36a4cadd7e4ce8e765538ed0d2e8062dd8447e06
[openwrt/svn-archive/archive.git] / target / linux / generic-2.6 / patches-2.6.22 / 150-netfilter_imq.patch
1 diff -urN linux-2.6.21.1.old/drivers/net/imq.c linux-2.6.21.1.dev/drivers/net/imq.c
2 --- linux-2.6.21.1.old/drivers/net/imq.c 1970-01-01 01:00:00.000000000 +0100
3 +++ linux-2.6.21.1.dev/drivers/net/imq.c 2007-05-26 20:34:15.180276984 +0200
4 @@ -0,0 +1,402 @@
5 +/*
6 + * Pseudo-driver for the intermediate queue device.
7 + *
8 + * This program is free software; you can redistribute it and/or
9 + * modify it under the terms of the GNU General Public License
10 + * as published by the Free Software Foundation; either version
11 + * 2 of the License, or (at your option) any later version.
12 + *
13 + * Authors: Patrick McHardy, <kaber@trash.net>
14 + *
15 + * The first version was written by Martin Devera, <devik@cdi.cz>
16 + *
17 + * Credits: Jan Rafaj <imq2t@cedric.vabo.cz>
18 + * - Update patch to 2.4.21
19 + * Sebastian Strollo <sstrollo@nortelnetworks.com>
20 + * - Fix "Dead-loop on netdevice imq"-issue
21 + * Marcel Sebek <sebek64@post.cz>
22 + * - Update to 2.6.2-rc1
23 + *
24 + * After some time of inactivity there is a group taking care
25 + * of IMQ again: http://www.linuximq.net
26 + *
27 + *
28 + * 2004/06/30 - New version of IMQ patch to kernels <=2.6.7 including
29 + * the following changes:
30 + *
31 + * - Correction of ipv6 support "+"s issue (Hasso Tepper)
32 + * - Correction of imq_init_devs() issue that resulted in
33 + * kernel OOPS unloading IMQ as module (Norbert Buchmuller)
34 + * - Addition of functionality to choose number of IMQ devices
35 + * during kernel config (Andre Correa)
36 + * - Addition of functionality to choose how IMQ hooks on
37 + * PRE and POSTROUTING (after or before NAT) (Andre Correa)
38 + * - Cosmetic corrections (Norbert Buchmuller) (Andre Correa)
39 + *
40 + *
41 + * 2005/12/16 - IMQ versions between 2.6.7 and 2.6.13 were
42 + * released with almost no problems. 2.6.14-x was released
43 + * with some important changes: nfcache was removed; After
44 + * some weeks of trouble we figured out that some IMQ fields
45 + * in skb were missing in skbuff.c - skb_clone and copy_skb_header.
46 + * These functions are correctly patched by this new patch version.
47 + *
48 + * Thanks for all who helped to figure out all the problems with
49 + * 2.6.14.x: Patrick McHardy, Rune Kock, VeNoMouS, Max CtRiX,
50 + * Kevin Shanahan, Richard Lucassen, Valery Dachev (hopefully
51 + * I didn't forget anybody). I apologize again for my lack of time.
52 + *
53 + * More info at: http://www.linuximq.net/ (Andre Correa)
54 + */
55 +
56 +#include <linux/module.h>
57 +#include <linux/kernel.h>
58 +#include <linux/moduleparam.h>
59 +#include <linux/skbuff.h>
60 +#include <linux/netdevice.h>
61 +#include <linux/rtnetlink.h>
62 +#include <linux/if_arp.h>
63 +#include <linux/netfilter.h>
64 +#include <linux/netfilter_ipv4.h>
65 +#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
66 + #include <linux/netfilter_ipv6.h>
67 +#endif
68 +#include <linux/imq.h>
69 +#include <net/pkt_sched.h>
70 +
71 +extern int qdisc_restart1(struct net_device *dev);
72 +
73 +static nf_hookfn imq_nf_hook;
74 +
75 +static struct nf_hook_ops imq_ingress_ipv4 = {
76 + .hook = imq_nf_hook,
77 + .owner = THIS_MODULE,
78 + .pf = PF_INET,
79 + .hooknum = NF_IP_PRE_ROUTING,
80 +#if defined(CONFIG_IMQ_BEHAVIOR_BA) || defined(CONFIG_IMQ_BEHAVIOR_BB)
81 + .priority = NF_IP_PRI_MANGLE + 1
82 +#else
83 + .priority = NF_IP_PRI_NAT_DST + 1
84 +#endif
85 +};
86 +
87 +static struct nf_hook_ops imq_egress_ipv4 = {
88 + .hook = imq_nf_hook,
