--- conntrack-tools-0.9.5.orig/debian/changelog
+++ conntrack-tools-0.9.5/debian/changelog
@@ -0,0 +1,6 @@
+conntrack-tools (0.9.5-0ubuntu1) hardy; urgency=low
+
+  * Initial release
+
+ -- Lionel Porcheron <lionel.porcheron@ubuntu.com>  Mon, 04 Feb 2008 20:46:44 +0100
+
--- conntrack-tools-0.9.5.orig/debian/dirs
+++ conntrack-tools-0.9.5/debian/dirs
@@ -0,0 +1,2 @@
+etc/conntrackd
+usr/sbin
--- conntrack-tools-0.9.5.orig/debian/logrotate
+++ conntrack-tools-0.9.5/debian/logrotate
@@ -0,0 +1,9 @@
+/var/log/conntrackd.log {
+   weekly
+   rotate 4
+   missingok
+   notifempty
+   compress
+   nocreate
+}
+
--- conntrack-tools-0.9.5.orig/debian/copyright
+++ conntrack-tools-0.9.5/debian/copyright
@@ -0,0 +1,36 @@
+This package was debianized by Lionel Porcheron <lionel@alveonet.org> on
+Mon, 04 Feb 2008 20:50:08 +0100
+
+It was downloaded from http://people.netfilter.org/pablo/conntrack-tools
+
+Upstream Author:
+
+    Pablo Neira Ayuso <pablo@netfilter.org>
+
+include/jhash.h
+    Copyright (C) 1996 Bob Jenkins (bob_jenkins@burtleburtle.net) Public Domain.
+    Copyright (C) 2003 David S. Miller (davem@redhat.com)
+
+The rest of the source is:
+    Copyright (C) 2006-2007 Pablo Neira Ayuso <pablo@netfilter.org>
+
+License:
+
+    This program is free software; you can redistribute it and/or
+    modify it under the terms of the GNU General Public License
+    as published by the Free Software Foundation; either version 2
+    of the License, or (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+
+
+The Debian packaging is (C) 2007, Lionel Porcheron <lionel@alveonet.org> and
+is licensed under the GPL, see `/usr/share/common-licenses/GPL'.
+
--- conntrack-tools-0.9.5.orig/debian/init.d
+++ conntrack-tools-0.9.5/debian/init.d
@@ -0,0 +1,62 @@
+#! /bin/sh
+#
+# Start or stop conntrackd
+#
+# Lionel Porcheron <lionel@alveonet.org>
+# based on debian skel
+
+### BEGIN INIT INFO
+# Provides:          conntrackd connection tracking userspace tools
+# Required-Start:    $local_fs $remote_fs $network
+# Required-Stop:     $local_fs $remote_fs $network
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: start and stop the conntrackd daemon
+# Description:       conntrackd is a connection tracking userspace tools
+### END INIT INFO
+
+
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/conntrackd
+NAME=conntrackd
+DESC=conntrackd
+
+test -x $DAEMON || exit 0
+
+# Include conntrackd defaults if available
+if [ -f /etc/default/conntrack-tools ] ; then
+	. /etc/default/conntrack-tools
+fi
+
+set -e
+
+case "$1" in
+  start)
+	echo -n "Starting $DESC: "
+	start-stop-daemon --start --quiet --pidfile /var/run/$NAME.pid \
+		--exec $DAEMON -- $DAEMON_OPTS
+	echo "$NAME."
+	;;
+  stop)
+	echo -n "Stopping $DESC: "
+	start-stop-daemon --stop --quiet --pidfile /var/run/$NAME.pid \
+		--exec $DAEMON
+	echo "$NAME."
+	;;
+  restart|force-reload)
+	echo -n "Restarting $DESC: "
+	start-stop-daemon --stop --quiet --pidfile \
+		/var/run/$NAME.pid --exec $DAEMON
+	sleep 1
+	start-stop-daemon --start --quiet --pidfile \
+		/var/run/$NAME.pid --exec $DAEMON -- $DAEMON_OPTS
+	echo "$NAME."
