-diff -uNr --exclude='*~' linux-2.6.27.21/drivers/net/imq.c linux-2.6.27.21-imq/drivers/net/imq.c
---- linux-2.6.27.21/drivers/net/imq.c 1970-01-01 02:00:00.000000000 +0200
-+++ linux-2.6.27.21-imq/drivers/net/imq.c 2009-04-20 23:52:22.712017559 +0300
-@@ -0,0 +1,566 @@
-+/*
-+ * Pseudo-driver for the intermediate queue device.
-+ *
-+ * This program is free software; you can redistribute it and/or
-+ * modify it under the terms of the GNU General Public License
-+ * as published by the Free Software Foundation; either version
-+ * 2 of the License, or (at your option) any later version.
-+ *
-+ * Authors: Patrick McHardy, <kaber@trash.net>
-+ *
-+ * The first version was written by Martin Devera, <devik@cdi.cz>
-+ *
-+ * Credits: Jan Rafaj <imq2t@cedric.vabo.cz>
-+ * - Update patch to 2.4.21
-+ * Sebastian Strollo <sstrollo@nortelnetworks.com>
-+ * - Fix "Dead-loop on netdevice imq"-issue
-+ * Marcel Sebek <sebek64@post.cz>
-+ * - Update to 2.6.2-rc1
-+ *
-+ * After some time of inactivity there is a group taking care
-+ * of IMQ again: http://www.linuximq.net
-+ *
-+ *
-+ * 2004/06/30 - New version of IMQ patch to kernels <=2.6.7
-+ * including the following changes:
-+ *
-+ * - Correction of ipv6 support "+"s issue (Hasso Tepper)
-+ * - Correction of imq_init_devs() issue that resulted in
-+ * kernel OOPS unloading IMQ as module (Norbert Buchmuller)
-+ * - Addition of functionality to choose number of IMQ devices
-+ * during kernel config (Andre Correa)
-+ * - Addition of functionality to choose how IMQ hooks on
-+ * PRE and POSTROUTING (after or before NAT) (Andre Correa)
-+ * - Cosmetic corrections (Norbert Buchmuller) (Andre Correa)
-+ *
-+ *
-+ * 2005/12/16 - IMQ versions between 2.6.7 and 2.6.13 were
-+ * released with almost no problems. 2.6.14-x was released
-+ * with some important changes: nfcache was removed; After
-+ * some weeks of trouble we figured out that some IMQ fields
-+ * in skb were missing in skbuff.c - skb_clone and copy_skb_header.
-+ * These functions are correctly patched by this new patch version.
-+ *
-+ * Thanks for all who helped to figure out all the problems with
-+ * 2.6.14.x: Patrick McHardy, Rune Kock, VeNoMouS, Max CtRiX,
-+ * Kevin Shanahan, Richard Lucassen, Valery Dachev (hopefully
-+ * I didn't forget anybody). I apologize again for my lack of time.
-+ *
-+ *
-+ * 2008/06/17 - 2.6.25 - Changed imq.c to use qdisc_run() instead
-+ * of qdisc_restart() and moved qdisc_run() to tasklet to avoid
-+ * recursive locking. New initialization routines to fix 'rmmod' not
-+ * working anymore. Used code from ifb.c. (Jussi Kivilinna)
-+ *
-+ * 2008/08/06 - 2.6.26 - (JK)
-+ * - Replaced tasklet with 'netif_schedule()'.
-+ * - Cleaned up and added comments for imq_nf_queue().
-+ *
-+ * 2009/04/12
-+ * - Add skb_save_cb/skb_restore_cb helper functions for backuping
-+ * control buffer. This is needed because qdisc-layer on kernels
-+ * 2.6.27 and newer overwrite control buffer. (Jussi Kivilinna)
-+ * - Add better locking for IMQ device. Hopefully this will solve
-+ * SMP issues. (Jussi Kivilinna)
-+ * - Port to 2.6.27
-+ *
-+ * 2009/04/20 - (Jussi Kivilinna)
-+ * - Fix rmmod not working
-+ * - Use netdevice feature flags to avoid extra packet handling
-+ * by core networking layer and possibly increase performance.
-+ *
-+ * Also, many thanks to pablo Sebastian Greco for making the initial
-+ * patch and to those who helped the testing.
