1 diff -uprN linux-2.4.32.reference/include/linux/netfilter_ipv4/ipt_CLASSIFY.h linux-2.4.32/include/linux/netfilter_ipv4/ipt_CLASSIFY.h
2 --- linux-2.4.32.reference/include/linux/netfilter_ipv4/ipt_CLASSIFY.h 1970-01-01 01:00:00.000000000 +0100
3 +++ linux-2.4.32/include/linux/netfilter_ipv4/ipt_CLASSIFY.h 2006-08-17 12:33:08.000000000 +0200
5 +#ifndef _IPT_CLASSIFY_H
6 +#define _IPT_CLASSIFY_H
8 +struct ipt_classify_target_info {
12 +#endif /*_IPT_CLASSIFY_H */
13 diff -uprN linux-2.4.32.reference/net/ipv4/netfilter/Config.in linux-2.4.32/net/ipv4/netfilter/Config.in
14 --- linux-2.4.32.reference/net/ipv4/netfilter/Config.in 2006-08-17 12:28:16.000000000 +0200
15 +++ linux-2.4.32/net/ipv4/netfilter/Config.in 2006-08-17 12:33:08.000000000 +0200
16 @@ -172,6 +172,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ];
17 dep_tristate ' DSCP target support' CONFIG_IP_NF_TARGET_DSCP $CONFIG_IP_NF_MANGLE
19 dep_tristate ' MARK target support' CONFIG_IP_NF_TARGET_MARK $CONFIG_IP_NF_MANGLE
20 + dep_tristate ' CLASSIFY target support (EXPERIMENTAL)' CONFIG_IP_NF_TARGET_CLASSIFY $CONFIG_IP_NF_MANGLE
21 dep_tristate ' IMQ target support' CONFIG_IP_NF_TARGET_IMQ $CONFIG_IP_NF_MANGLE
23 if [ "$CONFIG_IP_NF_CONNTRACK_MARK" != "n" ]; then
24 diff -uprN linux-2.4.32.reference/net/ipv4/netfilter/ipt_CLASSIFY.c linux-2.4.32/net/ipv4/netfilter/ipt_CLASSIFY.c
25 --- linux-2.4.32.reference/net/ipv4/netfilter/ipt_CLASSIFY.c 1970-01-01 01:00:00.000000000 +0100
26 +++ linux-2.4.32/net/ipv4/netfilter/ipt_CLASSIFY.c 2006-08-17 12:33:08.000000000 +0200
29 + * This is a module which is used for setting the skb->priority field
30 + * of an skb for qdisc classification.
33 +#include <linux/module.h>
34 +#include <linux/skbuff.h>
35 +#include <linux/ip.h>
36 +#include <net/checksum.h>
38 +#include <linux/netfilter_ipv4/ip_tables.h>
39 +#include <linux/netfilter_ipv4/ipt_CLASSIFY.h>
41 +MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
42 +MODULE_LICENSE("GPL");
43 +MODULE_DESCRIPTION("iptables qdisc classification target module");
46 +target(struct sk_buff **pskb,
47 + unsigned int hooknum,
48 + const struct net_device *in,
49 + const struct net_device *out,
50 + const void *targinfo,
53 + const struct ipt_classify_target_info *clinfo = targinfo;
55 + if((*pskb)->priority != clinfo->priority) {
56 + (*pskb)->priority = clinfo->priority;
57 + (*pskb)->nfcache |= NFC_ALTERED;
60 + return IPT_CONTINUE;
64 +checkentry(const char *tablename,
65 + const struct ipt_entry *e,
67 + unsigned int targinfosize,
68 + unsigned int hook_mask)
70 + if (targinfosize != IPT_ALIGN(sizeof(struct ipt_classify_target_info))){
71 + printk(KERN_ERR "CLASSIFY: invalid size (%u != %u).\n",
73 + IPT_ALIGN(sizeof(struct ipt_classify_target_info)));
77 + if (hook_mask & ~(1 << NF_IP_POST_ROUTING)) {
78 + printk(KERN_ERR "CLASSIFY: only valid in POST_ROUTING.\n");
82 + if (strcmp(tablename, "mangle") != 0) {
83 + printk(KERN_WARNING "CLASSIFY: can only be called from "
84 + "\"mangle\" table, not \"%s\".\n",
92 +static struct ipt_target ipt_classify_reg
93 += { { NULL, NULL }, "CLASSIFY", target, checkentry, NULL, THIS_MODULE };
95 +static int __init init(void)
97 + if (ipt_register_target(&ipt_classify_reg))
103 +static void __exit fini(void)
105 + ipt_unregister_target(&ipt_classify_reg);
110 diff -uprN linux-2.4.32.reference/net/ipv4/netfilter/Makefile linux-2.4.32/net/ipv4/netfilter/Makefile
111 --- linux-2.4.32.reference/net/ipv4/netfilter/Makefile 2006-08-17 12:28:16.000000000 +0200
112 +++ linux-2.4.32/net/ipv4/netfilter/Makefile 2006-08-17 12:33:08.000000000 +0200
113 @@ -134,6 +134,7 @@ obj-$(CONFIG_IP_NF_MATCH_LAYER7) += ipt_
116 obj-$(CONFIG_IP_NF_TARGET_REJECT) += ipt_REJECT.o
117 +obj-$(CONFIG_IP_NF_TARGET_CLASSIFY) += ipt_CLASSIFY.o
118 obj-$(CONFIG_IP_NF_TARGET_MIRROR) += ipt_MIRROR.o
119 obj-$(CONFIG_IP_NF_TARGET_TOS) += ipt_TOS.o
120 obj-$(CONFIG_IP_NF_TARGET_ECN) += ipt_ECN.o