+	;;
+  *)
+	N=/etc/init.d/$NAME
+	echo "Usage: $N {start|stop|restart|force-reload}" >&2
+	exit 1
+	;;
+esac
+
+exit 0
--- conntrack-tools-0.9.5.orig/debian/install
+++ conntrack-tools-0.9.5/debian/install
@@ -0,0 +1 @@
+examples/stats/conntrackd.conf etc/conntrackd
--- conntrack-tools-0.9.5.orig/debian/default
+++ conntrack-tools-0.9.5/debian/default
@@ -0,0 +1,6 @@
+# Default settings for openssh-server. This file is sourced by /bin/sh from
+# /etc/init.d/ssh.
+
+# Options to pass to conntrackd
+DAEMON_OPTS="-S -d"
+
--- conntrack-tools-0.9.5.orig/debian/README.Debian
+++ conntrack-tools-0.9.5/debian/README.Debian
@@ -0,0 +1,6 @@
+conntrackd currently have two working modes: statistics and synchronization
+mode.
+In Ubuntu, by default, conntrackd is running in statistic mode. If you want
+to run conntrackd in synchronization mode, have a look at samples in
+/usr/share/doc/conntrack-tools/examles
+You can change options in /etc/default/conntrack-tools
--- conntrack-tools-0.9.5.orig/debian/rules
+++ conntrack-tools-0.9.5/debian/rules
@@ -0,0 +1,76 @@
+#!/usr/bin/make -f
+# -*- makefile -*-
+
+#export DH_VERBOSE=1
+
+
+# These are used for cross-compiling and for saving the configure script
+# from having to guess our platform (since we know it already)
+DEB_HOST_GNU_TYPE   ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE)
+DEB_BUILD_GNU_TYPE  ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
+
+
+config.status: configure
+	dh_testdir
+ifneq "$(wildcard /usr/share/misc/config.sub)" ""
+	cp -f /usr/share/misc/config.sub config.sub
+endif
+ifneq "$(wildcard /usr/share/misc/config.guess)" ""
+	cp -f /usr/share/misc/config.guess config.guess
+endif
+	./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) --prefix=/usr --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info CFLAGS="$(CFLAGS)" LDFLAGS="-Wl,-z,defs"
+
+
+build: build-stamp
+
+build-stamp:  config.status
+	dh_testdir
+
+	$(MAKE)
+
+	touch $@
+
+clean:
+	dh_testdir
+	dh_testroot
+	rm -f build-stamp
+	! -f Makefile ] || $(MAKE) clean
+	rm -f config.sub config.guess
+
+	dh_clean
+
+install: build
+	dh_testdir
+	dh_testroot
+	dh_clean -k
+	dh_installdirs
+
+	$(MAKE) DESTDIR=$(CURDIR)/debian/conntrack-tools install
+
+
+# Build architecture-independent files here.
+binary-indep: build install
+# We have nothing to do by default.
+
+# Build architecture-dependent files here.
+binary-arch: build install
+	dh_testdir
+	dh_testroot
+	dh_installchangelogs ChangeLog
+	dh_installdocs
+	dh_installexamples
+	dh_install
+	dh_installman
+	dh_installinit
+	dh_installlogrotate
+	dh_strip
+	dh_compress
+	dh_fixperms
+	dh_installdeb
+	dh_shlibdeps
+	dh_gencontrol
+	dh_md5sums
+	dh_builddeb
+
+binary: binary-indep binary-arch
+.PHONY: build clean binary-indep binary-arch binary install
--- conntrack-tools-0.9.5.orig/debian/control
+++ conntrack-tools-0.9.5/debian/control
@@ -0,0 +1,19 @@
+Source: conntrack-tools
+Section: net
+Priority: extra
+Maintainer: Lionel Porcheron <lionel.porcheron@ubuntu.com>
+Build-Depends: debhelper (>= 6), autotools-dev, libnfnetlink-dev, libnetfilter-conntrack-dev, bison, flex
+Standards-Version: 3.7.3
+Homepage: http://people.netfilter.org/pablo/conntrack-tools/
+
+Package: conntrack-tools
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Description: Userspace daemon for the Netfilter's Connection Tracking System
+ Conntrackd is the userspace daemon for the Netfilter's Connection Tracking
+ System.
+ This daemon maintains a copy of the Connection Tracking System in userspace.
+ It is entirely written in C and is highly configurable and easily extensible.
+ Currently it covers the specific aspects of Stateful Linux firewalls to enable
+ high availability solutions and can be used as statistics collector of the
+ firewall use.
