diff options
Diffstat (limited to 'target/linux')
| -rw-r--r-- | target/linux/brcm-2.6/config | 8 | ||||
| -rw-r--r-- | target/linux/generic-2.6/patches/106-netfilter_imq.patch | 885 | ||||
| -rw-r--r-- | target/linux/x86-2.6/config | 8 | 
3 files changed, 901 insertions, 0 deletions
| diff --git a/target/linux/brcm-2.6/config b/target/linux/brcm-2.6/config index 837aee8cf..bc6270afa 100644 --- a/target/linux/brcm-2.6/config +++ b/target/linux/brcm-2.6/config @@ -358,6 +358,7 @@ CONFIG_IP_NF_MATCH_CONNMARK=m  CONFIG_IP_NF_MATCH_STRING=m  CONFIG_IP_NF_FILTER=y  CONFIG_IP_NF_TARGET_REJECT=y +CONFIG_IP_NF_TARGET_IMQ=m  CONFIG_IP_NF_TARGET_LOG=m  CONFIG_IP_NF_TARGET_ULOG=m  CONFIG_IP_NF_TARGET_TCPMSS=y @@ -418,6 +419,7 @@ CONFIG_IP6_NF_MATCH_MARK=m  CONFIG_IP6_NF_MATCH_LENGTH=m  CONFIG_IP6_NF_MATCH_EUI64=m  CONFIG_IP6_NF_FILTER=m +CONFIG_IP6_NF_TARGET_IMQ=m  CONFIG_IP6_NF_TARGET_LOG=m  CONFIG_IP6_NF_TARGET_REJECT=m  # CONFIG_IP6_NF_TARGET_NFQUEUE is not set @@ -817,6 +819,12 @@ CONFIG_NETDEVICES=y  # CONFIG_DUMMY is not set  # CONFIG_BONDING is not set  # CONFIG_EQUALIZER is not set +CONFIG_IMQ=m +# CONFIG_IMQ_BEHAVIOR_AA is not set +# CONFIG_IMQ_BEHAVIOR_AB is not set +CONFIG_IMQ_BEHAVIOR_BA=y +# CONFIG_IMQ_BEHAVIOR_BB is not set +CONFIG_IMQ_NUM_DEVS=2  CONFIG_TUN=m  # diff --git a/target/linux/generic-2.6/patches/106-netfilter_imq.patch b/target/linux/generic-2.6/patches/106-netfilter_imq.patch new file mode 100644 index 000000000..71d6ac0fe --- /dev/null +++ b/target/linux/generic-2.6/patches/106-netfilter_imq.patch @@ -0,0 +1,885 @@ +diff -Nrub linux-2.6.14/drivers/net/Kconfig linux-2.6.14-imq/drivers/net/Kconfig +--- linux-2.6.14/drivers/net/Kconfig	2005-10-28 00:02:08.000000000 +0000 ++++ linux-2.6.14-imq/drivers/net/Kconfig	2005-12-16 16:28:05.000000000 +0000 +@@ -82,6 +82,129 @@ + 	  To compile this driver as a module, choose M here: the module + 	  will be called eql.  If unsure, say N. +  ++config IMQ ++       tristate "IMQ (intermediate queueing device) support" ++       depends on NETDEVICES && NETFILTER ++       ---help--- ++         The IMQ device(s) is used as placeholder for QoS queueing disciplines. ++         Every packet entering/leaving the IP stack can be directed through ++         the IMQ device where it's enqueued/dequeued to the attached qdisc. ++         This allows you to treat network devices as classes and distribute ++         bandwidth among them. Iptables is used to specify through which IMQ ++         device, if any, packets travel. ++ ++         More information at: http://www.linuximq.net/ ++ ++         To compile this driver as a module, choose M here: the module ++         will be called imq.  If unsure, say N. ++ ++choice ++        prompt "IMQ behavior (PRE/POSTROUTING)" ++	depends on IMQ ++        default IMQ_BEHAVIOR_BA ++        help ++ ++                This settings defines how IMQ behaves in respect to its ++                hooking in PREROUTING and POSTROUTING. ++ ++                IMQ can work in any of the following ways: ++ ++                    PREROUTING   |      POSTROUTING ++                -----------------|------------------- ++                #1  After NAT    |      After NAT ++                #2  After NAT    |      Before NAT ++                #3  Before NAT   |      After NAT ++                #4  Before NAT   |      Before NAT ++ ++                The default behavior is to hook before NAT on PREROUTING ++                and after NAT on POSTROUTING (#3). ++ ++                This settings are specially usefull when trying to use IMQ ++                to shape NATed clients. ++ ++                More information can be found at: www.linuximq.net ++ ++                If not sure leave the default settings alone. ++ ++config IMQ_BEHAVIOR_AA ++        bool "IMQ AA" ++        help ++                This settings defines how IMQ behaves in respect to its ++                hooking in PREROUTING and POSTROUTING. ++ ++                Choosing this option will make IMQ hook like this: ++ ++                PREROUTING:   After NAT ++                POSTROUTING:  After NAT ++ ++                More information can be found at: www.linuximq.net ++ ++                If not sure leave the default settings alone. ++ ++config IMQ_BEHAVIOR_AB ++        bool "IMQ AB" ++        help ++                This settings defines how IMQ behaves in respect to its ++                hooking in PREROUTING and POSTROUTING. ++ ++                Choosing this option will make IMQ hook like this: ++ ++                PREROUTING:   After NAT ++                POSTROUTING:  Before NAT ++ ++                More information can be found at: www.linuximq.net ++ ++                If not sure leave the default settings alone. ++ ++config IMQ_BEHAVIOR_BA ++        bool "IMQ BA" ++        help ++                This settings defines how IMQ behaves in respect to its ++                hooking in PREROUTING and POSTROUTING. ++ ++                Choosing this option will make IMQ hook like this: ++ ++                PREROUTING:   Before NAT ++                POSTROUTING:  After NAT ++ ++                More information can be found at: www.linuximq.net ++ ++                If not sure leave the default settings alone. ++ ++config IMQ_BEHAVIOR_BB ++        bool "IMQ BB" ++        help ++                This settings defines how IMQ behaves in respect to its ++                hooking in PREROUTING and POSTROUTING. ++ ++                Choosing this option will make IMQ hook like this: ++ ++                PREROUTING:   Before NAT ++                POSTROUTING:  Before NAT ++ ++                More information can be found at: www.linuximq.net ++ ++                If not sure leave the default settings alone. ++ ++endchoice ++ ++config IMQ_NUM_DEVS ++ ++        int "Number of IMQ devices" ++	range 2 8 ++	depends on IMQ ++        default "2" ++        help ++ ++                This settings defines how many IMQ devices will be  ++		created. ++ ++		The default value is 2. ++ ++                More information can be found at: www.linuximq.net ++ ++                If not sure leave the default settings alone. ++ + config TUN + 	tristate "Universal TUN/TAP device driver support" + 	select CRC32 +diff -Nrub linux-2.6.14/drivers/net/Makefile linux-2.6.14-imq/drivers/net/Makefile +--- linux-2.6.14/drivers/net/Makefile	2005-10-28 00:02:08.000000000 +0000 ++++ linux-2.6.14-imq/drivers/net/Makefile	2005-12-16 16:28:05.000000000 +0000 +@@ -119,6 +119,7 @@ + endif +  + obj-$(CONFIG_DUMMY) += dummy.o ++obj-$(CONFIG_IMQ) += imq.o + obj-$(CONFIG_DE600) += de600.o + obj-$(CONFIG_DE620) += de620.o + obj-$(CONFIG_LANCE) += lance.o +diff -Nrub linux-2.6.14/drivers/net/imq.c linux-2.6.14-imq/drivers/net/imq.c +--- linux-2.6.14/drivers/net/imq.c	1970-01-01 00:00:00.000000000 +0000 ++++ linux-2.6.14-imq/drivers/net/imq.c	2005-12-16 16:49:02.000000000 +0000 +@@ -0,0 +1,403 @@ ++/* ++ *             Pseudo-driver for the intermediate queue device. ++ * ++ *             This program is free software; you can redistribute it and/or ++ *             modify it under the terms of the GNU General Public License ++ *             as published by the Free Software Foundation; either version ++ *             2 of the License, or (at your option) any later version. ++ * ++ * Authors:    Patrick McHardy, <kaber@trash.net> ++ * ++ *            The first version was written by Martin Devera, <devik@cdi.cz> ++ * ++ * Credits:    Jan Rafaj <imq2t@cedric.vabo.cz> ++ *              - Update patch to 2.4.21 ++ *             Sebastian Strollo <sstrollo@nortelnetworks.com> ++ *              - Fix "Dead-loop on netdevice imq"-issue ++ *             Marcel Sebek <sebek64@post.cz> ++ *              - Update to 2.6.2-rc1 ++ * ++ *	       After some time of inactivity there is a group taking care ++ *	       of IMQ again: http://www.linuximq.net ++ * ++ * ++ *	       2004/06/30 - New version of IMQ patch to kernels <=2.6.7 including ++ *	       the following changes: ++ * ++ *	       - Correction of ipv6 support "+"s issue (Hasso Tepper) ++ *	       - Correction of imq_init_devs() issue that resulted in  ++ *	       kernel OOPS unloading IMQ as module (Norbert Buchmuller) ++ *	       - Addition of functionality to choose number of IMQ devices ++ *	       during kernel config (Andre Correa) ++ *	       - Addition of functionality to choose how IMQ hooks on  ++ *	       PRE and POSTROUTING (after or before NAT) (Andre Correa) ++ *	       - Cosmetic corrections (Norbert Buchmuller) (Andre Correa) ++ * ++ * ++ *             2005/12/16 - IMQ versions between 2.6.7 and 2.6.13 were  ++ *             released with almost no problems. 