -> (result#set_submenu submenu) in result let add_imagefile_item ?(menu = get_current_menu ()) ?submenu ?(key=0) ?(label="") file ?(callback=(monitor file)) () = let result = menu#add_image_item ~label ~image:(GMisc.image ~file ())#coerce ~key ~callback () in let () = match submenu with None -> () | Some submenu -> (result#set_submenu submenu) in result let add_check_item ?(menu = get_current_menu ()) ?(active=false) ?(key=0) label ?(callback=(monitor label)) () = menu#add_check_item label ~key ~active ~callback let add_separator ?(menu = get_current_menu ()) () = ignore (menu#add_separator ()) (* Useful shortcuts when the result of the functor is included. *) let parent = M.parent let window = M.window end (* Shortcuts *) let mkenv = Environments.make_string_env (** Useful when there is no dialog preceeding the reaction: *) let no_dialog_but_simply_return_name = fun name () -> Some name module Side_effects_of (E:sig type t val to_string : t -> string end) = struct let none_effect () = Log.printf "--- Dialog result: NOTHING TO DO (CANCELED)\n" let some_effect t = let msg = Printf.sprintf "--- Dialog result:\n%s------------------\n" (E.to_string t) in (Log.printf1 "%s" msg) end let compose ?none_effect ?some_effect (heuristic:'a -> 'b option) (procedure:'b -> unit) = fun x -> match (heuristic x), none_effect, some_effect with | None , None , _ -> () | None , Some f, _ -> let () = f () in () | Some y , _ , None -> procedure y | Some y , _ , Some f -> let () = f y in (procedure y) module Make_entry = functor (E : Entry_definition) -> functor (F : Factory) -> struct let item = let key = match E.key with None -> 0 | Some k -> k in F.add_stock_item ~key E.text ~stock:E.stock () include Side_effects_of (E) let callback = compose ~none_effect ~some_effect (E.dialog) (E.reaction) let connect = item#connect#activate ~callback end module Make_entry_with_children = functor (E : Entry_with_children_definition) -> functor (F : Factory) -> struct let item = F.add_stock_item E.text ~stock:E.stock () (* Submenu *) module Submenu = Make (struct let parent = Menuitem (item :> GMenu.menu_item_skel) let window = F.window end) include Side_effects_of (E) let callback name = compose ~none_effect ~some_effect (E.dialog name) (E.reaction) let item_callback () = begin ignore (Submenu.recreate_subshell ()); (List.iter (fun name -> ignore (Submenu.add_stock_item name ~stock:E.stock ~callback:(fun () -> callback name ()) () ) ) (E.dynlist ())) end let _ = item#connect#activate ~callback:item_callback let submenu = (Submenu.get_current_menu ())#menu end (** {2 Examples} include Menu_factory.Make_entry (F) (struct let text = "EASY" let stock = `NEW let dialog = Menu_factory.no_dialog "" let reaction _ = () end) *) marionnet-0.90.6+bzr508.orig/gui/gui_toolbar_DOT_TUNING.ml0000644000175000017500000002512413175722671022024 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2009, 2010 Jean-Vincent Loddo Copyright (C) 2009, 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) (** Gui completion for the toolbar_DOT_TUNING widget defined with glade. *) open Gettext open Sugar (* for '=>' and '||' *) (* This functor defines the dot tuning toolbar driver of the global state. *) module Make (State : sig val st:State.globalState end) = struct open State let w = st#mainwin (* Labels *) let () = begin let set label text = label#set_use_markup true; label#set_label (""^text^"") in set w#label_DOT_TUNING_NODES (s_ "Nodes") ; set w#label_DOT_TUNING_EDGES (s_ "Edges" ) ; set w#label_DOT_TUNING_LABELS (s_ "Labels") ; set w#label_DOT_TUNING_AREA (s_ "Surface") ; end (* Tooltips *) let () = begin let set w text = (GData.tooltips ())#set_tip w ~text in set w#label_DOT_TUNING_NODES#coerce (s_ "Tuning of graph nodes") ; set w#vscale_DOT_TUNING_ICONSIZE#coerce (s_ "Tuning of icon size (machines, switch, hub, etc), without changing the icon arrangement") ; set w#button_DOT_TUNING_SHUFFLE#coerce (s_ "Randomly arrange nodes") ; set w#button_DOT_TUNING_UNSHUFFLE#coerce (s_ "Go back to the standard node arrangement (not random)") ; set w#label_DOT_TUNING_EDGES#coerce (s_ "Tuning of graph edges") ; set w#button_DOT_TUNING_RANKDIR_TB#coerce (s_ "Arrange edges top-to-bottom") ; set w#button_DOT_TUNING_RANKDIR_LR#coerce (s_ "Arrange edges left-to-right") ; set w#vscale_DOT_TUNING_NODESEP#coerce (s_ "Minimun edge size") ; set w#menubar_DOT_TUNING_INVERT#coerce (s_ "Reverse an edge") ; set w#button_DOT_TUNING_CURVED_LINES#coerce (s_ "Switch between straight and curved lines") ; set w#label_DOT_TUNING_LABELS#coerce (s_ "Tuning edge endpoint labels") ; set w#vscale_DOT_TUNING_LABELDISTANCE#coerce (s_ "Distance between labels and icons") ; set w#vscale_DOT_TUNING_EXTRASIZE#coerce (s_ "Canvas size"); set w#label_DOT_TUNING_AREA#coerce (s_ "Tuning of the graph size. The surface may increase up to double (100%) the original, in which case case elements are arranged to completely fill the available space.") ; end (* ******************************* * High-level toolbar driver * ******************************* *) (** Methods for reading or setting related widgets in a more abstract way. *) class high_level_toolbar_driver () = (* The iconsize converter float -> string *) let iconsize_of_float x = match (int_of_float x) with | 0 -> "small" | 1 -> "med" | 2 -> "large" | 3 -> "xxl" | default -> "large" in (* The iconsize converter string -> float *) let float_of_iconsize s = match s with | "small" -> 0. | "med" -> 1. | "large" -> 2. | "xxl" -> 3. | default -> 2. in object (self) (** iconsize tuning *) method get_iconsize : string = iconsize_of_float (w#vscale_DOT_TUNING_ICONSIZE#adjustment#value) method set_iconsize (x:string) = x => (float_of_iconsize || w#vscale_DOT_TUNING_ICONSIZE#adjustment#set_value) (** nodesep tuning *) (* Non-linear (quadratic) adjustment in the range [0,2] inches *) method get_nodesep : float = let formule = fun x -> (((x /. 20.) ** 2.) *. 2.) in w#vscale_DOT_TUNING_NODESEP#adjustment#value => formule method set_nodesep (y:float) = let inverse = fun y -> 20. *. sqrt (y /. 2.) in y => (inverse || w#vscale_DOT_TUNING_NODESEP#adjustment#set_value) (** labeldistance tuning *) (* Non-linear (quadratic) adjustment in the range [0,2] inches *) method get_labeldistance : float = let formule = fun x -> (((x /. 20.) ** 2.) *. 2.) in w#vscale_DOT_TUNING_LABELDISTANCE#adjustment#value => formule method set_labeldistance (y:float) = let inverse = fun y -> 20. *. sqrt (y /. 2.) in y => (inverse || w#vscale_DOT_TUNING_LABELDISTANCE#adjustment#set_value) (** extrasize tuning *) method get_extrasize : float = w#vscale_DOT_TUNING_EXTRASIZE#adjustment#value method set_extrasize (x:float) = w#vscale_DOT_TUNING_EXTRASIZE#adjustment#set_value x (** Handling the network image *) method get_image = w#sketch#pixbuf method get_image_current_width = (GdkPixbuf.get_width w#sketch#pixbuf) method get_image_current_height = (GdkPixbuf.get_height w#sketch#pixbuf) val mutable image_original_width = None val mutable image_original_height = None (** Called in update_sketch: *) method reset_image_size () = image_original_width <- None; image_original_height <- None (* Get and affect if need (but only the first time) *) method get_image_original_width = match image_original_width with | None -> (let x = self#get_image_current_width in image_original_width <- Some x; x) | Some x -> x (* Get and affect if need (but only the first time) *) method get_image_original_height = match image_original_height with | None -> (let x = self#get_image_current_height in image_original_height <- Some x; x) | Some x -> x end;; (* class high_level_toolbar_driver *) (* Enrich the global state structure with a new toolbar driver. *) st#dotoptions#set_toolbar_driver (new high_level_toolbar_driver ()) (* ******************************* * Callbacks definition * ******************************* *) let (opt,net) = (st#dotoptions, st#network) (* Tool *) let fold_lines = function [] -> "" | l-> List.fold_left (fun x y -> x^" "^y) (List.hd l) (List.tl l) (** Reaction for the iconsize tuning *) let iconsize_react () = if opt#gui_callbacks_disable then () else begin let size = opt#toolbar_driver#get_iconsize in Cortex.set opt#iconsize size; st#flash ~delay:4000 (Printf.sprintf (f_ "The icon size is fixed to value %s (default=large)") size); end (** Reaction for the shuffle tuning *) let shuffle_react () = begin Cortex.set (opt#shuffler) (ListExtra.shuffleIndexes (net#get_node_list)); let namelist = net#get_node_names => ( (ListExtra.permute opt#shuffler_as_function) || fold_lines ) in st#flash ~delay:4000 ((s_ "Icons randomly arranged: ")^namelist); end (** Reaction for the unshuffle tuning *) let unshuffle_react () = begin opt#shuffler_reset; let namelist = (net#get_node_names => fold_lines) in st#flash ~delay:4000 ((s_ "Default icon arrangement: ")^namelist); end (** Reaction for the rankdir tunings *) let rankdir_react x () = begin Cortex.set (st#dotoptions#rankdir) x; let msg = match x with | "TB" -> (s_ "Arrange edges top-to-bottom (default)") | "LR" -> (s_ "Arrange edges left-to-right") | _ -> "Not valid Rankdir" in st#flash ~delay:4000 msg; end (** Reaction for the nodesep tuning *) let nodesep_react () = if opt#gui_callbacks_disable then () else begin let y = opt#toolbar_driver#get_nodesep in Cortex.set (opt#nodesep) y; st#flash (Printf.sprintf (f_ "The minimum edge size (distance between nodes) is fixed to the value %s (default=0.5)") (string_of_float y)); end (** Reaction for the labeldistance tuning *) let labeldistance_react () = if opt#gui_callbacks_disable then () else begin let y = opt#toolbar_driver#get_labeldistance in Cortex.set (opt#labeldistance) y; st#flash (Printf.sprintf (f_ "The distance between labels and icons is fixed to the value %s (default=1.6)") (string_of_float y)); end (** Reaction for the extrasize_x tuning *) let extrasize_react () = if opt#gui_callbacks_disable then () else begin let y = opt#toolbar_driver#get_extrasize in Cortex.set (opt#extrasize) y; st#flash (Printf.sprintf (f_ "The canvas size is fixed to %s%% of the minimun value to contain the graph (default=0%%)") (string_of_int (int_of_float y)) ); end (** Reaction for a rotate tuning *) let reverse_edge_callback x () = begin let c = (st#network#get_cable_by_name x) in c#set_reversed (not c#is_reversed); st#flash (Printf.sprintf (f_ "Cable %s reversed") x); end (** Reaction for the spline's (straight/curved) tuning *) let curved_lines_react () = if opt#gui_callbacks_disable then () else begin let msg = match (st#dotoptions#curved_lines_commute) with | true -> (s_ "Switched to curved lines") | false -> (s_ "Switched to straight lines") in st#flash ~delay:4000 msg; end (* Connections *) let _ = w#vscale_DOT_TUNING_ICONSIZE#connect#value_changed iconsize_react let _ = w#button_DOT_TUNING_SHUFFLE#connect#clicked shuffle_react let _ = w#button_DOT_TUNING_UNSHUFFLE#connect#clicked unshuffle_react let _ = w#button_DOT_TUNING_RANKDIR_TB#connect#clicked (rankdir_react "TB") let _ = w#button_DOT_TUNING_RANKDIR_LR#connect#clicked (rankdir_react "LR") let _ = w#vscale_DOT_TUNING_NODESEP#connect#value_changed nodesep_react let _ = w#vscale_DOT_TUNING_LABELDISTANCE#connect#value_changed labeldistance_react let _ = w#vscale_DOT_TUNING_EXTRASIZE#connect#value_changed extrasize_react let _ = w#button_DOT_TUNING_CURVED_LINES#connect#clicked curved_lines_react (** Generic connect function for rotate menus. *) let connect_rotate_menu ~widget ~widget_menu ~dynList = begin let set_active cname = (List.mem cname st#network#reversed_cables) in (Widget.DynamicSubmenu.make ~set_active ~submenu:widget_menu ~menu:widget ~dynList ~action:reverse_edge_callback ()) ; () end (* Ensure that the image will be shown (in spite of a possibly opposite Gnome/Ubuntu global setting) *) let () = st#mainwin#imagemenuitem_DOT_TUNING_INVERT#image#misc#show () (* Connect INVERT_DIRECT *) let _ = connect_rotate_menu ~widget:st#mainwin#imagemenuitem_DOT_TUNING_INVERT_DIRECT ~widget_menu:st#mainwin#imagemenuitem_DOT_TUNING_INVERT_DIRECT_menu ~dynList:(fun () -> st#network#get_direct_cable_names) (* Connect INVERT_CROSSOVER *) let _ = connect_rotate_menu ~widget:st#mainwin#imagemenuitem_DOT_TUNING_INVERT_CROSSOVER ~widget_menu:st#mainwin#imagemenuitem_DOT_TUNING_INVERT_CROSSOVER_menu ~dynList:(fun () -> st#network#get_crossover_cable_names) end (* Make *) marionnet-0.90.6+bzr508.orig/gui/simple_dialogs.ml0000644000175000017500000001353413175722671020721 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2007, 2008, 2009 Luca Saiu Copyright (C) 2007, 2009, 2010 Jean-Vincent Loddo Copyright (C) 2007, 2008, 2009, 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) open Gettext;; (** Convert ocaml (ISO-8859-1) string in UTF-8 format *) (* let utf8 x = Glib.Convert.convert x "UTF-8" "ISO-8859-1";; *) let utf8 x = x;; (* We currently don't use this. It works better :-) *) (** Generic constructor for message dialog *) let message win_title ?modal (msg_title) (msg_content) (img_file) () = let d = new Gui.dialog_MESSAGE () in d#toplevel#set_resizable true; Option.iter (d#toplevel#set_modal) modal; let _ = d#closebutton_MESSAGE#connect#clicked ~callback:(d#toplevel#destroy) in d#toplevel#set_icon (Some Icon.icon_pixbuf); d#toplevel#set_title (utf8 win_title); d#title#set_use_markup true; d#title#set_label (""^msg_title^""); d#title#set_selectable true; d#content#set_label msg_content; d#content#set_selectable true; d#image#set_file (Initialization.Path.images ^ img_file); () ;; (** Specific constructor for help messages *) let help ?modal title msg () = message ?modal (s_ "Help") title msg "ico.help.orig.png" ();; (** Specific constructor for error messages *) let error ?modal title msg () = message ?modal (s_ "Error") title msg "ico.error.orig.png" ();; (** Specific constructor for warning messages *) let warning ?modal title msg () = message ?modal (s_ "Warning") title msg "ico.warning.orig.png" ();; (** Specific constructor for info messages *) let info ?modal title msg () = message ?modal (s_ "Information") title msg "ico.info.orig.png" ();; (** Show a new dialog displaying a progress bar *) let make_progress_bar_dialog = Progress_bar.make_progress_bar_dialog;; (** Destroy a dialog which was previously created by make_progress_bar_dialog *) let destroy_progress_bar_dialog dialog = Progress_bar.destroy_progress_bar_dialog dialog;; let confirm_dialog ~question ?(cancel = false) () = let dialog = new Gui.dialog_QUESTION () in dialog#toplevel#set_icon (Some Icon.icon_pixbuf); dialog#toplevel#set_title (utf8 "Confirmation"); dialog#title_QUESTION#set_use_markup true; dialog#title_QUESTION#set_label question; ignore (dialog#toplevel#event#connect#delete ~callback:(fun _ -> Log.printf "Sorry, no, you can't close the dialog. Please make a decision.\n"; true)); (if cancel then dialog#toplevel#add_button_stock `CANCEL `CANCEL); let result = (ref None) in let cont = ref true in while (!cont = true) do begin match dialog#toplevel#run () with | `YES -> begin cont := false; result := Some true; end | `NO -> begin cont := false; result := Some false end | `CANCEL -> cont := false; result := None | _ -> (* The user tried to close the dialog. No, we refuse: let him/her try again *) (*assert false*) () end done; dialog#toplevel#destroy (); !result; (** Only internally used: *) exception TheUserCanceled;; (** Show a modal dialog prompting the user for a text, and return the text as entered by the user. A predicate checking that the text supplied by the user is valid and a callback to be automatically invoked at each text update can be optionally supplied. Two callbacks should be supplied, to be called in case of success or cancel. *) let ask_text_dialog ~title ~label ?(initial_text="") ?(constraint_predicate=(fun _ -> true)) ?(invalid_text_message=(s_ "Sorry, the size is invalid.")) ?(changed_callback=(fun _ -> ())) ?max_length ?(enable_cancel=false) ?(cancel_callback=(fun () -> ())) ?(border_width=40) ?