89 + .owner = THIS_MODULE,
90 + .pf = PF_INET,
91 + .hooknum = NF_IP_POST_ROUTING,
92 +#if defined(CONFIG_IMQ_BEHAVIOR_AA) || defined(CONFIG_IMQ_BEHAVIOR_BA)
93 + .priority = NF_IP_PRI_LAST
94 +#else
95 + .priority = NF_IP_PRI_NAT_SRC - 1
96 +#endif
97 +};
98 +
99 +#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
100 +static struct nf_hook_ops imq_ingress_ipv6 = {
101 + .hook = imq_nf_hook,
102 + .owner = THIS_MODULE,
103 + .pf = PF_INET6,
104 + .hooknum = NF_IP6_PRE_ROUTING,
105 +#if defined(CONFIG_IMQ_BEHAVIOR_BA) || defined(CONFIG_IMQ_BEHAVIOR_BB)
106 + .priority = NF_IP6_PRI_MANGLE + 1
107 +#else
108 + .priority = NF_IP6_PRI_NAT_DST + 1
109 +#endif
110 +};
111 +
112 +static struct nf_hook_ops imq_egress_ipv6 = {
113 + .hook = imq_nf_hook,
114 + .owner = THIS_MODULE,
115 + .pf = PF_INET6,
116 + .hooknum = NF_IP6_POST_ROUTING,
117 +#if defined(CONFIG_IMQ_BEHAVIOR_AA) || defined(CONFIG_IMQ_BEHAVIOR_BA)
118 + .priority = NF_IP6_PRI_LAST
119 +#else
120 + .priority = NF_IP6_PRI_NAT_SRC - 1
121 +#endif
122 +};
123 +#endif
124 +
125 +#if defined(CONFIG_IMQ_NUM_DEVS)
126 +static unsigned int numdevs = CONFIG_IMQ_NUM_DEVS;
127 +#else
128 +static unsigned int numdevs = 2;
129 +#endif
130 +
131 +static struct net_device *imq_devs;
132 +
133 +static struct net_device_stats *imq_get_stats(struct net_device *dev)
134 +{
135 + return (struct net_device_stats *)dev->priv;
136 +}
137 +
138 +/* called for packets kfree'd in qdiscs at places other than enqueue */
139 +static void imq_skb_destructor(struct sk_buff *skb)
140 +{
141 + struct nf_info *info = skb->nf_info;
142 +
143 + if (info) {
144 + if (info->indev)
145 + dev_put(info->indev);
146 + if (info->outdev)
147 + dev_put(info->outdev);
148 + kfree(info);
149 + }
150 +}
151 +
152 +static int imq_dev_xmit(struct sk_buff *skb, struct net_device *dev)
153 +{
154 + struct net_device_stats *stats = (struct net_device_stats*) dev->priv;
155 +
156 + stats->tx_bytes += skb->len;
157 + stats->tx_packets++;
158 +
159 + skb->imq_flags = 0;
160 + skb->destructor = NULL;
161 +
162 + dev->trans_start = jiffies;
163 + nf_reinject(skb, skb->nf_info, NF_ACCEPT);
164 + return 0;
165 +}
166 +
167 +static int imq_nf_queue(struct sk_buff *skb, struct nf_info *info, unsigned queue_num, void *data)
168 +{
169 + struct net_device *dev;
170 + struct net_device_stats *stats;
171 + struct sk_buff *skb2 = NULL;
172 + struct Qdisc *q;
173 + unsigned int index = skb->imq_flags&IMQ_F_IFMASK;
174 + int ret = -1;
175 +
176 + if (index > numdevs)
177 + return -1;
178 +
179 + dev = imq_devs + index;
180 + if (!(dev->flags & IFF_UP)) {
181 + skb->imq_flags = 0;
182 + nf_reinject(skb, info, NF_ACCEPT);
183 + return 0;
184 + }
185 + dev->last_rx = jiffies;
186 +
187 + if (skb->destructor) {
188 + skb2 = skb;
189 + skb = skb_clone(skb, GFP_ATOMIC);
190 + if (!skb)
191 + return -1;
192 + }
193 + skb->nf_info = info;
194 +
195 + stats = (struct net_device_stats *)dev->priv;
196 + stats->rx_bytes+= skb->len;
197 + stats->rx_packets++;
198 +
199 + spin_lock_bh(&dev->queue_lock);
200 + q = dev->qdisc;
201 + if (q->enqueue) {
202 + q->enqueue(skb_get(skb), q);
203 + if (skb_shared(skb)) {
204 + skb->destructor = imq_skb_destructor;
205 + kfree_skb(skb);
206 + ret = 0;
207 + }
208 + }
209 + if (spin_is_locked(&dev->_xmit_lock))
210 + netif_schedule(dev);
211 + else
212 + while (!netif_queue_stopped(dev) && qdisc_restart1(dev) < 0)
213 + /* NOTHING */;
214 +
215 + spin_unlock_bh(&dev->queue_lock);
216 +
217 + if (skb2)
218 + kfree_skb(ret ? skb : skb2);
219 +
220 + return ret;
221 +}
222 +
223 +static struct nf_queue_handler nfqh = {
224 + .name = "imq",
