projects / openwrt / openwrt.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
fix some netfilter extensions on 2.6.25
[openwrt/openwrt.git] / target / linux / generic-2.6 / patches-2.6.25 / 150-netfilter_imq.patch
1 diff -Naurw 2.6.24/drivers/net/imq.c 2.6.24.imq/drivers/net/imq.c
2 --- 2.6.24/drivers/net/imq.c 1969-12-31 21:00:00.000000000 -0300
3 +++ 2.6.24.imq/drivers/net/imq.c 2008-01-26 14:52:43.000000000 -0300
4 @@ -0,0 +1,409 @@
5 +/*
6 + * Pseudo-driver for the intermediate queue device.
7 + *
8 + * This program is free software; you can redistribute it and/or
9 + * modify it under the terms of the GNU General Public License
10 + * as published by the Free Software Foundation; either version
11 + * 2 of the License, or (at your option) any later version.
12 + *
13 + * Authors: Patrick McHardy, <kaber@trash.net>
14 + *
15 + * The first version was written by Martin Devera, <devik@cdi.cz>
16 + *
17 + * Credits: Jan Rafaj <imq2t@cedric.vabo.cz>
18 + * - Update patch to 2.4.21
19 + * Sebastian Strollo <sstrollo@nortelnetworks.com>
20 + * - Fix "Dead-loop on netdevice imq"-issue
21 + * Marcel Sebek <sebek64@post.cz>
22 + * - Update to 2.6.2-rc1
23 + *
24 + * After some time of inactivity there is a group taking care
25 + * of IMQ again: http://www.linuximq.net
26 + *
27 + *
28 + * 2004/06/30 - New version of IMQ patch to kernels <=2.6.7 including
29 + * the following changes:
30 + *
31 + * - Correction of ipv6 support "+"s issue (Hasso Tepper)
32 + * - Correction of imq_init_devs() issue that resulted in
33 + * kernel OOPS unloading IMQ as module (Norbert Buchmuller)
34 + * - Addition of functionality to choose number of IMQ devices
35 + * during kernel config (Andre Correa)
36 + * - Addition of functionality to choose how IMQ hooks on
37 + * PRE and POSTROUTING (after or before NAT) (Andre Correa)
38 + * - Cosmetic corrections (Norbert Buchmuller) (Andre Correa)
39 + *
40 + *
41 + * 2005/12/16 - IMQ versions between 2.6.7 and 2.6.13 were
42 + * released with almost no problems. 2.6.14-x was released
43 + * with some important changes: nfcache was removed; After
44 + * some weeks of trouble we figured out that some IMQ fields
45 + * in skb were missing in skbuff.c - skb_clone and copy_skb_header.
46 + * These functions are correctly patched by this new patch version.
47 + *
48 + * Thanks for all who helped to figure out all the problems with
49 + * 2.6.14.x: Patrick McHardy, Rune Kock, VeNoMouS, Max CtRiX,
50 + * Kevin Shanahan, Richard Lucassen, Valery Dachev (hopefully
51 + * I didn't forget anybody). I apologize again for my lack of time.
52 + *
53 + * More info at: http://www.linuximq.net/ (Andre Correa)
54 + */
55 +
56 +#include <linux/module.h>
57 +#include <linux/kernel.h>
58 +#include <linux/moduleparam.h>
59 +#include <linux/skbuff.h>
60 +#include <linux/netdevice.h>
61 +#include <linux/rtnetlink.h>
62 +#include <linux/if_arp.h>
63 +#include <linux/netfilter.h>
64 +#include <linux/netfilter_ipv4.h>
65 +#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
66 + #include <linux/netfilter_ipv6.h>
67 +#endif
68 +#include <linux/imq.h>
69 +#include <net/pkt_sched.h>
70 +
71 +extern int qdisc_restart1(struct net_device *dev);
72 +
73 +static nf_hookfn imq_nf_hook;
74 +
75 +static struct nf_hook_ops imq_ingress_ipv4 = {
76 + .hook = imq_nf_hook,
77 + .owner = THIS_MODULE,
78 + .pf = PF_INET,
79 + .hooknum = NF_IP_PRE_ROUTING,
80 +#if defined(CONFIG_IMQ_BEHAVIOR_BA) || defined(CONFIG_IMQ_BEHAVIOR_BB)
81 + .priority = NF_IP_PRI_MANGLE + 1
82 +#else
83 + .priority = NF_IP_PRI_NAT_DST + 1
84 +#endif
85 +};
86 +
87 +static struct nf_hook_ops imq_egress_ipv4 = {
