remove ipset support from core, it is now provided by xtables-addons from the packages feed

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@17844 3c298f89-4303-0410-b956-a3cf2f4a3e73

target/linux/generic-2.4/patches/609-netfilter_string.patch

@@ -21,7 +21,7 @@
 +#endif /*_IPT_STRING_H*/
 --- a/net/ipv4/netfilter/Config.in
 +++ b/net/ipv4/netfilter/Config.in
-@@ -61,6 +61,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; 
+@@ -47,6 +47,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; 
    fi
    if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then
      dep_tristate '  Unclean match support (EXPERIMENTAL)' CONFIG_IP_NF_MATCH_UNCLEAN $CONFIG_IP_NF_IPTABLES
@@ -133,7 +133,7 @@
 +module_exit(fini);
 --- a/net/ipv4/netfilter/Makefile
 +++ b/net/ipv4/netfilter/Makefile
-@@ -99,6 +99,7 @@ obj-$(CONFIG_IP_NF_MATCH_STATE) += ipt_s
+@@ -87,6 +87,7 @@ obj-$(CONFIG_IP_NF_MATCH_STATE) += ipt_s
  obj-$(CONFIG_IP_NF_MATCH_CONNMARK) += ipt_connmark.o
  obj-$(CONFIG_IP_NF_MATCH_CONNTRACK) += ipt_conntrack.o
  obj-$(CONFIG_IP_NF_MATCH_UNCLEAN) += ipt_unclean.o

target/linux/generic-2.4/patches/610-netfilter_connbytes.patch

@@ -11,7 +11,7 @@
  if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then
 --- a/net/ipv4/netfilter/Makefile
 +++ b/net/ipv4/netfilter/Makefile
-@@ -97,6 +97,7 @@ obj-$(CONFIG_IP_NF_MATCH_LENGTH) += ipt_
+@@ -85,6 +85,7 @@ obj-$(CONFIG_IP_NF_MATCH_LENGTH) += ipt_
  obj-$(CONFIG_IP_NF_MATCH_TTL) += ipt_ttl.o
  obj-$(CONFIG_IP_NF_MATCH_STATE) += ipt_state.o
  obj-$(CONFIG_IP_NF_MATCH_CONNMARK) += ipt_connmark.o

target/linux/generic-2.4/patches/611-netfilter_condition.patch

@@ -15,7 +15,7 @@
  conntrack match support
  CONFIG_IP_NF_MATCH_CONNTRACK
    This is a general conntrack match module, a superset of the state match.
-@@ -3365,6 +3373,14 @@ CONFIG_IP6_NF_MATCH_MARK
+@@ -3296,6 +3304,14 @@ CONFIG_IP6_NF_MATCH_MARK
    If you want to compile it as a module, say M here and read
    <file:Documentation/modules.txt>.  If unsure, say `N'.
  
@@ -60,7 +60,7 @@
 +#endif
 --- a/net/ipv4/netfilter/Config.in
 +++ b/net/ipv4/netfilter/Config.in
-@@ -41,6 +41,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; 
+@@ -27,6 +27,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; 
    dep_tristate '  netfilter MARK match support' CONFIG_IP_NF_MATCH_MARK $CONFIG_IP_NF_IPTABLES
    dep_tristate '  Multiple port match support' CONFIG_IP_NF_MATCH_MULTIPORT $CONFIG_IP_NF_IPTABLES
    dep_tristate '  TOS match support' CONFIG_IP_NF_MATCH_TOS $CONFIG_IP_NF_IPTABLES
@@ -70,7 +70,7 @@
    dep_tristate '  peer to peer traffic match support' CONFIG_IP_NF_MATCH_IPP2P $CONFIG_IP_NF_IPTABLES
 --- a/net/ipv4/netfilter/Makefile
 +++ b/net/ipv4/netfilter/Makefile
-@@ -85,6 +85,7 @@ obj-$(CONFIG_IP_NF_MATCH_PKTTYPE) += ipt
+@@ -73,6 +73,7 @@ obj-$(CONFIG_IP_NF_MATCH_PKTTYPE) += ipt
  obj-$(CONFIG_IP_NF_MATCH_MULTIPORT) += ipt_multiport.o
  obj-$(CONFIG_IP_NF_MATCH_OWNER) += ipt_owner.o
  obj-$(CONFIG_IP_NF_MATCH_TOS) += ipt_tos.o

