Add ipt_CLASSIFY target, closes #696

author Florian Fainelli <florian@openwrt.org>

Fri, 18 Aug 2006 15:37:51 +0000 (15:37 +0000)

committer Florian Fainelli <florian@openwrt.org>

Fri, 18 Aug 2006 15:37:51 +0000 (15:37 +0000)
author Florian Fainelli <florian@openwrt.org>
Fri, 18 Aug 2006 15:37:51 +0000 (15:37 +0000)
committer Florian Fainelli <florian@openwrt.org>
Fri, 18 Aug 2006 15:37:51 +0000 (15:37 +0000)
diff --git a/openwrt/target/linux/Config.in b/openwrt/target/linux/Config.in

index 78c40f8ec427d33742ab7b9a1e2ba8110f325f85..7b100130d00f3d2f50c4728d17d2739d5a329fd3 100644 (file)
--- a/openwrt/target/linux/Config.in
+++ b/openwrt/target/linux/Config.in
@@ -91,6 +91,7 @@ config BR2_PACKAGE_KMOD_IPT_IPOPT
           Netfilter (IPv4) kernel modules for matching/changing IP packet options
           
           Includes:
+           * ipt_CLASSIFY
             * ipt_dscp/DSCP
             * ipt_ecn/ECN
             * ipt_length
diff --git a/openwrt/target/linux/linux-2.4/config/brcm b/openwrt/target/linux/linux-2.4/config/brcm

index ad0491ea8daf6909e9de366c558b89efe48b89ca..216a22cf199120a3da00c26156e1c0d5e57e4234 100644 (file)
--- a/openwrt/target/linux/linux-2.4/config/brcm
+++ b/openwrt/target/linux/linux-2.4/config/brcm
@@ -409,6 +409,7 @@ CONFIG_IP_NF_TARGET_TOS=m
  CONFIG_IP_NF_TARGET_ECN=m
  CONFIG_IP_NF_TARGET_DSCP=m
  CONFIG_IP_NF_TARGET_MARK=y
+CONFIG_IP_NF_TARGET_CLASSIFY=m
  CONFIG_IP_NF_TARGET_IMQ=m
  CONFIG_IP_NF_TARGET_CONNMARK=m
  CONFIG_IP_NF_TARGET_LOG=m
diff --git a/openwrt/target/linux/linux-2.4/patches/generic/119-netfilter_classify.patch b/openwrt/target/linux/linux-2.4/patches/generic/119-netfilter_classify.patch

new file mode 100644 (file)