88 + .hook = imq_nf_hook,
89 + .owner = THIS_MODULE,
90 + .pf = PF_INET,
91 + .hooknum = NF_IP_POST_ROUTING,
92 +#if defined(CONFIG_IMQ_BEHAVIOR_AA) || defined(CONFIG_IMQ_BEHAVIOR_BA)
93 + .priority = NF_IP_PRI_LAST
94 +#else
95 + .priority = NF_IP_PRI_NAT_SRC - 1
96 +#endif
97 +};
98 +
99 +#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
100 +static struct nf_hook_ops imq_ingress_ipv6 = {
101 + .hook = imq_nf_hook,
102 + .owner = THIS_MODULE,
103 + .pf = PF_INET6,
104 + .hooknum = NF_IP6_PRE_ROUTING,
105 +#if defined(CONFIG_IMQ_BEHAVIOR_BA) || defined(CONFIG_IMQ_BEHAVIOR_BB)
106 + .priority = NF_IP6_PRI_MANGLE + 1
107 +#else
108 + .priority = NF_IP6_PRI_NAT_DST + 1
109 +#endif
110 +};
111 +
112 +static struct nf_hook_ops imq_egress_ipv6 = {
113 + .hook = imq_nf_hook,
114 + .owner = THIS_MODULE,
115 + .pf = PF_INET6,
116 + .hooknum = NF_IP6_POST_ROUTING,
117 +#if defined(CONFIG_IMQ_BEHAVIOR_AA) || defined(CONFIG_IMQ_BEHAVIOR_BA)
118 + .priority = NF_IP6_PRI_LAST
119 +#else
120 + .priority = NF_IP6_PRI_NAT_SRC - 1
121 +#endif
122 +};
123 +#endif
124 +
125 +#if defined(CONFIG_IMQ_NUM_DEVS)
126 +static unsigned int numdevs = CONFIG_IMQ_NUM_DEVS;
127 +#else
128 +static unsigned int numdevs = 16;
129 +#endif
130 +
131 +static struct net_device *imq_devs;
132 +
133 +static struct net_device_stats *imq_get_stats(struct net_device *dev)
134 +{
135 + return (struct net_device_stats *)dev->priv;
136 +}
137 +
138 +/* called for packets kfree'd in qdiscs at places other than enqueue */
139 +static void imq_skb_destructor(struct sk_buff *skb)
140 +{
141 + struct nf_info *info = skb->nf_info;
142 +
143 + if (info) {
144 + if (info->indev)
145 + dev_put(info->indev);
146 + if (info->outdev)
147 + dev_put(info->outdev);
148 + kfree(info);
149 + }
150 +}
151 +
152 +static int imq_dev_xmit(struct sk_buff *skb, struct net_device *dev)
153 +{
154 + struct net_device_stats *stats = (struct net_device_stats*) dev->priv;
155 +
156 + stats->tx_bytes += skb->len;
157 + stats->tx_packets++;
158 +
159 + skb->imq_flags = 0;
160 + skb->destructor = NULL;
161 +
162 + dev->trans_start = jiffies;
163 + nf_reinject(skb, skb->nf_info, NF_ACCEPT);
164 + return 0;
165 +}
166 +
167 +static int imq_nf_queue(struct sk_buff *skb, struct nf_info *info, unsigned queue_num, void *data)
168 +{
169 + struct net_device *dev;
170 + struct net_device_stats *stats;
171 + struct sk_buff *skb2 = NULL;
172 + struct Qdisc *q;
173 + unsigned int index = skb->imq_flags&IMQ_F_IFMASK;
174 + int ret = -1;
175 +
176 + if (index > numdevs)
177 + return -1;
178 +
179 + dev = imq_devs + index;
180 + if (!(dev->flags & IFF_UP)) {
181 + skb->imq_flags = 0;
182 + nf_reinject(skb, info, NF_ACCEPT);
183 + return 0;
184 + }
185 + dev->last_rx = jiffies;
186 +
187 + if (skb->destructor) {
188 + skb2 = skb;
189 + skb = skb_clone(skb, GFP_ATOMIC);
190 + if (!skb)
191 + return -1;
192 + }
193 + skb->nf_info = info;
194 +
195 + stats = (struct net_device_stats *)dev->priv;
196 + stats->rx_bytes+= skb->len;
197 + stats->rx_packets++;
198 +
199 + spin_lock_bh(&dev->queue_lock);
200 + q = dev->qdisc;
201 + if (q->enqueue) {
202 + q->enqueue(skb_get(skb), q);
203 + if (skb_shared(skb)) {
204 + skb->destructor = imq_skb_destructor;
205 + kfree_skb(skb);
206 + ret = 0;
207 + }
208 + }
209 + if (spin_is_locked(&dev->_xmit_lock))
210 + netif_schedule(dev);
211 + else
212 + while (!netif_queue_stopped(dev) && qdisc_restart1(dev) < 0)
213 + /* NOTHING */;
214 +
215 + spin_unlock_bh(&dev->queue_lock);
216 +
217 + if (skb2)
218 + kfree_skb(ret ? skb : skb2);
219 +
220 + return ret;
221 +}
222 +
223 +static struct nf_queue_handler nfqh = {
