move old kamikaze out of trunk - will put buildroot-ng in there as soon as all the...

[openwrt/svn-archive/archive.git] / openwrt / target / linux / generic-2.4 / patches / 612-netfilter_quota.patch

diff --git a/openwrt/target/linux/generic-2.4/patches/612-netfilter_quota.patch b/openwrt/target/linux/generic-2.4/patches/612-netfilter_quota.patch
deleted file mode 100644 (file)
index a0a019c..0000000
--- a/openwrt/target/linux/generic-2.4/patches/612-netfilter_quota.patch
+++ /dev/null
@@ -1,147 +0,0 @@
-diff -ruN linux-2.4.30-old/Documentation/Configure.help linux-2.4.30-new/Documentation/Configure.help
---- linux-2.4.30-old/Documentation/Configure.help      2005-11-13 22:30:42.000000000 +0100
-+++ linux-2.4.30-new/Documentation/Configure.help      2005-11-13 22:31:17.000000000 +0100
-@@ -2888,6 +2888,13 @@
-   If you want to compile it as a module, say M here and read
-   <file:Documentation/modules.txt>.  If unsure, say `N'.
- 
-+quota match support
-+CONFIG_IP_NF_MATCH_QUOTA
-+  This match implements network quotas.
-+
-+  If you want to compile it as a module, say M here and read
-+  Documentation/modules.txt.  If unsure, say `N'.
-+
- skb->pkt_type packet match support
- CONFIG_IP_NF_MATCH_PKTTYPE
-   This patch allows you to match packet in accrodance
-diff -ruN linux-2.4.30-old/include/linux/netfilter_ipv4/ipt_quota.h linux-2.4.30-new/include/linux/netfilter_ipv4/ipt_quota.h
---- linux-2.4.30-old/include/linux/netfilter_ipv4/ipt_quota.h  1970-01-01 01:00:00.000000000 +0100
-+++ linux-2.4.30-new/include/linux/netfilter_ipv4/ipt_quota.h  2005-11-13 22:31:17.000000000 +0100
-@@ -0,0 +1,12 @@
-+#ifndef _IPT_QUOTA_H
-+#define _IPT_QUOTA_H
-+
-+/* print debug info in both kernel/netfilter module & iptable library */
-+//#define DEBUG_IPT_QUOTA
-+
-+struct ipt_quota_info {
-+        u_int64_t quota;
-+      struct ipt_quota_info *master;
-+};
-+
-+#endif /*_IPT_QUOTA_H*/
-diff -ruN linux-2.4.30-old/net/ipv4/netfilter/Config.in linux-2.4.30-new/net/ipv4/netfilter/Config.in
---- linux-2.4.30-old/net/ipv4/netfilter/Config.in      2005-11-13 22:30:42.000000000 +0100
-+++ linux-2.4.30-new/net/ipv4/netfilter/Config.in      2005-11-13 22:31:17.000000000 +0100
-@@ -24,6 +24,7 @@
- if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; then
- # The simple matches.