(spacing=20) ~ok_callback () = let window = GWindow.window ~title ~modal:true ~position:`CENTER ~type_hint:`DIALOG ~icon:Icon.icon_pixbuf ~resizable:false () in let vbox = GPack.vbox ~packing:window#add ~border_width ~spacing () in let _ = GMisc.label ~text:label ~packing:vbox#add ~line_wrap:true () in let entry = GEdit.entry ~text:initial_text ?max_length ~packing:vbox#add () in ignore (entry#connect#changed ~callback:(fun () -> changed_callback entry#text)); let hbox = GPack.hbox ~packing:vbox#add ~homogeneous:true () in let button_ok = GButton.button ~stock:`OK ~packing:hbox#add () in (if enable_cancel then let button_cancel = GButton.button ~stock:`CANCEL ~packing:hbox#add () in ignore (button_cancel#connect#clicked ~callback:(fun () -> window#destroy (); cancel_callback ()))); let ok_callback window entry () = let text = entry#text in if constraint_predicate text then begin window#destroy (); ok_callback text end else begin error (s_ "Invalid size") invalid_text_message () end in ignore (button_ok#connect#clicked ~callback:(ok_callback window entry)); let _ = window#event#connect#key_press ~callback: begin fun ev -> (if GdkEvent.Key.keyval ev = GdkKeysyms._Return then ok_callback window entry ()); false end in button_ok#misc#set_can_default true; button_ok#misc#grab_default (); window#show ();; marionnet-0.90.6+bzr508.orig/gui/gui.xml0000644000175000017500000017741713175722671016715 0ustar lucaslucas 600 400 True Marionnet GTK_WIN_POS_CENTER 750 690 marionnet-launcher.png True True False False True True True 88 True True GTK_POLICY_NEVER GTK_POLICY_AUTOMATIC GTK_CORNER_TOP_RIGHT True True GTK_SHADOW_NONE True True True GTK_ORIENTATION_VERTICAL False False False False 1 True False False 1 True True ---Réseau virtuel--- False False True True GTK_POS_BOTTOM True True True GTK_POLICY_AUTOMATIC GTK_POLICY_AUTOMATIC True True gtk-missing-image 44 True GTK_ORIENTATION_VERTICAL GTK_TOOLBAR_BOTH True True <small><small>---Nœuds---</small></small> True GTK_JUSTIFY_CENTER False False True 52 True True GTK_UPDATE_DELAYED 2 0 3 1 1 0 True 0 False GTK_POS_RIGHT False False True True True GTK_RELIEF_NONE 0 True ico.dado.24.png False False True True True GTK_RELIEF_NONE 0 True ico.dado-no.24.png False False True 6 True False False True True <small><small>---Arcs---</small></small> True GTK_JUSTIFY_CENTER False False True True True GTK_RELIEF_NONE 0 True gtk-go-down 2 False False True True True GTK_RELIEF_NONE 0 True gtk-go-forward 2 False False True 54 True True GTK_UPDATE_DELAYED 3.1619999999999999 0 20 1 1 0 True 0 False GTK_POS_RIGHT False False True True True True True True cable droit True True item21 True True ico.cable.direct.invert.png True cable croisé True True item5 True True ico.cable.crossed.invert.png True 0 ico.invert-arcs.png False False True True True GTK_RELIEF_NONE 0 True ico.splines.png 2 False False True 6 True False False True True <small><small>---Labels---</small></small> True GTK_JUSTIFY_CENTER False False True 54 True True GTK_UPDATE_DELAYED 0 0 20 1 1 0 True 0 False GTK_POS_RIGHT False False True 6 True False False True True <small><small>---Surface---</small></small> True GTK_JUSTIFY_CENTER False False True 54 True True GTK_UPDATE_DELAYED 0 0 100 1 10 0 True 0 False GTK_POS_RIGHT False False True 6 True False False False False 1 90 True 10 2 <i>---Image---</i> True tab False True 2 90 True <i>---Interfaces---</i> True tab 2 False True 3 90 True <i>---Anomalies---</i> True tab 3 False True 4 90 True <i>---Disques---</i> True tab 4 False 1 2 True 10 2 <i>---Composants---</i> True True tab False True True ---Documents du projet--- False False True 1 2 True 10 2 <i>---Énoncé---</i> True tab 2 False 1 True False 10 2 True False False 3 True À propos False True marionnet-launcher.png GDK_WINDOW_TYPE_HINT_DIALOG True True True True Marionnet True GTK_JUSTIFY_CENTER True False False True True True 2 GTK_POLICY_NEVER GTK_POLICY_NEVER GTK_SHADOW_ETCHED_OUT True 2 True 10 10 ico.marionnet-final.orig.png True True True 10 10 True GTK_JUSTIFY_FILL True 82 True 10 ---À propos--- tab False True True GTK_JUSTIFY_FILL 1 82 True 10 ---Auteurs--- tab 1 False True True GTK_JUSTIFY_FILL True 2 82 True 10 ---Licence--- tab 2 False True True True GTK_JUSTIFY_FILL True True True True True logo.paris13.png 1 1 3 82 True ---Thanks--- tab 3 False 1 1 2 True GTK_BUTTONBOX_END True True True gtk-close True -7 False False False GTK_PACK_END True Message False True GTK_WIN_POS_CENTER True marionnet-launcher.png GDK_WINDOW_TYPE_HINT_DIALOG True True True True 10 10 gtk-missing-image False True 10 10 <b>Title</b> True GTK_JUSTIFY_CENTER False 1 False False True 10 10 Content True GTK_JUSTIFY_FILL True 1 2 True GTK_BUTTONBOX_END True True True gtk-close True -7 False False False GTK_PACK_END True Message False True GTK_WIN_POS_CENTER True marionnet-launcher.png GDK_WINDOW_TYPE_HINT_DIALOG True True True True 10 10 ico.question-2.orig.png False True 10 10 <b>Title</b> True GTK_JUSTIFY_CENTER False 1 False False 2 True GTK_BUTTONBOX_END True True True gtk-no True -9 False False True True True gtk-yes True -8 False False 1 False GTK_PACK_END marionnet-0.90.6+bzr508.orig/gui/gui_toolbar_COMPONENTS.ml0000644000175000017500000000604513175722671022000 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2009, 2010 Jean-Vincent Loddo Copyright (C) 2009, 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) (** Gui completion for the toolbar_COMPONENTS widget defined with glade. *) open Gettext module Make (State : sig val st:State.globalState end) = struct module Direct = struct let crossover = false end module Crossover = struct let crossover = true end module Params = struct include State let packing = `toolbar st#mainwin#toolbar_COMPONENTS end module Menus_for_machine = Machine.Make_menus (Params) module Menus_for_hub = Hub.Make_menus (Params) module Menus_for_switch = Switch. Make_menus (Params) module Menus_for_router = Router. Make_menus (Params) module Menus_for_direct_cable = Cable. Make_menus (Params) (Direct) module Menus_for_crossover_cable = Cable. Make_menus (Params) (Crossover) module Menus_for_cloud = Cloud. Make_menus (Params) (* World gateway and bridge in the same sub-toolbar: *) module World_access_button = struct module F = Menu_factory.Make (struct let toolbar = State.st#mainwin#toolbar_COMPONENTS let image_menu_item = Gui_toolbar_COMPONENTS_layouts.Toolbar.append_image_menu toolbar "ico.world.palette.png" (s_ "Real world access") let parent = Menu_factory.Menuitem (image_menu_item :> GMenu.menu_item_skel) let window = State.st#mainwin#window_MARIONNET end) let world_gateway_menu_parent = let filename = Filename.concat Initialization.Path.images "ico.world_gateway.palette.png" in F.add_imagefile_item ~label:"Gateway" filename () let world_bridge_menu_parent = let filename = Filename.concat Initialization.Path.images "ico.world_bridge.palette.png" in F.add_imagefile_item ~label:"Bridge" filename () end module Params_for_world_gateway = struct include State let menu_parent = World_access_button.world_gateway_menu_parent let packing = `menu_parent (Menu_factory.Menuitem (menu_parent :> GMenu.menu_item_skel)) end module Params_for_world_bridge = struct include State let menu_parent = World_access_button.world_bridge_menu_parent let packing = `menu_parent (Menu_factory.Menuitem (menu_parent :> GMenu.menu_item_skel)) end module Menus_for_world_gateway = World_gateway. Make_menus (Params_for_world_gateway) module Menus_for_world_bridge = World_bridge. Make_menus (Params_for_world_bridge) end marionnet-0.90.6+bzr508.orig/gui/gui_menubar_MARIONNET.ml0000644000175000017500000003126213175722671021635 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2009, 2010 Jean-Vincent Loddo Copyright (C) 2009 Luca Saiu Copyright (C) 2009, 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) open Gettext;; (** Gui completion for the menubar_MARIONNET widget defined with glade. *) (* Shortcuts *) module EDialog = Talking.EDialog module Msg = Talking.Msg let mkenv = Environments.make_string_env open GdkKeysyms open GtkStock module Make (State:sig val st:State.globalState end) = struct open State (* Create the factory linked to the menubar. *) module F = Menu_factory.Make (struct let parent = Menu_factory.Menubar st#mainwin#menubar_MARIONNET let window = st#mainwin#window_MARIONNET end) include F (* **************************************** * Menu "Project" * **************************************** *) let project = add_menu (s_ "_Project" ) module Common_dialogs = struct (* Dialog used both for "New" and "Open" *) let save_current () = if st#active_project then EDialog.ask_question ~help:None ~cancel:true ~gen_id:"save_current" ~title:(s_ "Close" ) ~question:(s_ "Do you want to save the current project?") () else (Some (mkenv [("save_current","no")])) end type env = string Environments.string_env let env_to_string (t:env) = t#to_string (fun s->s) module Created_entry_project_new = Menu_factory.Make_entry (struct type t = env let to_string = env_to_string let text = (s_ "New" ) let stock = `NEW let key = (Some _N) let dialog = let filename () = EDialog.ask_for_fresh_writable_filename ~title:(s_ "Name of the new project" ) ~filter_names:[`MAR;`ALL] ~help:(Some Msg.help_nom_pour_le_projet) () in (EDialog.sequence [Common_dialogs.save_current; filename]) let reaction r = begin st#shutdown_everything (); let filename = Talking.check_filename_validity_and_add_extension_if_needed (r#get "filename") in let actions () = begin st#close_project; st#new_project filename; end in if (st#active_project) && ((r#get "save_current") = "yes") then (st#save_project; Task_runner.the_task_runner#schedule ~name:"new project" actions) else (actions ()) end end) (F) let project_new = Created_entry_project_new.item module Created_entry_project_open = Menu_factory.Make_entry (struct type t = env let to_string = env_to_string let text = (s_ "Open" ) let stock = `OPEN let key = (Some _O) let dialog = let filename_dialog () = EDialog.ask_for_existing_rw_filename ~title:(s_ "Open an existing Marionnet project" ) ~filter_names:[`MAR; `ALL] ~help:(Some Msg.help_nom_pour_le_projet) () in (EDialog.sequence [Common_dialogs.save_current; filename_dialog]) let reaction r = begin st#shutdown_everything (); let filename = (r#get "filename") in let actions () = begin st#close_project; try st#open_project_async filename; with e -> ((Simple_dialogs.error (s_ "Open a project") ((s_ "Failed to open the file ")^filename) ()); raise e) end in if (st#active_project) && ((r#get "save_current")="yes") then (st#save_project; Task_runner.the_task_runner#schedule ~name:"open_project" actions) else (actions ()) end end) (F) let project_open = Created_entry_project_open.item let project_save = add_stock_item (s_ "Save" ) ~stock:`SAVE ~callback:(fun () -> if st#is_there_something_on_or_sleeping () then Msg.error_saving_while_something_up () else st#save_project) () module Created_entry_project_save_as = Menu_factory.Make_entry (struct type t = env let to_string = env_to_string let text = (s_ "Save as" ) let stock = `SAVE_AS let key = None let dialog () = EDialog.ask_for_fresh_writable_filename ~title:(s_ "Save as" ) ~filter_names:[`MAR; `ALL] ~help:(Some Msg.help_nom_pour_le_projet) () let reaction r = if st#is_there_something_on_or_sleeping () then Msg.error_saving_while_something_up () else let filename = Talking.check_filename_validity_and_add_extension_if_needed ~extension:"mar" (r#get "filename") in try let () = st#save_project_as ~filename () in () with _ -> (Simple_dialogs.error (s_ "Save project as") ((s_ "Failed to save the project into the file ")^filename) ()) end) (F) let project_save_as = Created_entry_project_save_as.item module Created_entry_project_copy_to = Menu_factory.Make_entry (struct type t = env let to_string = env_to_string let text = (s_ "Copy to" ) let stock = `SAVE_AS let key = None let dialog () = EDialog.ask_for_fresh_writable_filename ~title:(s_ "Copy to" ) ~filter_names:[`MAR; `ALL] ~help:(Some Msg.help_nom_pour_le_projet) () let reaction r = if st#is_there_something_on_or_sleeping () then Msg.error_saving_while_something_up () else let filename = Talking.check_filename_validity_and_add_extension_if_needed ~extension:"mar" (r#get "filename") in try let () = st#copy_project_into ~filename () in () with _ -> (Simple_dialogs.error (s_ "Project copy to" ) ((s_ "Failed to copy the project into the file ")^filename) ()) end) (F) let project_copy_to = Created_entry_project_copy_to.item module Created_entry_project_close = Menu_factory.Make_entry (struct type t = env let to_string = env_to_string let text = (s_ "Close" ) let stock = `CLOSE let key = (Some _W) let dialog () = EDialog.ask_question ~help:None ~cancel:true ~title:(s_ "Close" ) ~question:(s_ "Do you want to save the current project?") () let reaction r = begin st#shutdown_everything (); let () = if (st#active_project) && ((r#get "answer") = "yes") then st#save_project else () in st#close_project; end end) (F) let project_close = Created_entry_project_close.item let separator = project#add_separator () module Created_entry_project_export = Menu_factory.Make_entry (struct type t = env let to_string = env_to_string let text = (s_ "Export image" ) let stock = `CONVERT let key = None let dialog () = let extra_widget = let (combo_box, get_selected) = Dot_widget.combo_of_working_output_formats ~active:`png () in let widget_reader () = let frm = get_selected () in Dot.string_of_output_format frm in let table = GPack.table ~rows:2 ~columns:1 ~row_spacings:10 ~homogeneous:false () in let _ = GMisc.label ~xalign:0.5 ~markup:(""^(s_ "Output format")^"") ~packing:(table#attach ~left:0 ~top:0) () in (table#attach ~left:0 ~top:1 combo_box#coerce); (table#coerce, widget_reader) in EDialog.ask_for_fresh_writable_filename ~title:(s_ "Export network image" ) ~filters:(Dot_widget.make_all_working_filters ()) ~filter_names:[`ALL] ~extra_widget ~help:None () let reaction r = let output_format = (r#get "extra_widget") in let filename = Talking.check_filename_validity_and_add_extension_if_needed ~extension:output_format (r#get "filename") in let command = Printf.sprintf "dot -T%s -o '%s' '%s'" output_format filename st#project_paths#dotSketchFile in let on_error () = Simple_dialogs.error "Export network image" ((s_ "Failed to export network image to the file ")^filename^" (format "^output_format^")") () in try Log.system_or_fail command; st#flash ~delay:8000 ((s_ "Network image correctly exported to the file ")^filename) with _ -> on_error () end) (F) let project_export = Created_entry_project_export.item module Created_entry_project_quit = Menu_factory.Make_entry (struct type t = env let to_string = env_to_string let text = (s_ "Quit") let stock = `QUIT let key = (Some _Q) let dialog () = if ((not st#active_project) || st#project_already_saved) then (Some (mkenv [("answer","no")])) else Talking.EDialog.ask_question ~help:None ~cancel:true ~title:(s_ "Quit") ~question:(s_ "Do you want to save\nthe current project before quitting?") () let reaction r = (* At this point the user really wants to quit the application. *) let save = (st#active_project) && ((r#get "answer") = "yes") in (match st#is_there_something_on_or_sleeping (), save with | true, true -> st#shutdown_everything (); st#save_project; | true, false -> st#poweroff_everything (); | false, true -> st#save_project; | false, false -> () ); Log.printf "Killing the death monitor thread...\n"; Death_monitor.stop_polling_loop (); st#network#destroy_process_before_quitting (); st#close_project; st#quit_async () end) (F) let project_quit = Created_entry_project_quit.item (* **************************************** * Menu "Options" * **************************************** *) let options = add_menu (s_ "_Options") module Created_entry_options_cwd = Menu_factory.Make_entry (struct type t = env let to_string = env_to_string let text = (s_ "Change the temporary working directory") let stock = `DIRECTORY let key = None let dialog () = Talking.EDialog.ask_for_existing_writable_folder_pathname_supporting_sparse_files ~title:(s_ "Choose the temporary working directory") ~help:(Some Msg.help_repertoire_de_travail) () let reaction r = let pathname = (r#get "foldername") in let realpath = Option.extract (UnixExtra.realpath pathname) in st#project_paths#set_temporary_directory (realpath) end) (F) let options_cwd = Created_entry_options_cwd.item let options_autogenerate_ip_addresses = add_check_item (s_ "Auto-generation of IP address" ) ~active:Global_options.autogenerate_ip_addresses_default ~callback:(fun active -> Log.printf "You toggled the option (IP)\n"; Global_options.set_autogenerate_ip_addresses active) () let options_debug_mode = add_check_item (s_ "Debug mode") ~active:(Global_options.Debug_level.are_we_debugging ()) ~callback:(fun active -> Log.printf1 ~force:true "You toggled the option (debug), now to %b\n" active; let level = if active then 1 else 0 in Global_options.Debug_level.set level) () let options_keep_all_snapshots_when_saving = add_check_item (s_ "Keep all snapshots when saving (not only the most recent ones)") ~active:(Global_options.Keep_all_snapshots_when_saving.extract ()) ~callback:(fun active -> Log.printf "You toggled the option (keep al snapshots)\n"; Global_options.Keep_all_snapshots_when_saving.set active) () (** Hidden to user in this version. *) let workaround_wirefilter_problem = add_check_item "Workaround wirefilter problem" ~active:Global_options.workaround_wirefilter_problem_default ~callback:(fun active -> Log.printf "You toggled the option (wirefilter)\n"; Global_options.set_workaround_wirefilter_problem active) () let () = workaround_wirefilter_problem#coerce#misc#hide () (* **************************************** * Menu "Help" * **************************************** *) let help = add_menu (s_ "_Help") let help_apropos = let module D = Gui_dialog_A_PROPOS.Make (State) in let callback () = let dialog = D.dialog () in let _ = dialog#closebutton_A_PROPOS#connect#clicked ~callback:(dialog#toplevel#destroy) in () in add_stock_item (s_ "Help") ~stock:`ABOUT ~callback () (* **************************************** * Sensitiveness * **************************************** *) let () = List.iter (* when a project is active *) (fun w -> StackExtra.push (w#coerce) st#sensitive_when_Active) [project_save; project_save_as; project_copy_to; project_close; project_export] let () = List.iter (* when no project is active *) (fun w -> StackExtra.push (w#coerce) st#sensitive_when_NoActive) [options_cwd] end marionnet-0.90.6+bzr508.orig/gui/gui_toolbar_COMPONENTS_layouts.mli0000644000175000017500000000637713175722671023741 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2009, 2010 Jean-Vincent Loddo Copyright (C) 2009, 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) module Toolbar : sig val append_image_menu : GButton.toolbar -> string -> string -> GMenu.image_menu_item end module type Toolbar_entry = sig val imagefile : string val tooltip : string val packing : [ `toolbar of GButton.toolbar | `menu_parent of Menu_factory.menu_parent ] end module type State = sig val st:State.globalState end (** Called for instance by gui_cloud.ml *) module Layout_for_network_node : functor (State : State) -> functor (Toolbar_entry : Toolbar_entry) -> functor (Add : Menu_factory.Entry_callbacks) -> functor (Properties : Menu_factory.Entry_with_children_callbacks) -> functor (Remove : Menu_factory.Entry_with_children_callbacks) -> functor (Startup : Menu_factory.Entry_with_children_callbacks) -> functor (Stop : Menu_factory.Entry_with_children_callbacks) -> functor (Suspend : Menu_factory.Entry_with_children_callbacks) -> functor (Resume : Menu_factory.Entry_with_children_callbacks) -> sig module F:Menu_factory.Factory end (** Called for instance by gui_machine.ml *) module Layout_for_network_node_with_state : functor (State : State) -> functor (Toolbar_entry : Toolbar_entry) -> functor (Add : Menu_factory.Entry_callbacks) -> functor (Properties : Menu_factory.Entry_with_children_callbacks) -> functor (Remove : Menu_factory.Entry_with_children_callbacks) -> functor (Startup : Menu_factory.Entry_with_children_callbacks) -> functor (Stop : Menu_factory.Entry_with_children_callbacks) -> functor (Suspend : Menu_factory.Entry_with_children_callbacks) -> functor (Resume : Menu_factory.Entry_with_children_callbacks) -> functor (Ungracefully_stop : Menu_factory.Entry_with_children_callbacks) -> sig module F:Menu_factory.Factory end (** Called for instance by gui_cable.ml *) module Layout_for_network_edge : functor (State : State) -> functor (Toolbar_entry : Toolbar_entry) -> functor (Add : Menu_factory.Entry_callbacks) -> functor (Properties : Menu_factory.Entry_with_children_callbacks) -> functor (Remove : Menu_factory.Entry_with_children_callbacks) -> functor (Disconnect : Menu_factory.Entry_with_children_callbacks) -> functor (Reconnect : Menu_factory.Entry_with_children_callbacks) -> sig module F:Menu_factory.Factory module Created_Add : (* Useful handler for cable sensitiveness. *) sig val item : GMenu.image_menu_item val callback : unit -> unit end end marionnet-0.90.6+bzr508.orig/gui/gui_dialog_A_PROPOS.ml0000644000175000017500000001040613175722671021366 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2007, 2009, 2010 Jean-Vincent Loddo Copyright (C) 2007 Luca Saiu Copyright (C) 2007, 2009, 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) open Gettext;; (** Gui completion for the dialog_A_PROPOS widget defined with glade. *) (* Shortcuts *) let mkenv = Environments.make_string_env module Make (State:sig val st:State.globalState end) = struct open State (* User handler for dialog completion. *) let dialog () = let d = new Gui.dialog_A_PROPOS () in d#toplevel#set_title (s_ "About"); (* Labels *) let () = begin let set label text = label#set_use_markup true; label#set_label text in set d#label_dialog_A_PROPOS_a_propos (s_ "About"); let text_title = Printf.sprintf "%s" (s_ "Marionnet, a virtual network laboratory") in let text_subtitle = Printf.sprintf "Version %s revno %s - %s" Version.version Meta.revision Meta.source_date in let title = Printf.sprintf "\n%s\n%s\n" text_title text_subtitle in set d#label_dialog_A_PROPOS_title title; set d#label_dialog_A_PROPOS_a_propos_content (s_ "Marionnet is an environment for the simulation of a network composed of GNU/Linux machines. This software was thought for students to experiment with bulding and configuring networks, and for teachers to prepare excercises and tests.