224 + .name = "imq",
225 + .outfn = imq_nf_queue,
226 +};
227 +
228 +static unsigned int imq_nf_hook(unsigned int hook, struct sk_buff *pskb,
229 + const struct net_device *indev,
230 + const struct net_device *outdev,
231 + int (*okfn)(struct sk_buff *))
232 +{
233 + if (pskb->imq_flags & IMQ_F_ENQUEUE)
234 + return NF_QUEUE;
235 +
236 + return NF_ACCEPT;
237 +}
238 +
239 +
240 +static int __init imq_init_hooks(void)
241 +{
242 + int err;
243 +
244 + err = nf_register_queue_handler(PF_INET, &nfqh);
245 + if (err > 0)
246 + goto err1;
247 + if ((err = nf_register_hook(&imq_ingress_ipv4)))
248 + goto err2;
249 + if ((err = nf_register_hook(&imq_egress_ipv4)))
250 + goto err3;
251 +#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
252 + if ((err = nf_register_queue_handler(PF_INET6, &nfqh)))
253 + goto err4;
254 + if ((err = nf_register_hook(&imq_ingress_ipv6)))
255 + goto err5;
256 + if ((err = nf_register_hook(&imq_egress_ipv6)))
257 + goto err6;
258 +#endif
259 +
260 + return 0;
261 +
262 +#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
263 +err6:
264 + nf_unregister_hook(&imq_ingress_ipv6);
265 +err5:
266 + nf_unregister_queue_handler(PF_INET6, &nfqh);
267 +err4:
268 + nf_unregister_hook(&imq_egress_ipv4);
269 +#endif
270 +err3:
271 + nf_unregister_hook(&imq_ingress_ipv4);
272 +err2:
273 + nf_unregister_queue_handler(PF_INET, &nfqh);
274 +err1:
275 + return err;
276 +}
277 +
278 +static void __exit imq_unhook(void)
279 +{
280 +#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
281 + nf_unregister_hook(&imq_ingress_ipv6);
282 + nf_unregister_hook(&imq_egress_ipv6);
283 + nf_unregister_queue_handler(PF_INET6, &nfqh);
284 +#endif
285 + nf_unregister_hook(&imq_ingress_ipv4);
286 + nf_unregister_hook(&imq_egress_ipv4);
287 + nf_unregister_queue_handler(PF_INET, &nfqh);
288 +}
289 +
290 +static int __init imq_dev_init(struct net_device *dev)
291 +{
292 + dev->hard_start_xmit = imq_dev_xmit;
293 + dev->type = ARPHRD_VOID;
294 + dev->mtu = 16000;
295 + dev->tx_queue_len = 11000;
296 + dev->flags = IFF_NOARP;
297 + dev->priv = kzalloc(sizeof(struct net_device_stats), GFP_KERNEL);
298 + if (dev->priv == NULL)
299 + return -ENOMEM;
300 + dev->get_stats = imq_get_stats;
301 +
302 + return 0;
303 +}
304 +
305 +static void imq_dev_uninit(struct net_device *dev)
306 +{
307 + kfree(dev->priv);
308 +}
309 +
310 +static int __init imq_init_devs(struct net *net)
311 +{
312 + struct net_device *dev;
313 + int i,j;
314 + j = numdevs;
315 +
316 + if (!numdevs || numdevs > IMQ_MAX_DEVS) {
317 + printk(KERN_ERR "IMQ: numdevs has to be betweed 1 and %u\n",
318 + IMQ_MAX_DEVS);
319 + return -EINVAL;
320 + }
321 +
322 + imq_devs = kzalloc(sizeof(struct net_device) * numdevs, GFP_KERNEL);
323 + if (!imq_devs)
324 + return -ENOMEM;
325 +
326 + /* we start counting at zero */
327 + numdevs--;
328 +
329 + for (i = 0, dev = imq_devs; i <= numdevs; i++, dev++) {
330 + strcpy(dev->name, "imq%d");
331 + dev->init = imq_dev_init;
332 + dev->uninit = imq_dev_uninit;
333 + dev->nd_net = net;
334 +
335 + if (register_netdev(dev) < 0)
336 + goto err_register;
337 + }
338 + printk(KERN_INFO "IMQ starting with %u devices...\n", j);
339 + return 0;
340 +
341 +err_register:
342 + for (; i; i--)
343 + unregister_netdev(--dev);
344 + kfree(imq_devs);
345 + return -EIO;
346 +}
347 +
348 +static void imq_cleanup_devs(void)
349 +{
350 + int i;
351 + struct net_device *dev = imq_devs;
352 +
353 + for (i = 0; i <= numdevs; i++)
354 + unregister_netdev(dev++);
355 +
356 + kfree(imq_devs);
357 +}
358 +
359 +static __net_init int imq_init_module(struct net *net)
360 +{
361 + int err;
362 +
