559d80fbc8b675ccef04902b7c4b462d3d17e531
[openwrt/openwrt.git] / target / linux / generic-2.6 / patches / 150-netfilter_imq.patch
1 diff -urN linux-2.6.19.old/drivers/net/imq.c linux-2.6.19.dev/drivers/net/imq.c
2 --- linux-2.6.19.old/drivers/net/imq.c 1970-01-01 01:00:00.000000000 +0100
3 +++ linux-2.6.19.dev/drivers/net/imq.c 2006-12-14 03:13:47.000000000 +0100
4 @@ -0,0 +1,400 @@
5 +/*
6 + * Pseudo-driver for the intermediate queue device.
7 + *
8 + * This program is free software; you can redistribute it and/or
9 + * modify it under the terms of the GNU General Public License
10 + * as published by the Free Software Foundation; either version
11 + * 2 of the License, or (at your option) any later version.
12 + *
13 + * Authors: Patrick McHardy, <kaber@trash.net>
14 + *
15 + * The first version was written by Martin Devera, <devik@cdi.cz>
16 + *
17 + * Credits: Jan Rafaj <imq2t@cedric.vabo.cz>
18 + * - Update patch to 2.4.21
19 + * Sebastian Strollo <sstrollo@nortelnetworks.com>
20 + * - Fix "Dead-loop on netdevice imq"-issue
21 + * Marcel Sebek <sebek64@post.cz>
22 + * - Update to 2.6.2-rc1
23 + *
24 + * After some time of inactivity there is a group taking care
25 + * of IMQ again: http://www.linuximq.net
26 + *
27 + *
28 + * 2004/06/30 - New version of IMQ patch to kernels <=2.6.7 including
29 + * the following changes:
30 + *
31 + * - Correction of ipv6 support "+"s issue (Hasso Tepper)
32 + * - Correction of imq_init_devs() issue that resulted in
33 + * kernel OOPS unloading IMQ as module (Norbert Buchmuller)
34 + * - Addition of functionality to choose number of IMQ devices
35 + * during kernel config (Andre Correa)
36 + * - Addition of functionality to choose how IMQ hooks on
37 + * PRE and POSTROUTING (after or before NAT) (Andre Correa)
38 + * - Cosmetic corrections (Norbert Buchmuller) (Andre Correa)
39 + *
40 + *
41 + * 2005/12/16 - IMQ versions between 2.6.7 and 2.6.13 were
42 + * released with almost no problems. 2.6.14-x was released
43 + * with some important changes: nfcache was removed; After
44 + * some weeks of trouble we figured out that some IMQ fields
45 + * in skb were missing in skbuff.c - skb_clone and copy_skb_header.
46 + * These functions are correctly patched by this new patch version.
47 + *
48 + * Thanks for all who helped to figure out all the problems with
49 + * 2.6.14.x: Patrick McHardy, Rune Kock, VeNoMouS, Max CtRiX,
50 + * Kevin Shanahan, Richard Lucassen, Valery Dachev (hopefully
51 + * I didn't forget anybody). I apologize again for my lack of time.
52 + *
53 + * More info at: http://www.linuximq.net/ (Andre Correa)
54 + */
55 +
56 +#include <linux/autoconf.h>
57 +#include <linux/module.h>
58 +#include <linux/kernel.h>
59 +#include <linux/moduleparam.h>
60 +#include <linux/skbuff.h>
61 +#include <linux/netdevice.h>
62 +#include <linux/rtnetlink.h>
63 +#include <linux/if_arp.h>
64 +#include <linux/netfilter.h>
65 +#include <linux/netfilter_ipv4.h>
66 +#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
67 + #include <linux/netfilter_ipv6.h>
68 +#endif
69 +#include <linux/imq.h>
70 +#include <net/pkt_sched.h>
71 +
72 +static nf_hookfn imq_nf_hook;
73 +
74 +static struct nf_hook_ops imq_ingress_ipv4 = {
75 + .hook = imq_nf_hook,
76 + .owner = THIS_MODULE,
77 + .pf = PF_INET,
78 + .hooknum = NF_IP_PRE_ROUTING,
79 +#if defined(CONFIG_IMQ_BEHAVIOR_BA) || defined(CONFIG_IMQ_BEHAVIOR_BB)
80 + .priority = NF_IP_PRI_MANGLE + 1
81 +#else
82 + .priority = NF_IP_PRI_NAT_DST + 1
83 +#endif
84 +};
85 +
86 +static struct nf_hook_ops imq_egress_ipv4 = {
87 + .hook = imq_nf_hook,
88 + .owner = THIS_MODULE,
89 + .pf = PF_INET,
90 + .hooknum = NF_IP_POST_ROUTING,