\n\nMarionnet is based on the UML features of the Linux kernel.\nhttp://www.marionnet.org\n"); set d#label_dialog_A_PROPOS_authors (s_ "Authors"); set d#label_dialog_A_PROPOS_authors_content " Jean-Vincent Loddo <loddo@lipn.univ-paris13.fr> Département R&T - IUT de Villetaneuse Laboratoire d'Informatique de Paris Nord (LIPN) Université Paris 13\n Luca Saiu <saiu@lipn.univ-paris13.fr> Laboratoire d'Informatique de Paris Nord (LIPN) Université Paris 13\n\n"; set d#label_dialog_A_PROPOS_license (s_ "License"); set d#label_dialog_A_PROPOS_license_content " Copyright (C) 2007, 2008, 2009, 2010 Jean-Vincent Loddo Copyright (C) 2007, 2008, 2009, 2010 Luca Saiu Copyright (C) 2007, 2008, 2009, 2010 Université Paris 13\n Marionnet is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version.\n This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.\n You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.\n\n"; set d#label_dialog_A_PROPOS_thanks "Thanks"; set d#label_dialog_A_PROPOS_thanks_content "We wish to thank Jeff Dike and the other authors of UML for their nice work, which made Marionnet possible; Renzo Davoli for VDE, the powerful communication infrastructure that we used and modified; the authors of OCaml for their nice language; and of course the whole free software community, of which the GNU and Linux projects remain the foremost contributors.\n This beautiful logo was designed by Silviu Barsanu:\nhttp://www.silviubarsanu.evonet.ro"; set d#label_dialog_A_PROPOS_thanks_sponsors "Marionnet is sponsored as an\ne-learning project since 2007 by"; end in d end marionnet-0.90.6+bzr508.orig/gui/gui_bricks.ml0000644000175000017500000012062413175722671020046 0ustar lucaslucas(* This file is part of Marionnet Copyright (C) 2010 Jean-Vincent Loddo Copyright (C) 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) open Gettext type form = < (* object *) add : GObj.widget -> unit; add_with_tooltip : ?just_for_label:unit -> string -> GObj.widget -> unit; add_section : ?fg:string -> ?size:string -> ?no_line:unit -> string -> unit; set_sensitive : label_text:string -> bool -> unit; coerce : GObj.widget; table : GPack.table; > (** {b Example}: \{\[ let tooltips = Gui_Bricks.make_tooltips_for_container window in tooltips label#coerce "hello"; tooltips entry#coerce "salut"; \]\} *) let make_tooltips_for_container w = let result = (GData.tooltips ()) in let _ = w#connect#destroy ~callback:(fun _ -> result#destroy ()) in fun (widget:GObj.widget) text -> result#set_tip widget ~text (** Make a classic rectangular input form with field labels at the left side and input widgets at the right side of each line. Labels are get from the input string list while input widgets are added later using the method [add]. {b Example}: \{\[... let form = Gui_Bricks.make_form_with_labels ~packing:vbox#add ["IPv4 address"; "DHCP service"] in let ipv4address = GEdit.entry ~text:"10.0.2.1" ~packing:form#add () in let dhcp_enabled = GButton.check_button ~packing:form#add () in ...\}\] *) let make_form_with_labels ?(section_no=0) ?(row_spacings=10) ?(col_spacings=10) ?packing string_list : form = let rows = (List.length string_list) + (section_no * 2) in let table = GPack.table ~row_spacings ~col_spacings ~rows ~columns:2 ~homogeneous:false ?packing () in let labels = Array.mapi (fun i label_text -> let label = GMisc.label ~xalign:0. ~markup:label_text () in label) (Array.of_list string_list) in let tooltip = make_tooltips_for_container table in object (self) method table = table method coerce = table#coerce val mutable field_index = 0 val mutable row_index = 0 val row_of_field : int array = (Array.make (Array.length labels) 0) (* Not currently used *) val widgets : GObj.widget array = Array.map (fun w -> w#coerce) labels (* array updated by methods #add and #add_with_tooltip *) (* --- *) method private register_mapping_then_increment_row_and_field_indexes = row_of_field.(field_index) <- row_index; row_index <- row_index+1; field_index <- field_index+1; method private aligned_widget widget = let box = GBin.alignment ~xalign:0. ~yalign:0.5 ~xscale:0.0 ~yscale:0.0 () in box#add widget#coerce; box method add = let top = row_index in (* top is in the closure *) let field = field_index in table#attach ~left:0 ~top (labels.(field))#coerce; self#register_mapping_then_increment_row_and_field_indexes; (* --- *) (function widget -> table#attach ~left:1 ~top (self#aligned_widget widget)#coerce; widgets.(field) <- widget#coerce; ) method add_section ?(fg="#b4b4b4") (* was "lightgray" *) ?(size="large") ?no_line markup = let markup = Printf.sprintf "%s" fg size markup; in let label = GMisc.label ~xalign:0. ~markup () in let top = row_index+1 in row_index <- row_index+2; (* additional line for vertical spacing *) table#attach ~left:0 ~top label#coerce; (match no_line with | None -> table#attach ~left:1 ~top (GMisc.separator `HORIZONTAL ())#coerce | _ -> ()); method add_with_tooltip ?just_for_label text = let top = row_index in (* top is in the closure *) let field = field_index in table#attach ~left:0 ~top (Array.get labels field)#coerce; self#register_mapping_then_increment_row_and_field_indexes; (* --- *) (function widget -> table#attach ~left:1 ~top (self#aligned_widget widget)#coerce; (if just_for_label = None then tooltip widget text); tooltip ((labels.(field))#coerce) text; widgets.(field) <- widget#coerce; ) method set_sensitive ~label_text b = try let i,_ = ListExtra.findi ((=)label_text) string_list in (labels.(i)#misc#set_sensitive b; widgets.(i)#misc#set_sensitive b) with Not_found -> () end (** Wrap the given widget with a label, using an hidden table which will be packaged in its container (if provided). The result is the input widget itself. {b Example}: \{\[ let entry_with_label ?packing ?max_length ?entry_text ?labelpos label_text = let entry = GEdit.entry ?text:entry_text ?max_length () in Gui_Bricks.wrap_with_label ?packing ?labelpos label_text entry \]\} *) let wrap_with_label ?tooltip ?packing ?(labelpos=`NORTH) label_text widget = let label = GMisc.label ~text:label_text () in let (rows, columns) = match labelpos with | `NORTH | `SOUTH -> 2,1 | `EAST | `WEST -> 1,2 in let table = GPack.table ~rows ~columns ~homogeneous:true ?packing () in let () = match labelpos with | `NORTH -> table#attach ~left:0 ~top:0 label#coerce; table#attach ~left:0 ~top:1 widget#coerce | `SOUTH -> table#attach ~left:0 ~top:0 widget#coerce; table#attach ~left:0 ~top:1 label#coerce | `WEST -> table#attach ~left:0 ~top:0 label#coerce; table#attach ~left:1 ~top:0 widget#coerce | `EAST -> table#attach ~left:0 ~top:0 widget#coerce; table#attach ~left:1 ~top:0 label#coerce in Option.iter ((make_tooltips_for_container table) table#coerce) tooltip; widget (** A simple [GEdit.entry] equipped by a label specified as a string. *) let entry_with_label ?tooltip ?packing ?max_length ?entry_text ?labelpos label_text = let entry = GEdit.entry ?text:entry_text ?max_length () in wrap_with_label ?tooltip ?packing ?labelpos label_text entry (** Not in the interface.*) let add_tooltip_label_and_labelpos_parameters ?tooltip ?label ?labelpos ?packing maker = match label with | None -> maker ?tooltip ?packing () | Some label_text -> let result = maker ?tooltip:None ?packing:None () in let _ = wrap_with_label ?tooltip ?packing ?labelpos label_text result in result (** A spin for bytes, i.e. for values in the range [0..255]. *) let spin_byte ?tooltip ?label ?labelpos ?(lower=0) ?(upper=255) ?(step_incr=1) ?packing value = let lower = float_of_int lower in let upper = float_of_int upper in let step_incr = float_of_int step_incr in let maker ?tooltip ?packing () = let sb = GEdit.spin_button ?packing (*~width:50*) (* 60 *) ~digits:0 ~numeric:true () in sb#adjustment#set_bounds ~lower ~upper ~step_incr (); sb#set_value (float_of_int value); Option.iter ((make_tooltips_for_container sb) sb#coerce) tooltip; sb in add_tooltip_label_and_labelpos_parameters ?tooltip ?label ?labelpos ?packing maker ;; let byte_tooltips_default_array = Array.of_list [ (s_ "First byte of the IPv4 address" ); (s_ "Second byte of the IPv4 address" ); (s_ "Third byte of the IPv4 address" ); (s_ "Fourth byte of the IPv4 address" ); (s_ "Netmask (CIDR notation)" ); ] (** Four spins for asking for an ipv4 address. *) let spin_ipv4_address ?tooltip ?byte_tooltips ?label ?labelpos ?packing v1 v2 v3 v4 = let byte_tooltips = match byte_tooltips with | None -> byte_tooltips_default_array | Some a -> a in let (tooltip_s1, tooltip_s2, tooltip_s3, tooltip_s4) = let a = byte_tooltips in (a.(0), a.(1), a.(2), a.(3)) in let maker ?packing () = let table = GPack.table ~rows:1 ~columns:7 ~homogeneous:false ?packing () in let dot ~left = GMisc.label ~packing:(table#attach ~left ~top:0) ~width:15 ~markup:"." () in let s1 = spin_byte ~tooltip:tooltip_s1 ~packing:(table#attach ~left:0 ~top:0) v1 in let _1 = dot ~left:1 in let s2 = spin_byte ~tooltip:tooltip_s2 ~packing:(table#attach ~left:2 ~top:0) v2 in let _2 = dot ~left:3 in let s3 = spin_byte ~tooltip:tooltip_s3 ~packing:(table#attach ~left:4 ~top:0) v3 in let _3 = dot ~left:5 in let s4 = spin_byte ~tooltip:tooltip_s4 ~packing:(table#attach ~left:6 ~top:0) v4 in (table,(s1,s2,s3,s4)) in match label with | None -> snd (maker ?packing ()) | Some label_text -> let (table,(s1,s2,s3,s4)) = maker ?packing:None () in let _ = wrap_with_label ?tooltip ?packing ?labelpos label_text table in (s1,s2,s3,s4) (** Four spins for asking for an ipv4 address, and a fifth for the netmask (in CIDR notation). *) let spin_ipv4_address_with_cidr_netmask ?tooltip ?byte_tooltips ?label ?labelpos ?packing v1 v2 v3 v4 v5 = let byte_tooltips = match byte_tooltips with | None -> byte_tooltips_default_array | Some a -> a in let (tooltip_s1, tooltip_s2, tooltip_s3, tooltip_s4, tooltip_s5) = let a = byte_tooltips in (a.(0), a.(1), a.(2), a.(3), a.(4)) in let maker ?packing () = let table = GPack.table ~rows:1 ~columns:9 ~homogeneous:false ?packing () in let dot ~left = GMisc.label ~packing:(table#attach ~left ~top:0) ~width:15 ~markup:"." () in let s1 = spin_byte ~tooltip:tooltip_s1 ~packing:(table#attach ~left:0 ~top:0) v1 in let _1 = dot ~left:1 in let s2 = spin_byte ~tooltip:tooltip_s2 ~packing:(table#attach ~left:2 ~top:0) v2 in let _2 = dot ~left:3 in let s3 = spin_byte ~tooltip:tooltip_s3 ~packing:(table#attach ~left:4 ~top:0) v3 in let _3 = dot ~left:5 in let s4 = spin_byte ~tooltip:tooltip_s4 ~packing:(table#attach ~left:6 ~top:0) v4 in let _slash = GMisc.label ~packing:(table#attach ~left:7 ~top:0) ~width:15 ~markup:"/" () in let s5 = spin_byte ~tooltip:tooltip_s5 ~packing:(table#attach ~left:8 ~top:0) v5 in (table,(s1,s2,s3,s4,s5)) in match label with | None -> snd (maker ?packing ()) | Some label_text -> let (table,(s1,s2,s3,s4,s5)) = maker ?packing:None () in let _ = wrap_with_label ?tooltip ?packing ?labelpos label_text table in (s1,s2,s3,s4,s5) (* An hbox containing a text entry activable with a check_button *) let activable_entry ?packing ?(homogeneous=false) ?(active=false) ?text ?red_text_condition () = let hbox = GPack.hbox ?packing ~homogeneous () in let check_button = GButton.check_button ~active ~packing:(hbox#add) () in let entry = GEdit.entry ?text ~packing:(hbox#add) () in (entry#misc#set_sensitive check_button#active); ignore (check_button#connect#toggled (fun () -> entry#misc#set_sensitive check_button#active)); let () = match red_text_condition with | None -> () | Some pred -> ignore (entry#connect#changed (fun () -> let states = [ `ACTIVE; `INSENSITIVE; `NORMAL; `PRELIGHT; `SELECTED ] in match pred (entry#text) with | false -> (entry#misc#modify_text (ListExtra.product2 states [`BLACK]); check_button#misc#modify_bg (ListExtra.product2 states [`WHITE])) | true -> (entry#misc#modify_text (ListExtra.product2 states [`NAME "red"]); check_button#misc#modify_bg (ListExtra.product2 states [`NAME "red"])) )) in object method active = check_button#active method content = entry#text method hbox = hbox method entry = entry method check_button = check_button end let add_help_button_if_necessary window = function | None -> (fun () -> ()) | Some f -> (window#add_button_stock `HELP `HELP; f) module Ok_callback = struct let check_name name old_name name_exists t = if not (StrExtra.Class.identifierp name) then begin Simple_dialogs.error (s_ "Ill-formed name" ) ("Admissible characters are letters and underscores." ) (); None (* refused *) end else if (name <> old_name) && name_exists name then begin Simple_dialogs.error (s_ "Name conflict" ) (Printf.sprintf(f_ "The name '%s' is already used in the virtual network. The names of virtual network elements must be unique." ) name) (); None (* refused *) end else Some t (* accepted *) end (* module Ok_callback *) (** Wrappers for the method [run] of a dialog window. *) module Dialog_run = struct (** Wrapper for the method [run] of a dialog window. The function [get_widget_data] must extract the values from the dialog. The function [ok_callback] must check these values: if it consider that are incorrect, it returns [None] in order to continue the loop. Otherwise it builds the result [Some something] of the loop. If the [?help_callback] is not provided, the help button is not built. *) let ok_or_cancel (w:[ `CANCEL | `DELETE_EVENT | `HELP | `OK ] GWindow.dialog) ~(get_widget_data:unit -> 'a) ~(ok_callback:'a -> 'b option) ?help_callback () = begin let help_callback = add_help_button_if_necessary w help_callback in w#add_button_stock `CANCEL `CANCEL; w#add_button_stock `OK `OK; w#set_default_response `OK; w#set_response_sensitive `OK true; let result = ref None in let rec loop () = match w#run () with | `DELETE_EVENT | `CANCEL -> () | `HELP -> (help_callback ()); loop () | `OK -> (match ok_callback (get_widget_data ()) with | None -> loop () | Some d -> result := Some d ) in (* The enter key has the same effect than pressing the OK button: *) let f_enter () = match ok_callback (get_widget_data ()) with | None -> () | Some d -> (result := Some d; ignore (w#event#send (GdkEvent.create `DELETE))) in let _ = w#event#connect#key_press ~callback: begin fun ev -> (if GdkEvent.Key.keyval ev = GdkKeysyms._Return then f_enter ()); false end in loop (); w#destroy (); !result end let set_key_meaning_to window key result value = let f_key () = (result := value; ignore (window#event#send (GdkEvent.create `DELETE))) in ignore (window#event#connect#key_press ~callback: begin fun ev -> (if GdkEvent.Key.keyval ev = key then f_key ()); false end) let yes_or_cancel (w:[ `CANCEL | `DELETE_EVENT | `HELP | `YES ] GWindow.dialog) ?help_callback ~(context:'a) () : 'a option = begin let help_callback = add_help_button_if_necessary w help_callback in w#add_button_stock `CANCEL `CANCEL; w#add_button_stock `YES `YES; w#set_default_response `YES; w#set_response_sensitive `YES true; let result = ref None in let rec loop () = match w#run () with | `DELETE_EVENT | `CANCEL -> () | `HELP -> (help_callback ()); loop () | `YES -> result := Some context in (* The enter key has the same effect than pressing the YES button: *) set_key_meaning_to w GdkKeysyms._Return result (Some context); loop (); w#destroy (); !result end (* Example: do you want to save the project before quitting? *) let yes_no_or_cancel (w:[ `CANCEL | `DELETE_EVENT | `HELP | `NO | `YES ] GWindow.dialog) ?help_callback ~(context:'a) () : ('a * bool) option = begin let help_callback = add_help_button_if_necessary w help_callback in w#add_button_stock `CANCEL `CANCEL; w#add_button_stock `NO `NO; w#add_button_stock `YES `YES; w#set_default_response `YES; w#set_response_sensitive `YES true; let result = ref None in let rec loop () = match w#run () with | `DELETE_EVENT | `CANCEL -> () | `HELP -> (help_callback ()); loop () | `YES -> result := Some (context,true) | `NO -> result := Some (context,false) in (* The enter key has the same effect than pressing the YES button: *) set_key_meaning_to w GdkKeysyms._Return result (Some (context,true)); loop (); w#destroy (); !result end end (* module Dialog_run *) let set_marionnet_icon window = let icon = let icon_file = Initialization.Path.images^"marionnet-launcher.png" in GdkPixbuf.from_file icon_file in (window#set_icon (Some icon)) module Dialog = struct let make_a_window_for_a_question ?(title="Question") ?