363 + if ((err = imq_init_devs(net))) {
364 + printk(KERN_ERR "IMQ: Error trying imq_init_devs(net)\n");
365 + return err;
366 + }
367 + if ((err = imq_init_hooks())) {
368 + printk(KERN_ERR "IMQ: Error trying imq_init_hooks()\n");
369 + imq_cleanup_devs();
370 + return err;
371 + }
372 +
373 + printk(KERN_INFO "IMQ driver loaded successfully.\n");
374 +
375 +#if defined(CONFIG_IMQ_BEHAVIOR_BA) || defined(CONFIG_IMQ_BEHAVIOR_BB)
376 + printk(KERN_INFO "\tHooking IMQ before NAT on PREROUTING.\n");
377 +#else
378 + printk(KERN_INFO "\tHooking IMQ after NAT on PREROUTING.\n");
379 +#endif
380 +#if defined(CONFIG_IMQ_BEHAVIOR_AB) || defined(CONFIG_IMQ_BEHAVIOR_BB)
381 + printk(KERN_INFO "\tHooking IMQ before NAT on POSTROUTING.\n");
382 +#else
383 + printk(KERN_INFO "\tHooking IMQ after NAT on POSTROUTING.\n");
384 +#endif
385 +
386 + return 0;
387 +}
388 +
389 +static __net_exit void imq_exit_module(struct net *net)
390 +{
391 + imq_unhook();
392 + imq_cleanup_devs();
393 + printk(KERN_INFO "IMQ driver unloaded successfully.\n");
394 +}
395 +
396 +static struct pernet_operations __net_initdata imq_net_ops = {
397 + .init = imq_init_module,
398 + .exit = imq_exit_module,
399 +};
400 +
401 +static int __init imq_init(void)
402 +{
403 + return register_pernet_device(&imq_net_ops);
404 +}
405 +
406 +module_init(imq_init);
407 +//module_exit(imq_cleanup_module);
408 +
409 +module_param(numdevs, int, 0);
410 +MODULE_PARM_DESC(numdevs, "number of IMQ devices (how many imq* devices will be created)");
411 +MODULE_AUTHOR("http://www.linuximq.net");
412 +MODULE_DESCRIPTION("Pseudo-driver for the intermediate queue device. See http://www.linuximq.net/ for more information.");
413 +MODULE_LICENSE("GPL");
414 diff -Naurw 2.6.24/drivers/net/Kconfig 2.6.24.imq/drivers/net/Kconfig
415 --- 2.6.24/drivers/net/Kconfig 2008-01-24 19:58:37.000000000 -0300
416 +++ 2.6.24.imq/drivers/net/Kconfig 2008-01-26 15:00:11.000000000 -0300
417 @@ -112,6 +112,129 @@
418 To compile this driver as a module, choose M here: the module
419 will be called eql. If unsure, say N.
420
421 +config IMQ
422 + tristate "IMQ (intermediate queueing device) support"
423 + depends on NETDEVICES && NETFILTER
424 + ---help---
425 + The IMQ device(s) is used as placeholder for QoS queueing
426 + disciplines. Every packet entering/leaving the IP stack can be
427 + directed through the IMQ device where it's enqueued/dequeued to the
428 + attached qdisc. This allows you to treat network devices as classes
429 + and distribute bandwidth among them. Iptables is used to specify
430 + through which IMQ device, if any, packets travel.
431 +
432 + More information at: http://www.linuximq.net/
433 +
434 + To compile this driver as a module, choose M here: the module
435 + will be called imq. If unsure, say N.
436 +
437 +choice
438 + prompt "IMQ behavior (PRE/POSTROUTING)"
439 + depends on IMQ
440 + default IMQ_BEHAVIOR_BB
441 + help
442 +
443 + This settings defines how IMQ behaves in respect to its
444 + hooking in PREROUTING and POSTROUTING.
445 +
446 + IMQ can work in any of the following ways:
447 +
448 + PREROUTING | POSTROUTING
449 + -----------------|-------------------
450 + #1 After NAT | After NAT
451 + #2 After NAT | Before NAT
452 + #3 Before NAT | After NAT
453 + #4 Before NAT | Before NAT
454 +
455 + The default behavior is to hook before NAT on PREROUTING
456 + and after NAT on POSTROUTING (#3).
457 +
458 + This settings are specially usefull when trying to use IMQ
459 + to shape NATed clients.
460 +
461 + More information can be found at: www.linuximq.net
462 +
463 + If not sure leave the default settings alone.