225 + .outfn = imq_nf_queue,
226 +};
227 +
228 +static unsigned int imq_nf_hook(unsigned int hook, struct sk_buff **pskb,
229 + const struct net_device *indev,
230 + const struct net_device *outdev,
231 + int (*okfn)(struct sk_buff *))
232 +{
233 + if ((*pskb)->imq_flags & IMQ_F_ENQUEUE)
234 + return NF_QUEUE;
235 +
236 + return NF_ACCEPT;
237 +}
238 +
239 +
240 +static int __init imq_init_hooks(void)
241 +{
242 + int err;
243 +
244 + err = nf_register_queue_handler(PF_INET, &nfqh);
245 + if (err > 0)
246 + goto err1;
247 + if ((err = nf_register_hook(&imq_ingress_ipv4)))
248 + goto err2;
249 + if ((err = nf_register_hook(&imq_egress_ipv4)))
250 + goto err3;
251 +#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
252 + if ((err = nf_register_queue_handler(PF_INET6, &nfqh)))
253 + goto err4;
254 + if ((err = nf_register_hook(&imq_ingress_ipv6)))
255 + goto err5;
256 + if ((err = nf_register_hook(&imq_egress_ipv6)))
257 + goto err6;
258 +#endif
259 +
260 + return 0;
261 +
262 +#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
263 +err6:
264 + nf_unregister_hook(&imq_ingress_ipv6);
265 +err5:
266 + nf_unregister_queue_handler(PF_INET6);
267 +err4:
268 + nf_unregister_hook(&imq_egress_ipv6);
269 +#endif
270 +err3:
271 + nf_unregister_hook(&imq_ingress_ipv4);
272 +err2:
273 + nf_unregister_queue_handler(PF_INET);
274 +err1:
275 + return err;
276 +}
277 +
278 +static void __exit imq_unhook(void)
279 +{
280 + nf_unregister_hook(&imq_ingress_ipv4);
281 + nf_unregister_hook(&imq_egress_ipv4);
282 + nf_unregister_queue_handler(PF_INET);
283 +#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
284 + nf_unregister_hook(&imq_ingress_ipv6);
285 + nf_unregister_hook(&imq_egress_ipv6);
286 + nf_unregister_queue_handler(PF_INET6);
287 +#endif
288 +}
289 +
290 +static int __init imq_dev_init(struct net_device *dev)
291 +{
292 + dev->hard_start_xmit = imq_dev_xmit;
293 + dev->type = ARPHRD_VOID;
294 + dev->mtu = 1500;
295 + dev->tx_queue_len = 30;
296 + dev->flags = IFF_NOARP;
297 + dev->priv = kmalloc(sizeof(struct net_device_stats), GFP_KERNEL);
298 + if (dev->priv == NULL)
299 + return -ENOMEM;
300 + memset(dev->priv, 0, sizeof(struct net_device_stats));
301 + dev->get_stats = imq_get_stats;
302 +
303 + return 0;
304 +}
305 +
306 +static void imq_dev_uninit(struct net_device *dev)
307 +{
308 + kfree(dev->priv);
309 +}
310 +
311 +static int __init imq_init_devs(void)
312 +{
313 + struct net_device *dev;
314 + int i,j;
315 + j = numdevs;
316 +
317 + if (!numdevs || numdevs > IMQ_MAX_DEVS) {
318 + printk(KERN_ERR "IMQ: numdevs has to be betweed 1 and %u\n",
319 + IMQ_MAX_DEVS);
320 + return -EINVAL;
321 + }
322 +
323 + imq_devs = kmalloc(sizeof(struct net_device) * numdevs, GFP_KERNEL);
324 + if (!imq_devs)
325 + return -ENOMEM;
326 + memset(imq_devs, 0, sizeof(struct net_device) * numdevs);
327 +
328 + /* we start counting at zero */
329 + numdevs--;
330 +
331 + for (i = 0, dev = imq_devs; i <= numdevs; i++, dev++) {
332 + SET_MODULE_OWNER(dev);
333 + strcpy(dev->name, "imq%d");
334 + dev->init = imq_dev_init;
335 + dev->uninit = imq_dev_uninit;
336 +
337 + if (register_netdev(dev) < 0)
338 + goto err_register;
339 + }
340 + printk(KERN_INFO "IMQ starting with %u devices...\n", j);
341 + return 0;
342 +
343 +err_register:
344 + for (; i; i--)
345 + unregister_netdev(--dev);
346 + kfree(imq_devs);
347 + return -EIO;
348 +}
349 +
350 +static void imq_cleanup_devs(void)
351 +{
352 + int i;
353 + struct net_device *dev = imq_devs;
354 +
355 + for (i = 0; i <= numdevs; i++)
356 + unregister_netdev(dev++);
357 +
358 + kfree(imq_devs);
359 +}
360 +
361 +static int __init imq_init_module(void)