91 +#if defined(CONFIG_IMQ_BEHAVIOR_AA) || defined(CONFIG_IMQ_BEHAVIOR_BA)
92 + .priority = NF_IP_PRI_LAST
93 +#else
94 + .priority = NF_IP_PRI_NAT_SRC - 1
95 +#endif
96 +};
97 +
98 +#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
99 +static struct nf_hook_ops imq_ingress_ipv6 = {
100 + .hook = imq_nf_hook,
101 + .owner = THIS_MODULE,
102 + .pf = PF_INET6,
103 + .hooknum = NF_IP6_PRE_ROUTING,
104 +#if defined(CONFIG_IMQ_BEHAVIOR_BA) || defined(CONFIG_IMQ_BEHAVIOR_BB)
105 + .priority = NF_IP6_PRI_MANGLE + 1
106 +#else
107 + .priority = NF_IP6_PRI_NAT_DST + 1
108 +#endif
109 +};
110 +
111 +static struct nf_hook_ops imq_egress_ipv6 = {
112 + .hook = imq_nf_hook,
113 + .owner = THIS_MODULE,
114 + .pf = PF_INET6,
115 + .hooknum = NF_IP6_POST_ROUTING,
116 +#if defined(CONFIG_IMQ_BEHAVIOR_AA) || defined(CONFIG_IMQ_BEHAVIOR_BA)
117 + .priority = NF_IP6_PRI_LAST
118 +#else
119 + .priority = NF_IP6_PRI_NAT_SRC - 1
120 +#endif
121 +};
122 +#endif
123 +
124 +#if defined(CONFIG_IMQ_NUM_DEVS)
125 +static unsigned int numdevs = CONFIG_IMQ_NUM_DEVS;
126 +#else
127 +static unsigned int numdevs = 2;
128 +#endif
129 +
130 +static struct net_device *imq_devs;
131 +
132 +static struct net_device_stats *imq_get_stats(struct net_device *dev)
133 +{
134 + return (struct net_device_stats *)dev->priv;
135 +}
136 +
137 +/* called for packets kfree'd in qdiscs at places other than enqueue */
138 +static void imq_skb_destructor(struct sk_buff *skb)
139 +{
140 + struct nf_info *info = skb->nf_info;
141 +
142 + if (info) {
143 + if (info->indev)
144 + dev_put(info->indev);
145 + if (info->outdev)
146 + dev_put(info->outdev);
147 + kfree(info);
148 + }
149 +}
150 +
151 +static int imq_dev_xmit(struct sk_buff *skb, struct net_device *dev)
152 +{
153 + struct net_device_stats *stats = (struct net_device_stats*) dev->priv;
154 +
155 + stats->tx_bytes += skb->len;
156 + stats->tx_packets++;
157 +
158 + skb->imq_flags = 0;
159 + skb->destructor = NULL;
160 +
161 + dev->trans_start = jiffies;
162 + nf_reinject(skb, skb->nf_info, NF_ACCEPT);
163 + return 0;
164 +}
165 +
166 +static int imq_nf_queue(struct sk_buff *skb, struct nf_info *info, unsigned queue_num, void *data)
167 +{
168 + struct net_device *dev;
169 + struct net_device_stats *stats;
170 + struct sk_buff *skb2 = NULL;
171 + struct Qdisc *q;
172 + unsigned int index = skb->imq_flags&IMQ_F_IFMASK;
173 + int ret = -1;
174 +
175 + if (index > numdevs)
176 + return -1;
177 +
178 + dev = imq_devs + index;
179 + if (!(dev->flags & IFF_UP)) {
180 + skb->imq_flags = 0;
181 + nf_reinject(skb, info, NF_ACCEPT);
182 + return 0;
183 + }
184 + dev->last_rx = jiffies;
185 +
186 + if (skb->destructor) {
187 + skb2 = skb;
188 + skb = skb_clone(skb, GFP_ATOMIC);
189 + if (!skb)
190 + return -1;
191 + }
192 + skb->nf_info = info;
193 +
194 + stats = (struct net_device_stats *)dev->priv;
195 + stats->rx_bytes+= skb->len;
196 + stats->rx_packets++;
197 +
198 + spin_lock_bh(&dev->queue_lock);
199 + q = dev->qdisc;
200 + if (q->enqueue) {
201 + q->enqueue(skb_get(skb), q);
202 + if (skb_shared(skb)) {
203 + skb->destructor = imq_skb_destructor;
204 + kfree_skb(skb);
205 + ret = 0;
206 + }
207 + }
208 + if (spin_is_locked(&dev->_xmit_lock))
209 + netif_schedule(dev);
210 + else
211 + qdisc_run(dev);
212 +
213 + spin_unlock_bh(&dev->queue_lock);
214 +
215 + if (skb2)
216 + kfree_skb(ret ? skb : skb2);
217 +
218 + return ret;
219 +}
220 +
221 +static struct nf_queue_handler nfqh = {
222 + .name = "imq",
223 + .outfn = imq_nf_queue,
224 +};
225 +
226 +static unsigned int imq_nf_hook(unsigned int hook, struct sk_buff **pskb,
227 + const struct net_device *indev,
228 + const struct net_device *outdev,