2.6.14-x was released  ++ *             with some important changes: nfcache was removed; After  ++ *             some weeks of trouble we figured out that some IMQ fields  ++ *             in skb were missing in skbuff.c - skb_clone and copy_skb_header. ++ *             These functions are correctly patched by this new patch version. ++ * ++ *             Thanks for all who helped to figure out all the problems with  ++ *             2.6.14.x: Patrick McHardy, Rune Kock, VeNoMouS, Max CtRiX, ++ *             Kevin Shanahan, Richard Lucassen, Valery Dachev (hopefully  ++ *             I didn't forget anybody). I apologize again for my lack of time. ++ * ++ *             More info at: http://www.linuximq.net/ (Andre Correa) ++ */ ++ ++#include <linux/config.h> ++#include <linux/module.h> ++#include <linux/kernel.h> ++#include <linux/moduleparam.h> ++#include <linux/skbuff.h> ++#include <linux/netdevice.h> ++#include <linux/rtnetlink.h> ++#include <linux/if_arp.h> ++#include <linux/netfilter.h> ++#include <linux/netfilter_ipv4.h> ++#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE) ++	#include <linux/netfilter_ipv6.h> ++#endif ++#include <linux/imq.h> ++#include <net/pkt_sched.h> ++ ++static nf_hookfn imq_nf_hook; ++ ++static struct nf_hook_ops imq_ingress_ipv4 = { ++       .hook           = imq_nf_hook, ++       .owner          = THIS_MODULE, ++       .pf             = PF_INET, ++       .hooknum        = NF_IP_PRE_ROUTING, ++#if defined(CONFIG_IMQ_BEHAVIOR_BA) || defined(CONFIG_IMQ_BEHAVIOR_BB) ++       .priority       = NF_IP_PRI_MANGLE + 1 ++#else ++       .priority       = NF_IP_PRI_NAT_DST + 1 ++#endif ++}; ++ ++static struct nf_hook_ops imq_egress_ipv4 = { ++       .hook           = imq_nf_hook, ++       .owner          = THIS_MODULE, ++       .pf             = PF_INET, ++       .hooknum        = NF_IP_POST_ROUTING, ++#if defined(CONFIG_IMQ_BEHAVIOR_AA) || defined(CONFIG_IMQ_BEHAVIOR_BA) ++       .priority       = NF_IP_PRI_LAST ++#else ++       .priority       = NF_IP_PRI_NAT_SRC - 1 ++#endif ++}; ++ ++#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE) ++static struct nf_hook_ops imq_ingress_ipv6 = { ++       .hook           = imq_nf_hook, ++       .owner          = THIS_MODULE, ++       .pf             = PF_INET6, ++       .hooknum        = NF_IP6_PRE_ROUTING, ++#if defined(CONFIG_IMQ_BEHAVIOR_BA) || defined(CONFIG_IMQ_BEHAVIOR_BB) ++       .priority       = NF_IP6_PRI_MANGLE + 1 ++#else ++       .priority       = NF_IP6_PRI_NAT_DST + 1 ++#endif ++}; ++ ++static struct nf_hook_ops imq_egress_ipv6 = { ++       .hook           = imq_nf_hook, ++       .owner          = THIS_MODULE, ++       .pf             = PF_INET6, ++       .hooknum        = NF_IP6_POST_ROUTING, ++#if defined(CONFIG_IMQ_BEHAVIOR_AA) || defined(CONFIG_IMQ_BEHAVIOR_BA) ++       .priority       = NF_IP6_PRI_LAST ++#else ++       .priority       = NF_IP6_PRI_NAT_SRC - 1 ++#endif ++}; ++#endif ++ ++#if defined(CONFIG_IMQ_NUM_DEVS) ++static unsigned int numdevs = CONFIG_IMQ_NUM_DEVS; ++#else ++static unsigned int numdevs = 2; ++#endif ++ ++static struct net_device *imq_devs; ++ ++static struct net_device_stats *imq_get_stats(struct net_device *dev) ++{ ++       return (struct net_device_stats *)dev->priv; ++} ++ ++/* called for packets kfree'd in qdiscs at places other than enqueue */ ++static void imq_skb_destructor(struct sk_buff *skb) ++{ ++       struct nf_info *info = skb->nf_info; ++ ++       if (info) { ++               if (info->indev) ++                       dev_put(info->indev); ++               if (info->outdev) ++                       dev_put(info->outdev); ++               kfree(info); ++       } ++} ++ ++static int imq_dev_xmit(struct sk_buff *skb, struct net_device *dev) ++{ ++       struct net_device_stats *stats = (struct net_device_stats*) dev->priv; ++ ++       stats->tx_bytes += skb->len; ++       stats->tx_packets++; ++ ++       skb->imq_flags = 0; ++       skb->destructor = NULL; ++ ++       dev->trans_start = jiffies; ++       nf_reinject(skb, skb->nf_info, NF_ACCEPT); ++       return 0; ++} ++ ++static int imq_nf_queue(struct sk_buff *skb, struct nf_info *info, unsigned queue_num, void *data) ++{ ++       struct net_device *dev; ++       struct net_device_stats *stats; ++       struct sk_buff *skb2 = NULL; ++       struct Qdisc *q; ++       unsigned int index = skb->imq_flags&IMQ_F_IFMASK; ++       int ret = -1; ++ ++       if (index > numdevs)  ++               return -1; ++ ++       dev = imq_devs + index; ++       if (!(dev->flags & IFF_UP)) { ++               skb->imq_flags = 0; ++               nf_reinject(skb, info, NF_ACCEPT); ++               return 0; ++       } ++       dev->last_rx = jiffies; ++ ++       if (skb->destructor) { ++               skb2 = skb; ++               skb = skb_clone(skb, GFP_ATOMIC); ++               if (!skb) ++                       return -1; ++       } ++       skb->nf_info = info; ++ ++       stats = (struct net_device_stats *)dev->priv; ++       stats->rx_bytes+= skb->len; ++       stats->rx_packets++; ++ ++       spin_lock_bh(&dev->queue_lock); ++       q = dev->qdisc; ++       if (q->enqueue) { ++               q->enqueue(skb_get(skb), q); ++               if (skb_shared(skb)) { ++                       skb->destructor = imq_skb_destructor; ++                       kfree_skb(skb); ++                       ret = 0; ++               } ++       } ++       if (spin_is_locked(&dev->xmit_lock)) ++               netif_schedule(dev); ++       else ++ ++        while (!netif_queue_stopped(dev) && ++               qdisc_restart(dev)<0) ++                /* NOTHING */; ++ ++       spin_unlock_bh(&dev->queue_lock); ++ ++       if (skb2) ++               kfree_skb(ret ? skb : skb2); ++ ++       return ret; ++} ++ ++static struct nf_queue_handler nfqh = { ++       .name  = "imq", ++       .outfn = imq_nf_queue, ++}; ++ ++static unsigned int imq_nf_hook(unsigned int hook, struct sk_buff **pskb, ++                  const struct net_device *indev, ++                  const struct net_device *outdev, ++                  int (*okfn)(struct sk_buff *)) ++{ ++       if ((*pskb)->imq_flags & IMQ_F_ENQUEUE) ++               return NF_QUEUE; ++ ++       return NF_ACCEPT; ++} ++ ++ ++static int __init imq_init_hooks(void) ++{ ++       int err; ++ ++       err = nf_register_queue_handler(PF_INET, &nfqh); ++       if (err > 0) ++               goto err1; ++       if ((err = nf_register_hook(&imq_ingress_ipv4))) ++               goto err2; ++       if ((err = nf_register_hook(&imq_egress_ipv4))) ++               goto err3; ++#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE) ++       if ((err = nf_register_queue_handler(PF_INET6, &nfqh))) ++               goto err4; ++       if ((err = nf_register_hook(&imq_ingress_ipv6))) ++               goto err5; ++       if ((err = nf_register_hook(&imq_egress_ipv6))) ++               goto err6; ++#endif ++ ++       return 0; ++ ++#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE) ++err6: ++       nf_unregister_hook(&imq_ingress_ipv6); ++err5: ++       nf_unregister_queue_handler(PF_INET6); ++err4: ++       nf_unregister_hook(&imq_egress_ipv6); ++#endif ++err3: ++       nf_unregister_hook(&imq_ingress_ipv4); ++err2: ++       nf_unregister_queue_handler(PF_INET); ++err1: ++       return err; ++} ++ ++static void __exit imq_unhook(void) ++{ ++       nf_unregister_hook(&imq_ingress_ipv4); ++       nf_unregister_hook(&imq_egress_ipv4); ++       nf_unregister_queue_handler(PF_INET); ++#if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE) ++       nf_unregister_hook(&imq_ingress_ipv6); ++       nf_unregister_hook(&imq_egress_ipv6); ++       nf_unregister_queue_handler(PF_INET6); ++#endif ++} ++ ++static int __init imq_dev_init(struct net_device *dev) ++{ ++       dev->hard_start_xmit    = imq_dev_xmit; ++       dev->type               = ARPHRD_VOID; ++       dev->mtu                = 1500; ++       dev->tx_queue_len       = 30; ++       