362 +{
363 + int err;
364 +
365 + if ((err = imq_init_devs())) {
366 + printk(KERN_ERR "IMQ: Error trying imq_init_devs()\n");
367 + return err;
368 + }
369 + if ((err = imq_init_hooks())) {
370 + printk(KERN_ERR "IMQ: Error trying imq_init_hooks()\n");
371 + imq_cleanup_devs();
372 + return err;
373 + }
374 +
375 + printk(KERN_INFO "IMQ driver loaded successfully.\n");
376 +
377 +#if defined(CONFIG_IMQ_BEHAVIOR_BA) || defined(CONFIG_IMQ_BEHAVIOR_BB)
378 + printk(KERN_INFO "\tHooking IMQ before NAT on PREROUTING.\n");
379 +#else
380 + printk(KERN_INFO "\tHooking IMQ after NAT on PREROUTING.\n");
381 +#endif
382 +#if defined(CONFIG_IMQ_BEHAVIOR_AB) || defined(CONFIG_IMQ_BEHAVIOR_BB)
383 + printk(KERN_INFO "\tHooking IMQ before NAT on POSTROUTING.\n");
384 +#else
385 + printk(KERN_INFO "\tHooking IMQ after NAT on POSTROUTING.\n");
386 +#endif
387 +
388 + return 0;
389 +}
390 +
391 +static void __exit imq_cleanup_module(void)
392 +{
393 + imq_unhook();
394 + imq_cleanup_devs();
395 + printk(KERN_INFO "IMQ driver unloaded successfully.\n");
396 +}
397 +
398 +
399 +module_init(imq_init_module);
400 +module_exit(imq_cleanup_module);
401 +
402 +module_param(numdevs, int, 0);
403 +MODULE_PARM_DESC(numdevs, "number of IMQ devices (how many imq* devices will be created)");
404 +MODULE_AUTHOR("http://www.linuximq.net");
405 +MODULE_DESCRIPTION("Pseudo-driver for the intermediate queue device. See http://www.linuximq.net/ for more information.");
406 +MODULE_LICENSE("GPL");
407 diff -urN linux-2.6.21.1.old/drivers/net/Kconfig linux-2.6.21.1.dev/drivers/net/Kconfig
408 --- linux-2.6.21.1.old/drivers/net/Kconfig 2007-04-27 23:49:26.000000000 +0200
409 +++ linux-2.6.21.1.dev/drivers/net/Kconfig 2007-05-26 20:34:15.193275008 +0200
410 @@ -96,6 +96,129 @@
411 To compile this driver as a module, choose M here: the module
412 will be called eql. If unsure, say N.
413
414 +config IMQ
415 + tristate "IMQ (intermediate queueing device) support"
416 + depends on NETDEVICES && NETFILTER
417 + ---help---
418 + The IMQ device(s) is used as placeholder for QoS queueing
419 + disciplines. Every packet entering/leaving the IP stack can be
420 + directed through the IMQ device where it's enqueued/dequeued to the
421 + attached qdisc. This allows you to treat network devices as classes
422 + and distribute bandwidth among them. Iptables is used to specify
423 + through which IMQ device, if any, packets travel.
424 +
425 + More information at: http://www.linuximq.net/
426 +
427 + To compile this driver as a module, choose M here: the module
428 + will be called imq. If unsure, say N.
429 +
430 +choice
431 + prompt "IMQ behavior (PRE/POSTROUTING)"
432 + depends on IMQ
433 + default IMQ_BEHAVIOR_BA
434 + help
435 +
436 + This settings defines how IMQ behaves in respect to its
437 + hooking in PREROUTING and POSTROUTING.
438 +
439 + IMQ can work in any of the following ways:
440 +
441 + PREROUTING | POSTROUTING
442 + -----------------|-------------------
443 + #1 After NAT | After NAT
444 + #2 After NAT | Before NAT
445 + #3 Before NAT | After NAT
446 + #4 Before NAT | Before NAT
447 +
448 + The default behavior is to hook before NAT on PREROUTING
449 + and after NAT on POSTROUTING (#3).
450 +
451 + This settings are specially usefull when trying to use IMQ
452 + to shape NATed clients.
453 +
454 + More information can be found at: www.linuximq.net
455 +
456 + If not sure leave the default settings alone.
457 +
458 +config IMQ_BEHAVIOR_AA
459 + bool "IMQ AA"
460 + help
461 + This settings defines how IMQ behaves in respect to its
462 + hooking in PREROUTING and POSTROUTING.