229 + int (*okfn)(struct sk_buff *))
230 +{
231 + if ((*pskb)->imq_flags & IMQ_F_ENQUEUE)
232 + return NF_QUEUE;
233 +
234 + return NF_ACCEPT;
235 +}
236 +
237 +
238 +static int __init imq_init_hooks(void)
239 +{
240 + int err;
241 +
242 + err = nf_register_queue_handler(PF_INET, &nfqh);
243 + if (err > 0)
244 + goto err1;
245 + if ((err = nf_register_hook(&imq_ingress_ipv4)))
246 + goto err2;
247 + if ((err = nf_register_hook(&imq_egress_ipv4)))
248 + goto err3;
249 +#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
250 + if ((err = nf_register_queue_handler(PF_INET6, &nfqh)))
251 + goto err4;
252 + if ((err = nf_register_hook(&imq_ingress_ipv6)))
253 + goto err5;
254 + if ((err = nf_register_hook(&imq_egress_ipv6)))
255 + goto err6;
256 +#endif
257 +
258 + return 0;
259 +
260 +#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
261 +err6:
262 + nf_unregister_hook(&imq_ingress_ipv6);
263 +err5:
264 + nf_unregister_queue_handler(PF_INET6);
265 +err4:
266 + nf_unregister_hook(&imq_egress_ipv6);
267 +#endif
268 +err3:
269 + nf_unregister_hook(&imq_ingress_ipv4);
270 +err2:
271 + nf_unregister_queue_handler(PF_INET);
272 +err1:
273 + return err;
274 +}
275 +
276 +static void __exit imq_unhook(void)
277 +{
278 + nf_unregister_hook(&imq_ingress_ipv4);
279 + nf_unregister_hook(&imq_egress_ipv4);
280 + nf_unregister_queue_handler(PF_INET);
281 +#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
282 + nf_unregister_hook(&imq_ingress_ipv6);
283 + nf_unregister_hook(&imq_egress_ipv6);
284 + nf_unregister_queue_handler(PF_INET6);
285 +#endif
286 +}
287 +
288 +static int __init imq_dev_init(struct net_device *dev)
289 +{
290 + dev->hard_start_xmit = imq_dev_xmit;
291 + dev->type = ARPHRD_VOID;
292 + dev->mtu = 1500;
293 + dev->tx_queue_len = 30;
294 + dev->flags = IFF_NOARP;
295 + dev->priv = kmalloc(sizeof(struct net_device_stats), GFP_KERNEL);
296 + if (dev->priv == NULL)
297 + return -ENOMEM;
298 + memset(dev->priv, 0, sizeof(struct net_device_stats));
299 + dev->get_stats = imq_get_stats;
300 +
301 + return 0;
302 +}
303 +
304 +static void imq_dev_uninit(struct net_device *dev)
305 +{
306 + kfree(dev->priv);
307 +}
308 +
309 +static int __init imq_init_devs(void)
310 +{
311 + struct net_device *dev;
312 + int i,j;
313 + j = numdevs;
314 +
315 + if (!numdevs || numdevs > IMQ_MAX_DEVS) {
316 + printk(KERN_ERR "IMQ: numdevs has to be betweed 1 and %u\n",
317 + IMQ_MAX_DEVS);
318 + return -EINVAL;
319 + }
320 +
321 + imq_devs = kmalloc(sizeof(struct net_device) * numdevs, GFP_KERNEL);
322 + if (!imq_devs)
323 + return -ENOMEM;
324 + memset(imq_devs, 0, sizeof(struct net_device) * numdevs);
325 +
326 + /* we start counting at zero */
327 + numdevs--;
328 +
329 + for (i = 0, dev = imq_devs; i <= numdevs; i++, dev++) {
330 + SET_MODULE_OWNER(dev);
331 + strcpy(dev->name, "imq%d");
332 + dev->init = imq_dev_init;
333 + dev->uninit = imq_dev_uninit;
334 +
335 + if (register_netdev(dev) < 0)
336 + goto err_register;
337 + }
338 + printk(KERN_INFO "IMQ starting with %u devices...\n", j);
339 + return 0;
340 +
341 +err_register:
342 + for (; i; i--)
343 + unregister_netdev(--dev);
344 + kfree(imq_devs);
345 + return -EIO;
346 +}
347 +
348 +static void imq_cleanup_devs(void)
349 +{
350 + int i;
351 + struct net_device *dev = imq_devs;
352 +
353 + for (i = 0; i <= numdevs; i++)
354 + unregister_netdev(dev++);
355 +
356 + kfree(imq_devs);
357 +}
358 +
359 +static int __init imq_init_module(void)
360 +{
361 + int err;
362 +
363 + if ((err = imq_init_devs())) {
364 + printk(KERN_ERR "IMQ: Error trying imq_init_devs()\n");
365 + return err;
366 + }
367 + if ((err = imq_init_hooks())) {