-+ *
-+ * More info at: http://www.linuximq.net/ (Andre Correa)
-+ */
-+
-+#include <linux/module.h>
-+#include <linux/kernel.h>
-+#include <linux/moduleparam.h>
-+#include <linux/list.h>
-+#include <linux/skbuff.h>
-+#include <linux/netdevice.h>
-+#include <linux/etherdevice.h>
-+#include <linux/rtnetlink.h>
-+#include <linux/if_arp.h>
-+#include <linux/netfilter.h>
-+#include <linux/netfilter_ipv4.h>
-+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
-+ #include <linux/netfilter_ipv6.h>
-+#endif
-+#include <linux/imq.h>
-+#include <net/pkt_sched.h>
-+#include <net/netfilter/nf_queue.h>
-+
-+static nf_hookfn imq_nf_hook;
-+
-+static struct nf_hook_ops imq_ingress_ipv4 = {
-+ .hook = imq_nf_hook,
-+ .owner = THIS_MODULE,
-+ .pf = PF_INET,
-+ .hooknum = NF_INET_PRE_ROUTING,
-+#if defined(CONFIG_IMQ_BEHAVIOR_BA) || defined(CONFIG_IMQ_BEHAVIOR_BB)
-+ .priority = NF_IP_PRI_MANGLE + 1
-+#else
-+ .priority = NF_IP_PRI_NAT_DST + 1
-+#endif
-+};
-+
-+static struct nf_hook_ops imq_egress_ipv4 = {
-+ .hook = imq_nf_hook,
-+ .owner = THIS_MODULE,
-+ .pf = PF_INET,
-+ .hooknum = NF_INET_POST_ROUTING,
-+#if defined(CONFIG_IMQ_BEHAVIOR_AA) || defined(CONFIG_IMQ_BEHAVIOR_BA)
-+ .priority = NF_IP_PRI_LAST
-+#else
-+ .priority = NF_IP_PRI_NAT_SRC - 1
-+#endif
-+};
-+
-+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
-+static struct nf_hook_ops imq_ingress_ipv6 = {
-+ .hook = imq_nf_hook,
-+ .owner = THIS_MODULE,
-+ .pf = PF_INET6,
-+ .hooknum = NF_INET_PRE_ROUTING,
-+#if defined(CONFIG_IMQ_BEHAVIOR_BA) || defined(CONFIG_IMQ_BEHAVIOR_BB)
-+ .priority = NF_IP6_PRI_MANGLE + 1
-+#else
-+ .priority = NF_IP6_PRI_NAT_DST + 1
-+#endif
-+};
-+
-+static struct nf_hook_ops imq_egress_ipv6 = {
-+ .hook = imq_nf_hook,
-+ .owner = THIS_MODULE,
-+ .pf = PF_INET6,
-+ .hooknum = NF_INET_POST_ROUTING,
-+#if defined(CONFIG_IMQ_BEHAVIOR_AA) || defined(CONFIG_IMQ_BEHAVIOR_BA)
-+ .priority = NF_IP6_PRI_LAST
-+#else
-+ .priority = NF_IP6_PRI_NAT_SRC - 1
-+#endif
-+};
-+#endif
-+
-+#if defined(CONFIG_IMQ_NUM_DEVS)
-+static unsigned int numdevs = CONFIG_IMQ_NUM_DEVS;
-+#else
-+static unsigned int numdevs = IMQ_MAX_DEVS;
-+#endif
-+
-+static DEFINE_SPINLOCK(imq_nf_queue_lock);
-+
-+static struct net_device *imq_devs_cache[IMQ_MAX_DEVS];
-+
-+
-+static struct net_device_stats *imq_get_stats(struct net_device *dev)
-+{
-+ return &dev->stats;
-+}
-+
-+/* called for packets kfree'd in qdiscs at places other than enqueue */
-+static void imq_skb_destructor(struct sk_buff *skb)
-+{
-+ struct nf_queue_entry *entry = skb->nf_queue_entry;
-+
-+ if (entry) {
-+ nf_queue_entry_release_refs(entry);
-+ kfree(entry);
-+ }
-+
-+ skb_restore_cb(skb); /* kfree backup */
-+}
-+
-+static void imq_nf_reinject(struct nf_queue_entry *entry, unsigned int verdict)
-+{
-+ int status;
-+
-+ if (!entry->next_outfn) {
-+ spin_lock_bh(&imq_nf_queue_lock);
-+ nf_reinject(entry, verdict);
-+ spin_unlock_bh(&imq_nf_queue_lock);
-+ return;
-+ }
-+
-+ rcu_read_lock();
-+ local_bh_disable();
-+ status = entry->next_outfn(entry, entry->next_queuenum);
-+ local_bh_enable();
-+ if (status < 0) {
-+ nf_queue_entry_release_refs(entry);
-+ kfree_skb(entry->skb);
-+ kfree(entry);
-+ }
-+
-+ rcu_read_unlock();
-+}
-+
-+static int imq_dev_xmit(struct sk_buff *skb, struct net_device *dev)
-+{
-+ dev->stats.tx_bytes += skb->len;
-+ dev->stats.tx_packets++;
-+
-+ skb->imq_flags = 0;
-+ skb->destructor = NULL;
-+
-+ skb_restore_cb(skb); /* restore skb->cb */
-+
-+ dev->trans_start = jiffies;
-+ imq_nf_reinject(skb->nf_queue_entry, NF_ACCEPT);
-+ return 0;
-+}
-+
-+static int imq_nf_queue(struct nf_queue_entry *entry, unsigned queue_num)
-+{
-+ struct net_device *dev;
-+ struct sk_buff *skb_orig, *skb, *skb_shared;
-+ struct Qdisc *q;
-+ struct netdev_queue *txq;
-+ int users, index;
-+ int retval = -EINVAL;
-+
-+ index = entry->skb->imq_flags & IMQ_F_IFMASK;
-+ if (unlikely(index > numdevs - 1)) {
-+ if (net_ratelimit())
-+ printk(KERN_WARNING
-+ "IMQ: invalid device specified, highest is %u\n",
-+ numdevs - 1);
-+ retval = -EINVAL;
-+ goto out;
-+ }
-+
-+ /* check for imq device by index from cache */
-+ dev = imq_devs_cache[index];
-+ if (unlikely(!dev)) {
-+ char buf[8];
-+
-+ /* get device by name and cache result */
-+ snprintf(buf, sizeof(buf), "imq%d", index);
-+ dev = dev_get_by_name(&init_net, buf);
-+ if (!dev) {
-+ /* not found ?!*/
-+ BUG();
-+ retval = -ENODEV;
-+ goto out;
-+ }
-+
-+ imq_devs_cache[index] = dev;
-+ dev_put(dev);
-+ }
-+
-+ if (unlikely(!(dev->flags & IFF_UP))) {