463 +
464 + Choosing this option will make IMQ hook like this:
465 +
466 + PREROUTING: After NAT
467 + POSTROUTING: After NAT
468 +
469 + More information can be found at: www.linuximq.net
470 +
471 + If not sure leave the default settings alone.
472 +
473 +config IMQ_BEHAVIOR_AB
474 + bool "IMQ AB"
475 + help
476 + This settings defines how IMQ behaves in respect to its
477 + hooking in PREROUTING and POSTROUTING.
478 +
479 + Choosing this option will make IMQ hook like this:
480 +
481 + PREROUTING: After NAT
482 + POSTROUTING: Before NAT
483 +
484 + More information can be found at: www.linuximq.net
485 +
486 + If not sure leave the default settings alone.
487 +
488 +config IMQ_BEHAVIOR_BA
489 + bool "IMQ BA"
490 + help
491 + This settings defines how IMQ behaves in respect to its
492 + hooking in PREROUTING and POSTROUTING.
493 +
494 + Choosing this option will make IMQ hook like this:
495 +
496 + PREROUTING: Before NAT
497 + POSTROUTING: After NAT
498 +
499 + More information can be found at: www.linuximq.net
500 +
501 + If not sure leave the default settings alone.
502 +
503 +config IMQ_BEHAVIOR_BB
504 + bool "IMQ BB"
505 + help
506 + This settings defines how IMQ behaves in respect to its
507 + hooking in PREROUTING and POSTROUTING.
508 +
509 + Choosing this option will make IMQ hook like this:
510 +
511 + PREROUTING: Before NAT
512 + POSTROUTING: Before NAT
513 +
514 + More information can be found at: www.linuximq.net
515 +
516 + If not sure leave the default settings alone.
517 +
518 +endchoice
519 +
520 +config IMQ_NUM_DEVS
521 +
522 + int "Number of IMQ devices"
523 + range 2 8
524 + depends on IMQ
525 + default "2"
526 + help
527 +
528 + This settings defines how many IMQ devices will be
529 + created.
530 +
531 + The default value is 2.
532 +
533 + More information can be found at: www.linuximq.net
534 +
535 + If not sure leave the default settings alone.
536 +
537 config TUN
538 tristate "Universal TUN/TAP device driver support"
539 select CRC32
540 diff -urN linux-2.6.21.1.old/drivers/net/Makefile linux-2.6.21.1.dev/drivers/net/Makefile
541 --- linux-2.6.21.1.old/drivers/net/Makefile 2007-04-27 23:49:26.000000000 +0200
542 +++ linux-2.6.21.1.dev/drivers/net/Makefile 2007-05-26 20:34:15.194274856 +0200
543 @@ -124,6 +124,7 @@
544 obj-$(CONFIG_SLHC) += slhc.o
545
546 obj-$(CONFIG_DUMMY) += dummy.o
547 +obj-$(CONFIG_IMQ) += imq.o
548 obj-$(CONFIG_IFB) += ifb.o
549 obj-$(CONFIG_DE600) += de600.o
550 obj-$(CONFIG_DE620) += de620.o
551 diff -urN linux-2.6.21.1.old/include/linux/imq.h linux-2.6.21.1.dev/include/linux/imq.h
552 --- linux-2.6.21.1.old/include/linux/imq.h 1970-01-01 01:00:00.000000000 +0100
553 +++ linux-2.6.21.1.dev/include/linux/imq.h 2007-05-26 20:34:15.458234728 +0200
554 @@ -0,0 +1,9 @@
555 +#ifndef _IMQ_H
556 +#define _IMQ_H
557 +
558 +#define IMQ_MAX_DEVS 16
559 +
560 +#define IMQ_F_IFMASK 0x7f
561 +#define IMQ_F_ENQUEUE 0x80
562 +
563 +#endif /* _IMQ_H */
564 diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ipt_IMQ.h linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ipt_IMQ.h
565 --- linux-2.6.21.1.old/include/linux/netfilter_ipv4/ipt_IMQ.h 1970-01-01 01:00:00.000000000 +0100
566 +++ linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ipt_IMQ.h 2007-05-26 20:34:15.458234728 +0200
567 @@ -0,0 +1,8 @@
568 +#ifndef _IPT_IMQ_H
569 +#define _IPT_IMQ_H
570 +
571 +struct ipt_imq_info {
572 + unsigned int todev; /* target imq device */
573 +};
574 +
575 +#endif /* _IPT_IMQ_H */
576 diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv6/ip6t_IMQ.h linux-2.6.21.1.dev/include/linux/netfilter_ipv6/ip6t_IMQ.h
577 --- linux-2.6.21.1.old/include/linux/netfilter_ipv6/ip6t_IMQ.h 1970-01-01 01:00:00.000000000 +0100
578 +++ linux-2.6.21.1.dev/include/linux/netfilter_ipv6/ip6t_IMQ.h 2007-05-26 20:34:15.495229104 +0200
579 @@ -0,0 +1,8 @@
580 +#ifndef _IP6T_IMQ_H
581 +#define _IP6T_IMQ_H
582 +
583 +struct ip6t_imq_info {
584 + unsigned int todev; /* target imq device */
585 +};
586 +
587 +#endif /* _IP6T_IMQ_H */