368 + printk(KERN_ERR "IMQ: Error trying imq_init_hooks()\n");
369 + imq_cleanup_devs();
370 + return err;
371 + }
372 +
373 + printk(KERN_INFO "IMQ driver loaded successfully.\n");
374 +
375 +#if defined(CONFIG_IMQ_BEHAVIOR_BA) || defined(CONFIG_IMQ_BEHAVIOR_BB)
376 + printk(KERN_INFO "\tHooking IMQ before NAT on PREROUTING.\n");
377 +#else
378 + printk(KERN_INFO "\tHooking IMQ after NAT on PREROUTING.\n");
379 +#endif
380 +#if defined(CONFIG_IMQ_BEHAVIOR_AB) || defined(CONFIG_IMQ_BEHAVIOR_BB)
381 + printk(KERN_INFO "\tHooking IMQ before NAT on POSTROUTING.\n");
382 +#else
383 + printk(KERN_INFO "\tHooking IMQ after NAT on POSTROUTING.\n");
384 +#endif
385 +
386 + return 0;
387 +}
388 +
389 +static void __exit imq_cleanup_module(void)
390 +{
391 + imq_unhook();
392 + imq_cleanup_devs();
393 + printk(KERN_INFO "IMQ driver unloaded successfully.\n");
394 +}
395 +
396 +
397 +module_init(imq_init_module);
398 +module_exit(imq_cleanup_module);
399 +
400 +module_param(numdevs, int, 0);
401 +MODULE_PARM_DESC(numdevs, "number of IMQ devices (how many imq* devices will be created)");
402 +MODULE_AUTHOR("http://www.linuximq.net");
403 +MODULE_DESCRIPTION("Pseudo-driver for the intermediate queue device. See http://www.linuximq.net/ for more information.");
404 +MODULE_LICENSE("GPL");
405 diff -urN linux-2.6.19.old/drivers/net/Kconfig linux-2.6.19.dev/drivers/net/Kconfig
406 --- linux-2.6.19.old/drivers/net/Kconfig 2006-11-29 22:57:37.000000000 +0100
407 +++ linux-2.6.19.dev/drivers/net/Kconfig 2006-12-14 03:13:47.000000000 +0100
408 @@ -96,6 +96,129 @@
409 To compile this driver as a module, choose M here: the module
410 will be called eql. If unsure, say N.
411
412 +config IMQ
413 + tristate "IMQ (intermediate queueing device) support"
414 + depends on NETDEVICES && NETFILTER
415 + ---help---
416 + The IMQ device(s) is used as placeholder for QoS queueing disciplines.
417 + Every packet entering/leaving the IP stack can be directed through
418 + the IMQ device where it's enqueued/dequeued to the attached qdisc.
419 + This allows you to treat network devices as classes and distribute
420 + bandwidth among them. Iptables is used to specify through which IMQ
421 + device, if any, packets travel.
422 +
423 + More information at: http://www.linuximq.net/
424 +
425 + To compile this driver as a module, choose M here: the module
426 + will be called imq. If unsure, say N.
427 +
428 +choice
429 + prompt "IMQ behavior (PRE/POSTROUTING)"
430 + depends on IMQ
431 + default IMQ_BEHAVIOR_BA
432 + help
433 +
434 + This settings defines how IMQ behaves in respect to its
435 + hooking in PREROUTING and POSTROUTING.
436 +
437 + IMQ can work in any of the following ways:
438 +
439 + PREROUTING | POSTROUTING
440 + -----------------|-------------------
441 + #1 After NAT | After NAT
442 + #2 After NAT | Before NAT
443 + #3 Before NAT | After NAT
444 + #4 Before NAT | Before NAT
445 +
446 + The default behavior is to hook before NAT on PREROUTING
447 + and after NAT on POSTROUTING (#3).
448 +
449 + This settings are specially usefull when trying to use IMQ
450 + to shape NATed clients.
451 +
452 + More information can be found at: www.linuximq.net
453 +
454 + If not sure leave the default settings alone.
455 +
456 +config IMQ_BEHAVIOR_AA
457 + bool "IMQ AA"
458 + help
459 + This settings defines how IMQ behaves in respect to its
460 + hooking in PREROUTING and POSTROUTING.
461 +
462 + Choosing this option will make IMQ hook like this:
463 +
464 + PREROUTING: After NAT
465 + POSTROUTING: After NAT
466 +
467 + More information can be found at: www.linuximq.net
468 +
469 + If not sure leave the default settings alone.
