[packages/kernel.git] / pom-ng-IPMARK-20060829.patch

 include/linux/netfilter_ipv4/ipt_IPMARK.h |   13 ++++
 net/ipv4/netfilter/Kconfig                |   18 +++++
 net/ipv4/netfilter/Makefile               |    1 
 net/ipv4/netfilter/ipt_IPMARK.c           |   96 ++++++++++++++++++++++++++++++
 4 files changed, 128 insertions(+)

diff -Nur --exclude '*.orig' linux.org/include/linux/netfilter_ipv4/ipt_IPMARK.h linux/include/linux/netfilter_ipv4/ipt_IPMARK.h
--- linux.org/include/linux/netfilter_ipv4/ipt_IPMARK.h	1970-01-01 00:00:00.000000000 +0000
+++ linux/include/linux/netfilter_ipv4/ipt_IPMARK.h	2006-08-29 12:27:47.000000000 +0000
@@ -0,0 +1,13 @@
+#ifndef _IPT_IPMARK_H_target
+#define _IPT_IPMARK_H_target
+
+struct ipt_ipmark_target_info {
+	unsigned long andmask;
+	unsigned long ormask;
+	unsigned char addr;
+};
+
+#define IPT_IPMARK_SRC    0
+#define IPT_IPMARK_DST    1
+
+#endif /*_IPT_IPMARK_H_target*/
diff -Nur --exclude '*.orig' linux.org/net/ipv4/netfilter/ipt_IPMARK.c linux/net/ipv4/netfilter/ipt_IPMARK.c
--- linux.org/net/ipv4/netfilter/ipt_IPMARK.c	1970-01-01 00:00:00.000000000 +0000
+++ linux/net/ipv4/netfilter/ipt_IPMARK.c	2006-08-29 12:27:47.000000000 +0000
@@ -0,0 +1,96 @@
+#include <linux/module.h>
+#include <linux/skbuff.h>
+#include <linux/version.h>
+#include <linux/ip.h>
+#include <net/checksum.h>
+
+#include <linux/netfilter_ipv4/ip_tables.h>
+#include <linux/netfilter_ipv4/ipt_IPMARK.h>
+
+MODULE_AUTHOR("Grzegorz Janoszka <Grzegorz@Janoszka.pl>");
+MODULE_DESCRIPTION("IP tables IPMARK: mark based on ip address");
+MODULE_LICENSE("GPL");
+
+static unsigned int
+target(struct sk_buff **pskb,
+       const struct net_device *in,
+       const struct net_device *out,
+       unsigned int hooknum,
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+       const struct xt_target *target,
+#endif
+       const void *targinfo,
+       void *userinfo)
+{
+	const struct ipt_ipmark_target_info *ipmarkinfo = targinfo;
+	struct iphdr *iph = (*pskb)->nh.iph;
+	unsigned long mark;
+
+	if (ipmarkinfo->addr == IPT_IPMARK_SRC)
+		mark = (unsigned long) ntohl(iph->saddr);
+	else
+		mark = (unsigned long) ntohl(iph->daddr);
+
+	mark &= ipmarkinfo->andmask;
+	mark |= ipmarkinfo->ormask;
+	
+	if ((*pskb)->nfmark != mark)
+		(*pskb)->nfmark = mark;
+
+	return IPT_CONTINUE;
+}
+
+static int
+checkentry(const char *tablename,
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,16)
+	   const void *e,
+#else
+	   const struct ipt_entry *e,
+#endif
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+	   const struct xt_target *target,
+#endif
+           void *targinfo,
+           unsigned int targinfosize,
+           unsigned int hook_mask)
+{
+
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17)
+	if (targinfosize != IPT_ALIGN(sizeof(struct ipt_ipmark_target_info))) {
+		printk(KERN_WARNING "IPMARK: targinfosize %u != %Zu\n",
+		       targinfosize,
+		       IPT_ALIGN(sizeof(struct ipt_ipmark_target_info)));
+		return 0;
+	}
+#endif
+
+	if (strcmp(tablename, "mangle") != 0) {
+		printk(KERN_WARNING "IPMARK: can only be called from \"mangle\" table, not \"%s\"\n", tablename);
+		return 0;
+	}
+
+	return 1;
+}
+
+static struct ipt_target ipt_ipmark_reg = { 
+	.name		= "IPMARK",
+	.target		= target,
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+	.targetsize	= sizeof(struct ipt_ipmark_target_info),
+#endif
+	.checkentry	= checkentry,
+	.me		= THIS_MODULE
+};
+
+static int __init init(void)
+{
+	return ipt_register_target(&ipt_ipmark_reg);
+}
+
+static void __exit fini(void)
+{
+	ipt_unregister_target(&ipt_ipmark_reg);
+}
+
+module_init(init);
+module_exit(fini);
diff -Nur --exclude '*.orig' linux.org/net/ipv4/netfilter/Kconfig linux/net/ipv4/netfilter/Kconfig
--- linux.org/net/ipv4/netfilter/Kconfig	2006-06-18 01:49:35.000000000 +0000
+++ linux/net/ipv4/netfilter/Kconfig	2006-08-29 12:27:47.000000000 +0000
@@ -613,5 +613,23 @@
 	  Allows altering the ARP packet payload: source and destination
 	  hardware and network addresses.