-+ entry->skb->imq_flags = 0;
-+ imq_nf_reinject(entry, NF_ACCEPT);
-+ retval = 0;
-+ goto out;
-+ }
-+ dev->last_rx = jiffies;
-+
-+ skb = entry->skb;
-+ skb_orig = NULL;
-+
-+ /* skb has owner? => make clone */
-+ if (unlikely(skb->destructor)) {
-+ skb_orig = skb;
-+ skb = skb_clone(skb, GFP_ATOMIC);
-+ if (!skb) {
-+ retval = -ENOMEM;
-+ goto out;
-+ }
-+ entry->skb = skb;
-+ }
-+
-+ skb->nf_queue_entry = entry;
-+
-+ dev->stats.rx_bytes += skb->len;
-+ dev->stats.rx_packets++;
-+
-+ txq = dev_pick_tx(dev, skb);
-+
-+ q = rcu_dereference(txq->qdisc);
-+ if (unlikely(!q->enqueue))
-+ goto packet_not_eaten_by_imq_dev;
-+
-+ spin_lock_bh(qdisc_lock(q));
-+
-+ users = atomic_read(&skb->users);
-+
-+ skb_shared = skb_get(skb); /* increase reference count by one */
-+ skb_save_cb(skb_shared); /* backup skb->cb, as qdisc layer will
-+ overwrite it */
-+ qdisc_enqueue_root(skb_shared, q); /* might kfree_skb */
-+
-+ if (likely(atomic_read(&skb_shared->users) == users + 1)) {
-+ kfree_skb(skb_shared); /* decrease reference count by one */
-+
-+ skb->destructor = &imq_skb_destructor;
-+
-+ /* cloned? */
-+ if (skb_orig)
-+ kfree_skb(skb_orig); /* free original */
-+
-+ spin_unlock_bh(qdisc_lock(q));
-+
-+ /* schedule qdisc dequeue */
-+ __netif_schedule(q);
-+
-+ retval = 0;
-+ goto out;
-+ } else {
-+ skb_restore_cb(skb_shared); /* restore skb->cb */
-+ /* qdisc dropped packet and decreased skb reference count of
-+ * skb, so we don't really want to and try refree as that would
-+ * actually destroy the skb. */
-+ spin_unlock_bh(qdisc_lock(q));
-+ goto packet_not_eaten_by_imq_dev;
-+ }
-+
-+packet_not_eaten_by_imq_dev:
-+ /* cloned? restore original */
-+ if (skb_orig) {
-+ kfree_skb(skb);
-+ entry->skb = skb_orig;
-+ }
-+ retval = -1;
-+out:
-+ return retval;
-+}
-+
-+static struct nf_queue_handler nfqh = {
-+ .name = "imq",
-+ .outfn = imq_nf_queue,
-+};
-+
-+static unsigned int imq_nf_hook(unsigned int hook, struct sk_buff *pskb,
-+ const struct net_device *indev,
-+ const struct net_device *outdev,
-+ int (*okfn)(struct sk_buff *))
-+{
-+ if (pskb->imq_flags & IMQ_F_ENQUEUE)
-+ return NF_QUEUE;
-+
-+ return NF_ACCEPT;
-+}
-+
-+static int imq_close(struct net_device *dev)
-+{
-+ netif_stop_queue(dev);
-+ return 0;
-+}
-+
-+static int imq_open(struct net_device *dev)
-+{
-+ netif_start_queue(dev);
-+ return 0;
-+}
-+
-+static void imq_setup(struct net_device *dev)
-+{
-+ dev->hard_start_xmit = imq_dev_xmit;
-+ dev->open = imq_open;
-+ dev->get_stats = imq_get_stats;
-+ dev->stop = imq_close;
-+ dev->type = ARPHRD_VOID;
-+ dev->mtu = 16000;
-+ dev->tx_queue_len = 11000;
-+ dev->flags = IFF_NOARP;
-+ dev->features = NETIF_F_SG | NETIF_F_FRAGLIST |
-+ NETIF_F_GSO | NETIF_F_HW_CSUM |
-+ NETIF_F_HIGHDMA;
-+}
-+
-+static int imq_validate(struct nlattr *tb[], struct nlattr *data[])
-+{
-+ int ret = 0;
-+
-+ if (tb[IFLA_ADDRESS]) {
-+ if (nla_len(tb[IFLA_ADDRESS]) != ETH_ALEN) {
-+ ret = -EINVAL;
-+ goto end;
-+ }
-+ if (!is_valid_ether_addr(nla_data(tb[IFLA_ADDRESS]))) {
-+ ret = -EADDRNOTAVAIL;
-+ goto end;
-+ }
-+ }
-+ return 0;
-+end:
-+ printk(KERN_WARNING "IMQ: imq_validate failed (%d)\n", ret);
-+ return ret;
-+}
-+
-+static struct rtnl_link_ops imq_link_ops __read_mostly = {
-+ .kind = "imq",
-+ .priv_size = 0,
-+ .setup = imq_setup,
-+ .validate = imq_validate,
-+};
-+
-+static int __init imq_init_hooks(void)
-+{
-+ int err;
-+
-+ nf_register_queue_imq_handler(&nfqh);
-+
-+ err = nf_register_hook(&imq_ingress_ipv4);
-+ if (err)
-+ goto err1;
-+
-+ err = nf_register_hook(&imq_egress_ipv4);
-+ if (err)
-+ goto err2;
-+
-+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
-+ err = nf_register_hook(&imq_ingress_ipv6);
-+ if (err)
-+ goto err3;
-+
-+ err = nf_register_hook(&imq_egress_ipv6);
-+ if (err)
-+ goto err4;
-+#endif
-+
-+ return 0;
-+
-+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
-+err4:
-+ nf_unregister_hook(&imq_ingress_ipv6);
-+err3:
-+ nf_unregister_hook(&imq_egress_ipv4);
-+#endif
-+err2:
-+ nf_unregister_hook(&imq_ingress_ipv4);
-+err1:
-+ nf_unregister_queue_imq_handler();
-+ return err;
-+}
-+
-+static int __init imq_init_one(int index)
-+{
-+ struct net_device *dev;
-+ int ret;
-+
-+ dev = alloc_netdev(0, "imq%d", imq_setup);
-+ if (!dev)
-+ return -ENOMEM;
-+
-+ ret = dev_alloc_name(dev, dev->name);
-+ if (ret < 0)
-+ goto fail;
-+
-+ dev->rtnl_link_ops = &imq_link_ops;
-+ ret = register_netdevice(dev);
-+ if (ret < 0)
-+ goto fail;
-+
-+ return 0;
-+fail:
-+ free_netdev(dev);
-+ return ret;
-+}
-+