dev->flags              = IFF_NOARP; ++       dev->priv = kmalloc(sizeof(struct net_device_stats), GFP_KERNEL); ++       if (dev->priv == NULL) ++               return -ENOMEM; ++       memset(dev->priv, 0, sizeof(struct net_device_stats)); ++       dev->get_stats          = imq_get_stats; ++ ++       return 0; ++} ++ ++static void imq_dev_uninit(struct net_device *dev) ++{ ++       kfree(dev->priv); ++} ++ ++static int __init imq_init_devs(void) ++{ ++       struct net_device *dev; ++       int i,j; ++       j = numdevs; ++ ++       if (!numdevs || numdevs > IMQ_MAX_DEVS) { ++               printk(KERN_ERR "IMQ: numdevs has to be betweed 1 and %u\n", ++                      IMQ_MAX_DEVS); ++               return -EINVAL; ++       } ++ ++       imq_devs = kmalloc(sizeof(struct net_device) * numdevs, GFP_KERNEL); ++       if (!imq_devs) ++               return -ENOMEM; ++       memset(imq_devs, 0, sizeof(struct net_device) * numdevs); ++ ++       /* we start counting at zero */ ++       numdevs--; ++ ++       for (i = 0, dev = imq_devs; i <= numdevs; i++, dev++) { ++               SET_MODULE_OWNER(dev); ++               strcpy(dev->name, "imq%d"); ++               dev->init   = imq_dev_init; ++               dev->uninit = imq_dev_uninit; ++ ++               if (register_netdev(dev) < 0) ++                       goto err_register; ++       } ++       printk(KERN_INFO "IMQ starting with %u devices...\n", j); ++       return 0; ++ ++err_register: ++       for (; i; i--) ++               unregister_netdev(--dev); ++       kfree(imq_devs); ++       return -EIO; ++} ++ ++static void imq_cleanup_devs(void) ++{ ++       int i; ++       struct net_device *dev = imq_devs; ++ ++       for (i = 0; i <= numdevs; i++) ++               unregister_netdev(dev++); ++ ++       kfree(imq_devs); ++} ++ ++static int __init imq_init_module(void) ++{ ++       int err; ++ ++       if ((err = imq_init_devs())) { ++               printk(KERN_ERR "IMQ: Error trying imq_init_devs()\n"); ++               return err; ++       } ++       if ((err = imq_init_hooks())) { ++               printk(KERN_ERR "IMQ: Error trying imq_init_hooks()\n"); ++               imq_cleanup_devs(); ++               return err; ++       } ++ ++       printk(KERN_INFO "IMQ driver loaded successfully.\n"); ++ ++#if defined(CONFIG_IMQ_BEHAVIOR_BA) || defined(CONFIG_IMQ_BEHAVIOR_BB) ++       printk(KERN_INFO "\tHooking IMQ before NAT on PREROUTING.\n"); ++#else ++       printk(KERN_INFO "\tHooking IMQ after NAT on PREROUTING.\n"); ++#endif ++#if defined(CONFIG_IMQ_BEHAVIOR_AB) || defined(CONFIG_IMQ_BEHAVIOR_BB) ++       printk(KERN_INFO "\tHooking IMQ before NAT on POSTROUTING.\n"); ++#else ++       printk(KERN_INFO "\tHooking IMQ after NAT on POSTROUTING.\n"); ++#endif ++ ++       return 0; ++} ++ ++static void __exit imq_cleanup_module(void) ++{ ++       imq_unhook(); ++       imq_cleanup_devs(); ++       printk(KERN_INFO "IMQ driver unloaded successfully.\n"); ++} ++ ++ ++module_init(imq_init_module); ++module_exit(imq_cleanup_module); ++ ++module_param(numdevs, int, 0); ++MODULE_PARM_DESC(numdevs, "number of IMQ devices (how many imq* devices will be created)"); ++MODULE_AUTHOR("http://www.linuximq.net"); ++MODULE_DESCRIPTION("Pseudo-driver for the intermediate queue device. See http://www.linuximq.net/ for more information."); ++MODULE_LICENSE("GPL"); +diff -Nrub linux-2.6.14/include/linux/imq.h linux-2.6.14-imq/include/linux/imq.h +--- linux-2.6.14/include/linux/imq.h	1970-01-01 00:00:00.000000000 +0000 ++++ linux-2.6.14-imq/include/linux/imq.h	2005-12-16 16:28:05.000000000 +0000 +@@ -0,0 +1,9 @@ ++#ifndef _IMQ_H ++#define _IMQ_H ++ ++#define IMQ_MAX_DEVS   16 ++ ++#define IMQ_F_IFMASK   0x7f ++#define IMQ_F_ENQUEUE  0x80 ++ ++#endif /* _IMQ_H */ +diff -Nrub linux-2.6.14/include/linux/netfilter_ipv4/ipt_IMQ.h linux-2.6.14-imq/include/linux/netfilter_ipv4/ipt_IMQ.h +--- linux-2.6.14/include/linux/netfilter_ipv4/ipt_IMQ.h	1970-01-01 00:00:00.000000000 +0000 ++++ linux-2.6.14-imq/include/linux/netfilter_ipv4/ipt_IMQ.h	2005-12-16 16:28:05.000000000 +0000 +@@ -0,0 +1,8 @@ ++#ifndef _IPT_IMQ_H ++#define _IPT_IMQ_H ++ ++struct ipt_imq_info { ++       unsigned int todev;     /* target imq device */ ++}; ++ ++#endif /* _IPT_IMQ_H */ +diff -Nrub linux-2.6.14/include/linux/netfilter_ipv6/ip6t_IMQ.h linux-2.6.14-imq/include/linux/netfilter_ipv6/ip6t_IMQ.h +--- linux-2.6.14/include/linux/netfilter_ipv6/ip6t_IMQ.h	1970-01-01 00:00:00.000000000 +0000 ++++ linux-2.6.14-imq/include/linux/netfilter_ipv6/ip6t_IMQ.h	2005-12-16 16:28:05.000000000 +0000 +@@ -0,0 +1,8 @@ ++#ifndef _IP6T_IMQ_H ++#define _IP6T_IMQ_H ++ ++struct ip6t_imq_info { ++       unsigned int todev;     /* target imq device */ ++}; ++ ++#endif /* _IP6T_IMQ_H */ +diff -Nrub linux-2.6.14/include/linux/skbuff.h linux-2.6.14-imq/include/linux/skbuff.h +--- linux-2.6.14/include/linux/skbuff.h	2005-10-28 00:02:08.000000000 +0000 ++++ linux-2.6.14-imq/include/linux/skbuff.h	2005-12-16 16:28:05.000000000 +0000 +@@ -271,6 +271,10 @@ + #if defined(CONFIG_IP_VS) || defined(CONFIG_IP_VS_MODULE) + 	__u8			ipvs_property:1; + #endif ++#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE) ++	unsigned char           imq_flags; ++	struct nf_info          *nf_info; ++#endif + #ifdef CONFIG_BRIDGE_NETFILTER + 	struct nf_bridge_info	*nf_bridge; + #endif +diff -Nrub linux-2.6.14/net/core/skbuff.c linux-2.6.14-imq/net/core/skbuff.c +--- linux-2.6.14/net/core/skbuff.c	2005-10-28 00:02:08.000000000 +0000 ++++ linux-2.6.14-imq/net/core/skbuff.c	2005-12-16 16:28:05.000000000 +0000 +@@ -413,6 +413,10 @@ + #if defined(CONFIG_IP_VS) || defined(CONFIG_IP_VS_MODULE) + 	C(ipvs_property); + #endif ++#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE) ++	C(imq_flags); ++	C(nf_info); ++#endif /*CONFIG_IMQ*/ + #ifdef CONFIG_BRIDGE_NETFILTER + 	C(nf_bridge); + 	nf_bridge_get(skb->nf_bridge); +@@ -473,6 +477,10 @@ + #if defined(CONFIG_IP_VS) || defined(CONFIG_IP_VS_MODULE) + 	new->ipvs_property = old->ipvs_property; + #endif ++#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE) ++	new->imq_flags	= old->imq_flags; ++	new->nf_info	= old->nf_info; ++#endif /*CONFIG_IMQ*/ + #ifdef CONFIG_BRIDGE_NETFILTER + 	new->nf_bridge	= old->nf_bridge; + 	nf_bridge_get(old->nf_bridge); +diff -Nrub linux-2.6.14/net/ipv4/netfilter/Kconfig linux-2.6.14-imq/net/ipv4/netfilter/Kconfig +--- linux-2.6.14/net/ipv4/netfilter/Kconfig	2005-10-28 00:02:08.000000000 +0000 ++++ linux-2.6.14-imq/net/ipv4/netfilter/Kconfig	2005-12-16 16:28:05.000000000 +0000 +@@ -489,6 +489,17 @@ +  + 	  To compile it as a module, choose M here.  If unsure, say N. +  ++config IP_NF_TARGET_IMQ ++       tristate "IMQ target support" ++       depends on IP_NF_MANGLE ++       help ++         This option adds a `IMQ' target which is used to specify if and ++         to which IMQ device packets should get enqueued/dequeued. ++ ++	 For more information visit: http://www.linuximq.net/ ++ ++         To compile it as a module, choose M here.  If unsure, say N. ++ + config IP_NF_TARGET_LOG + 	tristate "LOG target support" + 	depends on IP_NF_IPTABLES +diff -Nrub linux-2.6.14/net/ipv4/netfilter/Makefile linux-2.6.14-imq/net/ipv4/netfilter/Makefile +--- linux-2.6.14/net/ipv4/netfilter/Makefile	2005-10-28 00:02:08.000000000 +0000 ++++ linux-2.6.14-imq/net/ipv4/netfilter/Makefile	2005-12-16 16:28:05.000000000 +0000 +@@ -80,6 +80,7 @@ + obj-$(CONFIG_IP_NF_TARGET_ECN) += ipt_ECN.o + obj-$(CONFIG_IP_NF_TARGET_DSCP) += ipt_DSCP.o + obj-$(CONFIG_IP_NF_TARGET_MARK) += ipt_MARK.o ++obj-$(CONFIG_IP_NF_TARGET_IMQ) += ipt_IMQ.o + obj-$(CONFIG_IP_NF_TARGET_MASQUERADE) += ipt_MASQUERADE.o + obj-$(CONFIG_IP_NF_TARGET_REDIRECT) += ipt_REDIRECT.o + obj-$(CONFIG_IP_NF_TARGET_NETMAP) += ipt_NETMAP.o +diff -Nrub linux-2.6.14/net/ipv4/netfilter/ipt_IMQ.c linux-2.6.14-imq/net/ipv4/netfilter/ipt_IMQ.c +--- linux-2.6.14/net/ipv4/netfilter/ipt_IMQ.c	1970-01-01 00:00:00.000000000 +0000 ++++ linux-2.6.14-imq/net/ipv4/netfilter/ipt_IMQ.c	2005-12-16 16:28:05.000000000 +0000 +@@ -0,0 +1,80 @@ ++/* ++ * This target marks packets to be enqueued to an imq device ++ */ ++#include <linux/module.h> ++#include <linux/skbuff.h> ++#include <linux/netfilter_ipv4/ip_tables.h> ++#include <linux/netfilter_ipv4/ipt_IMQ.h> ++#include <linux/imq.h> ++ ++static unsigned int imq_target(struct