464 +
465 +config IMQ_BEHAVIOR_AA
466 + bool "IMQ AA"
467 + help
468 + This settings defines how IMQ behaves in respect to its
469 + hooking in PREROUTING and POSTROUTING.
470 +
471 + Choosing this option will make IMQ hook like this:
472 +
473 + PREROUTING: After NAT
474 + POSTROUTING: After NAT
475 +
476 + More information can be found at: www.linuximq.net
477 +
478 + If not sure leave the default settings alone.
479 +
480 +config IMQ_BEHAVIOR_AB
481 + bool "IMQ AB"
482 + help
483 + This settings defines how IMQ behaves in respect to its
484 + hooking in PREROUTING and POSTROUTING.
485 +
486 + Choosing this option will make IMQ hook like this:
487 +
488 + PREROUTING: After NAT
489 + POSTROUTING: Before NAT
490 +
491 + More information can be found at: www.linuximq.net
492 +
493 + If not sure leave the default settings alone.
494 +
495 +config IMQ_BEHAVIOR_BA
496 + bool "IMQ BA"
497 + help
498 + This settings defines how IMQ behaves in respect to its
499 + hooking in PREROUTING and POSTROUTING.
500 +
501 + Choosing this option will make IMQ hook like this:
502 +
503 + PREROUTING: Before NAT
504 + POSTROUTING: After NAT
505 +
506 + More information can be found at: www.linuximq.net
507 +
508 + If not sure leave the default settings alone.
509 +
510 +config IMQ_BEHAVIOR_BB
511 + bool "IMQ BB"
512 + help
513 + This settings defines how IMQ behaves in respect to its
514 + hooking in PREROUTING and POSTROUTING.
515 +
516 + Choosing this option will make IMQ hook like this:
517 +
518 + PREROUTING: Before NAT
519 + POSTROUTING: Before NAT
520 +
521 + More information can be found at: www.linuximq.net
522 +
523 + If not sure leave the default settings alone.
524 +
525 +endchoice
526 +
527 +config IMQ_NUM_DEVS
528 +
529 + int "Number of IMQ devices"
530 + range 2 16
531 + depends on IMQ
532 + default "16"
533 + help
534 +
535 + This settings defines how many IMQ devices will be
536 + created.
537 +
538 + The default value is 16.
539 +
540 + More information can be found at: www.linuximq.net
541 +
542 + If not sure leave the default settings alone.
543 +
544 config TUN
545 tristate "Universal TUN/TAP device driver support"
546 select CRC32
547 diff -Naurw 2.6.24/drivers/net/Makefile 2.6.24.imq/drivers/net/Makefile
548 --- 2.6.24/drivers/net/Makefile 2008-01-24 19:58:37.000000000 -0300
549 +++ 2.6.24.imq/drivers/net/Makefile 2008-01-26 15:00:11.000000000 -0300
550 @@ -139,6 +139,7 @@
551 obj-$(CONFIG_XEN_NETDEV_FRONTEND) += xen-netfront.o
552
553 obj-$(CONFIG_DUMMY) += dummy.o
554 +obj-$(CONFIG_IMQ) += imq.o
555 obj-$(CONFIG_IFB) += ifb.o
556 obj-$(CONFIG_MACVLAN) += macvlan.o
557 obj-$(CONFIG_DE600) += de600.o
558 diff -Naurw 2.6.24/include/linux/imq.h 2.6.24.imq/include/linux/imq.h
559 --- 2.6.24/include/linux/imq.h 1969-12-31 21:00:00.000000000 -0300
560 +++ 2.6.24.imq/include/linux/imq.h 2008-01-26 15:00:11.000000000 -0300
561 @@ -0,0 +1,9 @@
562 +#ifndef _IMQ_H
563 +#define _IMQ_H
564 +
565 +#define IMQ_MAX_DEVS 16
566 +
567 +#define IMQ_F_IFMASK 0x7f
568 +#define IMQ_F_ENQUEUE 0x80
569 +
570 +#endif /* _IMQ_H */
571 diff -Naurw 2.6.24/include/linux/netfilter_ipv4/ipt_IMQ.h 2.6.24.imq/include/linux/netfilter_ipv4/ipt_IMQ.h
572 --- 2.6.24/include/linux/netfilter_ipv4/ipt_IMQ.h 1969-12-31 21:00:00.000000000 -0300
573 +++ 2.6.24.imq/include/linux/netfilter_ipv4/ipt_IMQ.h 2008-01-26 15:00:11.000000000 -0300
574 @@ -0,0 +1,8 @@