-+static int __init imq_init_devs(void)
-+{
-+ int err, i;
-+
-+ if (numdevs < 1 || numdevs > IMQ_MAX_DEVS) {
-+ printk(KERN_ERR "IMQ: numdevs has to be betweed 1 and %u\n",
-+ IMQ_MAX_DEVS);
-+ return -EINVAL;
-+ }
-+
-+ rtnl_lock();
-+ err = __rtnl_link_register(&imq_link_ops);
-+
-+ for (i = 0; i < numdevs && !err; i++)
-+ err = imq_init_one(i);
-+
-+ if (err) {
-+ __rtnl_link_unregister(&imq_link_ops);
-+ memset(imq_devs_cache, 0, sizeof(imq_devs_cache));
-+ }
-+ rtnl_unlock();
-+
-+ return err;
-+}
-+
-+static int __init imq_init_module(void)
-+{
-+ int err;
-+
-+#if defined(CONFIG_IMQ_NUM_DEVS)
-+ BUILD_BUG_ON(CONFIG_IMQ_NUM_DEVS > 16);
-+ BUILD_BUG_ON(CONFIG_IMQ_NUM_DEVS < 2);
-+ BUILD_BUG_ON(CONFIG_IMQ_NUM_DEVS - 1 > IMQ_F_IFMASK);
-+#endif
-+
-+ err = imq_init_devs();
-+ if (err) {
-+ printk(KERN_ERR "IMQ: Error trying imq_init_devs(net)\n");
-+ return err;
-+ }
-+
-+ err = imq_init_hooks();
-+ if (err) {
-+ printk(KERN_ERR "IMQ: Error trying imq_init_hooks()\n");
-+ rtnl_link_unregister(&imq_link_ops);
-+ memset(imq_devs_cache, 0, sizeof(imq_devs_cache));
-+ return err;
-+ }
-+
-+ printk(KERN_INFO "IMQ driver loaded successfully.\n");
-+
-+#if defined(CONFIG_IMQ_BEHAVIOR_BA) || defined(CONFIG_IMQ_BEHAVIOR_BB)
-+ printk(KERN_INFO "\tHooking IMQ before NAT on PREROUTING.\n");
-+#else
-+ printk(KERN_INFO "\tHooking IMQ after NAT on PREROUTING.\n");
-+#endif
-+#if defined(CONFIG_IMQ_BEHAVIOR_AB) || defined(CONFIG_IMQ_BEHAVIOR_BB)
-+ printk(KERN_INFO "\tHooking IMQ before NAT on POSTROUTING.\n");
-+#else
-+ printk(KERN_INFO "\tHooking IMQ after NAT on POSTROUTING.\n");
-+#endif
-+
-+ return 0;
-+}
-+
-+static void __exit imq_unhook(void)
-+{
-+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
-+ nf_unregister_hook(&imq_ingress_ipv6);
-+ nf_unregister_hook(&imq_egress_ipv6);
-+#endif
-+ nf_unregister_hook(&imq_ingress_ipv4);
-+ nf_unregister_hook(&imq_egress_ipv4);
-+
-+ nf_unregister_queue_imq_handler();
-+}
-+
-+static void __exit imq_cleanup_devs(void)
-+{
-+ rtnl_link_unregister(&imq_link_ops);
-+ memset(imq_devs_cache, 0, sizeof(imq_devs_cache));
-+}
-+
-+static void __exit imq_exit_module(void)
-+{
-+ imq_unhook();
-+ imq_cleanup_devs();
-+ printk(KERN_INFO "IMQ driver unloaded successfully.\n");
-+}
-+
-+module_init(imq_init_module);
-+module_exit(imq_exit_module);
-+
-+module_param(numdevs, int, 0);
-+MODULE_PARM_DESC(numdevs, "number of IMQ devices (how many imq* devices will "
-+ "be created)");
-+MODULE_AUTHOR("http://www.linuximq.net");
-+MODULE_DESCRIPTION("Pseudo-driver for the intermediate queue device. See "
-+ "http://www.linuximq.net/ for more information.");
-+MODULE_LICENSE("GPL");
-+MODULE_ALIAS_RTNL_LINK("imq");
-+
-diff -uNr --exclude='*~' linux-2.6.27.21/drivers/net/Kconfig linux-2.6.27.21-imq/drivers/net/Kconfig
---- linux-2.6.27.21/drivers/net/Kconfig 2009-03-24 00:04:09.000000000 +0200
-+++ linux-2.6.27.21-imq/drivers/net/Kconfig 2009-04-20 23:48:35.702017146 +0300
-@@ -109,6 +109,129 @@
- To compile this driver as a module, choose M here: the module
- will be called eql. If unsure, say N.
-
-+config IMQ
-+ tristate "IMQ (intermediate queueing device) support"
-+ depends on NETDEVICES && NETFILTER
-+ ---help---
-+ The IMQ device(s) is used as placeholder for QoS queueing
-+ disciplines. Every packet entering/leaving the IP stack can be
-+ directed through the IMQ device where it's enqueued/dequeued to the
-+ attached qdisc. This allows you to treat network devices as classes
-+ and distribute bandwidth among them. Iptables is used to specify
-+ through which IMQ device, if any, packets travel.
-+
-+ More information at: http://www.linuximq.net/
-+
-+ To compile this driver as a module, choose M here: the module
-+ will be called imq. If unsure, say N.
-+
-+choice
-+ prompt "IMQ behavior (PRE/POSTROUTING)"
-+ depends on IMQ
-+ default IMQ_BEHAVIOR_AB
-+ help
-+
-+ This settings defines how IMQ behaves in respect to its
-+ hooking in PREROUTING and POSTROUTING.
-+
-+ IMQ can work in any of the following ways:
-+
-+ PREROUTING | POSTROUTING
-+ -----------------|-------------------
-+ #1 After NAT | After NAT
-+ #2 After NAT | Before NAT
-+ #3 Before NAT | After NAT
-+ #4 Before NAT | Before NAT
-+
-+ The default behavior is to hook before NAT on PREROUTING
-+ and after NAT on POSTROUTING (#3).
-+
-+ This settings are specially usefull when trying to use IMQ
-+ to shape NATed clients.
-+
-+ More information can be found at: www.linuximq.net
-+
-+ If not sure leave the default settings alone.
