From 3be9bc06bae0c811dbd7ee37ef27b0ac7dcb8ab1 Mon Sep 17 00:00:00 2001
From: Rosen Penev <rosenp@gmail.com>
Date: Fri, 27 Nov 2020 22:24:51 -0800
Subject: [PATCH 1/2] libnetfilter-queue: import from base

Signed-off-by: Rosen Penev <rosenp@gmail.com>
---
 libs/libnetfilter-queue/Makefile              |  71 +++++++++++
 .../patches/100-checksum_computation.patch    | 113 ++++++++++++++++++
 2 files changed, 184 insertions(+)
 create mode 100644 libs/libnetfilter-queue/Makefile
 create mode 100644 libs/libnetfilter-queue/patches/100-checksum_computation.patch

diff --git a/libs/libnetfilter-queue/Makefile b/libs/libnetfilter-queue/Makefile
new file mode 100644
index 000000000..38f148ef0
--- /dev/null
+++ b/libs/libnetfilter-queue/Makefile
@@ -0,0 +1,71 @@
+#
+# Copyright (C) 2009-2013 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=libnetfilter_queue
+PKG_RELEASE:=2
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL=https://git.netfilter.org/libnetfilter_queue
+PKG_SOURCE_DATE:=2017-06-27
+PKG_SOURCE_VERSION:=601abd1c71ccdf90753cf294c120ad43fb25dc54
+PKG_MIRROR_HASH:=283b99cfe5856dc87fd6bab8f78c0c59b72462d6b4f2b13111f928cf33020eb3
+
+PKG_FIXUP:=autoreconf
+PKG_LICENSE:=GPL-2.0+
+
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/libnetfilter-queue
+  SECTION:=libs
+  CATEGORY:=Libraries
+  DEPENDS:=+libmnl +libnfnetlink
+  TITLE:=Userspace API to packets queued by kernel packet filter
+  URL:=http://www.netfilter.org/projects/libnetfilter_queue/
+  ABI_VERSION:=1
+endef
+
+define Package/libnetfilter-queue/description
+ libnetfilter_queue is a userspace library providing a programming
+ interface (API) to packets that have been queued by the kernel
+ packet filter.
+endef
+
+TARGET_CFLAGS += $(FPIC) -D_GNU_SOURCE=1
+
+CONFIGURE_ARGS += \
+	--enable-static \
+	--enable-shared \
+
+define Build/InstallDev
+	$(INSTALL_DIR) $(1)/usr/include/libnetfilter_queue
+	$(CP) \
+		$(PKG_INSTALL_DIR)/usr/include/libnetfilter_queue/*.h \
+		$(1)/usr/include/libnetfilter_queue/
+
+	$(INSTALL_DIR) $(1)/usr/lib
+	$(CP) \
+		$(PKG_INSTALL_DIR)/usr/lib/libnetfilter_queue.{so*,a,la} \
+		$(1)/usr/lib/
+
+	$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
+	$(CP) \
+		$(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libnetfilter_queue.pc \
+		$(1)/usr/lib/pkgconfig/
+endef
+
+define Package/libnetfilter-queue/install
+	$(INSTALL_DIR) $(1)/usr/lib
+	$(CP) \
+		$(PKG_INSTALL_DIR)/usr/lib/libnetfilter_queue.so.* \
+		$(1)/usr/lib/
+endef
+
+$(eval $(call BuildPackage,libnetfilter-queue))
diff --git a/libs/libnetfilter-queue/patches/100-checksum_computation.patch b/libs/libnetfilter-queue/patches/100-checksum_computation.patch
new file mode 100644
index 000000000..92e750d51
--- /dev/null
+++ b/libs/libnetfilter-queue/patches/100-checksum_computation.patch
@@ -0,0 +1,113 @@
+--- a/src/extra/checksum.c
++++ b/src/extra/checksum.c
+@@ -11,6 +11,7 @@
+ 
+ #include <stdio.h>
+ #include <stdbool.h>
++#include <endian.h>
+ #include <arpa/inet.h>
+ #include <netinet/ip.h>
+ #include <netinet/ip6.h>
+@@ -26,8 +27,13 @@ uint16_t nfq_checksum(uint32_t sum, uint
+ 		sum += *buf++;
+ 		size -= sizeof(uint16_t);
+ 	}
+-	if (size)
+-		sum += *(uint8_t *)buf;
++	if (size) {
++#if __BYTE_ORDER == __BIG_ENDIAN
