--- ./net/8021q/vlanproc.c.vlan	2006-09-20 07:42:06.000000000 +0400
+++ ./net/8021q/vlanproc.c	2006-11-03 19:47:45.000000000 +0300
@@ -156,9 +156,10 @@ void vlan_proc_cleanup(void)
 
 int __init vlan_proc_init(void)
 {
-	proc_vlan_dir = proc_mkdir(name_root, proc_net);
+	proc_vlan_dir = create_proc_glob_entry("net/vlan",
+			S_IFDIR|S_IRUGO|S_IXUGO, NULL);
 	if (proc_vlan_dir) {
-		proc_vlan_conf = create_proc_entry(name_conf,
+		proc_vlan_conf = create_proc_glob_entry(name_conf,
 						   S_IFREG|S_IRUSR|S_IWUSR,
 						   proc_vlan_dir);
 		if (proc_vlan_conf) {
--- ./net/8021q/vlan.c.vlan	2006-09-20 07:42:06.000000000 +0400
+++ ./net/8021q/vlan.c	2006-11-07 15:57:37.000000000 +0300
@@ -474,6 +474,8 @@ static struct net_device *register_vlan_
 	/* IFF_BROADCAST|IFF_MULTICAST; ??? */
 	new_dev->flags = real_dev->flags;
 	new_dev->flags &= ~IFF_UP;
+	if (!ve_is_super(real_dev->owner_env))
+		new_dev->features |= NETIF_F_VIRTUAL;
 
 	new_dev->state = (real_dev->state & ((1<<__LINK_STATE_NOCARRIER) |
 					     (1<<__LINK_STATE_DORMANT))) |
@@ -693,7 +695,7 @@ static int vlan_ioctl_handler(void __use
 
 	switch (args.cmd) {
 	case SET_VLAN_INGRESS_PRIORITY_CMD:
-		if (!capable(CAP_NET_ADMIN))
+		if (!capable(CAP_NET_ADMIN) && !capable(CAP_VE_NET_ADMIN))
 			return -EPERM;
 		err = vlan_dev_set_ingress_priority(args.device1,
 						    args.u.skb_priority,
@@ -701,7 +703,7 @@ static int vlan_ioctl_handler(void __use
 		break;
 
 	case SET_VLAN_EGRESS_PRIORITY_CMD:
-		if (!capable(CAP_NET_ADMIN))
+		if (!capable(CAP_NET_ADMIN) && !capable(CAP_VE_NET_ADMIN))
 			return -EPERM;
 		err = vlan_dev_set_egress_priority(args.device1,
 						   args.u.skb_priority,
@@ -709,7 +711,7 @@ static int vlan_ioctl_handler(void __use
 		break;
 
 	case SET_VLAN_FLAG_CMD:
-		if (!capable(CAP_NET_ADMIN))
+		if (!capable(CAP_NET_ADMIN) && !capable(CAP_VE_NET_ADMIN))
 			return -EPERM;
 		err = vlan_dev_set_vlan_flag(args.device1,
 					     args.u.flag,
@@ -717,7 +719,7 @@ static int vlan_ioctl_handler(void __use
 		break;
 
 	case SET_VLAN_NAME_TYPE_CMD:
-		if (!capable(CAP_NET_ADMIN))
+		if (!capable(CAP_NET_ADMIN) && !capable(CAP_VE_NET_ADMIN))
 			return -EPERM;
 		if ((args.u.name_type >= 0) &&
 		    (args.u.name_type < VLAN_NAME_TYPE_HIGHEST)) {
@@ -729,7 +731,7 @@ static int vlan_ioctl_handler(void __use
 		break;
 
 	case ADD_VLAN_CMD:
-		if (!capable(CAP_NET_ADMIN))
+		if (!capable(CAP_NET_ADMIN) && !capable(CAP_VE_NET_ADMIN))
 			return -EPERM;
 		/* we have been given the name of the Ethernet Device we want to
 		 * talk to:  args.dev1	 We also have the
@@ -743,7 +745,7 @@ static int vlan_ioctl_handler(void __use
 		break;
 
 	case DEL_VLAN_CMD:
-		if (!capable(CAP_NET_ADMIN))
+		if (!capable(CAP_NET_ADMIN) && !capable(CAP_VE_NET_ADMIN))
 			return -EPERM;
 		/* Here, the args.dev1 is the actual VLAN we want
 		 * to get rid of.