575 +#ifndef _IPT_IMQ_H
576 +#define _IPT_IMQ_H
577 +
578 +struct ipt_imq_info {
579 + unsigned int todev; /* target imq device */
580 +};
581 +
582 +#endif /* _IPT_IMQ_H */
583 diff -Naurw 2.6.24/include/linux/netfilter_ipv6/ip6t_IMQ.h 2.6.24.imq/include/linux/netfilter_ipv6/ip6t_IMQ.h
584 --- 2.6.24/include/linux/netfilter_ipv6/ip6t_IMQ.h 1969-12-31 21:00:00.000000000 -0300
585 +++ 2.6.24.imq/include/linux/netfilter_ipv6/ip6t_IMQ.h 2008-01-26 15:00:11.000000000 -0300
586 @@ -0,0 +1,8 @@
587 +#ifndef _IP6T_IMQ_H
588 +#define _IP6T_IMQ_H
589 +
590 +struct ip6t_imq_info {
591 + unsigned int todev; /* target imq device */
592 +};
593 +
594 +#endif /* _IP6T_IMQ_H */
595 diff -Naurw 2.6.24/include/linux/skbuff.h 2.6.24.imq/include/linux/skbuff.h
596 --- 2.6.24/include/linux/skbuff.h 2008-01-24 19:58:37.000000000 -0300
597 +++ 2.6.24.imq/include/linux/skbuff.h 2008-01-26 15:00:11.000000000 -0300
598 @@ -295,6 +295,10 @@
599 struct nf_conntrack *nfct;
600 struct sk_buff *nfct_reasm;
601 #endif
602 +#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
603 + unsigned char imq_flags;
604 + struct nf_info *nf_info;
605 +#endif
606 #ifdef CONFIG_BRIDGE_NETFILTER
607 struct nf_bridge_info *nf_bridge;
608 #endif
609 @@ -1728,6 +1732,10 @@
610 dst->nfct_reasm = src->nfct_reasm;
611 nf_conntrack_get_reasm(src->nfct_reasm);
612 #endif
613 +#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
614 + dst->imq_flags = src->imq_flags;
615 + dst->nf_info = src->nf_info;
616 +#endif
617 #ifdef CONFIG_BRIDGE_NETFILTER
618 dst->nf_bridge = src->nf_bridge;
619 nf_bridge_get(src->nf_bridge);
620 diff -Naurw 2.6.24/net/core/dev.c 2.6.24.imq/net/core/dev.c
621 --- 2.6.24/net/core/dev.c 2008-01-24 19:58:37.000000000 -0300
622 +++ 2.6.24.imq/net/core/dev.c 2008-01-26 15:00:11.000000000 -0300
623 @@ -95,6 +95,9 @@
624 #include <net/net_namespace.h>
625 #include <net/sock.h>
626 #include <linux/rtnetlink.h>
627 +#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
628 +#include <linux/imq.h>
629 +#endif
630 #include <linux/proc_fs.h>
631 #include <linux/seq_file.h>
632 #include <linux/stat.h>
633 @@ -1533,7 +1536,11 @@
634 int dev_hard_start_xmit(struct sk_buff *skb, struct net_device *dev)
635 {
636 if (likely(!skb->next)) {
637 - if (!list_empty(&ptype_all))
638 + if (!list_empty(&ptype_all)
639 +#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
640 + && !(skb->imq_flags & IMQ_F_ENQUEUE)
641 +#endif
642 + )
643 dev_queue_xmit_nit(skb, dev);
644
645 if (netif_needs_gso(dev, skb)) {
646 diff -Naurw 2.6.24/net/ipv4/netfilter/ipt_IMQ.c 2.6.24.imq/net/ipv4/netfilter/ipt_IMQ.c
647 --- 2.6.24/net/ipv4/netfilter/ipt_IMQ.c 1969-12-31 21:00:00.000000000 -0300
648 +++ 2.6.24.imq/net/ipv4/netfilter/ipt_IMQ.c 2008-01-26 15:00:11.000000000 -0300
649 @@ -0,0 +1,69 @@
650 +/*
651 + * This target marks packets to be enqueued to an imq device
652 + */
653 +#include <linux/module.h>
654 +#include <linux/skbuff.h>
655 +#include <linux/netfilter_ipv4/ip_tables.h>
656 +#include <linux/netfilter_ipv4/ipt_IMQ.h>
657 +#include <linux/imq.h>
658 +
659 +static unsigned int imq_target(struct sk_buff *pskb,
660 + const struct net_device *in,
661 + const struct net_device *out,
662 + unsigned int hooknum,
663 + const struct xt_target *target,
664 + const void *targinfo)
665 +{
666 + struct ipt_imq_info *mr = (struct ipt_imq_info*)targinfo;
667 +