(image_filename=Initialization.Path.images^"ico.question-2.orig.png") ?markup ?text () = let w = GWindow.dialog ~destroy_with_parent:true ~title ~modal:true ~resizable:false ~position:`CENTER () in set_marionnet_icon w; let hbox = GPack.hbox ~homogeneous:false ~border_width:20 ~spacing:10 ~packing:w#vbox#add () in let _image = GMisc.image ~file:image_filename ~xalign:0.5 ~packing:hbox#add () in let _label = GMisc.label ?markup ?text ~justify:`CENTER ~xalign:0.5 ~xpad:10 ~ypad:10 ~packing:hbox#add () in w let yes_or_cancel_question ?title ?help_callback ?image_filename ?markup ?text ~(context:'a) () : 'a option = let w = make_a_window_for_a_question ?title ?image_filename ?markup ?text () in Dialog_run.yes_or_cancel w ?help_callback ~context () let yes_no_or_cancel_question ?title ?help_callback ?image_filename ?markup ?text ~(context:'a) () : ('a * bool) option = let w = make_a_window_for_a_question ?title ?image_filename ?markup ?text () in Dialog_run.yes_no_or_cancel w ?help_callback ~context () end (* module Dialog *) type packing_function = GObj.widget -> unit let make_combo_boxes_of_vm_installations ?on_distrib_change ?on_variant_change ?on_kernel_change ?distribution ?variant ?kernel ?updating ~packing (vm_installations : Disk.virtual_machine_installations) = (* Convert updating as boolean: *) let updating = (updating<>None) in (* Resolve the initial choice for distribution: *) let distribution = match distribution with | None -> Option.extract vm_installations#filesystems#get_default_epithet | Some x -> x in (* Resolve the initial choice for variant: *) let variant = match variant with | None -> "none" | Some x -> x in (* Resolve the initial choice for kernel: *) let kernel = match kernel with | None -> fst (List.hd (vm_installations#supported_kernels_of distribution)) | Some x -> x in let (packing_distribution, packing_variant, packing_kernel) = packing in (* The user can't change filesystem and variant any more once the device has been created. TODO: release this constraint. *) let distribution_widget = let distribution_choices = match updating with | false -> (vm_installations#filesystems#get_epithet_list) | true -> [distribution] in let variant_choices = fun epithet -> match updating with | false -> "none"::(vm_installations#variants_of epithet)#get_epithet_list | true -> [variant] in let kernel_choices = fun epithet -> List.map fst (vm_installations#supported_kernels_of epithet) in Widget.ComboTextTree.fromListWithTwoSlaves ~masterCallback:on_distrib_change ~masterPacking:(Some packing_distribution) distribution_choices ~slave0Callback:on_variant_change ~slave0Packing:(Some packing_variant) variant_choices ~slave1Callback:on_kernel_change ~slave1Packing:(Some packing_kernel) kernel_choices in let initial_variant_widget = distribution_widget#slave0 and initial_kernel_widget = distribution_widget#slave1 in (* Initialization: *) let () = (* Setting active values: *) distribution_widget#set_active_value distribution; initial_variant_widget#set_active_value variant; initial_kernel_widget#set_active_value kernel; (* Blocking changes updating: *) if updating then begin distribution_widget#box#misc#set_sensitive false; initial_variant_widget#box#misc#set_sensitive false; end else () in (* The result: *) distribution_widget module Dialog_add_or_update = struct let make_window_image_name_and_label ~title ~image_file ~image_tooltip ~name ~name_tooltip ?label ?label_tooltip () = let w = GWindow.dialog ~destroy_with_parent:true ~title ~modal:true ~position:`CENTER () in set_marionnet_icon w; let tooltips = make_tooltips_for_container w in let hbox = GPack.hbox ~homogeneous:true ~border_width:20 ~spacing:10 ~packing:w#vbox#add () in let image = GMisc.image ~file:image_file ~xalign:0.5 ~packing:hbox#add () in tooltips image#coerce image_tooltip; let vbox = GPack.vbox ~spacing:10 ~packing:hbox#add () in let name = entry_with_label ~tooltip:name_tooltip ~packing:vbox#add ~entry_text:name (s_ "Name") in let label = let tooltip = match label_tooltip with | None -> (s_ "Label to be written in the network sketch, next to the element icon." ) | Some x -> x in entry_with_label ~tooltip ~packing:vbox#add ?entry_text:label (s_ "Label") in ignore (GMisc.separator `HORIZONTAL ~packing:w#vbox#add ()); (w,image,name,label) end (* module Dialog_add_or_update *) module Reactive_widget = struct type abstract_combo_box_text = (item list) * (active_index option) and item = string and active_index = int (* 0..(n-1) *) and node = item and port = item let item_of_abstract_combo_box_text (xs, oi) : item option = Option.bind oi (fun i -> Option.apply_or_catch (List.nth xs) i) (** Slightly high-level combo_box_text class. The object is a couple widget-cortex where the cortex represents abstractly the state of the widget. This state is the list of items with the selected one, if any. When the cortex changes, the widget is destroyed and a new widget is regenerated. Conversely, when the widget changes, the cortex's selected value is updated. *) class combo_box_text ~(strings:string list) ?active ?width ?height ?packing () = let make_widget ?(active=0) (strings) = GEdit.combo_box_text ~strings ~use_markup:true ~active ?packing ?width ?height () in let () = Log.printf1 "combo_box_text called with strings: %s\n" (String.concat " " strings) in object (self) (* --- *) val mutable cortex : (abstract_combo_box_text Cortex.t) = Cortex.return (strings, active) (* --- *) method cortex = cortex method activate_first = ignore (Cortex.move cortex (function ((_::_) as xs0, None) -> (xs0, Some 0) | v -> v)) method get : string option = item_of_abstract_combo_box_text (Cortex.get cortex) (* --- *) val mutable widget = make_widget ?active (strings) method private widget_get : string option = GEdit.text_combo_get_active widget method private widget_set (active : int option) : unit = Option.iter ((fst widget)#set_active) active method private widget_remake (strings, active) = begin (fst widget)#destroy (); widget <- make_widget ?active strings; self#set_widget_to_cortex_connection; end (* --- *) (* widget -> cortex (to call for all created widgets) *) method private set_widget_to_cortex_connection = let change_state (xs0,_) = (* current state *) let a1 = Option.bind (self#widget_get) (fun x -> ListExtra.indexOf x xs0) in (xs0, a1) in let _ = (fst widget)#connect#changed (fun _ -> ignore (Cortex.move cortex change_state)) in () (* --- *) (* cortex -> widget *) method private set_cortex_to_widget_connection = let on_commit (xs0,a0) (xs1,a1) = (* previous and proposed states *) if xs0 = xs1 then (self#widget_set a1) else (self#widget_remake (xs1,a1)) in let _ = Cortex.on_commit_append (cortex) (on_commit) in () (* --- *) method destroy () = let () = (fst widget)#destroy () in let () = Cortex.defuse cortex in () (* --- *) initializer let () = self#set_cortex_to_widget_connection in let () = self#set_widget_to_cortex_connection in (* --- *) (* Add a resistance to the cortex: *) let resistance (xs0,a0) (xs1,a1) = (* previous and proposed states *) let () = Log.printf4 "combo_box_text RESISTANCE: previous: %s [%d] proposed: %s [%d]\n" (String.concat "," xs0) (Option.extract_or a0 (-1)) (String.concat "," xs1) (Option.extract_or a1 (-1)) in (* If the proposed state has no selected item, we activate the previously selected item, if it exists in the new list: *) let (xs1, a1) = match (xs0,a0), (xs1,a1) with | ((_::_), Some i0), ((_::_), None) -> let previously_active_item = (List.nth xs0 i0) in let a1' = ListExtra.indexOf (previously_active_item) (xs1) in (xs1, a1') | (_,_) -> (xs1, a1) in (xs1, a1) (* result of resistance! *) in let _ = Cortex.on_proposal_append (self#cortex) (resistance) in () end (* class combo_box_text *) (* Domain power (four times): *) type 'a power4 = 'a * 'a * 'a * 'a let endpoints_partition_from_names ?(allow_loopback=true) (* allow the two endpoints (n0 and n1) to be the same node *) (xys : (string * string) list) (* The (node, port) list to partition *) (* Current constraints: *) (n0 : string option) (* first node name, if selected *) (p0 : string option) (* first port name, if selected *) (n1 : string option) (* second node name, if selected *) (p1 : string option) (* second port name, if selected *) (* Solution: *) : (abstract_combo_box_text) power4 (* the expected states (items and selected) of the four widgets *) = let nodes_of xys = ListExtra.uniq (List.map fst xys) in (* If there is a single node, we are forced to accept a loopback connection: *) let allow_loopback = allow_loopback || (List.length (nodes_of xys) <= 1) in let (>>=) = Option.bind in let index_of_optional_item (x : string option) xs = x >>= (fun x -> (Option.map fst (ListExtra.searchi ((=)x) xs))) in let substract ~node ~port xys = match (allow_loopback, node, port) with | (false, Some n0, _) -> List.filter (fun (n,p)->n<>n0) xys | (true, Some n0, Some p0) -> List.filter ((<>)(n0,p0)) xys | _ -> xys in let ports_of x nps = ListExtra.filter_map (fun (n,p)-> if n=x then Some p else None) nps in (* --- *) let extract_or_take_from_list (node) (port) (nps) : string * string = match node, port with | None, _ -> List.hd nps | Some n, Some p when List.mem (n,p) nps -> (n, p) | Some n, _ -> (n, List.assoc n nps) in (* --- *) let xys0 = substract ~node:n1 ~port:p1 xys in let xs0 = nodes_of xys0 in (* --- *) let (n0, p0) : string * string = extract_or_take_from_list n0 p0 xys0 in let ys0 = ports_of (n0) xys0 in let xs0_active = index_of_optional_item (Some n0) xs0 in let ys0_active = index_of_optional_item (Some p0) ys0 in (* --- *) let xys1 = substract ~node:(Some n0) ~port:(Some p0) xys in let xs1 = nodes_of xys1 in let (n1, p1) : string * string = extract_or_take_from_list n1 p1 xys1 in let ys1 = ports_of (n1) xys1 in let xs1_active = index_of_optional_item (Some n1) xs1 in let ys1_active = index_of_optional_item (Some p1) ys1 in (* --- *) let () = Log.printf4 "group RESISTANCE: finishing we have (%s,%s) (%s,%s)\n" n0 p0 n1 p1 in let w1 = (xs0, xs0_active) in let w2 = (ys0, ys0_active) in let w3 = (xs1, xs1_active) in let w4 = (ys1, ys1_active) in (w1,w2,w3,w4) ;; (* Version suitable as resistance for the cortex group: *) let endpoints_partition_law ?allow_loopback (xys) : (abstract_combo_box_text) power4 -> (abstract_combo_box_text) power4 -> (abstract_combo_box_text) power4 = fun (_,_,_,_) (c1,c2,c3,c4) -> (* previous and proposed states *) let n0 : string option = item_of_abstract_combo_box_text c1 in (* first node name, if selected *) let p0 : string option = item_of_abstract_combo_box_text c2 in (* first port name, if selected *) let n1 : string option = item_of_abstract_combo_box_text c3 in (* second node name, if selected *) let p1 : string option = item_of_abstract_combo_box_text c4 in (* second port name, if selected *) (* --- *) endpoints_partition_from_names ?allow_loopback xys n0 p0 n1 p1 (* Version suitable to guess the initial division of choices (items) of the four widgets: *) let guess_humanly_speaking_enpoints ?n0 ?p0 ?n1 ?p1 xys = let ((xs0,_),(ys0,_),(xs1,_),(ys1,_)) = endpoints_partition_from_names ~allow_loopback:false xys n0 p0 n1 p1 in let x0 = Option.apply_or_catch List.hd xs0 in let y0 = Option.apply_or_catch List.hd ys0 in let x1 = Option.apply_or_catch List.hd xs1 in let y1 = Option.apply_or_catch List.hd ys1 in ((x0,y0),(x1,y1)) class cable_input_widget ?n0 ?p0 ?n1 ?p1 ?width ?height ?packing_n0 ?packing_p0 ?packing_n1 ?packing_p1 ~free_node_port_list () = let () = Log.printf1 "new cable_input_widget() called with: %s\n" (String.concat " " (List.map (fun (x,y) -> Printf.sprintf "%s.%s" x y) free_node_port_list)) in let (w1,w2,w3,w4) = endpoints_partition_from_names (free_node_port_list) n0 p0 n1 p1 in let (xs0, xs0_active) = w1 in let (ys0, ys0_active) = w2 in let (xs1, xs1_active) = w3 in let (ys1, ys1_active) = w4 in (* --- *) let n0_combo_box_text = let packing = packing_n0 in new combo_box_text ~strings:xs0 ?active:xs0_active ?width ?height ?packing () in let p0_combo_box_text = let packing = packing_p0 in new combo_box_text ~strings:ys0 ?active:ys0_active ?width ?height ?packing () in let n1_combo_box_text = let packing = packing_n1 in new combo_box_text ~strings:xs1 ?active:xs1_active ?width ?height ?packing () in let p1_combo_box_text = let packing = packing_p1 in new combo_box_text ~strings:ys1 ?active:ys1_active ?width ?height ?packing () in let cortex_group = Cortex.group_quadruple ~on_proposal:(endpoints_partition_law ~allow_loopback:true (free_node_port_list)) (n0_combo_box_text#cortex) (p0_combo_box_text#cortex) (n1_combo_box_text#cortex) (p1_combo_box_text#cortex) in object (self) method get_cortex_group = cortex_group method get_combo_boxes = (n0_combo_box_text, p0_combo_box_text, n1_combo_box_text, p1_combo_box_text) method get_widget_data = ((n0_combo_box_text#get, p0_combo_box_text#get), (n1_combo_box_text#get, p1_combo_box_text#get)) method destroy = let () = List.iter (fun w->w#destroy ()) [n0_combo_box_text; p0_combo_box_text; n1_combo_box_text; p1_combo_box_text] in let () = Cortex.defuse cortex_group in () initializer (* Very important to provoke the cortex_group's stabilization: *) n0_combo_box_text#activate_first; p0_combo_box_text#activate_first; n1_combo_box_text#activate_first; p1_combo_box_text#activate_first; end end (* Reactive_widget *) let make_image_with_either_stock_or_file ?window ?stock_size ?stock ?file () = let make_with_file file = (* Complete the filename if necessary: *) let file = if (Filename.is_implicit file) then Filename.concat (Initialization.Path.images) file else file in let pixmap = GDraw.pixmap_from_xpm ?window ~file () in let image = GMisc.pixmap pixmap () in image in let make_with_stock stock = let icon_size = stock_size in GMisc.image ?icon_size ~stock () in match stock,file with | None, Some file -> make_with_file file | Some stock, None -> make_with_stock stock | _,_ -> failwith "Gui_Bricks.button_image: either ?stock or ?file is required" (* The label and image positions are relative. Gtk speaks about the image position with respect to the label. So, if we want indeed to speak about the label position with respect to the image, we have to invert the value: *) let opposite_position = function `BOTTOM -> `TOP | `LEFT -> `RIGHT | `RIGHT -> `LEFT | `TOP -> `BOTTOM let button_image ?window ?callback ?label ?label_position ?tooltip ~packing ?stock ?stock_size ?file () = let image = make_image_with_either_stock_or_file ?window ?stock_size ?stock ?file () in let button = GButton.button ~packing () in let () = button#set_image image#coerce in let () = match callback with | None -> () | Some callback -> ignore (button#connect#clicked ~callback) in let set_tooltip text = (GData.tooltips ())#set_tip button#coerce ~text in let () = Option.iter (button#set_label) label; Option.iter (fun p -> button#set_image_position (opposite_position p)) label_position; Option.iter set_tooltip tooltip in button (** The ~renewer parameter allows us to generate dynamic menus (see the function `make_check_items_renewer_v1' below) *) let button_image_popuping_a_menu ?window ?renewer ?label ?label_position ?tooltip ~packing ?stock ?stock_size ?file () : (GMenu.menu * GButton.button * GPack.box) = let hbox = GPack.vbox ~homogeneous:false ~packing () in let button = button_image ?window ?label ?label_position ?tooltip ~packing:(hbox#add) ?stock ?stock_size ?file () in let menubar = GMenu.menu_bar ~packing:(hbox#add) () in let () = menubar#misc#hide () in let factory = new GMenu.factory menubar in let menu = factory#add_submenu "" in let _connect_clicked = let callback () = menu#popup ~button:0 ~time:(GtkMain.Main.get_current_event_time ()) in (* Call before the renewer if provided: *) let callback = match renewer with | None -> callback | Some renewer -> (fun () -> (renewer menu); callback ()) in button#connect#clicked ~callback in (menu, button, hbox) let make_check_items_renewer_v1 ~get_label_active_callback_list (* unit -> (string * bool * (bool -> unit)) list *) () = fun (menu:GMenu.menu) -> begin let () = List.iter (menu#remove) (menu#children) in let label_active_callback_list = get_label_active_callback_list () in let () = List.iter (fun (label, active, callback) -> let item = GMenu.check_menu_item ~active ~label ~packing:(menu#append) () in let _ = item#connect#toggled ~callback:(fun () -> callback item#active) in ()) label_active_callback_list in () end let make_check_items_renewer_v2 ~get_label_active_list (* unit -> (string * bool) list *) ~callback (* string -> bool -> unit *) () = let get_label_active_callback_list () = List.map (fun (label, active) -> (label, active, (fun b -> callback label b))) (get_label_active_list ()) in make_check_items_renewer_v1 ~get_label_active_callback_list () (* Example of usage: make_rc_config_widget ~packing:(form#add_with_tooltip (s_ "Check to activate a startup configuration" )) ~active:(fst rc_config) ~content:(snd rc_config) ~device_name:(old_name) ~language:("vde_switch") () *) let make_rc_config_widget ?height ?width ?(filter_names=[`CONF; `RC; `BASH; `SCRIPT; `TXT; `ALL]) ~parent ~packing ~active ~content ~device_name ~language () = let set_tooltip widget text = (GData.tooltips ())#set_tip widget#coerce ~text in let hbox = GPack.hbox ~packing ~homogeneous:false(*true*) () in (* --- *) let check_button = GButton.check_button ~active ~packing:(hbox#add) () in (* --- *) let edit_button = GButton.button ~stock:`EDIT ~packing:hbox#add () in let () = set_tooltip (edit_button) (s_ "Edit the configuration file") in (* --- *) let open_button : GButton.button = button_image ~label:(s_ "Import" ) ~tooltip:(s_ "Import a configuration file") ~packing:hbox#add ~stock:`ADD ~stock_size:`SMALL_TOOLBAR (* [ `BUTTON | `DIALOG | `DND | `INVALID | `LARGE_TOOLBAR | `MENU | `SMALL_TOOLBAR ] *) () in (* Shortcuts: *) let buttons = [check_button#coerce; edit_button#coerce; open_button#coerce] in let buttons_now_insensitive () = List.iter (fun b -> b#misc#set_sensitive false) buttons in let buttons_now_sensitive () = List.iter (fun b -> b#misc#set_sensitive true) buttons in (* --- *) let content = ref (content) in let make_editing_window () = let result = Egg.create () in let () = Gui_source_editing.window ?height ?width ~title:(Printf.sprintf (f_ "%s configuration file") device_name) ~language:(`id language) ~modal:() ~content:(!content) ~result ~create_as_dialog:(parent) ~draw_spaces:[] ~position:`MOUSE () in ignore (Thread.create (fun () -> buttons_now_insensitive (); content := Option.extract_or (Egg.wait result) !content; buttons_now_sensitive ()) ()); in ignore (edit_button#connect#clicked (make_editing_window)); (edit_button#misc#set_sensitive check_button#active); ignore (check_button#connect#toggled (fun () -> edit_button#misc#set_sensitive check_button#active)); (* --- *) let make_import_filename_dialog () = let () = buttons_now_insensitive () in let result = Talking.EDialog.ask_for_existing_importable_text_filename ~parent (* <= relevant to close and destroy this dialog if the user close the parent dialog; NOTE: the behaviour is not the expected (but is not disturbing) probably because the window is modal. *) ~title:(Printf.sprintf (f_ "Import a configuration file for %s") device_name) (* ~title:(s_ "Import a configuration file" ) *) ~filter_names (* ~help:(Some Msg.help_nom_pour_le_projet) *) () in let () = buttons_now_sensitive () in Option.iter (fun env -> let filename = (env#get "filename") in content := UnixExtra.cat filename) result in ignore (open_button#connect#clicked (make_import_filename_dialog)); (open_button#misc#set_sensitive check_button#active); ignore (check_button#connect#toggled (fun () -> open_button#misc#set_sensitive check_button#active)); (* --- *) object (self) val mutable meaningfull : bool = true method active = meaningfull && check_button#active method content = !content method set_sensitive b = let () = Log.printf1 "rc_config_widget#set_sensitive called with %b\n" (b) in (hbox#misc#set_sensitive b); (meaningfull <- b) end (* Example: quagga-terminal + {zebra, osp, ..