target/linux/generic-2.4/patches/612-netfilter_quota.patch

@@ -36,9 +36,9 @@
  # The simple matches.
    dep_tristate '  limit match support' CONFIG_IP_NF_MATCH_LIMIT $CONFIG_IP_NF_IPTABLES
 +  dep_tristate '  quota match support' CONFIG_IP_NF_MATCH_QUOTA $CONFIG_IP_NF_IPTABLES
- 
-   dep_tristate '  IP set support' CONFIG_IP_NF_SET $CONFIG_IP_NF_IPTABLES
-   if [ "$CONFIG_IP_NF_SET" != "n" ]; then
+   dep_tristate '  MAC address match support' CONFIG_IP_NF_MATCH_MAC $CONFIG_IP_NF_IPTABLES
+   dep_tristate '  Packet type match support' CONFIG_IP_NF_MATCH_PKTTYPE $CONFIG_IP_NF_IPTABLES
+   dep_tristate '  netfilter MARK match support' CONFIG_IP_NF_MATCH_MARK $CONFIG_IP_NF_IPTABLES
 --- a/net/ipv4/netfilter/Makefile
 +++ b/net/ipv4/netfilter/Makefile
 @@ -65,6 +65,7 @@ obj-$(CONFIG_IP_NF_NAT) += iptable_nat.o
@@ -47,8 +47,8 @@
  obj-$(CONFIG_IP_NF_MATCH_LIMIT) += ipt_limit.o
 +obj-$(CONFIG_IP_NF_MATCH_QUOTA) += ipt_quota.o
  obj-$(CONFIG_IP_NF_MATCH_MARK) += ipt_mark.o
- obj-$(CONFIG_IP_NF_MATCH_SET) += ipt_set.o
- obj-$(CONFIG_IP_NF_TARGET_SET) += ipt_SET.o
+ obj-$(CONFIG_IP_NF_MATCH_MAC) += ipt_mac.o
+ obj-$(CONFIG_IP_NF_MATCH_IPP2P) += ipt_ipp2p.o
 --- /dev/null
 +++ b/net/ipv4/netfilter/ipt_quota.c
 @@ -0,0 +1,88 @@

target/linux/generic-2.4/patches/613-netfilter_nat_h323.patch

@@ -8,7 +8,7 @@
  fi
  
  if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then
-@@ -94,6 +95,13 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; 
+@@ -80,6 +81,13 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; 
            define_tristate CONFIG_IP_NF_NAT_AMANDA $CONFIG_IP_NF_NAT
          fi
        fi

target/linux/generic-2.4/patches/614-netfilter_nat_rtsp.patch

@@ -8,7 +8,7 @@
  fi
  
  if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then
-@@ -102,6 +103,13 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; 
+@@ -88,6 +89,13 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; 
           define_tristate CONFIG_IP_NF_NAT_H323 $CONFIG_IP_NF_NAT
         fi
        fi

target/linux/generic-2.4/patches/615-netfilter_nat_mms.patch

@@ -8,7 +8,7 @@
  fi
  
  if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then
-@@ -110,6 +111,13 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; 
+@@ -96,6 +97,13 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; 
           define_tristate CONFIG_IP_NF_NAT_RTSP $CONFIG_IP_NF_NAT
         fi
        fi

target/linux/generic-2.4/patches/616-netfilter_imq.patch

@@ -23,7 +23,7 @@
  MARK target support
  CONFIG_IP_NF_TARGET_MARK
    This option adds a `MARK' target, which allows you to create rules
-@@ -9931,6 +9947,20 @@ CONFIG_BONDING
+@@ -9862,6 +9878,20 @@ CONFIG_BONDING
    say M here and read <file:Documentation/modules.txt>.  The module
    will be called bonding.o.
  
@@ -505,7 +505,7 @@
  /**
 --- a/net/ipv4/netfilter/Config.in
 +++ b/net/ipv4/netfilter/Config.in
-@@ -155,6 +155,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; 
+@@ -141,6 +141,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; 
      dep_tristate '    DSCP target support' CONFIG_IP_NF_TARGET_DSCP $CONFIG_IP_NF_MANGLE
   
      dep_tristate '    MARK target support' CONFIG_IP_NF_TARGET_MARK $CONFIG_IP_NF_MANGLE
@@ -515,7 +515,7 @@
    if [ "$CONFIG_IP_NF_CONNTRACK_MARK" != "n" ]; then
 --- a/net/ipv4/netfilter/Makefile
 +++ b/net/ipv4/netfilter/Makefile
-@@ -130,6 +130,7 @@ obj-$(CONFIG_IP_NF_TARGET_TOS) += ipt_TO
+@@ -118,6 +118,7 @@ obj-$(CONFIG_IP_NF_TARGET_TOS) += ipt_TO
  obj-$(CONFIG_IP_NF_TARGET_ECN) += ipt_ECN.o
  obj-$(CONFIG_IP_NF_TARGET_DSCP) += ipt_DSCP.o
  obj-$(CONFIG_IP_NF_TARGET_MARK) += ipt_MARK.o