668 + pskb->imq_flags = mr->todev | IMQ_F_ENQUEUE;
669 +
670 + return XT_CONTINUE;
671 +}
672 +
673 +static bool imq_checkentry(const char *tablename,
674 + const void *e,
675 + const struct xt_target *target,
676 + void *targinfo,
677 + unsigned int hook_mask)
678 +{
679 + struct ipt_imq_info *mr;
680 +
681 + mr = (struct ipt_imq_info*)targinfo;
682 +
683 + if (mr->todev > IMQ_MAX_DEVS) {
684 + printk(KERN_WARNING
685 + "IMQ: invalid device specified, highest is %u\n",
686 + IMQ_MAX_DEVS);
687 + return 0;
688 + }
689 +
690 + return 1;
691 +}
692 +
693 +static struct xt_target ipt_imq_reg = {
694 + .name = "IMQ",
695 + .family = AF_INET,
696 + .target = imq_target,
697 + .targetsize = sizeof(struct ipt_imq_info),
698 + .checkentry = imq_checkentry,
699 + .me = THIS_MODULE,
700 + .table = "mangle"
701 +};
702 +
703 +static int __init init(void)
704 +{
705 + return xt_register_target(&ipt_imq_reg);
706 +}
707 +
708 +static void __exit fini(void)
709 +{
710 + xt_unregister_target(&ipt_imq_reg);
711 +}
712 +
713 +module_init(init);
714 +module_exit(fini);
715 +
716 +MODULE_AUTHOR("http://www.linuximq.net");
717 +MODULE_DESCRIPTION("Pseudo-driver for the intermediate queue device. See http://www.linuximq.net/ for more information.");
718 +MODULE_LICENSE("GPL");
719 diff -Naurw 2.6.24/net/ipv4/netfilter/Kconfig 2.6.24.imq/net/ipv4/netfilter/Kconfig
720 --- 2.6.24/net/ipv4/netfilter/Kconfig 2008-01-24 19:58:37.000000000 -0300
721 +++ 2.6.24.imq/net/ipv4/netfilter/Kconfig 2008-01-26 15:00:11.000000000 -0300
722 @@ -311,6 +311,17 @@
723
724 To compile it as a module, choose M here. If unsure, say N.
725
726 +config IP_NF_TARGET_IMQ
727 + tristate "IMQ target support"
728 + depends on IP_NF_MANGLE
729 + help
730 + This option adds a `IMQ' target which is used to specify if and
731 + to which IMQ device packets should get enqueued/dequeued.
732 +
733 + For more information visit: http://www.linuximq.net/
734 +
735 + To compile it as a module, choose M here. If unsure, say N.
736 +
737 config IP_NF_TARGET_ECN
738 tristate "ECN target support"
739 depends on IP_NF_MANGLE
740 diff -Naurw 2.6.24/net/ipv4/netfilter/Makefile 2.6.24.imq/net/ipv4/netfilter/Makefile
741 --- 2.6.24/net/ipv4/netfilter/Makefile 2008-01-24 19:58:37.000000000 -0300
742 +++ 2.6.24.imq/net/ipv4/netfilter/Makefile 2008-01-26 15:00:11.000000000 -0300
743 @@ -54,6 +54,7 @@
744 obj-$(CONFIG_IP_NF_TARGET_CLUSTERIP) += ipt_CLUSTERIP.o
745 obj-$(CONFIG_IP_NF_TARGET_ECN) += ipt_ECN.o
746 obj-$(CONFIG_IP_NF_TARGET_LOG) += ipt_LOG.o
747 +obj-$(CONFIG_IP_NF_TARGET_IMQ) += ipt_IMQ.o
748 obj-$(CONFIG_IP_NF_TARGET_MASQUERADE) += ipt_MASQUERADE.o
749 obj-$(CONFIG_IP_NF_TARGET_NETMAP) += ipt_NETMAP.o
750 obj-$(CONFIG_IP_NF_TARGET_REDIRECT) += ipt_REDIRECT.o
751 diff -Naurw 2.6.24/net/ipv6/netfilter/ip6t_IMQ.c 2.6.24.imq/net/ipv6/netfilter/ip6t_IMQ.c
752 --- 2.6.24/net/ipv6/netfilter/ip6t_IMQ.c 1969-12-31 21:00:00.000000000 -0300
753 +++ 2.6.24.imq/net/ipv6/netfilter/ip6t_IMQ.c 2008-01-26 15:00:11.000000000 -0300
754 @@ -0,0 +1,69 @@
755 +/*
756 + * This target marks packets to be enqueued to an imq device
757 + */
758 +#include <linux/module.h>
759 +#include <linux/skbuff.h>
760 +#include <linux/netfilter_ipv6/ip6_tables.h>
761 +#include <linux/netfilter_ipv6/ip6t_IMQ.h>
762 +#include <linux/imq.h>
763 +
764 +static unsigned int imq_target(struct sk_buff *pskb,