588 diff -urN linux-2.6.21.1.old/include/linux/skbuff.h linux-2.6.21.1.dev/include/linux/skbuff.h
589 --- linux-2.6.21.1.old/include/linux/skbuff.h 2007-04-27 23:49:26.000000000 +0200
590 +++ linux-2.6.21.1.dev/include/linux/skbuff.h 2007-05-26 20:34:15.496228952 +0200
591 @@ -285,6 +285,10 @@
592 struct nf_conntrack *nfct;
593 struct sk_buff *nfct_reasm;
594 #endif
595 +#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
596 + unsigned char imq_flags;
597 + struct nf_info *nf_info;
598 +#endif
599 #ifdef CONFIG_BRIDGE_NETFILTER
600 struct nf_bridge_info *nf_bridge;
601 #endif
602 diff -urN linux-2.6.21.1.old/net/core/dev.c linux-2.6.21.1.dev/net/core/dev.c
603 --- linux-2.6.21.1.old/net/core/dev.c 2007-04-27 23:49:26.000000000 +0200
604 +++ linux-2.6.21.1.dev/net/core/dev.c 2007-05-26 20:34:15.497228800 +0200
605 @@ -94,6 +94,9 @@
606 #include <linux/skbuff.h>
607 #include <net/sock.h>
608 #include <linux/rtnetlink.h>
609 +#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
610 +#include <linux/imq.h>
611 +#endif
612 #include <linux/proc_fs.h>
613 #include <linux/seq_file.h>
614 #include <linux/stat.h>
615 @@ -1403,7 +1406,11 @@
616 int dev_hard_start_xmit(struct sk_buff *skb, struct net_device *dev)
617 {
618 if (likely(!skb->next)) {
619 - if (!list_empty(&ptype_all))
620 + if (!list_empty(&ptype_all)
621 +#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
622 + && !(skb->imq_flags & IMQ_F_ENQUEUE)
623 +#endif
624 + )
625 dev_queue_xmit_nit(skb, dev);
626
627 if (netif_needs_gso(dev, skb)) {
628 diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ipt_IMQ.c linux-2.6.21.1.dev/net/ipv4/netfilter/ipt_IMQ.c
629 --- linux-2.6.21.1.old/net/ipv4/netfilter/ipt_IMQ.c 1970-01-01 01:00:00.000000000 +0100
630 +++ linux-2.6.21.1.dev/net/ipv4/netfilter/ipt_IMQ.c 2007-05-26 20:34:15.498228648 +0200
631 @@ -0,0 +1,71 @@
632 +/*
633 + * This target marks packets to be enqueued to an imq device
634 + */
635 +#include <linux/module.h>
636 +#include <linux/skbuff.h>
637 +#include <linux/netfilter_ipv4/ip_tables.h>
638 +#include <linux/netfilter_ipv4/ipt_IMQ.h>
639 +#include <linux/imq.h>
640 +
641 +static unsigned int imq_target(struct sk_buff **pskb,
642 + const struct net_device *in,
643 + const struct net_device *out,
644 + unsigned int hooknum,
645 + const struct xt_target *target,
646 + const void *targinfo)
647 +{
648 + struct ipt_imq_info *mr = (struct ipt_imq_info*)targinfo;
649 +
650 + (*pskb)->imq_flags = mr->todev | IMQ_F_ENQUEUE;
651 +
652 + return IPT_CONTINUE;
653 +}
654 +
655 +static int imq_checkentry(const char *tablename,
656 + const void *e,
657 + const struct xt_target *target,
658 + void *targinfo,
659 + unsigned int hook_mask)
660 +{
661 + struct ipt_imq_info *mr;
662 +
663 + mr = (struct ipt_imq_info*)targinfo;
664 +
665 + if (mr->todev > IMQ_MAX_DEVS) {
666 + printk(KERN_WARNING
667 + "IMQ: invalid device specified, highest is %u\n",
668 + IMQ_MAX_DEVS);
669 + return 0;
670 + }
671 +
672 + return 1;
673 +}
674 +
675 +static struct ipt_target ipt_imq_reg = {
676 + .name = "IMQ",
677 + .target = imq_target,
678 + .targetsize = sizeof(struct ipt_imq_info),
679 + .checkentry = imq_checkentry,
680 + .me = THIS_MODULE,
681 + .table = "mangle"
682 +};
683 +
684 +static int __init init(void)
685 +{
686 + if (xt_register_target(&ipt_imq_reg))
687 + return -EINVAL;
688 +
689 + return 0;
690 +}
691 +
692 +static void __exit fini(void)
693 +{
694 + xt_unregister_target(&ipt_imq_reg);
695 +}
696 +
697 +module_init(init);
698 +module_exit(fini);
699 +
700 +MODULE_AUTHOR("http://www.linuximq.net");
701 +MODULE_DESCRIPTION("Pseudo-driver for the intermediate queue device. See http://www.linuximq.net/ for more information.");
702 +MODULE_LICENSE("GPL");
703 diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/Kconfig linux-2.6.21.1.dev/net/ipv4/netfilter/Kconfig
704 --- linux-2.6.21.1.old/net/ipv4/netfilter/Kconfig 2007-05-26 20:34:13.929467136 +0200
705 +++ linux-2.6.21.1.dev/net/ipv4/netfilter/Kconfig 2007-05-26 20:34:15.498228648 +0200