} *) let make_check_button_with_related_alternatives ~packing ~active ?(active_alternative=0) ?use_markup ~(alternatives:string list) () = let hbox = GPack.hbox ~packing ~homogeneous:false(*true*) () in let check_button = GButton.check_button ~active ~packing:(hbox#add) () in (* --- *) let (combo, (_, column)) = GEdit.combo_box_text ~packing:(hbox#add) ~strings:(alternatives) ?use_markup () in let () = combo#set_active (active_alternative) in let () = combo#misc#set_sensitive (check_button#active) in ignore (check_button#connect#toggled (fun () -> combo#misc#set_sensitive check_button#active)); (* --- *) object (self) val mutable meaningfull : bool = true method active = meaningfull && check_button#active method selected_alternative = Option.map (fun row -> combo#model#get ~row ~column) combo#active_iter method set_sensitive b = let () = Log.printf1 "make_check_button_with_related_alternatives#set_sensitive called with %b\n" (b) in (hbox#misc#set_sensitive b); (meaningfull <- b) end (* --- *) let make_notebook_of_assoc_list ?homogeneous_tabs ~packing (tws: (string * GObj.widget) list) = let notebook = GPack.notebook ?homogeneous_tabs ~packing () in let () = List.iter (fun (text, widget) -> let tab_label = (GMisc.label ~text ())#coerce in let _ = notebook#append_page ~tab_label widget in ()) tws in notebook let make_notebook_of_assoc_array_with_check_buttons ?(tooltip=(s_ "Check to activate")) ?homogeneous_tabs ~packing (tbws: (string * bool * GObj.widget) array) = let set_tooltip widget text = (GData.tooltips ())#set_tip widget#coerce ~text in let notebook = GPack.notebook ?homogeneous_tabs ~packing () in Array.map (fun (text, active, widget) -> let hbox = GPack.hbox ~homogeneous:false(*true*) () in let _label = GMisc.label ~text ~packing:(hbox#add) () in let activate = GButton.check_button ~active ~packing:(hbox#add) () in let _ = activate#connect#toggled (fun () -> widget#misc#set_sensitive activate#active) in let () = widget#misc#set_sensitive activate#active in let () = set_tooltip hbox (tooltip) in let _ = notebook#append_page ~tab_label:(hbox#coerce) widget in activate) tbws let test () = Dialog.yes_or_cancel_question ~markup:"test bold" ~context:'a' () marionnet-0.90.6+bzr508.orig/gui/menu_factory.mli0000644000175000017500000001003713175722671020565 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2009, 2010 Jean-Vincent Loddo Copyright (C) 2009, 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) (* A menu can be attached to a menubar or to a menu_item_skel (as a submenu). *) type menu_parent = Menubar of GMenu.menu_shell | Menuitem of GMenu.menu_item_skel | Menu of GMenu.menu module type Factory = sig val factory : GMenu.menu_shell GMenu.factory val accel_group : Gtk.accel_group val add_menu : string -> GMenu.menu GMenu.factory val not_implemented_yet : 'a -> unit val monitor : string -> 'a -> unit val add_item : ?menu:GMenu.menu GMenu.factory -> ?submenu:GMenu.menu -> ?key:Gdk.keysym -> string -> ?callback:(unit -> unit) -> unit -> GMenu.menu_item val add_stock_item : ?menu:GMenu.menu GMenu.factory -> ?submenu:GMenu.menu -> ?key:Gdk.keysym -> string -> stock:GtkStock.id -> ?callback:(unit -> unit) -> unit -> GMenu.image_menu_item val add_imagefile_item : ?menu:GMenu.menu GMenu.factory -> ?submenu:GMenu.menu -> ?key:Gdk.keysym -> ?label:string -> string -> ?callback:(unit -> unit) -> unit -> GMenu.image_menu_item val add_check_item : ?menu:GMenu.menu GMenu.factory -> ?active:bool -> ?key:Gdk.keysym -> string -> ?callback:(bool -> unit) -> unit -> GMenu.check_menu_item val add_separator : ?menu:GMenu.menu GMenu.factory -> unit -> unit val get_current_menu : unit -> GMenu.menu GMenu.factory val parent : menu_parent val window : GWindow.window end module type Parents = sig val parent: menu_parent val window : GWindow.window end module Make : functor (M : Parents) -> Factory type env = string Environments.string_env type name = string val mkenv : (string * 'a) list -> 'a Environments.string_env val no_dialog_but_simply_return_name : string -> unit -> string option module type Entry_definition = sig type t val text : string val stock : GtkStock.id val key : Gdk.keysym option val to_string : t -> string val dialog : unit -> t option val reaction : t -> unit end module type Entry_with_children_definition = sig type t val text : string val stock : GtkStock.id val dynlist : unit -> string list val to_string : t -> string val dialog : name -> unit -> t option val reaction : t -> unit end module type Entry_callbacks = sig type t val key : Gdk.keysym option val to_string : t -> string val dialog : unit -> t option val reaction : t -> unit end module type Entry_with_children_callbacks = sig type t val dynlist : unit -> string list val to_string : t -> string val dialog : name -> unit -> t option val reaction : t -> unit end module Make_entry : functor (E : Entry_definition) -> functor (F : Factory) -> sig val item : GMenu.image_menu_item val callback : unit -> unit end module Make_entry_with_children : functor (E : Entry_with_children_definition) -> functor (F : Factory) -> sig val item : GMenu.image_menu_item val submenu : GMenu.menu val callback : name -> unit -> unit end marionnet-0.90.6+bzr508.orig/gui/gui_window_MARIONNET.ml0000644000175000017500000001466013175722671021516 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2009, 2010 Jean-Vincent Loddo Copyright (C) 2009 Luca Saiu Copyright (C) 2009, 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) open Gettext;; (** Gui completion for the widget window_MARIONNET (main window) defined with glade. *) module Make (State : sig val st:State.globalState end) = struct open State let w = st#mainwin (* Labels in main window *) let () = begin w#label_VIRTUAL_NETWORK#set_label (s_ "Virtual network"); w#label_TAB_DOCUMENTS#set_label (s_ "Project documents") end (* ***************************************** * Gui motherboard * ***************************************** *) module Motherboard = Motherboard_builder. Make (State) (* ***************************************** * MENUS Project, Options, ... * ***************************************** *) module Created_menubar_MARIONNET = Gui_menubar_MARIONNET.Make (State) (* ***************************************** * notebook_CENTRAL * ***************************************** *) (* Tool -> ocamlbricks widget.ml ? *) let get_tab_labels_of notebook = let mill widget = (GMisc.label_cast (notebook#get_tab_label widget)) in List.map mill notebook#children let tuple2_of_list = function [l1;l2] -> (l1,l2) | _ -> assert false let tuple4_of_list = function [l1;l2;l3;l4] -> (l1,l2,l3,l4) | _ -> assert false let () = begin let labels = get_tab_labels_of w#notebook_CENTRAL in let (l1,l2) = tuple2_of_list labels in List.iter (fun l -> l#set_use_markup true) labels ; l1#set_label (s_ "Components"); l2#set_label (s_ "Documents"); end (* ***************************************** * notebook_INTERNAL * ***************************************** *) let () = begin let labels = get_tab_labels_of w#notebook_INTERNAL in let (l1,l2,l3,l4) = tuple4_of_list labels in List.iter (fun l -> l#set_use_markup true) labels ; let set l text = l#set_label (""^text^"") in set l1 (s_ "Image") ; set l2 (s_ "Interfaces") ; set l3 (s_ "Defects") ; set l4 (s_ "Disks") ; end (* ***************************************** * toolbar_DOT_TUNING * ***************************************** *) module Created_toolbar_DOT_TUNING = Gui_toolbar_DOT_TUNING. Make (State) (* ***************************************** * BASE BUTTONS * ***************************************** *) let () = begin w#hbox_BASE#set_homogeneous true; w#hbox_BASE#set_spacing 5; w#hbox_BASE#set_border_width 0; end let button_BASE_STARTUP_EVERYTHING = Gui_bricks.button_image ~label:(s_ "Start all") ~stock:`MEDIA_PLAY ~tooltip:(s_ "Start the virtual network (machines, switch, hub, etc) locally on this machine") ~label_position:`BOTTOM ~stock_size:`DND ~packing:w#hbox_BASE#add () let (menu_BASE_PAUSE_SOMETHING, button_BASE_PAUSE_SOMETHING, box_BASE_PAUSE_SOMETHING) = let renewer = let get_label_active_callback_list () = let name_kind_suspended_list : (string * [`Node|`Cable] * bool) list = st#network#get_component_names_that_can_suspend_or_resume () in List.map (fun (name, kind, suspended) -> let callback b = if b = suspended then () else match suspended with | true -> (st#network#get_component_by_name ~kind name)#resume | false -> (st#network#get_component_by_name ~kind name)#suspend in (name, suspended, callback) ) name_kind_suspended_list in Gui_bricks.make_check_items_renewer_v1 ~get_label_active_callback_list () (* end of renewer () *) in Gui_bricks.button_image_popuping_a_menu ~label:(s_ "Suspend") ~stock:`MEDIA_PAUSE ~renewer ~tooltip:(s_ "Suspend the activity of a network component") ~label_position:`BOTTOM ~stock_size:`DND ~packing:w#hbox_BASE#add () let button_BASE_SHUTDOWN_EVERYTHING = Gui_bricks.button_image ~label:(s_ "Shutdown all") ~stock:`MEDIA_STOP ~tooltip:(s_ "Gracefully stop every element of the network") ~label_position:`BOTTOM ~stock_size:`DND ~packing:w#hbox_BASE#add () let button_BASE_POWEROFF_EVERYTHING = Gui_bricks.button_image ~label:(s_ "Power-off all") ~file:"ico.poweroff.24x24.png" ~tooltip:(s_ "(Ungracefully) shutdown every element of the network, as in a power-off") ~label_position:`BOTTOM ~packing:w#hbox_BASE#add () (* Just a thunk, the button is not really built. We leave this code in order to not remove the gettext key associated to this `tooltip' and this `label': *) let button_BASE_BROADCAST () = Gui_bricks.button_image ~label:(s_ "Broadcast") ~tooltip:(s_ "Broadcast the specification of the virtual network on a real network") ~file:"ico.diffuser.orig.png" ~label_position:`BOTTOM ~packing:w#hbox_BASE#add () (* Connections *) let () = let _ = button_BASE_STARTUP_EVERYTHING#connect#clicked ~callback:(fun () -> st#startup_everything ()) in let _ = button_BASE_SHUTDOWN_EVERYTHING#connect#clicked ~callback:(fun () -> match Simple_dialogs.confirm_dialog ~question:(s_ "Are you sure that you want to stop\nall the running components?") () with Some true -> st#shutdown_everything () | Some false -> () | None -> ()) in let _ = button_BASE_POWEROFF_EVERYTHING#connect#clicked ~callback:(fun () -> match Simple_dialogs.confirm_dialog ~question:(s_ "Are you sure that you want to power off\nall the running components? It is also possible to shut them down graciously...") () with Some true -> st#poweroff_everything () | Some false -> () | None -> () ) in let _ = let callback = (fun _ -> Created_menubar_MARIONNET.Created_entry_project_quit.callback (); true) in w#toplevel#event#connect#delete ~callback in () end marionnet-0.90.6+bzr508.orig/gui/talking.ml0000644000175000017500000004421113175722671017353 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2007, 2009, 2010 Jean-Vincent Loddo Copyright (C) 2007, 2009 Luca Saiu Copyright (C) 2007, 2009, 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) (** All dialogs are implemented here. This module provide the capability for user to talk with the application. Specifically, the name "Talking" stands here for "Talking with user". *) #load "include_as_string_p4.cmo" ;; (** Return the given pathname as it is, if it doesn't contain funny characters we don't want to bother supporting, like ' ', otherwise raise an exception. No check is performed on the pathname actual existence or permissions: *) (*let check_pathname_validity pathname = if StrExtra.First.matchingp (Str.regexp "^[.a-zA-Z0-9_\\/\\-]+$") pathname then pathname else failwith "The pathname "^ pathname ^" contains funny characters, and we don't support it";;*) (*let are_there_funny_chars x = not (StrExtra.First.matchingp (Str.regexp "^[.a-zA-Z0-9_\\/\\-]+$") x) let are_there_funny_chars x = false*) let are_there_shell_special_chars x = (StrExtra.First.matchingp (Str.regexp "[ )(&*?$]") x) (** Return true iff the the given directory exists and is on a filesystem supporting sparse files. This function doesn't check whether the directory is writable: *) let does_directory_support_sparse_files pathname = (* Funny chars are not allowed because the uml kernel is very strict about filename specifications (ubda=.., ubdb=.., etc) *) if are_there_shell_special_chars (pathname) then false else (* continue: *) (* All the intelligence of this method lies in the external script, loaded at preprocessing time: *) let content = INCLUDE_AS_STRING "scripts/can-directory-host-sparse-files.sh" in try match UnixExtra.script content [pathname] with | (0,_,_) -> true | _ -> false with _ -> false ;; (* Shortcuts *) let mkenv = Environments.make_string_env ;; (* **************************************** * Module MSG * **************************************** *) open Gettext;; (** Some tools for building simple help, error, warning and info dialogs *) module Msg = struct (** I moved some stuff into simple_dialogs.ml. It's useful for lots of other modules, not only for talking. --L. *) (** Specific help constructors*) (** Why you have to choose a folder to work *) let help_repertoire_de_travail = let title = (s_ "CHOOSE A TEMPORARY WORKING DIRECTORY") in let msg = (s_ "Marionnet can use a directory of your choice for its temporary files. \ Every file created in the directory will be deleted at exit time. \ If the program is run from the Marionnet live DVD, you are advised to \ use a persistent directory (in /mnt/hd*), in order to not waste \ your system physical memory.") in Simple_dialogs.help title msg ;; let error_saving_while_something_up = Simple_dialogs.error (s_ "Warning") (s_ "The project can't be saved right now. \ One or more network components are still running. \ Please stop them before saving.") ;; (** Why you have to choose a name for your project *) let help_nom_pour_le_projet = let title = (s_ "CHOOSE A NAME FOR THE PROJECT") in let msg = (s_ "\ Marionnet saves every files belonging to a project in a file with extension .mar. \ It is a standard gzipped tarball which can also be opened with standard tools.") in Simple_dialogs.help title msg ;; end;; (* module Msg *) (** Check that the given pathname is acceptable, and that it has the correct extension or no extension; if the argument has the correct extension then just return it; it it's otherwise valid but has no extension then return the argument with the extension appended; if it's invalid or has a wrong extension then show an appropriate error message and raise an exception. This function is thought as a 'filter' thru which user-supplied filenames should be always sent before use. The optional argument extension should be a string with *no* dot *) let check_filename_validity_and_add_extension_if_needed ?identifier ?(extension="mar") path_name = let directory = Filename.dirname path_name in let correct_extension = "." ^ extension in let path_name = Filename.basename path_name in let check_chopped_basename_validity chopped_basename = if (identifier = None) || StrExtra.Class.identifierp ~allow_dash:() chopped_basename then chopped_basename else begin Simple_dialogs.error (s_ "Invalid file name") (Printf.sprintf (f_ "The name \"%s\" is not a valid file name.