From: Florian Fainelli Date: Fri, 18 Aug 2006 15:37:51 +0000 (+0000) Subject: Add ipt_CLASSIFY target, closes #696 X-Git-Tag: whiterussian_rc6~176 X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=a063d77c90f9dd4e84661bde495e5ca90bd5d149;p=openwrt%2Fsvn-archive%2Fopenwrt.git Add ipt_CLASSIFY target, closes #696 SVN-Revision: 4597 --- diff --git a/openwrt/target/linux/Config.in b/openwrt/target/linux/Config.in index 78c40f8ec4..7b100130d0 100644 --- a/openwrt/target/linux/Config.in +++ b/openwrt/target/linux/Config.in @@ -91,6 +91,7 @@ config BR2_PACKAGE_KMOD_IPT_IPOPT Netfilter (IPv4) kernel modules for matching/changing IP packet options Includes: + * ipt_CLASSIFY * ipt_dscp/DSCP * ipt_ecn/ECN * ipt_length diff --git a/openwrt/target/linux/linux-2.4/config/brcm b/openwrt/target/linux/linux-2.4/config/brcm index ad0491ea8d..216a22cf19 100644 --- a/openwrt/target/linux/linux-2.4/config/brcm +++ b/openwrt/target/linux/linux-2.4/config/brcm @@ -409,6 +409,7 @@ CONFIG_IP_NF_TARGET_TOS=m CONFIG_IP_NF_TARGET_ECN=m CONFIG_IP_NF_TARGET_DSCP=m CONFIG_IP_NF_TARGET_MARK=y +CONFIG_IP_NF_TARGET_CLASSIFY=m CONFIG_IP_NF_TARGET_IMQ=m CONFIG_IP_NF_TARGET_CONNMARK=m CONFIG_IP_NF_TARGET_LOG=m diff --git a/openwrt/target/linux/linux-2.4/patches/generic/119-netfilter_classify.patch b/openwrt/target/linux/linux-2.4/patches/generic/119-netfilter_classify.patch new file mode 100644 index 0000000000..c9f9392534 --- /dev/null +++ b/openwrt/target/linux/linux-2.4/patches/generic/119-netfilter_classify.patch @@ -0,0 +1,120 @@ +diff -uprN linux-2.4.32.reference/include/linux/netfilter_ipv4/ipt_CLASSIFY.h linux-2.4.32/include/linux/netfilter_ipv4/ipt_CLASSIFY.h +--- linux-2.4.32.reference/include/linux/netfilter_ipv4/ipt_CLASSIFY.h 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.4.32/include/linux/netfilter_ipv4/ipt_CLASSIFY.h 2006-08-17 12:33:08.000000000 +0200 +@@ -0,0 +1,8 @@ ++#ifndef _IPT_CLASSIFY_H ++#define _IPT_CLASSIFY_H ++ ++struct ipt_classify_target_info { ++ u_int32_t priority; ++}; ++ ++#endif /*_IPT_CLASSIFY_H */ +diff -uprN linux-2.4.32.reference/net/ipv4/netfilter/Config.in linux-2.4.32/net/ipv4/netfilter/Config.in +--- linux-2.4.32.reference/net/ipv4/netfilter/Config.in 2006-08-17 12:28:16.000000000 +0200 ++++ linux-2.4.32/net/ipv4/netfilter/Config.in 2006-08-17 12:33:08.000000000 +0200 +@@ -172,6 +172,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; + dep_tristate ' DSCP target support' CONFIG_IP_NF_TARGET_DSCP $CONFIG_IP_NF_MANGLE + + dep_tristate ' MARK target support' CONFIG_IP_NF_TARGET_MARK $CONFIG_IP_NF_MANGLE ++ dep_tristate ' CLASSIFY target support (EXPERIMENTAL)' CONFIG_IP_NF_TARGET_CLASSIFY $CONFIG_IP_NF_MANGLE + dep_tristate ' IMQ target support' CONFIG_IP_NF_TARGET_IMQ $CONFIG_IP_NF_MANGLE + fi + if [ "$CONFIG_IP_NF_CONNTRACK_MARK" != "n" ]; then +diff -uprN linux-2.4.32.reference/net/ipv4/netfilter/ipt_CLASSIFY.c linux-2.4.32/net/ipv4/netfilter/ipt_CLASSIFY.c +--- linux-2.4.32.reference/net/ipv4/netfilter/ipt_CLASSIFY.c 1970-01-01 01:00:00.000000000 +0100 ++++ linux-2.4.32/net/ipv4/netfilter/ipt_CLASSIFY.c 2006-08-17 12:33:08.000000000 +0200 +@@ -0,0 +1,82 @@ ++/* ++ * This is a module which is used for setting the skb->priority field ++ * of an skb for qdisc classification. ++ */ ++ ++#include ++#include ++#include ++#include ++ ++#include ++#include ++ ++MODULE_AUTHOR("Patrick McHardy "); ++MODULE_LICENSE("GPL"); ++MODULE_DESCRIPTION("iptables qdisc classification target module"); ++ ++static unsigned int ++target(struct sk_buff **pskb, ++ unsigned int hooknum, ++ const struct net_device *in, ++ const struct net_device *out, ++ const void *targinfo, ++ void *userinfo) ++{ ++ const struct ipt_classify_target_info *clinfo = targinfo; ++ ++ if((*pskb)->priority != clinfo->priority) { ++ (*pskb)->priority = clinfo->priority; ++ (*pskb)->nfcache |= NFC_ALTERED; ++ } ++ ++ return IPT_CONTINUE; ++} ++ ++static int ++checkentry(const char *tablename, ++ const struct ipt_entry *e, ++ void *targinfo, ++ unsigned int targinfosize, ++ unsigned int hook_mask) ++{ ++ if (targinfosize != IPT_ALIGN(sizeof(struct ipt_classify_target_info))){ ++ printk(KERN_ERR "CLASSIFY: invalid size (%u != %u).\n", ++ targinfosize, ++ IPT_ALIGN(sizeof(struct ipt_classify_target_info))); ++ return 0; ++ } ++ ++ if (hook_mask & ~(1 << NF_IP_POST_ROUTING)) { ++ printk(KERN_ERR "CLASSIFY: only valid in POST_ROUTING.\n"); ++ return 0; ++ } ++ ++ if (strcmp(tablename, "mangle") != 0) { ++ printk(KERN_WARNING "CLASSIFY: can only be called from " ++ "\"mangle\" table, not \"%s\".\n", ++ tablename); ++ return 0; ++ } ++ ++ return 1; ++} ++ ++static struct ipt_target ipt_classify_reg ++= { { NULL, NULL }, "CLASSIFY", target, checkentry, NULL, THIS_MODULE }; ++ ++static int __init init(void) ++{ ++ if (ipt_register_target(&ipt_classify_reg)) ++ return -EINVAL; ++ ++ return 0; ++} ++ ++static void __exit fini(void) ++{ ++ ipt_unregister_target(&ipt_classify_reg); ++} ++ ++module_init(init); ++module_exit(fini); +diff -uprN linux-2.4.32.reference/net/ipv4/netfilter/Makefile linux-2.4.32/net/ipv4/netfilter/Makefile +--- linux-2.4.32.reference/net/ipv4/netfilter/Makefile 2006-08-17 12:28:16.000000000 +0200 ++++ linux-2.4.32/net/ipv4/netfilter/Makefile 2006-08-17 12:33:08.000000000 +0200 +@@ -134,6 +134,7 @@ obj-$(CONFIG_IP_NF_MATCH_LAYER7) += ipt_ + + # targets + obj-$(CONFIG_IP_NF_TARGET_REJECT) += ipt_REJECT.o ++obj-$(CONFIG_IP_NF_TARGET_CLASSIFY) += ipt_CLASSIFY.o + obj-$(CONFIG_IP_NF_TARGET_MIRROR) += ipt_MIRROR.o + obj-$(CONFIG_IP_NF_TARGET_TOS) += ipt_TOS.o + obj-$(CONFIG_IP_NF_TARGET_ECN) += ipt_ECN.o diff --git a/openwrt/target/linux/netfilter.mk b/openwrt/target/linux/netfilter.mk index b1ed2378bb..aee35c5d07 100644 --- a/openwrt/target/linux/netfilter.mk +++ b/openwrt/target/linux/netfilter.mk @@ -26,6 +26,7 @@ IPT_IMQ-m := IPT_IMQ-$(CONFIG_IP_NF_TARGET_IMQ) += ipt_IMQ IPT_IPOPT-m := +IPT_IPOPT-$(CONFIG_IP_NF_TARGET_CLASSIFY) += ipt_CLASSIFY IPT_IPOPT-$(CONFIG_IP_NF_MATCH_DSCP) += ipt_dscp IPT_IPOPT-$(CONFIG_IP_NF_TARGET_DSCP) += ipt_DSCP IPT_IPOPT-$(CONFIG_IP_NF_MATCH_ECN) += ipt_ecn