Here are the miscellaneous patches from astaro:


iptables-1.2.PSD.patch : Portscan detection target for iptables-1.2

This target will attempt to detect TCP and UDP port scans and log them
to syslog. This target is based upon Solar Designer's scanlogd.

NOTE: iptables-1.2 already contains a psd _match_, which was derived
from our PSD target. The psd match is more flexible, but
unfortunately, it cannot log first packets from a portscan sequence.


Supported PSD options are:

--PSD-log-level <level>: Level of logging (numeric or see
syslog.conf(5)) 

--PSD-log-prefix <prefix>: Prefix log messages with the specified
prefix; up to 29 letters long, and useful for distinguishing messages 
in the logs.

--PSD-weight-threshold <threshold>: Total weight of the latest
TCP/UDP packets with different destination ports coming from the
same host to be treated as port scan sequence.

--PSD-delay-threshold <delay> Delay (in jiffies) for the 
packets with different destination ports coming from the same host to be 
treated as possible port scan subsequence.


iptables-1.2.2.psd_params.patch: libipt_psd parameters
bugfix. Appropriate patch for the CVS is already applied by
the core team.