--- conntrack-tools-0.9.5.orig/debian/docs
+++ conntrack-tools-0.9.5/debian/docs
@@ -0,0 +1 @@
+TODO
--- conntrack-tools-0.9.5.orig/debian/conntrackd.8
+++ conntrack-tools-0.9.5/debian/conntrackd.8
@@ -0,0 +1,76 @@
+.TH CONNTRACKD 8 "Jan 5, 2008" "" ""
+
+.\" Man page written by Pablo Neira Ayuso <pablo@netfilter.org> (Dec 2007)
+
+.SH NAME
+conntrackd \- netfilter connection tracking userspace daemon
+.SH SYNOPSIS
+.BR "conntrackd [options]"
+.SH DESCRIPTION
+.B conntrackd
+provides a userspace daemon for the netfilter connection tracking system. This daemon synchronizes connection tracking states among several replica firewalls. Thus,
+.B conntrackd 
+can be used to implement highly available stateful firewalls. The daemon fully supports Primary-Backup and Multiprimary setups for both symmetric and asymmetric paths. It can also be used as statistics collector.
+.SH OPTIONS
+The options recognized by
+.B conntrackd
+can be divided into several different groups.
+.SS MODES
+These options specify the particular operation mode in which conntrackd runs. Only one of them can be specified at any given time.
+.TP
+.BI "-d "
+Run conntrackd in daemon mode.
+.SS CLIENT COMMANDS
+.B conntrackd 
+can be used in client mode to request several information and operations to a running daemon
+.TP
+.BI "-i "
+Dump the internal cache, i.e. show local states
+.TP
+.BI "-e "
+Dump the external cache, i.e. show foreign states
+.TP
+.BI "-x "
+Display output in XML format. This option is only valid in combination
+with "-i" and "-e" parameters.
+.TP
+.BI "-f "
+Flush the internal and the external cache
+.TP
+.BI "-k "
+Kill the daemon
+.TP
+.BI "-s "
+Dump statistics
+.TP
+.BI "-R "
+Force a resync against the kernel connection tracking table
+.SH DIAGNOSTICS
+The exit code is 0 for correct function. Errors cause an exit code of 1.
+.SH EXAMPLES
+.TP
+.B conntrackd \-d
+Runs conntrackd in daemon and synchronization mode
+.TP
+.B conntrackd \-i
+Dumps the states held in the internal cache, i.e. those handled by this firewall
+.TP
+.B conntrackd \-e
+Dumps the states held in the external cache, i.e. those handled by other replica firewalls
+.TP
+.B conntrackd \-c
+Commits the internal cache into the kernel connection tracking system. This is used to inject the state so that the connections can be recovered during the failover.
+.SH DEPENDENCIES
+This daemon requires a Linux kernel version >= 2.6.18. TCP window tracking support requires >= 2.6.22, otherwise you have to disable it. Helpers are fully supported since >= 2.6.25, however, if you use any previous version, depending on the protocol helper and your setup (e.g. if you setup performs NAT sequence adjustments or not), your help connection may be successfully recovered.
+.TP
+There are several unsupported stateful iptables matches such as recent, connbytes and the quota matches which gather internal information to operate. Since that information does not belong to the domain of the connection tracking system, connections affected by those matches may not be fully recovered during the takeover.
+.SH SEE ALSO
+.BR conntrack (8), iptables (8)
+.br
+.BR "http://people.netfilter.org/pablo/conntrack-tools/"
+.SH AUTHORS
+Pablo Neira Ayuso wrote and maintains the conntrackd tool
+.TP
+Please send bug reports to <netfilter-failover@lists.netfilter.org>. Subscription is required.
+.PP
+Man page written by Pablo Neira Ayuso <pablo@netfilter.org>.
--- conntrack-tools-0.9.5.orig/debian/examples
+++ conntrack-tools-0.9.5/debian/examples
@@ -0,0 +1 @@
+examples/*
--- conntrack-tools-0.9.5.orig/debian/manpages
+++ conntrack-tools-0.9.5/debian/manpages
@@ -0,0 +1 @@
+debian/conntrackd.8
--- conntrack-tools-0.9.5.orig/debian/compat
+++ conntrack-tools-0.9.5/debian/compat
@@ -0,0 +1 @@
+6