sk_buff **pskb, ++                              const struct net_device *in, ++                              const struct net_device *out, ++                              unsigned int hooknum, ++                              const void *targinfo, ++                              void *userdata) ++{ ++       struct ipt_imq_info *mr = (struct ipt_imq_info*)targinfo; ++ ++       (*pskb)->imq_flags = mr->todev | IMQ_F_ENQUEUE; ++ ++       return IPT_CONTINUE; ++} ++ ++static int imq_checkentry(const char *tablename, ++                         const struct ipt_entry *e, ++                         void *targinfo, ++                         unsigned int targinfosize, ++                         unsigned int hook_mask) ++{ ++       struct ipt_imq_info *mr; ++ ++       if (targinfosize != IPT_ALIGN(sizeof(struct ipt_imq_info))) { ++               printk(KERN_WARNING "IMQ: invalid targinfosize\n"); ++               return 0; ++       } ++       mr = (struct ipt_imq_info*)targinfo; ++ ++       if (strcmp(tablename, "mangle") != 0) { ++               printk(KERN_WARNING ++                      "IMQ: IMQ can only be called from \"mangle\" table, not \"%s\"\n", ++                      tablename); ++               return 0; ++       } ++ ++       if (mr->todev > IMQ_MAX_DEVS) { ++               printk(KERN_WARNING ++                      "IMQ: invalid device specified, highest is %u\n", ++                      IMQ_MAX_DEVS); ++               return 0; ++       } ++ ++       return 1; ++} ++ ++static struct ipt_target ipt_imq_reg = { ++       .name           = "IMQ", ++       .target         = imq_target, ++       .checkentry     = imq_checkentry, ++       .me             = THIS_MODULE ++}; ++ ++static int __init init(void) ++{ ++       if (ipt_register_target(&ipt_imq_reg)) ++               return -EINVAL; ++ ++       return 0; ++} ++ ++static void __exit fini(void) ++{ ++       ipt_unregister_target(&ipt_imq_reg); ++} ++ ++module_init(init); ++module_exit(fini); ++ ++MODULE_AUTHOR("http://www.linuximq.net"); ++MODULE_DESCRIPTION("Pseudo-driver for the intermediate queue device. See http://www.linuximq.net/ for more information."); ++MODULE_LICENSE("GPL"); +diff -Nrub linux-2.6.14/net/ipv6/netfilter/Kconfig linux-2.6.14-imq/net/ipv6/netfilter/Kconfig +--- linux-2.6.14/net/ipv6/netfilter/Kconfig	2005-10-28 00:02:08.000000000 +0000 ++++ linux-2.6.14-imq/net/ipv6/netfilter/Kconfig	2005-12-16 16:28:05.000000000 +0000 +@@ -190,6 +190,15 @@ +  + 	  To compile it as a module, choose M here.  If unsure, say N. +  ++config IP6_NF_TARGET_IMQ ++	tristate "IMQ target support" ++	depends on IP6_NF_MANGLE ++	help ++          This option adds a `IMQ' target which is used to specify if and ++          to which imq device packets should get enqueued/dequeued. ++ ++          To compile it as a module, choose M here.  If unsure, say N. ++ + config IP6_NF_TARGET_LOG + 	tristate "LOG target support" + 	depends on IP6_NF_FILTER +diff -Nrub linux-2.6.14/net/ipv6/netfilter/Makefile linux-2.6.14-imq/net/ipv6/netfilter/Makefile +--- linux-2.6.14/net/ipv6/netfilter/Makefile	2005-10-28 00:02:08.000000000 +0000 ++++ linux-2.6.14-imq/net/ipv6/netfilter/Makefile	2005-12-16 16:28:05.000000000 +0000 +@@ -6,6 +6,7 @@ + obj-$(CONFIG_IP6_NF_IPTABLES) += ip6_tables.o + obj-$(CONFIG_IP6_NF_MATCH_LIMIT) += ip6t_limit.o + obj-$(CONFIG_IP6_NF_MATCH_MARK) += ip6t_mark.o ++obj-$(CONFIG_IP6_NF_TARGET_IMQ) += ip6t_IMQ.o + obj-$(CONFIG_IP6_NF_MATCH_LENGTH) += ip6t_length.o + obj-$(CONFIG_IP6_NF_MATCH_MAC) += ip6t_mac.o + obj-$(CONFIG_IP6_NF_MATCH_RT) += ip6t_rt.o +diff -Nrub linux-2.6.14/net/ipv6/netfilter/ip6t_IMQ.c linux-2.6.14-imq/net/ipv6/netfilter/ip6t_IMQ.c +--- linux-2.6.14/net/ipv6/netfilter/ip6t_IMQ.c	1970-01-01 00:00:00.000000000 +0000 ++++ linux-2.6.14-imq/net/ipv6/netfilter/ip6t_IMQ.c	2005-12-16 16:28:05.000000000 +0000 +@@ -0,0 +1,80 @@ ++/* ++ * This target marks packets to be enqueued to an imq device ++ */ ++#include <linux/module.h> ++#include <linux/skbuff.h> ++#include <linux/netfilter_ipv6/ip6_tables.h> ++#include <linux/netfilter_ipv6/ip6t_IMQ.h> ++#include <linux/imq.h> ++ ++static unsigned int imq_target(struct