\n\nA valid file \ name must start with a letter and can contain letters, numbers, dashes ('-') and underscores ('_').") chopped_basename) (); failwith "the given file name is invalid"; end in if Filename.check_suffix path_name correct_extension then (* path_name does end with the correct extension; just check that its chopped version is ok: *) Printf.sprintf "%s/%s%s" directory (check_chopped_basename_validity (Filename.chop_extension path_name)) correct_extension else (* path_name doesn't end with the correct extension: *) try let _ = Filename.chop_extension path_name in (* There is an extension but it's not the correct one; fail: *) Simple_dialogs.error (s_ "Invalid file extension") (Printf.sprintf (f_ "The file \"%s\" must have an extension \"%s\", or no extension at all (in which case the extension \"%s\" will be added automatically).") path_name correct_extension correct_extension) (); failwith ("the given file name has an extension but it's not \"" ^ correct_extension ^ "\"."); with Invalid_argument _ -> (* There is no extension; just check that the filename is otherwise valid, and add the extension: *) Printf.sprintf "%s/%s%s" directory (check_chopped_basename_validity path_name) correct_extension;; (* **************************************** * Module EDialog * **************************************** *) (** An EDialog (for Environnemnt Dialog) is a dialog which may returns an environnement in the form (id,value) suitable for functions implementing reactions *) module EDialog = struct (** An edialog is a dialog which returns an env as result if succeed *) type env = string Environments.string_env type edialog = unit -> env option (** Dialog related exceptions. *) exception BadDialog of string * string;; exception StrangeDialog of string * string * (string Environments.string_env);; exception IncompleteDialog;; (** The (and) composition of edialogs is again an env option *) let rec compose (dl:edialog list) () (*: ((('a,'b) Environments.env) option)*) = match dl with | [] -> raise (Failure "EDialog.compose") | [d] -> d () | d::l -> (match d () with | None -> None | Some (r:env) -> (match (compose l ()) with | None -> None | Some z -> Some (Environments.string_env_updated_by r z) ) ) ;; (** Alias for edialog composition *) let sequence = compose;; (** Auxiliary functions for file/folder chooser dialogs *) let default d = function | None -> d | Some v -> v ;; (** Filters *) let image_filter () = let f = GFile.filter ~name:"Images" () in f#add_custom [ `MIME_TYPE ] (fun info -> let mime = List.assoc `MIME_TYPE info in StringExtra.is_prefix "image/" mime) ; f ;; (* let all_files () = let f = GFile.filter ~name:"All" () in (f#add_pattern "*"); f ;; *) let all_files () = GFile.filter ~name:"All" () ~patterns: ["*"] ;; let script_filter () = GFile.filter ~name:"Scripts Shell/Python (*.sh *.py)" ~patterns:[ "*.sh"; "*.py" ] () ;; let bash_filter () = GFile.filter ~name:"Bash Scripts (*.sh)" ~patterns:[ "*.sh"; "*.rc" ] () ;; let conf_filter () = GFile.filter ~name:"Configuration files (*.conf *.config)" ~patterns:[ "*.conf"; "*.config" ] () ;; let rc_filter () = GFile.filter ~name:"Read command (*.rc)" ~patterns:[ "*.rc" ] () ;; let mar_filter () = GFile.filter ~name:"Marionnet projects (*.mar)" ~patterns:[ "*.mar"; ] () ;; let xml_filter () = GFile.filter ~name:"XML files (*.xml)" ~patterns:[ "*.xml"; "*.XML" ] () ;; let txt_filter () = GFile.filter ~name:"Text files (*.txt)" ~patterns:[ "*.txt"; "*.TXT" ] () ;; let jpeg_filter () = GFile.filter ~name:"JPEG files (*.jpg *.jpeg)" ~patterns:[ "*.jpg"; "*.JPG"; "*.jpeg"; "*.JPEG" ] ();; let png_filter () = GFile.filter ~name:"PNG files (*.png)" ~patterns:[ "*.png"; "*.PNG" ] () ;; (** Filters for Marionnet *) type filter_name = [ `ALL | `DOT of Dot.output_format | `IMG | `JPEG | `MAR | `PNG | `SCRIPT | `BASH | `CONF | `RC | `TXT | `XML ];; (** The kit of all defined filters *) let allfilters : filter_name list = [ `ALL ; `MAR ; `IMG ; `SCRIPT ; `BASH; `CONF; `RC; `TXT; `XML ; `JPEG ] ;; let get_filter_by_name = function | `ALL -> all_files () | `MAR -> mar_filter () | `IMG -> image_filter () | `SCRIPT -> script_filter () | `BASH -> bash_filter () | `CONF -> conf_filter () | `RC -> rc_filter () | `TXT -> txt_filter () | `XML -> xml_filter () | `JPEG -> jpeg_filter () | `PNG -> png_filter () | `DOT name -> Dot_widget.filter_of_format name ;; (* (`vmlz, "vmlz", "Compressed Vector Markup Language (VML)", "XML document text (gzip compressed data, from Unix)"); *) (** The edialog asking for file or folder. It returns a simple environment with an unique identifier [gen_id] bound to the selected name *) let ask_for_file ?(parent: GWindow.window_skel option) ?(enrich=mkenv []) ?(title="FILE SELECTION") ?(valid:(string->bool)=(fun x->true)) ?(filter_names = allfilters) ?(filters:(GFile.filter list)=[]) ?(extra_widget:(GObj.widget * (unit -> string)) option) ?(action=`OPEN) ?(gen_id="filename") ?(help=None)() = let dialog = GWindow.file_chooser_dialog ~icon:Icon.icon_pixbuf ~action:action ~title ~modal:true ?parent ~destroy_with_parent:true () in dialog#unselect_all ; if (help=None) then () else dialog#add_button_stock `HELP `HELP ; dialog#add_button_stock `CANCEL `CANCEL ; dialog#add_button_stock `OK `OK; ignore (dialog#set_current_folder (Initialization.cwd_at_startup_time)); (* --- *) dialog#set_default_response `OK; Option.iter (fun (w,r) -> dialog#set_extra_widget w) extra_widget; (* --- *) if (action=`SELECT_FOLDER) then (try (dialog#add_shortcut_folder "/tmp") with _ -> ()); if (action=`OPEN || action=`SAVE) then begin let filter_list = List.append (List.map get_filter_by_name filter_names) filters in List.iter dialog#add_filter filter_list; end; let result = (ref None) in let cont = ref true in while (!cont = true) do begin match dialog#run () with | `OK -> (match dialog#filename with | None -> () | Some fname -> if (valid fname) then begin cont := false; enrich#add (gen_id,fname); Option.iter (fun (w,reader) -> enrich#add ("extra_widget",reader ())) extra_widget; result := Some enrich end ) | `HELP -> (match help with | Some f -> f (); | None -> () ) | _ -> cont := false end done; (* --- *) dialog#destroy (); !result ;; (** The edialog asking for an existing and writable directory. *) let ask_for_existing_writable_folder_pathname_supporting_sparse_files ?(parent: GWindow.window_skel option) ?(enrich=mkenv []) ?(help=None) ~title () = let valid = fun pathname -> (* --- *) if (not (Sys.file_exists pathname)) then begin let () = Simple_dialogs.error (s_ "Invalid directory") (s_ "The directory doesn't exists!\nYou must choose an exiting directory name.") () in false end else (* continue: *) (* --- *) (* Resolve symlinks which are problematic for starting components: *) let pathname = Option.extract (UnixExtra.realpath pathname) in (* --- *) if (are_there_shell_special_chars pathname) then begin let () = Simple_dialogs.error (s_ "Invalid directory name") (* (Printf.sprintf (f_ "The name \"%s\" is not a valid directory.\n\nDirectory names must contain only letters, numbers, dots, dashes ('-') and underscores ('_').") pathname) *) (Printf.sprintf (f_ "The name \"%s\" contains some shell special chars (blanks, parenthesis,..) which are not allowed.") pathname) () in false end else (* continue: *) (* --- *) if (not (UnixExtra.dir_rwx_or_link_to pathname)) || (not (does_directory_support_sparse_files pathname)) then begin let () = Simple_dialogs.error (s_ "Invalid directory") (s_ "Choose a directory which is existing, modifiable and hosted on a filesystem supporting sparse files (ext2, ext3, ext4, reiserfs, NTFS, ...)") () in false end else true in ask_for_file ?parent ~enrich ~title ~valid ~filter_names:[] ~action:`SELECT_FOLDER ~gen_id:"foldername" ~help () (** The edialog asking for a fresh and writable filename. *) let ask_for_fresh_writable_filename ?(parent: GWindow.window_skel option) ?(enrich=mkenv []) ~title ?(filters:(GFile.filter list) option) ?filter_names ?(extra_widget:(GObj.widget * (unit -> string)) option) ?(help=None) = let valid x = if (Sys.file_exists x) then ((Simple_dialogs.error (s_ "Name choice") (s_ "A file with the same name already exists!\n\nChoose another name for your file.") ()); false) else (UnixExtra.viable_freshname x) in let result = ask_for_file ?parent ~enrich ~title ~valid ?filters ?filter_names ?extra_widget ~action:`SAVE ~gen_id:"filename" ~help in result;; let dialog_error_choosed_file_doesnt_exist () = Simple_dialogs.error (s_ "File choice") (s_ "The file doesn't exist!\nYou must choose an existing file name.") () let dialog_error_choosed_file_is_not_a_text_file () = Simple_dialogs.error (s_ "File choice") (s_ "The file is not a text file") () let dialog_error_choosed_file_is_too_big_to_be_imported (limit:string) = Simple_dialogs.error (s_ "File choice") (Printf.sprintf (f_ "The file is too big to be imported\nYou must choose a file smaller than %s.") limit) () let file_size_kb (filename) = let s = Unix.stat (filename) in (s.Unix.st_size + 1024) / 1024 let is_text_file (filename) = if (Sys.command "which file 1>/dev/null 2>/dev/null") <> 0 then true (* we suppose that *) else (* continue: *) match Shell.Files.file ~opt:"-L -b --mime-type 2>/dev/null" filename with | [answer] -> ((String.sub answer 0 4) = "text") | _ -> false (** The edialog asking for an existing readable/writable filename. *) let ask_for_existing_rw_filename ?parent ?(enrich=mkenv []) ~title ?(filter_names = allfilters) ?(help=None) () = let valid = fun x -> if not (Sys.file_exists x) then (dialog_error_choosed_file_doesnt_exist (); false) else (* continue: *) UnixExtra.regfile_rw_or_link_to x in ask_for_file ?parent ~enrich ~title ~valid ~filter_names ~action:`OPEN ~gen_id:"filename" ~help () ;; (** The edialog asking for an existing filename which content may be imported as a string. *) let ask_for_existing_importable_text_filename ?parent ?(enrich=mkenv []) ?(max_size_kb=1024) ~title ?(filter_names = allfilters) ?(help=None) () = let valid = fun x -> if not (Sys.file_exists x) then (dialog_error_choosed_file_doesnt_exist (); false) else (* continue: *) if not (is_text_file x) then (dialog_error_choosed_file_is_not_a_text_file (); false) else (* continue: *) let size_kb = file_size_kb x in if not (size_kb < max_size_kb) then (dialog_error_choosed_file_is_too_big_to_be_imported ((string_of_int max_size_kb)^" Kb"); false) else (* continue: *) UnixExtra.regfile_r_or_link_to x (* Just readable *) in ask_for_file ?parent ~enrich ~title ~valid ~filter_names ~action:`OPEN ~gen_id:"filename" ~help () ;; (** Generic constructor for question dialogs. With the 'enrich' optional parameter the dialog can enrich a given environnement. Otherwise it creates a new one. *) let ask_question ?(enrich=mkenv []) ?(title="QUESTION") ?(gen_id="answer") ?(help=None) ?(cancel=false) ~(question:string) () = let dialog=new Gui.dialog_QUESTION () in if (help=None) then () else dialog#toplevel#add_button_stock `HELP `HELP ; if (cancel=false) then () else dialog#toplevel#add_button_stock `CANCEL `CANCEL ; dialog#toplevel#set_title title; dialog#title_QUESTION#set_use_markup true; dialog#title_QUESTION#set_label question; ignore (dialog#toplevel#event#connect#delete ~callback:(fun _ -> Log.printf "Sorry, no, you can't close the dialog. Please make a decision.\n"; true)); let result = (ref None) in let cont = ref true in while (!cont = true) do match dialog#toplevel#run () with | `YES -> begin cont := false; enrich#add (gen_id,"yes"); result := Some enrich end | `NO -> begin cont := false; enrich#add (gen_id,"no" ); result := Some enrich end | `HELP -> (match help with | Some f -> f (); | None -> () ) | `CANCEL when cancel -> begin cont := false; result := None end | _ -> cont := true; (* No, the user has to make a decision *) done; dialog#toplevel#destroy (); !result ;; end;; (* EDialog *) marionnet-0.90.6+bzr508.orig/world_bridge.ml0000644000175000017500000004023413175722671017602 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2010 Jean-Vincent Loddo Copyright (C) 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) (** "world bridge" component implementation. *) #load "where_p4.cmo" ;; open Gettext (* World bridge related constants: *) (* TODO: make it configurable! *) module Const = struct let port_no_default = 1 let port_no_min = 1 let port_no_max = 1 end (* The type of data exchanged with the dialog: *) module Data = struct type t = { name : string; label : string; old_name : string; } let to_string t = "" (* TODO? *) end (* Data *) module Make_menus (Params : sig val st : State.globalState val packing : [ `toolbar of GButton.toolbar | `menu_parent of Menu_factory.menu_parent ] end) = struct open Params module Toolbar_entry = struct let imagefile = "ico.world_bridge.palette.png" let tooltip = (s_ "World bridge") let packing = Params.packing end module Add = struct include Data let key = Some GdkKeysyms._B let ok_callback t = Gui_bricks.Ok_callback.check_name t.name t.old_name st#network#name_exists t let dialog () = let () = Global_options.check_bridge_existence_and_warning () in let name = st#network#suggestedName "B" in Dialog_add_or_update.make ~title:(s_ "Add world bridge") ~name ~ok_callback () let reaction { name = name; label = label } = let action () = ignore ( new User_level_world_bridge.world_bridge ~network:st#network ~name ~label ()) in st#network_change action (); end module Properties = struct include Data let dynlist () = st#network#get_node_names_that_can_startup ~devkind:`World_bridge () let dialog name () = let d = (st#network#get_node_by_name name) in let title = (s_ "Modify world bridge")^" "^name in let label = d#get_label in Dialog_add_or_update.make ~title ~name ~label ~ok_callback:Add.ok_callback () let reaction { name = name; label = label; old_name = old_name } = let d = (st#network#get_node_by_name old_name) in let h = ((Obj.magic d):> User_level_world_bridge.world_bridge) in let action () = h#update_world_bridge_with ~name ~label in st#network_change action (); end module Remove = struct type t = string (* just the name *) let to_string = (Printf.sprintf "name = %s\n") let dynlist = Properties.dynlist let dialog name () = Gui_bricks.Dialog.yes_or_cancel_question ~title:(s_ "Remove") ~markup:(Printf.sprintf (f_ "Are you sure that you want to remove %s\nand all the cables connected to this %s?") name (s_ "world bridge")) ~context:name () let reaction name = let d = (st#network#get_node_by_name name) in let h = ((Obj.magic d):> User_level_world_bridge.world_bridge) in let action () = h#destroy in st#network_change action (); end module Startup = struct type t = string (* just the name *) let to_string = (Printf.sprintf "name = %s\n") let dynlist = Properties.dynlist let dialog = Menu_factory.no_dialog_but_simply_return_name let reaction name = (st#network#get_node_by_name name)#startup end module Stop = struct type t = string (* just the name *) let to_string = (Printf.sprintf "name = %s\n") let dynlist () = st#network#get_node_names_that_can_gracefully_shutdown ~devkind:`World_bridge () let dialog = Menu_factory.no_dialog_but_simply_return_name let reaction name = (st#network#get_node_by_name name)#gracefully_shutdown end module Suspend = struct type t = string (* just the name *) let to_string = (Printf.sprintf "name = %s\n") let dynlist () = st#network#get_node_names_that_can_suspend ~devkind:`World_bridge () let dialog = Menu_factory.no_dialog_but_simply_return_name let reaction name = (st#network#get_node_by_name name)#suspend end module Resume = struct type t = string (* just the name *) let to_string = (Printf.sprintf "name = %s\n") let dynlist () = st#network#get_node_names_that_can_resume ~devkind:`World_bridge () let dialog = Menu_factory.no_dialog_but_simply_return_name let reaction name = (st#network#get_node_by_name name)#resume end module Create_entries = Gui_toolbar_COMPONENTS_layouts.Layout_for_network_node (Params) (Toolbar_entry) (Add) (Properties) (Remove) (Startup) (Stop) (Suspend) (Resume) (* Subscribe this kind of component to the network club: *) st#network#subscribe_a_try_to_add_procedure Eval_forest_child.try_to_add_world_bridge; end (*-----*) WHERE (*-----*) module Dialog_add_or_update = struct (* This function may be useful for testing the widget creation without recompiling the whole project. *) let make ?(title="Add world bridge") ?(name="") ?label ?(help_callback=help_callback) (* defined backward with "WHERE" *) ?(ok_callback=(fun data -> Some data)) ?(dialog_image_file=Initialization.Path.images^"ico.world_bridge.dialog.png") () :'result option = let old_name = name in let (w,_,name,label) = Gui_bricks.Dialog_add_or_update.make_window_image_name_and_label ~title ~image_file:dialog_image_file ~image_tooltip:(s_ "World bridge") ~name ~name_tooltip:(s_ "World bridge name. This name must be unique in the virtual network. Suggested: B1, B2, ...") ?label () in let get_widget_data () :'result = let name = name#text in let label = label#text in { Data.name = name; Data.label = label; Data.old_name = old_name; } in (* The result of make is the result of the dialog loop (of type 'result option): *) Gui_bricks.Dialog_run.ok_or_cancel w ~ok_callback ~help_callback ~get_widget_data () (*-----*) WHERE (*-----*) let help_callback = let title = (s_ "ADD OR MODIFY A WORLD BRIDGE") in (* TODO: rename "ethernet socket" => "world bridge" in all translations!*) let msg = (s_ "\ In this dialog window you can define the name of an Ethernet socket \ and set parameters for it. This component allows the user to connect the virtual \ network to a Linux bridge whose name is defined by the user via the \ configuration variable called MARIONNET_BRIDGE (in marionnet.conf or provide on \ the command line).\n\n\ If the bridge is correctly set on the host (before starting the network), virtual \ machines will be able to access to the same network services (DHCP, DNS, NFS, \ ...) that the host can access on its local network; if the host is on the Internet \ then also the virtual machines linked to the socket will be.\n \n \ To create a bridge on your (real) host using the same network as eth0 (by \ example) you need to : 1) create a bridge with the name define in marionnet.conf \ by MARIONNET_BRIDGE, 2) put and configure eth0 (on your real host) in the \ bridge and 3) put an IP address on the bridge (with dhclient or ifconfig/route).\n\n\ In such a case, after having start the virtual network in marionnet you can \ configure an ethernet card of a virtual machines which is connect to the \ Ethernet socket (or on the same network) in order to give access to your \ local network to it.\n\n \ The socket also allows team-work in a network laboratory, by creating a \ connection between Marionnet instances running on different machines. \ For more information about bridge et Ethernet socket configuration, please \ see the Marionnet Wiki on the marionnet.org website.") in Simple_dialogs.help title msg ;; end (*-----*) WHERE (*-----*) module Eval_forest_child = struct let try_to_add_world_bridge (network:User_level.network) ((root,children):Xforest.tree) = try (match root with | ("world_bridge", attrs) | ("gateway" (* retro-compatibility *), attrs) -> let name = List.assoc "name" attrs in Log.printf1 "Importing world bridge \"%s\"...\n" name; let x = new User_level_world_bridge.world_bridge ~network ~name () in x#from_tree ("world_bridge", attrs) children ; Log.printf1 "World bridge \"%s\" successfully imported.\n" name; true | _ -> false ) with _ -> false end (* module Eval_forest_child *) (*-----*) WHERE (*-----*) module User_level_world_bridge = struct class world_bridge = fun ~network ~name ?label () -> object (self) inherit OoExtra.destroy_methods () inherit User_level.node_with_defects ~network ~name ?label ~devkind:`World_bridge ~port_no:Const.port_no_default ~port_no_min:Const.port_no_min ~port_no_max:Const.port_no_max ~user_port_offset:0 ~port_prefix:"eth" () as self_as_node_with_defects method defects_device_type = "world_bridge" method polarity = User_level.MDI_Auto (* Because is not pedagogic anyway. *) method string_of_devkind = "world_bridge" method dotImg iconsize = let imgDir = Initialization.Path.images in (imgDir^"ico.world_bridge."^(self#string_of_simulated_device_state)^"."