706 @@ -351,6 +351,17 @@
707
708 To compile it as a module, choose M here. If unsure, say N.
709
710 +config IP_NF_TARGET_IMQ
711 + tristate "IMQ target support"
712 + depends on IP_NF_MANGLE
713 + help
714 + This option adds a `IMQ' target which is used to specify if and
715 + to which IMQ device packets should get enqueued/dequeued.
716 +
717 + For more information visit: http://www.linuximq.net/
718 +
719 + To compile it as a module, choose M here. If unsure, say N.
720 +
721 config IP_NF_TARGET_TOS
722 tristate "TOS target support"
723 depends on IP_NF_MANGLE
724 diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/Makefile linux-2.6.21.1.dev/net/ipv4/netfilter/Makefile
725 --- linux-2.6.21.1.old/net/ipv4/netfilter/Makefile 2007-05-26 20:34:13.930466984 +0200
726 +++ linux-2.6.21.1.dev/net/ipv4/netfilter/Makefile 2007-05-26 20:34:15.499228496 +0200
727 @@ -58,6 +58,7 @@
728 obj-$(CONFIG_IP_NF_TARGET_REJECT) += ipt_REJECT.o
729 obj-$(CONFIG_IP_NF_TARGET_TOS) += ipt_TOS.o
730 obj-$(CONFIG_IP_NF_TARGET_ECN) += ipt_ECN.o
731 +obj-$(CONFIG_IP_NF_TARGET_IMQ) += ipt_IMQ.o
732 obj-$(CONFIG_IP_NF_TARGET_MASQUERADE) += ipt_MASQUERADE.o
733 obj-$(CONFIG_IP_NF_TARGET_REDIRECT) += ipt_REDIRECT.o
734 obj-$(CONFIG_IP_NF_TARGET_NETMAP) += ipt_NETMAP.o
735 diff -urN linux-2.6.21.1.old/net/ipv6/netfilter/ip6t_IMQ.c linux-2.6.21.1.dev/net/ipv6/netfilter/ip6t_IMQ.c
736 --- linux-2.6.21.1.old/net/ipv6/netfilter/ip6t_IMQ.c 1970-01-01 01:00:00.000000000 +0100
737 +++ linux-2.6.21.1.dev/net/ipv6/netfilter/ip6t_IMQ.c 2007-05-26 20:34:15.531223632 +0200
738 @@ -0,0 +1,71 @@
739 +/*
740 + * This target marks packets to be enqueued to an imq device
741 + */
742 +#include <linux/module.h>
743 +#include <linux/skbuff.h>
744 +#include <linux/netfilter_ipv6/ip6_tables.h>
745 +#include <linux/netfilter_ipv6/ip6t_IMQ.h>
746 +#include <linux/imq.h>
747 +
748 +static unsigned int imq_target(struct sk_buff **pskb,
749 + const struct net_device *in,
750 + const struct net_device *out,
751 + unsigned int hooknum,
752 + const struct xt_target *target,
753 + const void *targinfo)
754 +{
755 + struct ip6t_imq_info *mr = (struct ip6t_imq_info*)targinfo;
756 +
757 + (*pskb)->imq_flags = mr->todev | IMQ_F_ENQUEUE;
758 +
759 + return IP6T_CONTINUE;
760 +}
761 +
762 +static int imq_checkentry(const char *tablename,
763 + const void *entry,
764 + const struct xt_target *target,
765 + void *targinfo,
766 + unsigned int hook_mask)
767 +{
768 + struct ip6t_imq_info *mr;
769 +
770 + mr = (struct ip6t_imq_info*)targinfo;
771 +
772 + if (mr->todev > IMQ_MAX_DEVS) {
773 + printk(KERN_WARNING
774 + "IMQ: invalid device specified, highest is %u\n",
775 + IMQ_MAX_DEVS);
776 + return 0;
777 + }
778 +
779 + return 1;
780 +}
781 +
782 +static struct ip6t_target ip6t_imq_reg = {
783 + .name = "IMQ",
784 + .target = imq_target,
785 + .targetsize = sizeof(struct ip6t_imq_info),
786 + .table = "mangle",