sk_buff **pskb, ++                              unsigned int hooknum, ++                              const struct net_device *in, ++                              const struct net_device *out, ++                              const void *targinfo, ++                              void *userdata) ++{ ++       struct ip6t_imq_info *mr = (struct ip6t_imq_info*)targinfo; ++ ++       (*pskb)->imq_flags = mr->todev | IMQ_F_ENQUEUE; ++ ++       return IP6T_CONTINUE; ++} ++ ++static int imq_checkentry(const char *tablename, ++                         const struct ip6t_entry *e, ++                         void *targinfo, ++                         unsigned int targinfosize, ++                         unsigned int hook_mask) ++{ ++       struct ip6t_imq_info *mr; ++ ++       if (targinfosize != IP6T_ALIGN(sizeof(struct ip6t_imq_info))) { ++               printk(KERN_WARNING "IMQ: invalid targinfosize\n"); ++               return 0; ++       } ++       mr = (struct ip6t_imq_info*)targinfo; ++ ++       if (strcmp(tablename, "mangle") != 0) { ++               printk(KERN_WARNING ++                      "IMQ: IMQ can only be called from \"mangle\" table, not \"%s\"\n", ++                      tablename); ++               return 0; ++       } ++ ++       if (mr->todev > IMQ_MAX_DEVS) { ++               printk(KERN_WARNING ++                      "IMQ: invalid device specified, highest is %u\n", ++                      IMQ_MAX_DEVS); ++               return 0; ++       } ++ ++       return 1; ++} ++ ++static struct ip6t_target ip6t_imq_reg = { ++       .name           = "IMQ", ++       .target         = imq_target, ++       .checkentry     = imq_checkentry, ++       .me             = THIS_MODULE ++}; ++ ++static int __init init(void) ++{ ++       if (ip6t_register_target(&ip6t_imq_reg)) ++               return -EINVAL; ++ ++       return 0; ++} ++ ++static void __exit fini(void) ++{ ++       ip6t_unregister_target(&ip6t_imq_reg); ++} ++ ++module_init(init); ++module_exit(fini); ++ ++MODULE_AUTHOR("http://www.linuximq.net"); ++MODULE_DESCRIPTION("Pseudo-driver for the intermediate queue device. See http://www.linuximq.net/ for more information."); ++MODULE_LICENSE("GPL"); +diff -Nrub linux-2.6.14/net/sched/sch_generic.c linux-2.6.14-imq/net/sched/sch_generic.c +--- linux-2.6.14/net/sched/sch_generic.c	2005-10-28 00:02:08.000000000 +0000 ++++ linux-2.6.14-imq/net/sched/sch_generic.c	2005-12-16 16:28:05.000000000 +0000 +@@ -29,6 +29,9 @@ + #include <linux/netdevice.h> + #include <linux/skbuff.h> + #include <linux/rtnetlink.h> ++#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE) ++#include <linux/imq.h> ++#endif + #include <linux/init.h> + #include <linux/rcupdate.h> + #include <linux/list.h> +@@ -136,7 +139,13 @@ +  + 			if (!netif_queue_stopped(dev)) { + 				int ret; +-				if (netdev_nit) ++ ++                                if (netdev_nit ++#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE) ++                                  && !(skb->imq_flags & IMQ_F_ENQUEUE) ++#endif ++                                  ) ++ + 					dev_queue_xmit_nit(skb, dev); +  + 				ret = dev->hard_start_xmit(skb, dev); diff --git a/target/linux/x86-2.6/config b/target/linux/x86-2.6/config index fbeb42530..9eeee7d28 100644 --- a/target/linux/x86-2.6/config +++ b/target/linux/x86-2.6/config @@ -379,6 +379,7 @@ CONFIG_IP_NF_MATCH_CONNBYTES=m  CONFIG_IP_NF_MATCH_STRING=m  CONFIG_IP_NF_FILTER=y  CONFIG_IP_NF_TARGET_REJECT=y +CONFIG_IP_NF_TARGET_IMQ=m  CONFIG_IP_NF_TARGET_LOG=m  CONFIG_IP_NF_TARGET_ULOG=m  CONFIG_IP_NF_TARGET_TCPMSS=y @@ -439,6 +440,7 @@ CONFIG_IP6_NF_MATCH_MARK=m  CONFIG_IP6_NF_MATCH_LENGTH=m  CONFIG_IP6_NF_MATCH_EUI64=m  CONFIG_IP6_NF_FILTER=m +CONFIG_IP6_NF_TARGET_IMQ=m  CONFIG_IP6_NF_TARGET_LOG=m  CONFIG_IP6_NF_TARGET_REJECT=m  CONFIG_IP6_NF_TARGET_NFQUEUE=m @@ -933,6 +935,12 @@ CONFIG_NETDEVICES=y  # CONFIG_DUMMY is not set  CONFIG_BONDING=m  # CONFIG_EQUALIZER is not set +CONFIG_IMQ=m +# CONFIG_IMQ_BEHAVIOR_AA is not set +# CONFIG_IMQ_BEHAVIOR_AB is not set +CONFIG_IMQ_BEHAVIOR_BA=y +# CONFIG_IMQ_BEHAVIOR_BB is not set +CONFIG_IMQ_NUM_DEVS=2  CONFIG_TUN=m  # CONFIG_NET_SB1000 is not set | 