++		sum += (uint16_t)*(uint8_t *)buf << 8;
++#else
++		sum += (uint16_t)*(uint8_t *)buf;
++#endif
++	}
+ 
+ 	sum = (sum >> 16) + (sum & 0xffff);
+ 	sum += (sum >>16);
+@@ -35,7 +41,7 @@ uint16_t nfq_checksum(uint32_t sum, uint
+ 	return (uint16_t)(~sum);
+ }
+ 
+-uint16_t nfq_checksum_tcpudp_ipv4(struct iphdr *iph)
++uint16_t nfq_checksum_tcpudp_ipv4(struct iphdr *iph, uint16_t protocol_id)
+ {
+ 	uint32_t sum = 0;
+ 	uint32_t iph_len = iph->ihl*4;
+@@ -46,13 +52,13 @@ uint16_t nfq_checksum_tcpudp_ipv4(struct
+ 	sum += (iph->saddr) & 0xFFFF;
+ 	sum += (iph->daddr >> 16) & 0xFFFF;
+ 	sum += (iph->daddr) & 0xFFFF;
+-	sum += htons(IPPROTO_TCP);
++	sum += htons(protocol_id);
+ 	sum += htons(len);
+ 
+ 	return nfq_checksum(sum, (uint16_t *)payload, len);
+ }
+ 
+-uint16_t nfq_checksum_tcpudp_ipv6(struct ip6_hdr *ip6h, void *transport_hdr)
++uint16_t nfq_checksum_tcpudp_ipv6(struct ip6_hdr *ip6h, void *transport_hdr, uint16_t protocol_id)
+ {
+ 	uint32_t sum = 0;
+ 	uint32_t hdr_len = (uint32_t *)transport_hdr - (uint32_t *)ip6h;
+@@ -68,7 +74,7 @@ uint16_t nfq_checksum_tcpudp_ipv6(struct
+ 		sum += (ip6h->ip6_dst.s6_addr16[i] >> 16) & 0xFFFF;
+ 		sum += (ip6h->ip6_dst.s6_addr16[i]) & 0xFFFF;
+ 	}
+-	sum += htons(IPPROTO_TCP);
++	sum += htons(protocol_id);
+ 	sum += htons(ip6h->ip6_plen);
+ 
+ 	return nfq_checksum(sum, (uint16_t *)payload, len);
+--- a/src/extra/tcp.c
++++ b/src/extra/tcp.c
+@@ -96,7 +96,7 @@ nfq_tcp_compute_checksum_ipv4(struct tcp
+ {
+ 	/* checksum field in header needs to be zero for calculation. */
+ 	tcph->check = 0;
+-	tcph->check = nfq_checksum_tcpudp_ipv4(iph);
++	tcph->check = nfq_checksum_tcpudp_ipv4(iph, IPPROTO_TCP);
+ }
+ EXPORT_SYMBOL(nfq_tcp_compute_checksum_ipv4);
+ 
+@@ -110,7 +110,7 @@ nfq_tcp_compute_checksum_ipv6(struct tcp
+ {
+ 	/* checksum field in header needs to be zero for calculation. */
+ 	tcph->check = 0;
+-	tcph->check = nfq_checksum_tcpudp_ipv6(ip6h, tcph);
++	tcph->check = nfq_checksum_tcpudp_ipv6(ip6h, tcph, IPPROTO_TCP);
+ }
+ EXPORT_SYMBOL(nfq_tcp_compute_checksum_ipv6);
+ 
+--- a/src/extra/udp.c
++++ b/src/extra/udp.c
+@@ -96,7 +96,7 @@ nfq_udp_compute_checksum_ipv4(struct udp
+ {
+ 	/* checksum field in header needs to be zero for calculation. */
+ 	udph->check = 0;
+-	udph->check = nfq_checksum_tcpudp_ipv4(iph);
++	udph->check = nfq_checksum_tcpudp_ipv4(iph, IPPROTO_UDP);
+ }
+ EXPORT_SYMBOL(nfq_udp_compute_checksum_ipv4);
+ 
+@@ -115,7 +115,7 @@ nfq_udp_compute_checksum_ipv6(struct udp
+ {
+ 	/* checksum field in header needs to be zero for calculation. */
+ 	udph->check = 0;
+-	udph->check = nfq_checksum_tcpudp_ipv6(ip6h, udph);
++	udph->check = nfq_checksum_tcpudp_ipv6(ip6h, udph, IPPROTO_UDP);
+ }
+ EXPORT_SYMBOL(nfq_udp_compute_checksum_ipv6);
+ 
+--- a/src/internal.h
++++ b/src/internal.h
+@@ -15,8 +15,8 @@ struct iphdr;
+ struct ip6_hdr;
+ 
+ uint16_t nfq_checksum(uint32_t sum, uint16_t *buf, int size);
+-uint16_t nfq_checksum_tcpudp_ipv4(struct iphdr *iph);
+-uint16_t nfq_checksum_tcpudp_ipv6(struct ip6_hdr *ip6h, void *transport_hdr);
++uint16_t nfq_checksum_tcpudp_ipv4(struct iphdr *iph, uint16_t protocol_id);
++uint16_t nfq_checksum_tcpudp_ipv6(struct ip6_hdr *ip6h, void *transport_hdr, uint16_t protocol_id);
+ 
+ struct pkt_buff {
+ 	uint8_t *mac_header;