-   dep_tristate '  limit match support' CONFIG_IP_NF_MATCH_LIMIT $CONFIG_IP_NF_IPTABLES
-+  dep_tristate '  quota match support' CONFIG_IP_NF_MATCH_QUOTA $CONFIG_IP_NF_IPTABLES
- 
-   dep_tristate '  IP set support' CONFIG_IP_NF_SET $CONFIG_IP_NF_IPTABLES
-   if [ "$CONFIG_IP_NF_SET" != "n" ]; then
-diff -ruN linux-2.4.30-old/net/ipv4/netfilter/Makefile linux-2.4.30-new/net/ipv4/netfilter/Makefile
---- linux-2.4.30-old/net/ipv4/netfilter/Makefile       2005-11-13 22:30:42.000000000 +0100
-+++ linux-2.4.30-new/net/ipv4/netfilter/Makefile       2005-11-13 22:31:17.000000000 +0100
-@@ -74,6 +74,7 @@
- # matches
- obj-$(CONFIG_IP_NF_MATCH_HELPER) += ipt_helper.o
- obj-$(CONFIG_IP_NF_MATCH_LIMIT) += ipt_limit.o
-+obj-$(CONFIG_IP_NF_MATCH_QUOTA) += ipt_quota.o
- obj-$(CONFIG_IP_NF_MATCH_MARK) += ipt_mark.o
- obj-$(CONFIG_IP_NF_MATCH_SET) += ipt_set.o
- obj-$(CONFIG_IP_NF_TARGET_SET) += ipt_SET.o
-diff -ruN linux-2.4.30-old/net/ipv4/netfilter/ipt_quota.c linux-2.4.30-new/net/ipv4/netfilter/ipt_quota.c
---- linux-2.4.30-old/net/ipv4/netfilter/ipt_quota.c    1970-01-01 01:00:00.000000000 +0100
-+++ linux-2.4.30-new/net/ipv4/netfilter/ipt_quota.c    2005-11-13 22:31:17.000000000 +0100
-@@ -0,0 +1,88 @@
-+/* 
-+ * netfilter module to enforce network quotas
-+ *
-+ * Sam Johnston <samj@samj.net>
-+ *
-+ * 30/01/05: Fixed on SMP --Pablo Neira <pablo@eurodev.net>
-+ */
-+#include <linux/module.h>
-+#include <linux/skbuff.h>
-+#include <linux/spinlock.h>
-+#include <linux/interrupt.h>
-+
-+#include <linux/netfilter_ipv4/ip_tables.h>
-+#include <linux/netfilter_ipv4/ipt_quota.h>
-+
-+MODULE_LICENSE("GPL");
-+
-+static spinlock_t quota_lock = SPIN_LOCK_UNLOCKED;
-+
-+static int
-+match(const struct sk_buff *skb,
-+      const struct net_device *in,
-+      const struct net_device *out,
-+      const void *matchinfo,
-+      int offset, const void *hdr, u_int16_t datalen, int *hotdrop)
-+{
-+      struct ipt_quota_info *q =
-+              ((struct ipt_quota_info *) matchinfo)->master;
-+
-+        spin_lock_bh(&quota_lock);
-+
-+        if (q->quota >= datalen) {
-+                /* we can afford this one */
-+                q->quota -= datalen;
-+                spin_unlock_bh(&quota_lock);
-+
-+#ifdef DEBUG_IPT_QUOTA
-+                printk("IPT Quota OK: %llu datlen %d \n", q->quota, datalen);
-+#endif
-+                return 1;
-+        }
-+
-+        /* so we do not allow even small packets from now on */
-+        q->quota = 0;
-+
-+#ifdef DEBUG_IPT_QUOTA
-+        printk("IPT Quota Failed: %llu datlen %d \n", q->quota, datalen);
-+#endif
-+
-+        spin_unlock_bh(&quota_lock);
-+        return 0;
-+}
-+
-+static int
-+checkentry(const char *tablename,
-+           const struct ipt_ip *ip,
-+           void *matchinfo, unsigned int matchsize, unsigned int hook_mask)
-+{
-+        /* TODO: spinlocks? sanity checks? */
-+      struct ipt_quota_info *q = (struct ipt_quota_info *) matchinfo;
-+
-+        if (matchsize != IPT_ALIGN(sizeof (struct ipt_quota_info)))
-+                return 0;
-+      
-+      /* For SMP, we only want to use one set of counters. */
-+      q->master = q;
-+
-+        return 1;
-+}
-+
-+static struct ipt_match quota_match
-+    = { {NULL, NULL}, "quota", &match, &checkentry, NULL, THIS_MODULE };
-+
-+static int __init
-+init(void)
-+{
-+        return ipt_register_match(&quota_match);
-+}
-+
-+static void __exit
-+fini(void)
-+{
-+        ipt_unregister_match(&quota_match);
-+}
-+
-+module_init(init);
-+module_exit(fini);
-+