470 +
471 +config IMQ_BEHAVIOR_AB
472 + bool "IMQ AB"
473 + help
474 + This settings defines how IMQ behaves in respect to its
475 + hooking in PREROUTING and POSTROUTING.
476 +
477 + Choosing this option will make IMQ hook like this:
478 +
479 + PREROUTING: After NAT
480 + POSTROUTING: Before NAT
481 +
482 + More information can be found at: www.linuximq.net
483 +
484 + If not sure leave the default settings alone.
485 +
486 +config IMQ_BEHAVIOR_BA
487 + bool "IMQ BA"
488 + help
489 + This settings defines how IMQ behaves in respect to its
490 + hooking in PREROUTING and POSTROUTING.
491 +
492 + Choosing this option will make IMQ hook like this:
493 +
494 + PREROUTING: Before NAT
495 + POSTROUTING: After NAT
496 +
497 + More information can be found at: www.linuximq.net
498 +
499 + If not sure leave the default settings alone.
500 +
501 +config IMQ_BEHAVIOR_BB
502 + bool "IMQ BB"
503 + help
504 + This settings defines how IMQ behaves in respect to its
505 + hooking in PREROUTING and POSTROUTING.
506 +
507 + Choosing this option will make IMQ hook like this:
508 +
509 + PREROUTING: Before NAT
510 + POSTROUTING: Before NAT
511 +
512 + More information can be found at: www.linuximq.net
513 +
514 + If not sure leave the default settings alone.
515 +
516 +endchoice
517 +
518 +config IMQ_NUM_DEVS
519 +
520 + int "Number of IMQ devices"
521 + range 2 8
522 + depends on IMQ
523 + default "2"
524 + help
525 +
526 + This settings defines how many IMQ devices will be
527 + created.
528 +
529 + The default value is 2.
530 +
531 + More information can be found at: www.linuximq.net
532 +
533 + If not sure leave the default settings alone.
534 +
535 config TUN
536 tristate "Universal TUN/TAP device driver support"
537 select CRC32
538 diff -urN linux-2.6.19.old/drivers/net/Makefile linux-2.6.19.dev/drivers/net/Makefile
539 --- linux-2.6.19.old/drivers/net/Makefile 2006-11-29 22:57:37.000000000 +0100
540 +++ linux-2.6.19.dev/drivers/net/Makefile 2006-12-14 03:13:47.000000000 +0100
541 @@ -124,6 +124,7 @@
542 obj-$(CONFIG_SLHC) += slhc.o
543
544 obj-$(CONFIG_DUMMY) += dummy.o
545 +obj-$(CONFIG_IMQ) += imq.o
546 obj-$(CONFIG_IFB) += ifb.o
547 obj-$(CONFIG_DE600) += de600.o
548 obj-$(CONFIG_DE620) += de620.o
549 diff -urN linux-2.6.19.old/include/linux/imq.h linux-2.6.19.dev/include/linux/imq.h
550 --- linux-2.6.19.old/include/linux/imq.h 1970-01-01 01:00:00.000000000 +0100
551 +++ linux-2.6.19.dev/include/linux/imq.h 2006-12-14 03:13:47.000000000 +0100
552 @@ -0,0 +1,9 @@
553 +#ifndef _IMQ_H
554 +#define _IMQ_H
555 +
556 +#define IMQ_MAX_DEVS 16
557 +
558 +#define IMQ_F_IFMASK 0x7f
559 +#define IMQ_F_ENQUEUE 0x80
560 +
561 +#endif /* _IMQ_H */
562 diff -urN linux-2.6.19.old/include/linux/netfilter_ipv4/ipt_IMQ.h linux-2.6.19.dev/include/linux/netfilter_ipv4/ipt_IMQ.h
563 --- linux-2.6.19.old/include/linux/netfilter_ipv4/ipt_IMQ.h 1970-01-01 01:00:00.000000000 +0100
564 +++ linux-2.6.19.dev/include/linux/netfilter_ipv4/ipt_IMQ.h 2006-12-14 03:13:47.000000000 +0100
565 @@ -0,0 +1,8 @@
566 +#ifndef _IPT_IMQ_H
567 +#define _IPT_IMQ_H
568 +
569 +struct ipt_imq_info {
570 + unsigned int todev; /* target imq device */
571 +};
572 +
573 +#endif /* _IPT_IMQ_H */
574 diff -urN linux-2.6.19.old/include/linux/netfilter_ipv6/ip6t_IMQ.h linux-2.6.19.dev/include/linux/netfilter_ipv6/ip6t_IMQ.h
575 --- linux-2.6.19.old/include/linux/netfilter_ipv6/ip6t_IMQ.h 1970-01-01 01:00:00.000000000 +0100
576 +++ linux-2.6.19.dev/include/linux/netfilter_ipv6/ip6t_IMQ.h 2006-12-14 03:13:47.000000000 +0100
577 @@ -0,0 +1,8 @@
578 +#ifndef _IP6T_IMQ_H
579 +#define _IP6T_IMQ_H
580 +
581 +struct ip6t_imq_info {
582 + unsigned int todev; /* target imq device */
583 +};
584 +
585 +#endif /* _IP6T_IMQ_H */
586 diff -urN linux-2.6.19.old/include/linux/skbuff.h linux-2.6.19.dev/include/linux/skbuff.h
587 --- linux-2.6.19.old/include/linux/skbuff.h 2006-11-29 22:57:37.000000000 +0100
588 +++ linux-2.6.19.dev/include/linux/skbuff.h 2006-12-14 03:13:47.000000000 +0100