From b60aa5ffdb258c0c94b375c4e972c587b572b1a7 Mon Sep 17 00:00:00 2001
From: Rosen Penev <rosenp@gmail.com>
Date: Sun, 8 Nov 2020 23:17:14 -0800
Subject: [PATCH 2/2] libnetfilter-queue: update to 1.0.5

Switch to normal tarballs for simplicity.

Removed upstream patch.

Fixed license information.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
---
 libs/libnetfilter-queue/Makefile              |  18 +--
 .../patches/100-checksum_computation.patch    | 113 ------------------
 2 files changed, 9 insertions(+), 122 deletions(-)
 delete mode 100644 libs/libnetfilter-queue/patches/100-checksum_computation.patch

diff --git a/libs/libnetfilter-queue/Makefile b/libs/libnetfilter-queue/Makefile
index 38f148ef0..01ce1f80d 100644
--- a/libs/libnetfilter-queue/Makefile
+++ b/libs/libnetfilter-queue/Makefile
@@ -8,18 +8,18 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libnetfilter_queue
-PKG_RELEASE:=2
+PKG_VERSION:=1.0.5
+PKG_RELEASE:=1
 
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL=https://git.netfilter.org/libnetfilter_queue
-PKG_SOURCE_DATE:=2017-06-27
-PKG_SOURCE_VERSION:=601abd1c71ccdf90753cf294c120ad43fb25dc54
-PKG_MIRROR_HASH:=283b99cfe5856dc87fd6bab8f78c0c59b72462d6b4f2b13111f928cf33020eb3
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
+PKG_SOURCE_URL:=https://www.netfilter.org/projects/libnetfilter_queue/files
+PKG_HASH:=f9ff3c11305d6e03d81405957bdc11aea18e0d315c3e3f48da53a24ba251b9f5
 
-PKG_FIXUP:=autoreconf
-PKG_LICENSE:=GPL-2.0+
+PKG_LICENSE:=GPL-2.0-or-later
+PKG_LICENSE_FILES:=COPYING
 
 PKG_INSTALL:=1
+PKG_BUILD_PARALLEL:=1
 
 include $(INCLUDE_DIR)/package.mk
 
@@ -28,7 +28,7 @@ define Package/libnetfilter-queue
   CATEGORY:=Libraries
   DEPENDS:=+libmnl +libnfnetlink
   TITLE:=Userspace API to packets queued by kernel packet filter
-  URL:=http://www.netfilter.org/projects/libnetfilter_queue/
+  URL:=https://www.netfilter.org/projects/libnetfilter_queue/
   ABI_VERSION:=1
 endef
 