-+
-+config IMQ_BEHAVIOR_AA
-+ bool "IMQ AA"
-+ help
-+ This settings defines how IMQ behaves in respect to its
-+ hooking in PREROUTING and POSTROUTING.
-+
-+ Choosing this option will make IMQ hook like this:
-+
-+ PREROUTING: After NAT
-+ POSTROUTING: After NAT
-+
-+ More information can be found at: www.linuximq.net
-+
-+ If not sure leave the default settings alone.
-+
-+config IMQ_BEHAVIOR_AB
-+ bool "IMQ AB"
-+ help
-+ This settings defines how IMQ behaves in respect to its
-+ hooking in PREROUTING and POSTROUTING.
-+
-+ Choosing this option will make IMQ hook like this:
-+
-+ PREROUTING: After NAT
-+ POSTROUTING: Before NAT
-+
-+ More information can be found at: www.linuximq.net
-+
-+ If not sure leave the default settings alone.
-+
-+config IMQ_BEHAVIOR_BA
-+ bool "IMQ BA"
-+ help
-+ This settings defines how IMQ behaves in respect to its
-+ hooking in PREROUTING and POSTROUTING.
-+
-+ Choosing this option will make IMQ hook like this:
-+
-+ PREROUTING: Before NAT
-+ POSTROUTING: After NAT
-+
-+ More information can be found at: www.linuximq.net
-+
-+ If not sure leave the default settings alone.
-+
-+config IMQ_BEHAVIOR_BB
-+ bool "IMQ BB"
-+ help
-+ This settings defines how IMQ behaves in respect to its
-+ hooking in PREROUTING and POSTROUTING.
-+
-+ Choosing this option will make IMQ hook like this:
-+
-+ PREROUTING: Before NAT
-+ POSTROUTING: Before NAT
-+
-+ More information can be found at: www.linuximq.net
-+
-+ If not sure leave the default settings alone.
-+
-+endchoice
-+
-+config IMQ_NUM_DEVS
-+
-+ int "Number of IMQ devices"
-+ range 2 16
-+ depends on IMQ
-+ default "16"
-+ help
-+
-+ This settings defines how many IMQ devices will be
-+ created.
-+
-+ The default value is 16.
-+
-+ More information can be found at: www.linuximq.net
-+
-+ If not sure leave the default settings alone.
-+
- config TUN
- tristate "Universal TUN/TAP device driver support"
- select CRC32
-diff -uNr --exclude='*~' linux-2.6.27.21/drivers/net/Makefile linux-2.6.27.21-imq/drivers/net/Makefile
---- linux-2.6.27.21/drivers/net/Makefile 2009-03-24 00:04:09.000000000 +0200
-+++ linux-2.6.27.21-imq/drivers/net/Makefile 2009-04-20 23:48:35.702017146 +0300
-@@ -144,6 +144,7 @@
- obj-$(CONFIG_XEN_NETDEV_FRONTEND) += xen-netfront.o
-
- obj-$(CONFIG_DUMMY) += dummy.o
-+obj-$(CONFIG_IMQ) += imq.o
- obj-$(CONFIG_IFB) += ifb.o
- obj-$(CONFIG_MACVLAN) += macvlan.o
- obj-$(CONFIG_DE600) += de600.o
-diff -uNr --exclude='*~' linux-2.6.27.21/include/linux/imq.h linux-2.6.27.21-imq/include/linux/imq.h
---- linux-2.6.27.21/include/linux/imq.h 1970-01-01 02:00:00.000000000 +0200
-+++ linux-2.6.27.21-imq/include/linux/imq.h 2009-04-20 23:48:35.702017146 +0300
-@@ -0,0 +1,13 @@
-+#ifndef _IMQ_H
-+#define _IMQ_H
-+
-+/* IFMASK (16 device indexes, 0 to 15) and flag(s) fit in 5 bits */
-+#define IMQ_F_BITS 5
-+
-+#define IMQ_F_IFMASK 0x0f
-+#define IMQ_F_ENQUEUE 0x10
-+
-+#define IMQ_MAX_DEVS (IMQ_F_IFMASK + 1)
-+
-+#endif /* _IMQ_H */
-+
-diff -uNr --exclude='*~' linux-2.6.27.21/include/linux/netdevice.h linux-2.6.27.21-imq/include/linux/netdevice.h
---- linux-2.6.27.21/include/linux/netdevice.h 2009-03-24 00:04:09.000000000 +0200
-+++ linux-2.6.27.21-imq/include/linux/netdevice.h 2009-04-20 23:48:35.703017245 +0300
-@@ -915,6 +915,7 @@
- extern int dev_open(struct net_device *dev);
- extern int dev_close(struct net_device *dev);
- extern void dev_disable_lro(struct net_device *dev);
-+extern struct netdev_queue *dev_pick_tx(struct net_device *dev, struct sk_buff *skb);
- extern int dev_queue_xmit(struct sk_buff *skb);
- extern int register_netdevice(struct net_device *dev);
- extern void unregister_netdevice(struct net_device *dev);
-diff -uNr --exclude='*~' linux-2.6.27.21/include/linux/netfilter/xt_IMQ.h linux-2.6.27.21-imq/include/linux/netfilter/xt_IMQ.h
---- linux-2.6.27.21/include/linux/netfilter/xt_IMQ.h 1970-01-01 02:00:00.000000000 +0200
-+++ linux-2.6.27.21-imq/include/linux/netfilter/xt_IMQ.h 2009-04-20 23:48:35.703017245 +0300
-@@ -0,0 +1,9 @@
-+#ifndef _XT_IMQ_H
-+#define _XT_IMQ_H
-+
-+struct xt_imq_info {
-+ unsigned int todev; /* target imq device */
-+};
-+
-+#endif /* _XT_IMQ_H */
-+
-diff -uNr --exclude='*~' linux-2.6.27.21/include/linux/netfilter_ipv4/ipt_IMQ.h linux-2.6.27.21-imq/include/linux/netfilter_ipv4/ipt_IMQ.h
---- linux-2.6.27.21/include/linux/netfilter_ipv4/ipt_IMQ.h 1970-01-01 02:00:00.000000000 +0200
-+++ linux-2.6.27.21-imq/include/linux/netfilter_ipv4/ipt_IMQ.h 2009-04-20 23:48:35.703017245 +0300
-@@ -0,0 +1,10 @@