589 @@ -292,6 +292,10 @@
590 #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
591 struct sk_buff *nfct_reasm;
592 #endif
593 +#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
594 + unsigned char imq_flags;
595 + struct nf_info *nf_info;
596 +#endif
597 #ifdef CONFIG_BRIDGE_NETFILTER
598 struct nf_bridge_info *nf_bridge;
599 #endif
600 diff -urN linux-2.6.19.old/net/core/skbuff.c linux-2.6.19.dev/net/core/skbuff.c
601 --- linux-2.6.19.old/net/core/skbuff.c 2006-11-29 22:57:37.000000000 +0100
602 +++ linux-2.6.19.dev/net/core/skbuff.c 2006-12-14 03:13:47.000000000 +0100
603 @@ -482,6 +482,10 @@
604 C(nfct_reasm);
605 nf_conntrack_get_reasm(skb->nfct_reasm);
606 #endif
607 +#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
608 + C(imq_flags);
609 + C(nf_info);
610 +#endif /*CONFIG_IMQ*/
611 #ifdef CONFIG_BRIDGE_NETFILTER
612 C(nf_bridge);
613 nf_bridge_get(skb->nf_bridge);
614 @@ -546,6 +550,10 @@
615 #if defined(CONFIG_IP_VS) || defined(CONFIG_IP_VS_MODULE)
616 new->ipvs_property = old->ipvs_property;
617 #endif
618 +#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
619 + new->imq_flags = old->imq_flags;
620 + new->nf_info = old->nf_info;
621 +#endif /*CONFIG_IMQ*/
622 #ifdef CONFIG_BRIDGE_NETFILTER
623 new->nf_bridge = old->nf_bridge;
624 nf_bridge_get(old->nf_bridge);
625 diff -urN linux-2.6.19.old/net/ipv4/netfilter/ipt_IMQ.c linux-2.6.19.dev/net/ipv4/netfilter/ipt_IMQ.c
626 --- linux-2.6.19.old/net/ipv4/netfilter/ipt_IMQ.c 1970-01-01 01:00:00.000000000 +0100
627 +++ linux-2.6.19.dev/net/ipv4/netfilter/ipt_IMQ.c 2006-12-14 03:13:47.000000000 +0100
628 @@ -0,0 +1,77 @@
629 +/*
630 + * This target marks packets to be enqueued to an imq device
631 + */
632 +#include <linux/module.h>
633 +#include <linux/skbuff.h>
634 +#include <linux/netfilter_ipv4/ip_tables.h>
635 +#include <linux/netfilter_ipv4/ipt_IMQ.h>
636 +#include <linux/imq.h>
637 +
638 +static unsigned int imq_target(struct sk_buff **pskb,
639 + const struct net_device *in,
640 + const struct net_device *out,
641 + unsigned int hooknum,
642 + const struct xt_target *target,
643 + const void *targinfo)
644 +{
645 + struct ipt_imq_info *mr = (struct ipt_imq_info*)targinfo;
646 +
647 + (*pskb)->imq_flags = mr->todev | IMQ_F_ENQUEUE;
648 +
649 + return IPT_CONTINUE;
650 +}
651 +
652 +static int imq_checkentry(const char *tablename,
653 + const void *e,
654 + const struct xt_target *target,
655 + void *targinfo,
656 + unsigned int hook_mask)
657 +{
658 + struct ipt_imq_info *mr;
659 +
660 + mr = (struct ipt_imq_info*)targinfo;
661 +
662 + if (strcmp(tablename, "mangle") != 0) {
663 + printk(KERN_WARNING
664 + "IMQ: IMQ can only be called from \"mangle\" table, not \"%s\"\n",
665 + tablename);
666 + return 0;
667 + }
668 +
669 + if (mr->todev > IMQ_MAX_DEVS) {
670 + printk(KERN_WARNING
671 + "IMQ: invalid device specified, highest is %u\n",
672 + IMQ_MAX_DEVS);
673 + return 0;
674 + }
675 +
676 + return 1;
677 +}
678 +
679 +static struct ipt_target ipt_imq_reg = {
680 + .name = "IMQ",
681 + .target = imq_target,
682 + .targetsize = sizeof(struct ipt_imq_info),
683 + .checkentry = imq_checkentry,
684 + .me = THIS_MODULE
685 +};
686 +
687 +static int __init init(void)
688 +{
689 + if (ipt_register_target(&ipt_imq_reg))
690 + return -EINVAL;
691 +
692 + return 0;
693 +}
694 +
695 +static void __exit fini(void)
696 +{
697 + ipt_unregister_target(&ipt_imq_reg);
698 +}
699 +
700 +module_init(init);
701 +module_exit(fini);
702 +
703 +MODULE_AUTHOR("http://www.linuximq.net");
704 +MODULE_DESCRIPTION("Pseudo-driver for the intermediate queue device. See http://www.linuximq.net/ for more information.");
705 +MODULE_LICENSE("GPL");
706 diff -urN linux-2.6.19.old/net/ipv4/netfilter/Kconfig linux-2.6.19.dev/net/ipv4/netfilter/Kconfig
707 --- linux-2.6.19.old/net/ipv4/netfilter/Kconfig 2006-12-14 03:13:47.000000000 +0100
708 +++ linux-2.6.19.dev/net/ipv4/netfilter/Kconfig 2006-12-14 03:13:47.000000000 +0100