 
+config IP_NF_TARGET_IPMARK
+	tristate  'IPMARK target support'
+	depends on IP_NF_MANGLE
+	help
+	  This option adds a `IPMARK' target, which allows you to create rules
+	  in the `mangle' table which alter the netfilter mark field basing
+	  on the source or destination ip address of the packet.
+	  This is very useful for very fast massive shaping - using only one
+	  rule you can direct packets to houndreds different queues.
+	  You will probably find it helpful only if your linux machine acts as
+	  a shaper for many others computers.
+
+	  If you want to compile it as a module, say M here and read
+	  <file:Documentation/modules.txt>. The module will be called
+	  ipt_IPMARK.o.  If unsure, say `N'.
+
+
+
 endmenu
 
diff -Nur --exclude '*.orig' linux.org/net/ipv4/netfilter/Makefile linux/net/ipv4/netfilter/Makefile
--- linux.org/net/ipv4/netfilter/Makefile	2006-06-18 01:49:35.000000000 +0000
+++ linux/net/ipv4/netfilter/Makefile	2006-08-29 12:27:47.000000000 +0000
@@ -0,0 +0,1 @@
+obj-$(CONFIG_IP_NF_TARGET_IPMARK) += ipt_IPMARK.o
Commit	Line	Data
4f957025	1	include/linux/netfilter_ipv4/ipt_IPMARK.h \| 13 ++++
	2	net/ipv4/netfilter/Kconfig \| 18 +++++
	3	net/ipv4/netfilter/Makefile \| 1
	4	net/ipv4/netfilter/ipt_IPMARK.c \| 96 ++++++++++++++++++++++++++++++
	5	4 files changed, 128 insertions(+)
	6
	7	diff -Nur --exclude '*.orig' linux.org/include/linux/netfilter_ipv4/ipt_IPMARK.h linux/include/linux/netfilter_ipv4/ipt_IPMARK.h
	8	--- linux.org/include/linux/netfilter_ipv4/ipt_IPMARK.h 1970-01-01 00:00:00.000000000 +0000
	9	+++ linux/include/linux/netfilter_ipv4/ipt_IPMARK.h 2006-08-29 12:27:47.000000000 +0000
	10	@@ -0,0 +1,13 @@
	11	+#ifndef _IPT_IPMARK_H_target
	12	+#define _IPT_IPMARK_H_target
	13	+
	14	+struct ipt_ipmark_target_info {
	15	+ unsigned long andmask;
	16	+ unsigned long ormask;
	17	+ unsigned char addr;
	18	+};
	19	+
	20	+#define IPT_IPMARK_SRC 0
	21	+#define IPT_IPMARK_DST 1
	22	+
	23	+#endif /_IPT_IPMARK_H_target/
	24	diff -Nur --exclude '*.orig' linux.org/net/ipv4/netfilter/ipt_IPMARK.c linux/net/ipv4/netfilter/ipt_IPMARK.c
	25	--- linux.org/net/ipv4/netfilter/ipt_IPMARK.c 1970-01-01 00:00:00.000000000 +0000
	26	+++ linux/net/ipv4/netfilter/ipt_IPMARK.c 2006-08-29 12:27:47.000000000 +0000
	27	@@ -0,0 +1,96 @@
	28	+#include <linux/module.h>
	29	+#include <linux/skbuff.h>
	30	+#include <linux/version.h>
	31	+#include <linux/ip.h>
	32	+#include <net/checksum.h>
	33	+
	34	+#include <linux/netfilter_ipv4/ip_tables.h>
	35	+#include <linux/netfilter_ipv4/ipt_IPMARK.h>
	36	+
	37	+MODULE_AUTHOR("Grzegorz Janoszka <Grzegorz@Janoszka.pl>");
	38	+MODULE_DESCRIPTION("IP tables IPMARK: mark based on ip address");
	39	+MODULE_LICENSE("GPL");
	40	+
	41	+static unsigned int
	42	+target(struct sk_buff **pskb,
	43	+ const struct net_device *in,
	44	+ const struct net_device *out,
	45	+ unsigned int hooknum,
	46	+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
	47	+ const struct xt_target *target,
	48	+#endif
	49	+ const void *targinfo,
	50	+ void *userinfo)
	51	+{
	52	+ const struct ipt_ipmark_target_info *ipmarkinfo = targinfo;
	53	+ struct iphdr iph = (pskb)->nh.iph;
	54	+ unsigned long mark;
	55	+
	56	+ if (ipmarkinfo->addr == IPT_IPMARK_SRC)
	57	+ mark = (unsigned long) ntohl(iph->saddr);