diff --git a/libs/libnetfilter-queue/patches/100-checksum_computation.patch b/libs/libnetfilter-queue/patches/100-checksum_computation.patch
deleted file mode 100644
index 92e750d51..000000000
--- a/libs/libnetfilter-queue/patches/100-checksum_computation.patch
+++ /dev/null
@@ -1,113 +0,0 @@
---- a/src/extra/checksum.c
-+++ b/src/extra/checksum.c
-@@ -11,6 +11,7 @@
- 
- #include <stdio.h>
- #include <stdbool.h>
-+#include <endian.h>
- #include <arpa/inet.h>
- #include <netinet/ip.h>
- #include <netinet/ip6.h>
-@@ -26,8 +27,13 @@ uint16_t nfq_checksum(uint32_t sum, uint
- 		sum += *buf++;
- 		size -= sizeof(uint16_t);
- 	}
--	if (size)
--		sum += *(uint8_t *)buf;
-+	if (size) {
-+#if __BYTE_ORDER == __BIG_ENDIAN
-+		sum += (uint16_t)*(uint8_t *)buf << 8;
-+#else
-+		sum += (uint16_t)*(uint8_t *)buf;
-+#endif
-+	}
- 
- 	sum = (sum >> 16) + (sum & 0xffff);
- 	sum += (sum >>16);
-@@ -35,7 +41,7 @@ uint16_t nfq_checksum(uint32_t sum, uint
- 	return (uint16_t)(~sum);
- }
- 
--uint16_t nfq_checksum_tcpudp_ipv4(struct iphdr *iph)
-+uint16_t nfq_checksum_tcpudp_ipv4(struct iphdr *iph, uint16_t protocol_id)
- {
- 	uint32_t sum = 0;
- 	uint32_t iph_len = iph->ihl*4;
-@@ -46,13 +52,13 @@ uint16_t nfq_checksum_tcpudp_ipv4(struct
- 	sum += (iph->saddr) & 0xFFFF;
- 	sum += (iph->daddr >> 16) & 0xFFFF;
- 	sum += (iph->daddr) & 0xFFFF;
--	sum += htons(IPPROTO_TCP);
-+	sum += htons(protocol_id);
- 	sum += htons(len);
- 
- 	return nfq_checksum(sum, (uint16_t *)payload, len);
- }
- 
--uint16_t nfq_checksum_tcpudp_ipv6(struct ip6_hdr *ip6h, void *transport_hdr)
-+uint16_t nfq_checksum_tcpudp_ipv6(struct ip6_hdr *ip6h, void *transport_hdr, uint16_t protocol_id)
- {
- 	uint32_t sum = 0;
- 	uint32_t hdr_len = (uint32_t *)transport_hdr - (uint32_t *)ip6h;
-@@ -68,7 +74,7 @@ uint16_t nfq_checksum_tcpudp_ipv6(struct
- 		sum += (ip6h->ip6_dst.s6_addr16[i] >> 16) & 0xFFFF;
- 		sum += (ip6h->ip6_dst.s6_addr16[i]) & 0xFFFF;
- 	}
--	sum += htons(IPPROTO_TCP);
-+	sum += htons(protocol_id);
- 	sum += htons(ip6h->ip6_plen);
- 
- 	return nfq_checksum(sum, (uint16_t *)payload, len);
---- a/src/extra/tcp.c
-+++ b/src/extra/tcp.c
-@@ -96,7 +96,7 @@ nfq_tcp_compute_checksum_ipv4(struct tcp
- {
- 	/* checksum field in header needs to be zero for calculation. */
- 	tcph->check = 0;
--	tcph->check = nfq_checksum_tcpudp_ipv4(iph);
-+	tcph->check = nfq_checksum_tcpudp_ipv4(iph, IPPROTO_TCP);
- }
- EXPORT_SYMBOL(nfq_tcp_compute_checksum_ipv4);
- 
-@@ -110,7 +110,7 @@ nfq_tcp_compute_checksum_ipv6(struct tcp
- {
- 	/* checksum field in header needs to be zero for calculation. */
- 	tcph->check = 0;
--	tcph->check = nfq_checksum_tcpudp_ipv6(ip6h, tcph);
-+	tcph->check = nfq_checksum_tcpudp_ipv6(ip6h, tcph, IPPROTO_TCP);
- }
- EXPORT_SYMBOL(nfq_tcp_compute_checksum_ipv6);
- 
---- a/src/extra/udp.c
-+++ b/src/extra/udp.c
-@@ -96,7 +96,7 @@ nfq_udp_compute_checksum_ipv4(struct udp
- {
- 	/* checksum field in header needs to be zero for calculation. */
- 	udph->check = 0;
--	udph->check = nfq_checksum_tcpudp_ipv4(iph);
-+	udph->check = nfq_checksum_tcpudp_ipv4(iph, IPPROTO_UDP);
- }
- EXPORT_SYMBOL(nfq_udp_compute_checksum_ipv4);
- 
-@@ -115,7 +115,7 @@ nfq_udp_compute_checksum_ipv6(struct udp
- {
- 	/* checksum field in header needs to be zero for calculation. */
- 	udph->check = 0;
--	udph->check = nfq_checksum_tcpudp_ipv6(ip6h, udph);
-+	udph->check = nfq_checksum_tcpudp_ipv6(ip6h, udph, IPPROTO_UDP);
- }
- EXPORT_SYMBOL(nfq_udp_compute_checksum_ipv6);
- 
---- a/src/internal.h
-+++ b/src/internal.h
-@@ -15,8 +15,8 @@ struct iphdr;
- struct ip6_hdr;
- 
- uint16_t nfq_checksum(uint32_t sum, uint16_t *buf, int size);
--uint16_t nfq_checksum_tcpudp_ipv4(struct iphdr *iph);
--uint16_t nfq_checksum_tcpudp_ipv6(struct ip6_hdr *ip6h, void *transport_hdr);
-+uint16_t nfq_checksum_tcpudp_ipv4(struct iphdr *iph, uint16_t protocol_id);
-+uint16_t nfq_checksum_tcpudp_ipv6(struct ip6_hdr *ip6h, void *transport_hdr, uint16_t protocol_id);
- 
- struct pkt_buff {
- 	uint8_t *mac_header;