709 @@ -390,6 +390,17 @@
710
711 To compile it as a module, choose M here. If unsure, say N.
712
713 +config IP_NF_TARGET_IMQ
714 + tristate "IMQ target support"
715 + depends on IP_NF_MANGLE
716 + help
717 + This option adds a `IMQ' target which is used to specify if and
718 + to which IMQ device packets should get enqueued/dequeued.
719 +
720 + For more information visit: http://www.linuximq.net/
721 +
722 + To compile it as a module, choose M here. If unsure, say N.
723 +
724 config IP_NF_TARGET_LOG
725 tristate "LOG target support"
726 depends on IP_NF_IPTABLES
727 diff -urN linux-2.6.19.old/net/ipv4/netfilter/Makefile linux-2.6.19.dev/net/ipv4/netfilter/Makefile
728 --- linux-2.6.19.old/net/ipv4/netfilter/Makefile 2006-12-14 03:13:47.000000000 +0100
729 +++ linux-2.6.19.dev/net/ipv4/netfilter/Makefile 2006-12-14 03:13:47.000000000 +0100
730 @@ -71,6 +71,7 @@
731 obj-$(CONFIG_IP_NF_TARGET_REJECT) += ipt_REJECT.o
732 obj-$(CONFIG_IP_NF_TARGET_TOS) += ipt_TOS.o
733 obj-$(CONFIG_IP_NF_TARGET_ECN) += ipt_ECN.o
734 +obj-$(CONFIG_IP_NF_TARGET_IMQ) += ipt_IMQ.o
735 obj-$(CONFIG_IP_NF_TARGET_MASQUERADE) += ipt_MASQUERADE.o
736 obj-$(CONFIG_IP_NF_TARGET_REDIRECT) += ipt_REDIRECT.o
737 obj-$(CONFIG_IP_NF_TARGET_NETMAP) += ipt_NETMAP.o
738 diff -urN linux-2.6.19.old/net/ipv6/netfilter/ip6t_IMQ.c linux-2.6.19.dev/net/ipv6/netfilter/ip6t_IMQ.c
739 --- linux-2.6.19.old/net/ipv6/netfilter/ip6t_IMQ.c 1970-01-01 01:00:00.000000000 +0100
740 +++ linux-2.6.19.dev/net/ipv6/netfilter/ip6t_IMQ.c 2006-12-14 03:13:47.000000000 +0100
741 @@ -0,0 +1,77 @@
742 +/*
743 + * This target marks packets to be enqueued to an imq device
744 + */
745 +#include <linux/module.h>
746 +#include <linux/skbuff.h>
747 +#include <linux/netfilter_ipv6/ip6_tables.h>
748 +#include <linux/netfilter_ipv6/ip6t_IMQ.h>
749 +#include <linux/imq.h>
750 +
751 +static unsigned int imq_target(struct sk_buff **pskb,
752 + const struct net_device *in,
753 + const struct net_device *out,
754 + unsigned int hooknum,
755 + const struct xt_target *target,
756 + const void *targinfo)
757 +{
758 + struct ip6t_imq_info *mr = (struct ip6t_imq_info*)targinfo;
759 +
760 + (*pskb)->imq_flags = mr->todev | IMQ_F_ENQUEUE;
761 +
762 + return IP6T_CONTINUE;
763 +}
764 +
765 +static int imq_checkentry(const char *tablename,
766 + const void *e,
767 + const struct xt_target *target,
768 + void *targinfo,
769 + unsigned int hook_mask)
770 +{
771 + struct ip6t_imq_info *mr;
772 +
773 + mr = (struct ip6t_imq_info*)targinfo;
774 +
775 + if (strcmp(tablename, "mangle") != 0) {
776 + printk(KERN_WARNING
777 + "IMQ: IMQ can only be called from \"mangle\" table, not \"%s\"\n",
778 + tablename);
779 + return 0;
780 + }
781 +
782 + if (mr->todev > IMQ_MAX_DEVS) {
783 + printk(KERN_WARNING
784 + "IMQ: invalid device specified, highest is %u\n",
785 + IMQ_MAX_DEVS);
786 + return 0;
787 + }
788 +
789 + return 1;
790 +}
791 +