-+#ifndef _IPT_IMQ_H
-+#define _IPT_IMQ_H
-+
-+/* Backwards compatibility for old userspace */
-+#include <linux/netfilter/xt_IMQ.h>
-+
-+#define ipt_imq_info xt_imq_info
-+
-+#endif /* _IPT_IMQ_H */
-+
-diff -uNr --exclude='*~' linux-2.6.27.21/include/linux/netfilter_ipv6/ip6t_IMQ.h linux-2.6.27.21-imq/include/linux/netfilter_ipv6/ip6t_IMQ.h
---- linux-2.6.27.21/include/linux/netfilter_ipv6/ip6t_IMQ.h 1970-01-01 02:00:00.000000000 +0200
-+++ linux-2.6.27.21-imq/include/linux/netfilter_ipv6/ip6t_IMQ.h 2009-04-20 23:48:35.704017144 +0300
-@@ -0,0 +1,10 @@
-+#ifndef _IP6T_IMQ_H
-+#define _IP6T_IMQ_H
-+
-+/* Backwards compatibility for old userspace */
-+#include <linux/netfilter/xt_IMQ.h>
-+
-+#define ip6t_imq_info xt_imq_info
-+
-+#endif /* _IP6T_IMQ_H */
-+
-diff -uNr --exclude='*~' linux-2.6.27.21/include/linux/skbuff.h linux-2.6.27.21-imq/include/linux/skbuff.h
---- linux-2.6.27.21/include/linux/skbuff.h 2009-03-24 00:04:09.000000000 +0200
-+++ linux-2.6.27.21-imq/include/linux/skbuff.h 2009-04-20 23:48:35.704017144 +0300
-@@ -28,6 +28,9 @@
- #include <linux/rcupdate.h>
- #include <linux/dmaengine.h>
- #include <linux/hrtimer.h>
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+#include <linux/imq.h>
-+#endif
-
- #define HAVE_ALLOC_SKB /* For the drivers to know */
- #define HAVE_ALIGNABLE_SKB /* Ditto 8) */
-@@ -272,6 +275,9 @@
- * first. This is owned by whoever has the skb queued ATM.
- */
- char cb[48];
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+ void *cb_next;
-+#endif
-
- unsigned int len,
- data_len;
-@@ -302,6 +308,9 @@
- struct nf_conntrack *nfct;
- struct sk_buff *nfct_reasm;
- #endif
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+ struct nf_queue_entry *nf_queue_entry;
-+#endif
- #ifdef CONFIG_BRIDGE_NETFILTER
- struct nf_bridge_info *nf_bridge;
- #endif
-@@ -321,6 +330,9 @@
- __u8 do_not_encrypt:1;
- #endif
- /* 0/13/14 bit hole */
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+ __u8 imq_flags:IMQ_F_BITS;
-+#endif
-
- #ifdef CONFIG_NET_DMA
- dma_cookie_t dma_cookie;
-@@ -353,6 +365,12 @@
-
- #include <asm/system.h>
-
-+
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+extern int skb_save_cb(struct sk_buff *skb);
-+extern int skb_restore_cb(struct sk_buff *skb);
-+#endif
-+
- extern void kfree_skb(struct sk_buff *skb);
- extern void __kfree_skb(struct sk_buff *skb);
- extern struct sk_buff *__alloc_skb(unsigned int size,
-@@ -1633,6 +1651,10 @@
- dst->nfct_reasm = src->nfct_reasm;
- nf_conntrack_get_reasm(src->nfct_reasm);
- #endif
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+ dst->imq_flags = src->imq_flags;
-+ dst->nf_queue_entry = src->nf_queue_entry;
-+#endif
- #ifdef CONFIG_BRIDGE_NETFILTER
- dst->nf_bridge = src->nf_bridge;
- nf_bridge_get(src->nf_bridge);
-diff -uNr --exclude='*~' linux-2.6.27.21/include/net/netfilter/nf_queue.h linux-2.6.27.21-imq/include/net/netfilter/nf_queue.h
---- linux-2.6.27.21/include/net/netfilter/nf_queue.h 2009-03-24 00:04:09.000000000 +0200
-+++ linux-2.6.27.21-imq/include/net/netfilter/nf_queue.h 2009-04-20 23:48:35.704017144 +0300
-@@ -13,6 +13,12 @@
- struct net_device *indev;
- struct net_device *outdev;
- int (*okfn)(struct sk_buff *);
-+
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+ int (*next_outfn)(struct nf_queue_entry *entry,
-+ unsigned int queuenum);
-+ unsigned int next_queuenum;
-+#endif
- };
-
- #define nf_queue_entry_reroute(x) ((void *)x + sizeof(struct nf_queue_entry))
-@@ -30,5 +36,11 @@
- const struct nf_queue_handler *qh);
- extern void nf_unregister_queue_handlers(const struct nf_queue_handler *qh);
- extern void nf_reinject(struct nf_queue_entry *entry, unsigned int verdict);
-+extern void nf_queue_entry_release_refs(struct nf_queue_entry *entry);
-+
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+extern void nf_register_queue_imq_handler(const struct nf_queue_handler *qh);
-+extern void nf_unregister_queue_imq_handler(void);
-+#endif
-
- #endif /* _NF_QUEUE_H */
-diff -uNr --exclude='*~' linux-2.6.27.21/net/core/dev.c linux-2.6.27.21-imq/net/core/dev.c
---- linux-2.6.27.21/net/core/dev.c 2009-03-24 00:04:09.000000000 +0200
-+++ linux-2.6.27.21-imq/net/core/dev.c 2009-04-20 23:48:35.706016975 +0300
-@@ -96,6 +96,9 @@
- #include <net/net_namespace.h>
- #include <net/sock.h>
- #include <linux/rtnetlink.h>
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+#include <linux/imq.h>
-+#endif
- #include <linux/proc_fs.h>
- #include <linux/seq_file.h>
- #include <linux/stat.h>
-@@ -1624,7 +1627,11 @@
- struct netdev_queue *txq)