^iconsize^".png") method update_world_bridge_with ~name ~label = self_as_node_with_defects#update_with ~name ~label ~port_no:1; (** Create the simulated device *) method private make_simulated_device = ((new Simulation_level_world_bridge.world_bridge ~parent:self ~bridge_name:Global_options.ethernet_world_bridge_name ~working_directory:(network#working_directory) ~unexpected_death_callback:self#destroy_because_of_unexpected_death ()) :> User_level.node Simulation_level.device) method to_tree = Forest.tree_of_leaf ("world_bridge", [ ("name" , self#get_name ); ("label" , self#get_label); ]) method eval_forest_attribute = function | ("name" , x ) -> self#set_name x | ("label" , x ) -> self#set_label x | _ -> () (* Forward-comp. *) end (* class world_bridge *) end (* module User_level_world_bridge *) (*-----*) WHERE (*-----*) module Simulation_level_world_bridge = struct open Daemon_language (** A World Bridge hub process is just a hub process with exactly two ports, of which the first one is connected to the given host tun/tap interface: *) class world_bridge_hub_process = fun ~tap_name ~working_directory ~unexpected_death_callback () -> object(self) inherit Simulation_level.vde_switch_process ~port_no:2 ~hub:true ~tap_name ~socket_name_prefix:"world_bridge_hub-socket-" ~working_directory ~unexpected_death_callback () as super end class ['parent] world_bridge = fun (* ~id *) ~(parent:'parent) ~bridge_name ~working_directory ~unexpected_death_callback () -> object(self) inherit ['parent] Simulation_level.device ~parent ~hublet_no:1 ~working_directory ~unexpected_death_callback () as super method device_type = "world_bridge" val the_hublet_process = ref None method private extract_the_hublet_process = match !the_hublet_process with Some the_hublet_process -> the_hublet_process | None -> failwith "world_bridge: extract_the_hublet_process was called when there is no such process" val mutable world_bridge_hub_process = None val mutable world_bridge_tap_name = None val mutable internal_cable_process = None (** Create the tap via the daemon, and return its name. Fail if a the tap already exists: *) method private make_world_bridge_tap : string option = match world_bridge_tap_name with | None -> let tap_name_option = let server_response = Daemon_client.ask_the_server (Make (AnySocketTap((Unix.getuid ()), bridge_name))) in (match server_response with | Created (SocketTap(tap_name, _, _)) -> Some tap_name | _ -> let () = Log.printf "Marionnet daemon refused to create a TUN/TAP interface\n" in None (* "non-existing-tap" *) ) in let () = world_bridge_tap_name <- tap_name_option in tap_name_option (* --- *) | Some tap_name -> let () = Log.printf1 "A tap for the world bridge already exists: %s\n" tap_name in Some tap_name method private destroy_world_bridge_tap = Option.iter (fun tap_name -> try let cmd = Destroy (SocketTap(tap_name, (Unix.getuid ()), bridge_name)) in let _ = Daemon_client.ask_the_server cmd in (world_bridge_tap_name <- None) (* --- *) with e -> begin Log.printf1 "WARNING: Failed in destroying a host tap for a world bridge: %s\n" (Printexc.to_string e); end) (world_bridge_tap_name) (* --- *) initializer begin assert ((List.length self#get_hublet_process_list) = 1); (* --- *) the_hublet_process := Some (self#get_hublet_process_of_port 0); (* --- *) world_bridge_hub_process <- self#make_world_bridge_hub_process end (* --- *) method private make_world_bridge_hub_process : (world_bridge_hub_process option) = let () = if world_bridge_hub_process <> None then () else (* continue: *) Option.iter (fun tap_name -> let result = new world_bridge_hub_process ~tap_name ~working_directory ~unexpected_death_callback:self#execute_the_unexpected_death_callback () in world_bridge_hub_process <- Some result) (* --- *) (self#make_world_bridge_tap) in world_bridge_hub_process method spawn_processes = Option.iter (* --- *) (fun the_world_bridge_hub_process -> (* Spawn the hub process, and wait to be sure it's started: *) let () = the_world_bridge_hub_process#spawn in (* Create the internal cable process from the single hublet to the hub, and spawn it: *) let the_internal_cable_process = Simulation_level.make_ethernet_cable_process ~left_end:the_world_bridge_hub_process ~right_end:self#extract_the_hublet_process ~leftward_defects:(parent#ports_card#get_my_inward_defects_by_index 0) ~rightward_defects:(parent#ports_card#get_my_outward_defects_by_index 0) ~unexpected_death_callback:self#execute_the_unexpected_death_callback () in internal_cable_process <- Some the_internal_cable_process; the_internal_cable_process#spawn) (* --- *) self#make_world_bridge_hub_process method terminate_processes = begin let () = Log.printf3 "world_bridge %s#terminate_processes: internal_cable_process=%s world_bridge_hub_process=%s\n" (parent#name) (Option.to_string internal_cable_process) (Option.to_string world_bridge_hub_process) in (* Terminate the internal cable process and the hub process: *) let () = Task_runner.do_in_parallel [ (fun () -> Option.iter (fun obj -> obj#terminate) internal_cable_process); (fun () -> Option.iter (fun obj -> obj#terminate) world_bridge_hub_process); ] in (* Destroy the tap, via the daemon: *) self#destroy_world_bridge_tap; (* Unreference everything: *) internal_cable_process <- None; world_bridge_hub_process <- None; end (** As world bridges are stateless from the point of view of the user, stop/continue aren't distinguishable from terminate/spawn: *) method stop_processes = self#terminate_processes method continue_processes = self#spawn_processes end end (* module Simulation_level_world_bridge *) (** Just for testing: *) let test = Dialog_add_or_update.make marionnet-0.90.6+bzr508.orig/test_with_utop.sh0000755000175000017500000000271713175722671020231 0ustar lucaslucas#!/bin/bash set -e TOPLEVEL=${1:-utop} which $TOPLEVEL &>/dev/null || { echo "Error: $0: $TOPLEVEL not found; install it please." exit 2 } function realpath { local B=$(basename $1) local D=$(dirname $1) (builtin cd $D; echo $PWD/$B) } # Make make compile_for_testing make marionnet.cma # Set the variable MARIONNET_HOME source CONFIGME # set the variable `prefix' MARIONNET_HOME=${prefix:-/usr/local}/share/marionnet # Copy all modules to a single directory: FLATTENED_DIRECTORY=_build/_build.flattened mkdir -p $FLATTENED_DIRECTORY find _build -path $FLATTENED_DIRECTORY -prune -o -type f -exec cp -fl {} $FLATTENED_DIRECTORY/ \; find $MARIONNET_HOME -maxdepth 1 -type f -exec cp -fs {} $FLATTENED_DIRECTORY/ \; pushd $FLATTENED_DIRECTORY; find $MARIONNET_HOME/* -maxdepth 0 -type d -exec ln -sf {} \;; popd # Preamble: PREAMBLE=$(mktemp) cat > $PREAMBLE <. # This is simply a list of the OCaml modules (*not* filenames) for which # documentation should be generated: Command_line Daemon_client Daemon_language Daemon_parameters Death_monitor Treeview_defects Treeview_history Forest Global_options Graph Icon Initialization Ledgrid_manager Log Mariokit Marionnet Marionnet-daemon Message_passing Meta Treeview_ifconfig Print_forest_frontend Print_treeview Progress_bar Recursive_mutex Row_item Simple_dialogs Simulation_level Splash State Strings Talking Task_runner Treeview_documents Timestamp Treeview X Xforest marionnet-0.90.6+bzr508.orig/daemon_client.ml0000644000175000017500000001107013175722671017734 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2008, 2009 Luca Saiu Copyright (C) 2009, 2010 Jean-Vincent Loddo Copyright (C) 2008, 2009, 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) (** This is the client side of the Marionnet-daemon support: *) (* open Daemon_language;; *) open Gettext;; (* Convenient aliases: *) module Parameters = Daemon_parameters module Language = Daemon_language module Recursive_mutex = MutexExtra.Recursive (* --- *) let socket_name = Parameters.socket_name;; let inter_keepalive_interval = Parameters.inter_keepalive_interval;; (** The mutex we use to avoid sending concurrent messages to the same socket from different threads: *) let the_daemon_client_mutex = Recursive_mutex.create ();; (** The socket used to communicate with the daemon: *) let the_daemon_client_socket = Unix.socket Unix.PF_UNIX Unix.SOCK_STREAM 0;; (** Is the connection with the daemon currently up? *) let can_we_communicate_with_the_daemon_bool_ref = ref true let can_we_communicate_with_the_daemon () = Recursive_mutex.with_mutex the_daemon_client_mutex (fun () -> !can_we_communicate_with_the_daemon_bool_ref) (** Stop trying to communicate with the daemon: *) let disable_daemon_support () = Recursive_mutex.with_mutex the_daemon_client_mutex (fun () -> can_we_communicate_with_the_daemon_bool_ref := false) (** Send the given request (in abstract syntax) to the server, and return its response, still in abstract syntax. Synchronization is correctly performed *within* this function, so the caller doesn't need to worry about it: *) let ask_the_server request = Recursive_mutex.with_mutex the_daemon_client_mutex (fun () -> try if can_we_communicate_with_the_daemon () then begin let buffer = String.make Language.message_length 'x' in let request_as_string = Language.print_request request in let sent_byte_no = Unix.send the_daemon_client_socket request_as_string 0 Language.message_length [] in (if not (sent_byte_no == sent_byte_no) then failwith "send() failed"); let received_byte_no = Unix.read the_daemon_client_socket buffer 0 Language.message_length in (if received_byte_no < Language.message_length then failwith "recv() failed, or the message is ill-formed"); let response = Language.parse_response buffer in response end else (Language.Error "the socket to the daemon is down"); with e -> begin Log.printf1 "ask_the_server failed: %s\n" (Printexc.to_string e); disable_daemon_support (); Simple_dialogs.error (s_ "Failure in daemon communication") (s_ "Error in trying to communicate with the daemon.\nThe application should remain usable, but without the features requiring root access...") (); (Language.Error "the socket to the daemon just went down"); end) (** The thunk implementing the thread which periodically sends keepalives: *) let thread_sending_keepalives_thunk () = try while true do let _ = ask_the_server Language.IAmAlive in (try Thread.delay inter_keepalive_interval; with e -> begin Log.printf1 "delay failed (%s). This should not be a problem.\n" (Printexc.to_string e); end); done; with e -> begin Log.printf1 "The keepalive-sending thread failed: %s.\n" (Printexc.to_string e); Log.printf "Bailing out.\n"; end (** This should be called *before* communicating with the daemon in any way: *) let initialize_daemon_client () = begin Log.printf "Connecting to the daemon socket...\n"; Unix.connect the_daemon_client_socket (Unix.ADDR_UNIX socket_name); Log.printf "Ok, connected with success.\n"; end (** Make a new thread sending keepalives to the daemon: *) let start_thread_sending_keepalives () = ignore (Thread.create thread_sending_keepalives_thunk ()) marionnet-0.90.6+bzr508.orig/REQUIREMENTS0000644000175000017500000000364513175722671016460 0ustar lucaslucasThis file is part of Marionnet, a virtual network laboratory Copyright (C) 2008 Luca Saiu This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . Requirements ============ You need several pieces of software to build and use this package; some of them are only used at build time, while others are needed at runtime. Please note that for build-time requirements it's essential to also have the headers/mli files available: if you use the package system of your distro, this translates into having installed also the "-dev" or "-devel" packages. Operating System ================ Marionnet was developed on and for GNU/Linux. We doubt it would be possible to make UML run on systems with any kernel different from Linux. About the architecture, again UML is the only limiting factor. Any architecture supporting UML should be fine. Some GNU/Linux-isms may be present. Please write us at marionnet-dev@marionnet.org if you want to try to port Marionnet to some other system, we may be able to help. Build-time requirements ======================= GNU Make and OCamlBuild are required (as for all our OCaml projects). And of course you need the OCaml compiler. [To do: fill this...] Runtime requirements ==================== [To do: expand this...] Graphviz (we use dot at runtime) uml utilities? bridge utilities? VDE with our patch. tunctl Filesystems. [X11 with TCP connections enabled] marionnet-0.90.6+bzr508.orig/treeview_documents.ml0000644000175000017500000003224513175722671021055 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2007, 2008, 2009 Luca Saiu Copyright (C) 2009, 2010 Jean-Vincent Loddo Copyright (C) 2007, 2008, 2009, 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) (* Authors: * - Luca Saiu: initial version * - Jean-Vincent Loddo: Unix.system calls replaced by UnixExtra's functions calls, and some other minor changes *) open Gettext;; module Row_item = Treeview.Row_item ;; (* --- *) (* Ex: Some "Jean-Vincent Loddo" *) let get_full_user_name () : string option = let user = Sys.getenv "USER" in let cmd = Printf.sprintf "getent passwd %s | cut -d: -f 5 | cut -d, -f 1" user in match UnixExtra.run cmd with | (full_name, Unix.WEXITED 0) -> Some (StringExtra.chop full_name) | _ -> None (* --- *) class t = fun ~packing ~method_directory ~method_filename ~after_user_edit_callback () -> object(self) inherit Treeview.t ~packing ~method_directory ~method_filename ~hide_reserved_fields:true () as super val icon_header = "Icon" method get_row_icon = self#get_Icon_field (icon_header) method set_row_icon = self#set_Icon_field (icon_header) val title_header = "Title" method get_row_title = self#get_String_field (title_header) method set_row_title = self#set_String_field (title_header) val author_header = "Author" method get_row_author = self#get_String_field (author_header) method set_row_author = self#set_String_field (author_header) val type_header = "Type" method get_row_type = self#get_String_field (type_header) method set_row_type = self#set_String_field (type_header) val comment_header = "Comment" method get_row_comment = self#get_String_field (comment_header) method set_row_comment = self#set_String_field (comment_header) val filename_header = "FileName" method get_row_filename = self#get_String_field (filename_header) method set_row_filename = self#set_String_field (filename_header) val format_header = "Format" method get_row_format = self#get_String_field (format_header) method set_row_format = self#set_String_field (format_header) (** Display the document at the given row, in an asynchronous process: *) method private display row_id = let frmt = self#get_row_format (row_id) in let reader = self#format_to_reader frmt in let pathname = Filename.concat (self#directory) (self#get_row_filename row_id) in let command_line = Printf.sprintf "%s '%s'&" reader pathname in (* Here ~force:true would be useless, because of '&' (the shell well exit in any case). *) Log.system_or_ignore command_line val error_message = (s_ "You should select an existing document in PDF, Postscript, DVI, HTML or text format.") (** Ask the user to choose a file, and return its pathname. Fail if the user doesn't choose a file or cancels: *) method (* private *) ask_file : string option = let dialog = GWindow.file_chooser_dialog ~icon:Icon.icon_pixbuf ~action:`OPEN ~title:((*utf8*)(s_ "Choose the document to import")) ~modal:true () in dialog#add_button_stock `CANCEL `CANCEL; dialog#add_button_stock `OK `OK; dialog#unselect_all; dialog#add_filter (GFile.filter ~name:(s_ "Texts (PDF, PostScript, DVI, HTML, text)") ~patterns:["*.pdf"; "*.ps"; "*.dvi"; "*.text"; "*.txt"; "*.html"; "*.htm"; "README"; (s_ "README") (* it's nice to also support something like LISEZMOI... *)] ()); dialog#set_default_response `OK; (* --- *) (match dialog#run () with `OK -> (match dialog#filename with Some result -> dialog#destroy (); Log.printf1 "* Ok: \"%s\"\n" result; Some result | None -> begin dialog#destroy (); Log.printf "* No document was selected\n"; None end) | _ -> dialog#destroy (); Log.printf "* You cancelled\n"; None) method private file_to_format pathname = if Filename.check_suffix pathname ".html" || Filename.check_suffix pathname ".htm" || Filename.check_suffix pathname ".HTML" || Filename.check_suffix pathname ".HTM" then "html" else if Filename.check_suffix pathname ".text" || Filename.check_suffix pathname ".txt" || Filename.check_suffix pathname "readme" || Filename.check_suffix pathname "lisezmoi" || Filename.check_suffix pathname ".TEXT" || Filename.check_suffix pathname ".TXT" || Filename.check_suffix pathname "README" || Filename.check_suffix pathname "LISEZMOI" then "text" else if Filename.check_suffix pathname ".ps" || Filename.check_suffix pathname ".eps" || Filename.check_suffix pathname ".PS" || Filename.check_suffix pathname ".EPS" then "ps" else if Filename.check_suffix pathname ".dvi" || Filename.check_suffix pathname ".DVI" then "dvi" else if Filename.check_suffix pathname ".pdf" || Filename.check_suffix pathname ".PDF" then "pdf" else failwith ("I cannot recognize the file type of " ^ pathname); method private format_to_reader format = match format with | "pdf" -> Configuration.extract_string_variable_or ~default:"evince" "MARIONNET_PDF_READER" | "ps" -> Configuration.extract_string_variable_or ~default:"evince" "MARIONNET_POSTSCRIPT_READER" | "dvi" -> Configuration.extract_string_variable_or ~default:"evince" "MARIONNET_DVI_READER" (* 'file' may recognize (X)HTML as XML... *) | "html" -> Configuration.extract_string_variable_or ~default:"galeon" "MARIONNET_HTML_READER" | "text" -> Configuration.extract_string_variable_or ~default:"emacs" "MARIONNET_TEXT_EDITOR" (* the file type in unknown: web browsers can open most everything... *) | "auto" -> Configuration.extract_string_variable_or ~default:"galeon" "MARIONNET_HTML_READER" | _ -> failwith ("The format \"" ^ format ^ "\" is not supported"); (** Import the given file, copying it into the appropriate directory with a fresh name; return the fresh name (just the file name, not a complete pathname) and the name of an application suitable to read it, as a pair. In case of failure show an error message and raise an exception. If ~move is true then the file is moved instead of copied. *) method private import_file ?