	58	+ else
	59	+ mark = (unsigned long) ntohl(iph->daddr);
	60	+
	61	+ mark &= ipmarkinfo->andmask;
	62	+ mark \|= ipmarkinfo->ormask;
	63	+
	64	+ if ((*pskb)->nfmark != mark)
65	+ (*pskb)->nfmark = mark;
66	+
67	+ return IPT_CONTINUE;
68	+}
69	+
70	+static int
71	+checkentry(const char *tablename,
72	+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,16)
73	+ const void *e,
74	+#else
75	+ const struct ipt_entry *e,
76	+#endif
77	+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
78	+ const struct xt_target *target,
79	+#endif
80	+ void *targinfo,
81	+ unsigned int targinfosize,
82	+ unsigned int hook_mask)
83	+{
84	+
85	+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17)
86	+ if (targinfosize != IPT_ALIGN(sizeof(struct ipt_ipmark_target_info))) {
87	+ printk(KERN_WARNING "IPMARK: targinfosize %u != %Zu\n",
88	+ targinfosize,
89	+ IPT_ALIGN(sizeof(struct ipt_ipmark_target_info)));
90	+ return 0;
91	+ }
92	+#endif
93	+
94	+ if (strcmp(tablename, "mangle") != 0) {
95	+ printk(KERN_WARNING "IPMARK: can only be called from \"mangle\" table, not \"%s\"\n", tablename);
96	+ return 0;
97	+ }
98	+
99	+ return 1;
100	+}
101	+
102	+static struct ipt_target ipt_ipmark_reg = {
103	+ .name = "IPMARK",
104	+ .target = target,
105	+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
106	+ .targetsize = sizeof(struct ipt_ipmark_target_info),
107	+#endif
108	+ .checkentry = checkentry,
109	+ .me = THIS_MODULE
110	+};
111	+
112	+static int __init init(void)
113	+{
114	+ return ipt_register_target(&ipt_ipmark_reg);
115	+}
116	+
117	+static void __exit fini(void)
118	+{
119	+ ipt_unregister_target(&ipt_ipmark_reg);
120	+}
121	+
122	+module_init(init);
123	+module_exit(fini);
124	diff -Nur --exclude '*.orig' linux.org/net/ipv4/netfilter/Kconfig linux/net/ipv4/netfilter/Kconfig
125	--- linux.org/net/ipv4/netfilter/Kconfig 2006-06-18 01:49:35.000000000 +0000
126	+++ linux/net/ipv4/netfilter/Kconfig 2006-08-29 12:27:47.000000000 +0000
127	@@ -613,5 +613,23 @@
128	Allows altering the ARP packet payload: source and destination
129	hardware and network addresses.
130
131	+config IP_NF_TARGET_IPMARK
132	+ tristate 'IPMARK target support'
133	+ depends on IP_NF_MANGLE
134	+ help
135	+ This option adds a `IPMARK' target, which allows you to create rules
136	+ in the `mangle' table which alter the netfilter mark field basing
137	+ on the source or destination ip address of the packet.
138	+ This is very useful for very fast massive shaping - using only one
139	+ rule you can direct packets to houndreds different queues.
140	+ You will probably find it helpful only if your linux machine acts as
141	+ a shaper for many others computers.
142	+
143	+ If you want to compile it as a module, say M here and read
144	+ <file:Documentation/modules.txt>. The module will be called
145	+ ipt_IPMARK.o. If unsure, say `N'.
146	+
147	+
148	+
149	endmenu
150
151	diff -Nur --exclude '*.orig' linux.org/net/ipv4/netfilter/Makefile linux/net/ipv4/netfilter/Makefile
152	--- linux.org/net/ipv4/netfilter/Makefile 2006-06-18 01:49:35.000000000 +0000
153	+++ linux/net/ipv4/netfilter/Makefile 2006-08-29 12:27:47.000000000 +0000
154	@@ -0,0 +0,1 @@
155	+obj-$(CONFIG_IP_NF_TARGET_IPMARK) += ipt_IPMARK.o