792 +static struct ip6t_target ip6t_imq_reg = {
793 + .name = "IMQ",
794 + .target = imq_target,
795 + .targetsize = sizeof(struct ip6t_imq_info),
796 + .checkentry = imq_checkentry,
797 + .me = THIS_MODULE
798 +};
799 +
800 +static int __init init(void)
801 +{
802 + if (ip6t_register_target(&ip6t_imq_reg))
803 + return -EINVAL;
804 +
805 + return 0;
806 +}
807 +
808 +static void __exit fini(void)
809 +{
810 + ip6t_unregister_target(&ip6t_imq_reg);
811 +}
812 +
813 +module_init(init);
814 +module_exit(fini);
815 +
816 +MODULE_AUTHOR("http://www.linuximq.net");
817 +MODULE_DESCRIPTION("Pseudo-driver for the intermediate queue device. See http://www.linuximq.net/ for more information.");
818 +MODULE_LICENSE("GPL");
819 diff -urN linux-2.6.19.old/net/ipv6/netfilter/Kconfig linux-2.6.19.dev/net/ipv6/netfilter/Kconfig
820 --- linux-2.6.19.old/net/ipv6/netfilter/Kconfig 2006-11-29 22:57:37.000000000 +0100
821 +++ linux-2.6.19.dev/net/ipv6/netfilter/Kconfig 2006-12-14 03:13:47.000000000 +0100
822 @@ -134,6 +134,15 @@
823
824 To compile it as a module, choose M here. If unsure, say N.
825
826 +config IP6_NF_TARGET_IMQ
827 + tristate "IMQ target support"
828 + depends on IP6_NF_MANGLE
829 + help
830 + This option adds a `IMQ' target which is used to specify if and
831 + to which imq device packets should get enqueued/dequeued.
832 +
833 + To compile it as a module, choose M here. If unsure, say N.
834 +
835 config IP6_NF_TARGET_LOG
836 tristate "LOG target support"
837 depends on IP6_NF_FILTER
838 diff -urN linux-2.6.19.old/net/ipv6/netfilter/Makefile linux-2.6.19.dev/net/ipv6/netfilter/Makefile
839 --- linux-2.6.19.old/net/ipv6/netfilter/Makefile 2006-11-29 22:57:37.000000000 +0100
840 +++ linux-2.6.19.dev/net/ipv6/netfilter/Makefile 2006-12-14 03:13:47.000000000 +0100
841 @@ -4,6 +4,7 @@
842
843 # Link order matters here.
844 obj-$(CONFIG_IP6_NF_IPTABLES) += ip6_tables.o
845 +obj-$(CONFIG_IP6_NF_TARGET_IMQ) += ip6t_IMQ.o
846 obj-$(CONFIG_IP6_NF_MATCH_RT) += ip6t_rt.o
847 obj-$(CONFIG_IP6_NF_MATCH_OPTS) += ip6t_hbh.o
848 obj-$(CONFIG_IP6_NF_MATCH_IPV6HEADER) += ip6t_ipv6header.o
849 diff -urN linux-2.6.19.old/net/sched/sch_generic.c linux-2.6.19.dev/net/sched/sch_generic.c
850 --- linux-2.6.19.old/net/sched/sch_generic.c 2006-11-29 22:57:37.000000000 +0100
851 +++ linux-2.6.19.dev/net/sched/sch_generic.c 2006-12-14 03:13:47.000000000 +0100
852 @@ -28,6 +28,9 @@
853 #include <linux/netdevice.h>
854 #include <linux/skbuff.h>
855 #include <linux/rtnetlink.h>
856 +#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
857 +#include <linux/imq.h>
858 +#endif
859 #include <linux/init.h>
860 #include <linux/rcupdate.h>
861 #include <linux/list.h>
862 @@ -615,5 +618,6 @@
863 EXPORT_SYMBOL(qdisc_alloc);
864 EXPORT_SYMBOL(qdisc_destroy);
865 EXPORT_SYMBOL(qdisc_reset);
866 +EXPORT_SYMBOL(__qdisc_run);
867 EXPORT_SYMBOL(qdisc_lock_tree);
868 EXPORT_SYMBOL(qdisc_unlock_tree);