index 0000000..c9f9392
--- /dev/null
+++ b/openwrt/target/linux/linux-2.4/patches/generic/119-netfilter_classify.patch
@@ -0,0 +1,120 @@
+diff -uprN linux-2.4.32.reference/include/linux/netfilter_ipv4/ipt_CLASSIFY.h linux-2.4.32/include/linux/netfilter_ipv4/ipt_CLASSIFY.h
+--- linux-2.4.32.reference/include/linux/netfilter_ipv4/ipt_CLASSIFY.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-2.4.32/include/linux/netfilter_ipv4/ipt_CLASSIFY.h   2006-08-17 12:33:08.000000000 +0200
+@@ -0,0 +1,8 @@
++#ifndef _IPT_CLASSIFY_H
++#define _IPT_CLASSIFY_H
++
++struct ipt_classify_target_info {
++      u_int32_t priority;
++};
++
++#endif /*_IPT_CLASSIFY_H */
+diff -uprN linux-2.4.32.reference/net/ipv4/netfilter/Config.in linux-2.4.32/net/ipv4/netfilter/Config.in
+--- linux-2.4.32.reference/net/ipv4/netfilter/Config.in        2006-08-17 12:28:16.000000000 +0200
++++ linux-2.4.32/net/ipv4/netfilter/Config.in  2006-08-17 12:33:08.000000000 +0200
+@@ -172,6 +172,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; 
+     dep_tristate '    DSCP target support' CONFIG_IP_NF_TARGET_DSCP $CONFIG_IP_NF_MANGLE
+  
+     dep_tristate '    MARK target support' CONFIG_IP_NF_TARGET_MARK $CONFIG_IP_NF_MANGLE
++    dep_tristate '    CLASSIFY target support (EXPERIMENTAL)' CONFIG_IP_NF_TARGET_CLASSIFY $CONFIG_IP_NF_MANGLE
+     dep_tristate '    IMQ target support' CONFIG_IP_NF_TARGET_IMQ $CONFIG_IP_NF_MANGLE
+   fi
+   if [ "$CONFIG_IP_NF_CONNTRACK_MARK" != "n" ]; then
+diff -uprN linux-2.4.32.reference/net/ipv4/netfilter/ipt_CLASSIFY.c linux-2.4.32/net/ipv4/netfilter/ipt_CLASSIFY.c
+--- linux-2.4.32.reference/net/ipv4/netfilter/ipt_CLASSIFY.c   1970-01-01 01:00:00.000000000 +0100
++++ linux-2.4.32/net/ipv4/netfilter/ipt_CLASSIFY.c     2006-08-17 12:33:08.000000000 +0200
+@@ -0,0 +1,82 @@
++/*
++ * This is a module which is used for setting the skb->priority field
++ * of an skb for qdisc classification.
++ */
++
++#include <linux/module.h>
++#include <linux/skbuff.h>
++#include <linux/ip.h>
++#include <net/checksum.h>
++
++#include <linux/netfilter_ipv4/ip_tables.h>
++#include <linux/netfilter_ipv4/ipt_CLASSIFY.h>
++
++MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
++MODULE_LICENSE("GPL");
++MODULE_DESCRIPTION("iptables qdisc classification target module");
++
++static unsigned int
++target(struct sk_buff **pskb,
++       unsigned int hooknum,
++       const struct net_device *in,
++       const struct net_device *out,
++       const void *targinfo,
++       void *userinfo)
++{
++      const struct ipt_classify_target_info *clinfo = targinfo;
++
++      if((*pskb)->priority != clinfo->priority) {
++              (*pskb)->priority = clinfo->priority;
++              (*pskb)->nfcache |= NFC_ALTERED;
++      }
++
++      return IPT_CONTINUE;
++}
++
++static int
++checkentry(const char *tablename,
++           const struct ipt_entry *e,
++           void *targinfo,
++           unsigned int targinfosize,
++           unsigned int hook_mask)
++{
++      if (targinfosize != IPT_ALIGN(sizeof(struct ipt_classify_target_info))){
++              printk(KERN_ERR "CLASSIFY: invalid size (%u != %u).\n",
++                     targinfosize,
++                     IPT_ALIGN(sizeof(struct ipt_classify_target_info)));
++              return 0;
++      }
++      
++      if (hook_mask & ~(1 << NF_IP_POST_ROUTING)) {
++              printk(KERN_ERR "CLASSIFY: only valid in POST_ROUTING.\n");
++              return 0;
++      }
++
++      if (strcmp(tablename, "mangle") != 0) {
++              printk(KERN_WARNING "CLASSIFY: can only be called from "
++                                  "\"mangle\" table, not \"%s\".\n",
++                                  tablename);
++              return 0;
++      }
++
++      return 1;
++}
++
++static struct ipt_target ipt_classify_reg
++= { { NULL, NULL }, "CLASSIFY", target, checkentry, NULL, THIS_MODULE };
++
++static int __init init(void)
++{
++      if (ipt_register_target(&ipt_classify_reg))
++              return -EINVAL;
++
++      return 0;
++}
++
++static void __exit fini(void)
++{
++      ipt_unregister_target(&ipt_classify_reg);
++}
++
++module_init(init);
++module_exit(fini);
+diff -uprN linux-2.4.32.reference/net/ipv4/netfilter/Makefile linux-2.4.32/net/ipv4/netfilter/Makefile
+--- linux-2.4.32.reference/net/ipv4/netfilter/Makefile 2006-08-17 12:28:16.000000000 +0200
++++ linux-2.4.32/net/ipv4/netfilter/Makefile   2006-08-17 12:33:08.000000000 +0200
+@@ -134,6 +134,7 @@ obj-$(CONFIG_IP_NF_MATCH_LAYER7) += ipt_
+ 
+ # targets
+ obj-$(CONFIG_IP_NF_TARGET_REJECT) += ipt_REJECT.o
++obj-$(CONFIG_IP_NF_TARGET_CLASSIFY) += ipt_CLASSIFY.o
+ obj-$(CONFIG_IP_NF_TARGET_MIRROR) += ipt_MIRROR.o
+ obj-$(CONFIG_IP_NF_TARGET_TOS) += ipt_TOS.o
+ obj-$(CONFIG_IP_NF_TARGET_ECN) += ipt_ECN.o
diff --git a/openwrt/target/linux/netfilter.mk b/openwrt/target/linux/netfilter.mk

index b1ed2378bb25f71242d404ef76b367ea28acd4f1..aee35c5d07324e61a6cd20ecabfda1c57531e23a 100644 (file)
--- a/openwrt/target/linux/netfilter.mk
+++ b/openwrt/target/linux/netfilter.mk
@@ -26,6 +26,7 @@ IPT_IMQ-m :=
  IPT_IMQ-$(CONFIG_IP_NF_TARGET_IMQ) += ipt_IMQ
  
  IPT_IPOPT-m :=
+IPT_IPOPT-$(CONFIG_IP_NF_TARGET_CLASSIFY) += ipt_CLASSIFY
  IPT_IPOPT-$(CONFIG_IP_NF_MATCH_DSCP) += ipt_dscp
  IPT_IPOPT-$(CONFIG_IP_NF_TARGET_DSCP) += ipt_DSCP
  IPT_IPOPT-$(CONFIG_IP_NF_MATCH_ECN) += ipt_ecn
author	Florian Fainelli <florian@openwrt.org>
	Fri, 18 Aug 2006 15:37:51 +0000 (15:37 +0000)
committer	Florian Fainelli <florian@openwrt.org>
	Fri, 18 Aug 2006 15:37:51 +0000 (15:37 +0000)
openwrt/target/linux/Config.in		patch \| blob \| history
openwrt/target/linux/linux-2.4/config/brcm		patch \| blob \| history
openwrt/target/linux/linux-2.4/patches/generic/119-netfilter_classify.patch	[new file with mode: 0644]	patch \| blob
openwrt/target/linux/netfilter.mk		patch \| blob \| history