- {
- if (likely(!skb->next)) {
-- if (!list_empty(&ptype_all))
-+ if (!list_empty(&ptype_all)
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+ && !(skb->imq_flags & IMQ_F_ENQUEUE)
-+#endif
-+ )
- dev_queue_xmit_nit(skb, dev);
-
- if (netif_needs_gso(dev, skb)) {
-@@ -1715,8 +1722,7 @@
- return (u16) (((u64) hash * dev->real_num_tx_queues) >> 32);
- }
-
--static struct netdev_queue *dev_pick_tx(struct net_device *dev,
-- struct sk_buff *skb)
-+struct netdev_queue *dev_pick_tx(struct net_device *dev, struct sk_buff *skb)
- {
- u16 queue_index = 0;
-
-@@ -1728,6 +1734,7 @@
- skb_set_queue_mapping(skb, queue_index);
- return netdev_get_tx_queue(dev, queue_index);
- }
-+EXPORT_SYMBOL(dev_pick_tx);
-
- /**
- * dev_queue_xmit - transmit a buffer
-diff -uNr --exclude='*~' linux-2.6.27.21/net/core/skbuff.c linux-2.6.27.21-imq/net/core/skbuff.c
---- linux-2.6.27.21/net/core/skbuff.c 2009-03-24 00:04:09.000000000 +0200
-+++ linux-2.6.27.21-imq/net/core/skbuff.c 2009-04-20 23:48:35.707017089 +0300
-@@ -69,6 +69,9 @@
-
- static struct kmem_cache *skbuff_head_cache __read_mostly;
- static struct kmem_cache *skbuff_fclone_cache __read_mostly;
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+static struct kmem_cache *skbuff_cb_store_cache __read_mostly;
-+#endif
-
- static void sock_pipe_buf_release(struct pipe_inode_info *pipe,
- struct pipe_buffer *buf)
-@@ -88,6 +91,80 @@
- return 1;
- }
-
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+/* Control buffer save/restore for IMQ devices */
-+struct skb_cb_table {
-+ void *cb_next;
-+ atomic_t refcnt;
-+ char cb[48];
-+};
-+
-+static DEFINE_SPINLOCK(skb_cb_store_lock);
-+
-+int skb_save_cb(struct sk_buff *skb)
-+{
-+ struct skb_cb_table *next;
-+
-+ next = kmem_cache_alloc(skbuff_cb_store_cache, GFP_ATOMIC);
-+ if (!next)
-+ return -ENOMEM;
-+
-+ BUILD_BUG_ON(sizeof(skb->cb) != sizeof(next->cb));
-+
-+ memcpy(next->cb, skb->cb, sizeof(skb->cb));
-+ next->cb_next = skb->cb_next;
-+
-+ atomic_set(&next->refcnt, 1);
-+
-+ skb->cb_next = next;
-+ return 0;
-+}
-+EXPORT_SYMBOL(skb_save_cb);
-+
-+int skb_restore_cb(struct sk_buff *skb)
-+{
-+ struct skb_cb_table *next;
-+
-+ if (!skb->cb_next)
-+ return 0;
-+
-+ next = skb->cb_next;
-+
-+ BUILD_BUG_ON(sizeof(skb->cb) != sizeof(next->cb));
-+
-+ memcpy(skb->cb, next->cb, sizeof(skb->cb));
-+ skb->cb_next = next->cb_next;
-+
-+ spin_lock(&skb_cb_store_lock);
-+
-+ if (atomic_dec_and_test(&next->refcnt)) {
-+ kmem_cache_free(skbuff_cb_store_cache, next);
-+ }
-+
-+ spin_unlock(&skb_cb_store_lock);
-+
-+ return 0;
-+}
-+EXPORT_SYMBOL(skb_restore_cb);
-+
-+static void skb_copy_stored_cb(struct sk_buff *new, struct sk_buff *old)
-+{
-+ struct skb_cb_table *next;
-+
-+ if (!old->cb_next) {
-+ new->cb_next = 0;
-+ return;
-+ }
-+
-+ spin_lock(&skb_cb_store_lock);
-+
-+ next = old->cb_next;
-+ atomic_inc(&next->refcnt);
-+ new->cb_next = next;
-+
-+ spin_unlock(&skb_cb_store_lock);
-+}
-+#endif
-
- /* Pipe buffer operations for a socket. */
- static struct pipe_buf_operations sock_pipe_buf_ops = {
-@@ -362,6 +439,15 @@
- WARN_ON(in_irq());
- skb->destructor(skb);
- }
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+ /* This should not happen. When it does, avoid memleak by restoring
-+ the chain of cb-backups. */
-+ while(skb->cb_next != NULL) {
-+ printk(KERN_WARNING "kfree_skb: skb->cb_next: %08x\n",
-+ skb->cb_next);
-+ skb_restore_cb(skb);
-+ }
-+#endif
- #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
- nf_conntrack_put(skb->nfct);
- nf_conntrack_put_reasm(skb->nfct_reasm);
-@@ -424,6 +510,9 @@
- new->sp = secpath_get(old->sp);
- #endif
- memcpy(new->cb, old->cb, sizeof(old->cb));
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+ skb_copy_stored_cb(new, old);
-+#endif
- new->csum_start = old->csum_start;
- new->csum_offset = old->csum_offset;
- new->local_df = old->local_df;
-@@ -2326,6 +2415,13 @@
- 0,
- SLAB_HWCACHE_ALIGN|SLAB_PANIC,
- NULL);
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+ skbuff_cb_store_cache = kmem_cache_create("skbuff_cb_store_cache",
-+ sizeof(struct skb_cb_table),
-+ 0,
-+ SLAB_HWCACHE_ALIGN|SLAB_PANIC,
-+ NULL);
-+#endif
- }
-
- /**
-diff -uNr --exclude='*~' linux-2.6.27.21/net/netfilter/Kconfig linux-2.6.27.21-imq/net/netfilter/Kconfig
---- linux-2.6.27.21/net/netfilter/Kconfig 2009-03-24 00:04:09.000000000 +0200
-+++ linux-2.6.27.21-imq/net/netfilter/Kconfig 2009-04-20 23:48:35.707017089 +0300
-@@ -342,6 +342,18 @@
-
- To compile it as a module, choose M here. If unsure, say N.