787 + .checkentry = imq_checkentry,
788 + .me = THIS_MODULE
789 +};
790 +
791 +static int __init init(void)
792 +{
793 + if (xt_register_target(&ip6t_imq_reg))
794 + return -EINVAL;
795 +
796 + return 0;
797 +}
798 +
799 +static void __exit fini(void)
800 +{
801 + xt_unregister_target(&ip6t_imq_reg);
802 +}
803 +
804 +module_init(init);
805 +module_exit(fini);
806 +
807 +MODULE_AUTHOR("http://www.linuximq.net");
808 +MODULE_DESCRIPTION("Pseudo-driver for the intermediate queue device. See http://www.linuximq.net/ for more information.");
809 +MODULE_LICENSE("GPL");
810 diff -urN linux-2.6.21.1.old/net/ipv6/netfilter/Kconfig linux-2.6.21.1.dev/net/ipv6/netfilter/Kconfig
811 --- linux-2.6.21.1.old/net/ipv6/netfilter/Kconfig 2007-04-27 23:49:26.000000000 +0200
812 +++ linux-2.6.21.1.dev/net/ipv6/netfilter/Kconfig 2007-05-26 20:34:15.531223632 +0200
813 @@ -173,6 +173,15 @@
814
815 To compile it as a module, choose M here. If unsure, say N.
816
817 +config IP6_NF_TARGET_IMQ
818 + tristate "IMQ target support"
819 + depends on IP6_NF_MANGLE
820 + help
821 + This option adds a `IMQ' target which is used to specify if and
822 + to which imq device packets should get enqueued/dequeued.
823 +
824 + To compile it as a module, choose M here. If unsure, say N.
825 +
826 config IP6_NF_TARGET_HL
827 tristate 'HL (hoplimit) target support'
828 depends on IP6_NF_MANGLE
829 diff -urN linux-2.6.21.1.old/net/ipv6/netfilter/Makefile linux-2.6.21.1.dev/net/ipv6/netfilter/Makefile
830 --- linux-2.6.21.1.old/net/ipv6/netfilter/Makefile 2007-04-27 23:49:26.000000000 +0200
831 +++ linux-2.6.21.1.dev/net/ipv6/netfilter/Makefile 2007-05-26 20:34:15.558219528 +0200
832 @@ -13,6 +13,7 @@
833 obj-$(CONFIG_IP6_NF_MATCH_OWNER) += ip6t_owner.o
834 obj-$(CONFIG_IP6_NF_FILTER) += ip6table_filter.o
835 obj-$(CONFIG_IP6_NF_MANGLE) += ip6table_mangle.o
836 +obj-$(CONFIG_IP6_NF_TARGET_IMQ) += ip6t_IMQ.o
837 obj-$(CONFIG_IP6_NF_TARGET_HL) += ip6t_HL.o
838 obj-$(CONFIG_IP6_NF_QUEUE) += ip6_queue.o
839 obj-$(CONFIG_IP6_NF_TARGET_LOG) += ip6t_LOG.o
840 diff -urN linux-2.6.21.1.old/net/sched/sch_generic.c linux-2.6.21.1.dev/net/sched/sch_generic.c
841 --- linux-2.6.21.1.old/net/sched/sch_generic.c 2007-04-27 23:49:26.000000000 +0200
842 +++ linux-2.6.21.1.dev/net/sched/sch_generic.c 2007-05-26 20:34:15.599213296 +0200
843 @@ -77,7 +77,6 @@
844
845 NOTE: Called under dev->queue_lock with locally disabled BH.
846 */
847 -
848 static inline int qdisc_restart(struct net_device *dev)
849 {
850 struct Qdisc *q = dev->qdisc;
851 @@ -177,6 +176,11 @@
852 return q->q.qlen;
853 }
854
855 +int qdisc_restart1(struct net_device *dev)
856 +{
857 + return qdisc_restart(dev);
858 +}
859 +
860 void __qdisc_run(struct net_device *dev)
861 {
862 do {
863 @@ -607,3 +611,4 @@
864 EXPORT_SYMBOL(qdisc_reset);
865 EXPORT_SYMBOL(qdisc_lock_tree);
866 EXPORT_SYMBOL(qdisc_unlock_tree);
867 +EXPORT_SYMBOL(qdisc_restart1);