(move=false) pathname = try let file_format = self#file_to_format pathname in let parent = self#directory in let fresh_pathname = UnixExtra.temp_file ~parent ~prefix:"document-" () in let fresh_name = Filename.basename fresh_pathname in let result = (fresh_name, file_format) in (try (match move with | false -> UnixExtra.file_copy pathname fresh_pathname | true -> UnixExtra.file_move pathname fresh_pathname ); UnixExtra.set_perm ~a:() ~w:false fresh_pathname; Log.Command.ll fresh_pathname; result with Unix.Unix_error (_,_, _) -> begin UnixExtra.apply_ignoring_Unix_error Unix.unlink fresh_pathname; let title = Printf.sprintf "Failed copying the file \n\"%s\"\n" pathname in failwith title; end) with (Failure title) as e -> begin Simple_dialogs.error title error_message (); raise e (* Re-raise *) end method import_report ~machine_or_router_name ~pathname () = let title = (s_ "Report on ") ^ machine_or_router_name in let row_id = self#import_document ~move:true pathname in self#set_row_title row_id title; self#set_row_author row_id "-"; self#set_row_type row_id (s_ "Report"); self#set_row_comment row_id ((s_ "created on ") ^ (UnixExtra.date ~dot:" " ())); method import_history ~machine_or_router_name ~pathname () = let title = (s_ "History of ") ^ machine_or_router_name in let row_id = self#import_document ~move:true pathname in self#set_row_title row_id title; self#set_row_author row_id "-"; self#set_row_type row_id (s_ "History"); self#set_row_comment row_id ((s_ "created on ") ^ (UnixExtra.date ~dot:" " ())); method import_document ?(move=false) user_path_name = let internal_file_name, format = self#import_file user_path_name in let row_id = self#add_row [ filename_header, Row_item.String internal_file_name; format_header, Row_item.String format ] in let title = Filename.chop_extension (Filename.basename user_path_name) in let otype = FilenameExtra.get_extension user_path_name in let oauth = get_full_user_name () in let () = self#set_row_title (row_id) title in let () = Option.iter (self#set_row_type row_id) otype in let () = Option.iter (self#set_row_author row_id) oauth in row_id initializer let _ = self#add_icon_column ~header:icon_header ~shown_header:(s_ "Icon") ~strings_and_pixbufs:[ "text", Initialization.Path.images^"treeview-icons/text.xpm"; ] ~default:(fun () -> Row_item.Icon "text") () in let _ = self#add_editable_string_column ~header:title_header ~shown_header:(s_ "Title") ~italic:true ~default:(fun () -> Row_item.String "Please edit this") () in let _ = self#add_editable_string_column ~header:author_header ~shown_header:(s_ "Author") ~italic:false ~default:(fun () -> Row_item.String "Please edit this") () in let _ = self#add_editable_string_column ~header:type_header ~shown_header:(s_ "Type") ~italic:false ~default:(fun () -> Row_item.String "Please edit this") () in let _ = self#add_editable_string_column ~shown_header:(s_ "Comment") ~header:"Comment" ~italic:true ~default:(fun () -> Row_item.String "Please edit this") () in let _ = self#add_string_column ~header:"FileName" ~hidden:true () in let _ = self#add_string_column ~header:"Format" ~default:(fun () -> Row_item.String "auto") (* unknown format; this is usefule for backward-compatibility, as this column didn't exist in older Marionnet versions *) ~hidden:true () in (* Make internal data structures: no more columns can be added now: *) self#create_store_and_view; (* Setup the contextual menu: *) self#set_contextual_menu_title "Texts operations"; self#add_menu_item (s_ "Import a document") (fun _ -> true) (fun _ -> ignore (Option.map self#import_document self#ask_file)); self#add_menu_item (s_ "Display this document") Option.to_bool (fun selected_rowid_if_any -> let row_id = Option.extract selected_rowid_if_any in self#display row_id); self#set_double_click_on_row_callback (fun row_id -> self#display row_id); self#add_menu_item (s_ "Remove this document") Option.to_bool (fun selected_rowid_if_any -> let row_id = Option.extract selected_rowid_if_any in let file_name = (self#get_row_filename row_id) in let pathname = Filename.concat (self#directory) (file_name) in UnixExtra.apply_ignoring_Unix_error Unix.unlink pathname; self#remove_row row_id; ); (* J.V. *) self#set_after_update_callback after_user_edit_callback; end;; class treeview = t module The_unique_treeview = Stateful_modules.Variable (struct type t = treeview let name = Some "treeview_documents" end) let extract = The_unique_treeview.extract (* Add the button "Import" at right side of the treeview. *) let add_import_button ~(window:GWindow.window) ~(hbox:GPack.box) ~(toolbar:GButton.toolbar) (treeview:t) : unit = let packing = toolbar#add in (* --- *) let b = Gui_bricks.button_image ~window ~packing ~stock:`ADD ~stock_size:`SMALL_TOOLBAR ~tooltip:(s_ "Import a document") () in (* --- *) (* Behaviour on click: *) let callback () = ignore (Option.map treeview#import_document treeview#ask_file) in let () = ignore (b#connect#clicked ~callback) in () let make ~(window:GWindow.window) ~(hbox:GPack.box) ~after_user_edit_callback ~method_directory ~method_filename () = let result = new t ~packing:(hbox#add) ~after_user_edit_callback ~method_directory ~method_filename () in let toolbar = Treeview.add_expand_and_collapse_button ~window ~hbox (result:>Treeview.t) in let _import = add_import_button ~window ~hbox ~toolbar (result) in The_unique_treeview.set result; result ;; marionnet-0.90.6+bzr508.orig/log.ml0000644000175000017500000000343313175722671015720 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2008 Luca Saiu Copyright (C) 2010 Jean-Vincent Loddo Copyright (C) 2008, 2010 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) %str_item escape_raise_filter ;; (* Initialized later, by Global_options, in order to break the cyclic dependency: *) module Self = Log_builder.Make (struct let debug_level () = 0 (* the debug_level must be greater or equal to the verbosity, otherwise do nothing *) let verbosity = 1 (* the default value of verbosity for printing functions *) let log_channel = `stderr (* put messages here *) let synchronized = true (* using threads *) end);; include (Log_builder.Extend_with_wrappers (Self)) ;; (* Setting the ocamlbricks log verbosity to the same value: *) let () = Ocamlbricks_log.Tuning.Set.verbosity (Tuning.verbosity ()) ;; (** Wrappers for system_or_ignore: the command is performed by Unix.system with logging features. In case of failure, the function doesn't produce any exception, but print the event on the log channel. *) module Command = struct let ll pathname = system_or_ignore ("ls -l "^pathname) end marionnet-0.90.6+bzr508.orig/sketch.ml0000644000175000017500000002411313175722671016416 0ustar lucaslucas(* This file is part of Marionnet, a virtual network laboratory Copyright (C) 2015 Jean-Vincent Loddo Copyright (C) 2015 Université Paris 13 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . *) (** Sketch related modules and classes *) open Gettext;; module Recursive_mutex = MutexExtra.Recursive ;; (** A thunk allowing to invoke the sketch refresh method, accessible from many modules: *) module Refresh_sketch_thunk = Stateful_modules.Variable (struct type t = unit->unit let name = Some "Refresh_sketch_thunk" end) let refresh_sketch () = Refresh_sketch_thunk.extract () () type index = int (* 0..(length-1) *) and shuffler = index list (* represents a permutation of indexes of a list *) (* This part of the state will be filled loading Gui_toolbar_DOT_TUNING. *) class type toolbar_driver = object method get_iconsize : string method set_iconsize : string -> unit method get_nodesep : float method set_nodesep : float -> unit method get_labeldistance : float method set_labeldistance : float -> unit method get_extrasize : float method set_extrasize : float -> unit method get_image : GdkPixbuf.pixbuf method get_image_current_width : int method get_image_current_height : int method reset_image_size : unit -> unit method get_image_original_width : int method get_image_original_height : int end (* class toolbar_driver *) (** Dot options for the network sketch: *) let network_marshaller = new Oomarshal.marshaller;; class tuning ?(iconsize="large") ?(shuffler=[]) ?(rankdir="TB") ?(nodesep=0.5) ?(labeldistance=1.6) ?(extrasize=0.) ?(curved_lines=false) ~(network: < reversed_cables:(string list); reversed_cable_set:(bool->string->unit); .. >) (* The handler for the real network *) () = let iconsize_default = iconsize in let shuffler_default = shuffler in let rankdir_default = rankdir in let nodesep_default = nodesep in let labeldistance_default = labeldistance in let curved_lines_default = curved_lines in let extrasize_default = extrasize in object (self) inherit Xforest.interpreter () method direct_cable_color = "#949494" method crossover_cable_color = "#6d8dc0" val iconsize = Cortex.return (iconsize) method iconsize = iconsize val rankdir = Cortex.return (rankdir) method rankdir = rankdir val curved_lines = Cortex.return curved_lines method curved_lines = curved_lines method curved_lines_commute = fst (Cortex.move (curved_lines) (not)) val shuffler = Cortex.return shuffler method shuffler = shuffler method shuffler_reset = Cortex.set shuffler (shuffler_default) method shuffler_as_function = Cortex.apply shuffler ListExtra.asFunction (* returns the permutation function *) val nodesep = Cortex.return nodesep method nodesep = nodesep val labeldistance = Cortex.return labeldistance method labeldistance = labeldistance val extrasize = Cortex.return extrasize method extrasize = extrasize method extrasize_reset = begin self#toolbar_driver#reset_image_size (); Cortex.set (extrasize) (extrasize_default); end method iconsize_for_dot = Cortex.get (iconsize) method rankdir_for_dot = "rankdir="^(Cortex.get rankdir)^";" method nodesep_for_dot = let s=(string_of_float (Cortex.get nodesep)) in ("nodesep="^s^"; ranksep="^s) method labeldistance_for_dot = "labeldistance="^(string_of_float (Cortex.get labeldistance)) (** This is the method used in user gui callbacks (reactions) *) val mutable gui_callbacks_disable : bool = false method gui_callbacks_disable = gui_callbacks_disable method set_gui_callbacks_disable x = gui_callbacks_disable <- x method disable_gui_callbacks () = gui_callbacks_disable <- true method enable_gui_callbacks () = ignore (GMain.Timeout.add ~ms:500 ~callback:(fun () -> gui_callbacks_disable <- false; false)) (* Delete _alone here: *) method reset_defaults () = begin Cortex.set (iconsize) (iconsize_default); Cortex.set (shuffler) (shuffler_default); (* self#shuffler_reset *) Cortex.set (rankdir) (rankdir_default); Cortex.set (curved_lines) (curved_lines_default); Cortex.set (nodesep) (nodesep_default); Cortex.set (labeldistance) (labeldistance_default); ListExtra.foreach (network#reversed_cables) (network#reversed_cable_set false) ; self#extrasize_reset; self#set_toolbar_widgets () end method ratio : string = let extrasize = Cortex.get (extrasize) in if (extrasize = 0.) then "ratio=compress;" else begin (* BUG HERE !!!!!!!!!!!!!!!!!!!!!!!!!!!! when starting marionnet and loading a project with an extrasize >0 defined, we go to this branche and because there isn't an "original" image, we have an ugly exception!!!! *) let x = Widget.Image.inch_of_pixels self#toolbar_driver#get_image_original_width in let y = Widget.Image.inch_of_pixels self#toolbar_driver#get_image_original_height in let area = x *. y in let delta_area = extrasize *. area /. 100. in let delta = sqrt( (x+.y)**2. +. 4.*. delta_area ) -. (x+.y) in let x = string_of_float (x +. delta) in let y = string_of_float (y +. delta) in "size=\""^x^","^y^ "\";\nratio=fill;" end (** Accessor the dot tuning toolbar. This part of the state will be filled loading Gui_toolbar_DOT_TUNING. Inverted cables corresponds to dynamic menus, so they not need to be reactualized (the dynamic menus are recalculated each time from network#reversed_cables. *) val mutable toolbar_driver : toolbar_driver option = None method set_toolbar_driver t = toolbar_driver <- Some t method toolbar_driver = match toolbar_driver with Some t -> t | None -> assert false (** The dotoption gui reactualization *) method set_toolbar_widgets () : unit = begin self#disable_gui_callbacks () ; self#toolbar_driver#set_iconsize (Cortex.get iconsize); self#toolbar_driver#set_nodesep (Cortex.get nodesep); self#toolbar_driver#set_labeldistance (Cortex.get labeldistance); self#toolbar_driver#set_extrasize (Cortex.get extrasize); self#enable_gui_callbacks () ; () end (** Marshalling is performed in this ugly way because directly dumping the whole [self] object would involve resolving references to Gtk callbacks, which are outside the OCaml heap and hence (understandably) not supported by the marshaller. *) (** Dump the current state of [self] into the given file. *) method save_to_file (file_name : string) = (* we are manually setting the verbosity 3 *) (if (Global_options.Debug_level.get ()) >= 3 then Xforest.print_xforest ~channel:stderr network#to_forest); network_marshaller#to_file self#to_forest file_name (** This method is used just for undumping dotoptions, so is not strict. For instance, exceptions provoked by bad cable names are simply ignored. *) method set_reversed_cables names = ListExtra.foreach names (fun n -> try (network#reversed_cable_set true n) with _ -> ()) (** Undump the state of [self] from the given file. *) method load_from_file ~(project_version: [`v0|`v1|`v2]) (fname : string) = let (forest:Xforest.t) = match project_version with | `v2 | `v1 -> network_marshaller#from_file (fname) | `v0 -> Forest_backward_compatibility.load_from_old_file (fname) in (* we are manually setting the verbosity 3 *) (if (Global_options.Debug_level.get ()) >= 3 then Xforest.print_xforest ~channel:stderr forest); match Forest.to_tree forest with | (("dotoptions", attrs), children) -> self#from_tree ("dotoptions", attrs) children | _ -> assert false (** Dot_tuning to forest encoding. *) method to_tree : (string * (string * string) list) Forest.tree = Forest.tree_of_leaf ("dotoptions", [ ("iconsize" , (Cortex.get iconsize) ); ("shuffler" , (Xforest.encode (Cortex.get shuffler)) ); ("rankdir" , (Cortex.get rankdir) ); ("curved_lines" , (string_of_bool (Cortex.get curved_lines))); ("nodesep" , (string_of_float (Cortex.get nodesep)) ); ("labeldistance" , (string_of_float (Cortex.get labeldistance))); ("extrasize" , (string_of_float (Cortex.get extrasize)) ); ("gui_callbacks_disable", (string_of_bool gui_callbacks_disable)); ("invertedCables", (Xforest.encode network#reversed_cables)); ]) (** A Dotoption.network has just attributes (no children) in this version. The Dotoption.network must be undumped AFTER the Netmodel.network in order to have significant cable names (reversed_cables). *) method eval_forest_attribute = function | ("iconsize" , x ) -> (Cortex.set self#iconsize x) | ("shuffler" , x ) -> (Cortex.set self#shuffler (Xforest.decode x)) | ("rankdir" , x ) -> (Cortex.set self#rankdir x) | ("curved_lines" , x ) -> (Cortex.set self#curved_lines (bool_of_string x)) | ("nodesep" , x ) -> (Cortex.set self#nodesep (float_of_string x)) | ("labeldistance" , x ) -> (Cortex.set self#labeldistance (float_of_string x)) | ("extrasize" , x ) -> (Cortex.set self#extrasize (float_of_string x)) | ("gui_callbacks_disable", x ) -> self#set_gui_callbacks_disable (bool_of_string x) | ("invertedCables" , x ) -> self#set_reversed_cables (Xforest.decode x) | _ -> () (* Forward-comp. *) end (* class tuning *) marionnet-0.90.6+bzr508.orig/sketch.mli0000644000175000017500000000622413175722671016572 0ustar lucaslucasmodule Recursive_mutex : MutexExtra.Extended_signature with type t = MutexExtra.Recursive.t module Refresh_sketch_thunk : sig type t = unit -> unit val set : t -> unit end val refresh_sketch : unit -> unit type shuffler = index list and index = int class type toolbar_driver = object method get_extrasize : float method get_iconsize : string method get_image : GdkPixbuf.pixbuf method get_image_current_height : int method get_image_current_width : int method get_image_original_height : int method get_image_original_width : int method get_labeldistance : float method get_nodesep : float method reset_image_size : unit -> unit method set_extrasize : float -> unit method set_iconsize : string -> unit method set_labeldistance : float -> unit method set_nodesep : float -> unit end class tuning : ?iconsize: string -> ?shuffler: shuffler -> ?rankdir: string -> ?nodesep: float -> ?labeldistance: float -> ?extrasize: float -> ?curved_lines: bool -> network: < reversed_cable_set: bool -> string -> unit; reversed_cables: string list; to_forest: Xforest.forest; .. > -> unit -> object val mutable gui_callbacks_disable : bool method crossover_cable_color : string method curved_lines : bool Cortex.t method curved_lines_commute : bool method direct_cable_color : string method disable_gui_callbacks : unit -> unit method enable_gui_callbacks : unit -> unit method eval_forest_attribute : Xforest.attribute -> unit method eval_forest_child : Xforest.tree -> unit method extrasize : float Cortex.t method extrasize_reset : unit method from_tree : Xforest.node -> Xforest.forest -> unit method gui_callbacks_disable : bool method iconsize : string Cortex.t method iconsize_for_dot : string method labeldistance : float Cortex.t method labeldistance_for_dot : string method load_from_file : project_version:[ `v0 | `v1 | `v2 ] -> string -> unit method nodesep : float Cortex.t method nodesep_for_dot : string method rankdir : string Cortex.t method rankdir_for_dot : string method ratio : string method reset_defaults : unit -> unit method save_to_file : string -> unit method set_gui_callbacks_disable : bool -> unit method set_reversed_cables : string list -> unit method set_toolbar_widgets : unit -> unit method shuffler : int list Cortex.t method shuffler_reset : unit method shuffler_as_function : int -> int method to_forest : Xforest.forest method to_tree : Xforest.tree method toolbar_driver : toolbar_driver method set_toolbar_driver : toolbar_driver -> unit end marionnet-0.90.6+bzr508.orig/share/0000755000175000017500000000000013175722671015704 5ustar lucaslucasmarionnet-0.90.6+bzr508.orig/share/COPYING0000644000175000017500000004311013175722671016736 0ustar lucaslucas GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Library General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. , 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Library General Public License instead of this License. marionnet-0.90.6+bzr508.orig/share/quagga_zebra.lang0000644000175000017500000002464313175722671021210 0ustar lucaslucas text/x-quagga_zebra *.quagga_zebra !