765 + const struct net_device *in,
766 + const struct net_device *out,
767 + unsigned int hooknum,
768 + const struct xt_target *target,
769 + const void *targinfo)
770 +{
771 + struct ip6t_imq_info *mr = (struct ip6t_imq_info*)targinfo;
772 +
773 + pskb->imq_flags = mr->todev | IMQ_F_ENQUEUE;
774 +
775 + return XT_CONTINUE;
776 +}
777 +
778 +static bool imq_checkentry(const char *tablename,
779 + const void *entry,
780 + const struct xt_target *target,
781 + void *targinfo,
782 + unsigned int hook_mask)
783 +{
784 + struct ip6t_imq_info *mr;
785 +
786 + mr = (struct ip6t_imq_info*)targinfo;
787 +
788 + if (mr->todev > IMQ_MAX_DEVS) {
789 + printk(KERN_WARNING
790 + "IMQ: invalid device specified, highest is %u\n",
791 + IMQ_MAX_DEVS);
792 + return 0;
793 + }
794 +
795 + return 1;
796 +}
797 +
798 +static struct xt_target ip6t_imq_reg = {
799 + .name = "IMQ",
800 + .family = AF_INET6,
801 + .target = imq_target,
802 + .targetsize = sizeof(struct ip6t_imq_info),
803 + .table = "mangle",
804 + .checkentry = imq_checkentry,
805 + .me = THIS_MODULE
806 +};
807 +
808 +static int __init init(void)
809 +{
810 + return xt_register_target(&ip6t_imq_reg);
811 +}
812 +
813 +static void __exit fini(void)
814 +{
815 + xt_unregister_target(&ip6t_imq_reg);
816 +}
817 +
818 +module_init(init);
819 +module_exit(fini);
820 +
821 +MODULE_AUTHOR("http://www.linuximq.net");
822 +MODULE_DESCRIPTION("Pseudo-driver for the intermediate queue device. See http://www.linuximq.net/ for more information.");
823 +MODULE_LICENSE("GPL");
824 diff -Naurw 2.6.24/net/ipv6/netfilter/Kconfig 2.6.24.imq/net/ipv6/netfilter/Kconfig
825 --- 2.6.24/net/ipv6/netfilter/Kconfig 2008-01-24 19:58:37.000000000 -0300
826 +++ 2.6.24.imq/net/ipv6/netfilter/Kconfig 2008-01-26 15:00:11.000000000 -0300
827 @@ -173,6 +173,15 @@
828
829 To compile it as a module, choose M here. If unsure, say N.
830
831 +config IP6_NF_TARGET_IMQ
832 + tristate "IMQ target support"
833 + depends on IP6_NF_MANGLE
834 + help
835 + This option adds a `IMQ' target which is used to specify if and
836 + to which imq device packets should get enqueued/dequeued.
837 +
838 + To compile it as a module, choose M here. If unsure, say N.
839 +
840 config IP6_NF_TARGET_HL
841 tristate 'HL (hoplimit) target support'
842 depends on IP6_NF_MANGLE
843 diff -Naurw 2.6.24/net/ipv6/netfilter/Makefile 2.6.24.imq/net/ipv6/netfilter/Makefile
844 --- 2.6.24/net/ipv6/netfilter/Makefile 2008-01-24 19:58:37.000000000 -0300
845 +++ 2.6.24.imq/net/ipv6/netfilter/Makefile 2008-01-26 15:00:11.000000000 -0300
846 @@ -6,6 +6,7 @@
847 obj-$(CONFIG_IP6_NF_IPTABLES) += ip6_tables.o
848 obj-$(CONFIG_IP6_NF_FILTER) += ip6table_filter.o
849 obj-$(CONFIG_IP6_NF_MANGLE) += ip6table_mangle.o
850 +obj-$(CONFIG_IP6_NF_TARGET_IMQ) += ip6t_IMQ.o
851 obj-$(CONFIG_IP6_NF_QUEUE) += ip6_queue.o
852 obj-$(CONFIG_IP6_NF_RAW) += ip6table_raw.o
853
854 diff -Naurw 2.6.24/net/sched/sch_generic.c 2.6.24.imq/net/sched/sch_generic.c
855 --- 2.6.24/net/sched/sch_generic.c 2008-01-24 19:58:37.000000000 -0300
856 +++ 2.6.24.imq/net/sched/sch_generic.c 2008-01-26 15:00:11.000000000 -0300
857 @@ -176,6 +176,13 @@
858 return ret;
859 }
860
861 +int qdisc_restart1(struct net_device *dev)
862 +{
863 + return qdisc_restart(dev);
864 +}
865 +
866 +EXPORT_SYMBOL(qdisc_restart1);
867 +
868 void __qdisc_run(struct net_device *dev)
869 {
870 do {
OpenWrt Source Repository