target/linux/generic-2.4/patches/620-netfilter_iprange.patch

@@ -49,8 +49,8 @@
    dep_tristate '  limit match support' CONFIG_IP_NF_MATCH_LIMIT $CONFIG_IP_NF_IPTABLES
 +  dep_tristate '  IP range match support' CONFIG_IP_NF_MATCH_IPRANGE $CONFIG_IP_NF_IPTABLES
    dep_tristate '  quota match support' CONFIG_IP_NF_MATCH_QUOTA $CONFIG_IP_NF_IPTABLES
- 
-   dep_tristate '  IP set support' CONFIG_IP_NF_SET $CONFIG_IP_NF_IPTABLES
+   dep_tristate '  MAC address match support' CONFIG_IP_NF_MATCH_MAC $CONFIG_IP_NF_IPTABLES
+   dep_tristate '  Packet type match support' CONFIG_IP_NF_MATCH_PKTTYPE $CONFIG_IP_NF_IPTABLES
 --- /dev/null
 +++ b/net/ipv4/netfilter/ipt_iprange.c
 @@ -0,0 +1,101 @@
@@ -164,4 +164,4 @@
 +obj-$(CONFIG_IP_NF_MATCH_IPRANGE) += ipt_iprange.o
  obj-$(CONFIG_IP_NF_MATCH_QUOTA) += ipt_quota.o
  obj-$(CONFIG_IP_NF_MATCH_MARK) += ipt_mark.o
- obj-$(CONFIG_IP_NF_MATCH_SET) += ipt_set.o
+ obj-$(CONFIG_IP_NF_MATCH_MAC) += ipt_mac.o

target/linux/generic-2.4/patches/621-netfilter_random.patch

@@ -24,7 +24,7 @@
  TCPMSS match support
  CONFIG_IP_NF_MATCH_TCPMSS
    This option adds a `tcpmss' match, which allows you to examine the
-@@ -3387,6 +3397,14 @@ CONFIG_IP6_NF_MATCH_MAC
+@@ -3318,6 +3328,14 @@ CONFIG_IP6_NF_MATCH_MAC
    If you want to compile it as a module, say M here and read
    <file:Documentation/modules.txt>.  If unsure, say `N'.
  
@@ -69,7 +69,7 @@
 +#endif /*_IP6T_RAND_H*/
 --- a/net/ipv4/netfilter/Config.in
 +++ b/net/ipv4/netfilter/Config.in
-@@ -46,6 +46,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; 
+@@ -32,6 +32,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; 
    dep_tristate '  netfilter MARK match support' CONFIG_IP_NF_MATCH_MARK $CONFIG_IP_NF_IPTABLES
    dep_tristate '  Multiple port match support' CONFIG_IP_NF_MATCH_MULTIPORT $CONFIG_IP_NF_IPTABLES
    dep_tristate '  TOS match support' CONFIG_IP_NF_MATCH_TOS $CONFIG_IP_NF_IPTABLES
@@ -178,7 +178,7 @@
 +module_exit(fini);
 --- a/net/ipv4/netfilter/Makefile
 +++ b/net/ipv4/netfilter/Makefile
-@@ -105,6 +105,8 @@ obj-$(CONFIG_IP_NF_MATCH_OWNER) += ipt_o
+@@ -93,6 +93,8 @@ obj-$(CONFIG_IP_NF_MATCH_OWNER) += ipt_o
  obj-$(CONFIG_IP_NF_MATCH_TOS) += ipt_tos.o
  obj-$(CONFIG_IP_NF_MATCH_CONDITION) += ipt_condition.o
  

target/linux/generic-2.4/patches/622-tc_esfq.patch

@@ -1,6 +1,6 @@
 --- a/Documentation/Configure.help
 +++ b/Documentation/Configure.help
-@@ -11165,6 +11165,24 @@ CONFIG_NET_SCH_HFSC
+@@ -11096,6 +11096,24 @@ CONFIG_NET_SCH_HFSC
    whenever you want).  If you want to compile it as a module, say M
    here and read <file:Documentation/modules.txt>.
  

target/linux/generic-2.4/patches/623-netfilter_ipset_porthash.patch

@@ -1,37 +0,0 @@
---- /dev/null
-+++ b/include/linux/netfilter_ipv4/ip_set_ipporthash.h
-@@ -0,0 +1,34 @@
-+#ifndef __IP_SET_IPPORTHASH_H
-+#define __IP_SET_IPPORTHASH_H
-+
-+#include <linux/netfilter_ipv4/ip_set.h>
-+
-+#define SETTYPE_NAME "ipporthash"
-+#define MAX_RANGE 0x0000FFFF
-+#define INVALID_PORT	(MAX_RANGE + 1)
-+
-+struct ip_set_ipporthash {
-+	ip_set_ip_t *members;		/* the ipporthash proper */
-+	uint32_t elements;		/* number of elements */
-+	uint32_t hashsize;		/* hash size */
-+	uint16_t probes;		/* max number of probes  */
-+	uint16_t resize;		/* resize factor in percent */
-+	ip_set_ip_t first_ip;		/* host byte order, included in range */
-+	ip_set_ip_t last_ip;		/* host byte order, included in range */
-+	void *initval[0];		/* initvals for jhash_1word */
-+};
-+
-+struct ip_set_req_ipporthash_create {
-+	uint32_t hashsize;
-+	uint16_t probes;
-+	uint16_t resize;
-+	ip_set_ip_t from;
-+	ip_set_ip_t to;
-+};
-+
-+struct ip_set_req_ipporthash {
-+	ip_set_ip_t ip;
-+	ip_set_ip_t port;
-+};
-+
-+#endif	/* __IP_SET_IPPORTHASH_H */