-
-+config NETFILTER_XT_TARGET_IMQ
-+ tristate '"IMQ" target support'
-+ depends on NETFILTER_XTABLES
-+ depends on IP_NF_MANGLE || IP6_NF_MANGLE
-+ select IMQ
-+ default m if NETFILTER_ADVANCED=n
-+ help
-+ This option adds a `IMQ' target which is used to specify if and
-+ to which imq device packets should get enqueued/dequeued.
-+
-+ To compile it as a module, choose M here. If unsure, say N.
-+
- config NETFILTER_XT_TARGET_MARK
- tristate '"MARK" target support'
- depends on NETFILTER_XTABLES
-diff -uNr --exclude='*~' linux-2.6.27.21/net/netfilter/Makefile linux-2.6.27.21-imq/net/netfilter/Makefile
---- linux-2.6.27.21/net/netfilter/Makefile 2009-03-24 00:04:09.000000000 +0200
-+++ linux-2.6.27.21-imq/net/netfilter/Makefile 2009-04-20 23:48:35.707017089 +0300
-@@ -42,6 +42,7 @@
- obj-$(CONFIG_NETFILTER_XT_TARGET_CONNMARK) += xt_CONNMARK.o
- obj-$(CONFIG_NETFILTER_XT_TARGET_CONNSECMARK) += xt_CONNSECMARK.o
- obj-$(CONFIG_NETFILTER_XT_TARGET_DSCP) += xt_DSCP.o
-+obj-$(CONFIG_NETFILTER_XT_TARGET_IMQ) += xt_IMQ.o
- obj-$(CONFIG_NETFILTER_XT_TARGET_MARK) += xt_MARK.o
- obj-$(CONFIG_NETFILTER_XT_TARGET_NFLOG) += xt_NFLOG.o
- obj-$(CONFIG_NETFILTER_XT_TARGET_NFQUEUE) += xt_NFQUEUE.o
-diff -uNr --exclude='*~' linux-2.6.27.21/net/netfilter/nf_queue.c linux-2.6.27.21-imq/net/netfilter/nf_queue.c
---- linux-2.6.27.21/net/netfilter/nf_queue.c 2009-03-24 00:04:09.000000000 +0200
-+++ linux-2.6.27.21-imq/net/netfilter/nf_queue.c 2009-04-20 23:48:35.708017126 +0300
-@@ -20,6 +20,26 @@
-
- static DEFINE_MUTEX(queue_handler_mutex);
-
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+static const struct nf_queue_handler *queue_imq_handler;
-+
-+void nf_register_queue_imq_handler(const struct nf_queue_handler *qh)
-+{
-+ mutex_lock(&queue_handler_mutex);
-+ rcu_assign_pointer(queue_imq_handler, qh);
-+ mutex_unlock(&queue_handler_mutex);
-+}
-+EXPORT_SYMBOL(nf_register_queue_imq_handler);
-+
-+void nf_unregister_queue_imq_handler(void)
-+{
-+ mutex_lock(&queue_handler_mutex);
-+ rcu_assign_pointer(queue_imq_handler, NULL);
-+ mutex_unlock(&queue_handler_mutex);
-+}
-+EXPORT_SYMBOL(nf_unregister_queue_imq_handler);
-+#endif
-+
- /* return EBUSY when somebody else is registered, return EEXIST if the
- * same handler is registered, return 0 in case of success. */
- int nf_register_queue_handler(int pf, const struct nf_queue_handler *qh)
-@@ -80,7 +100,7 @@
- }
- EXPORT_SYMBOL_GPL(nf_unregister_queue_handlers);
-
--static void nf_queue_entry_release_refs(struct nf_queue_entry *entry)
-+void nf_queue_entry_release_refs(struct nf_queue_entry *entry)
- {
- /* Release those devices we held, or Alexey will kill me. */
- if (entry->indev)
-@@ -100,6 +120,7 @@
- /* Drop reference to owner of hook which queued us. */
- module_put(entry->elem->owner);
- }
-+EXPORT_SYMBOL_GPL(nf_queue_entry_release_refs);
-
- /*
- * Any packet that leaves via this function must come back
-@@ -121,12 +142,26 @@
- #endif
- const struct nf_afinfo *afinfo;
- const struct nf_queue_handler *qh;
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+ const struct nf_queue_handler *qih = NULL;
-+#endif
-
- /* QUEUE == DROP if noone is waiting, to be safe. */
- rcu_read_lock();
-
- qh = rcu_dereference(queue_handler[pf]);
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
-+ if (pf == PF_INET || pf == PF_INET6)
-+#else
-+ if (pf == PF_INET)
-+#endif
-+ qih = rcu_dereference(queue_imq_handler);
-+
-+ if (!qh && !qih)
-+#else /* !IMQ */
- if (!qh)
-+#endif
- goto err_unlock;
-
- afinfo = nf_get_afinfo(pf);
-@@ -145,6 +180,10 @@
- .indev = indev,
- .outdev = outdev,
- .okfn = okfn,
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+ .next_outfn = qh ? qh->outfn : NULL,
-+ .next_queuenum = queuenum,
-+#endif
- };
-
- /* If it's going away, ignore hook. */
-@@ -170,8 +209,19 @@
- }
- #endif
- afinfo->saveroute(skb, entry);
-+
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+ if (qih) {
-+ status = qih->outfn(entry, queuenum);
-+ goto imq_skip_queue;
-+ }
-+#endif
-+
- status = qh->outfn(entry, queuenum);
-
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+imq_skip_queue:
-+#endif
- rcu_read_unlock();
-
- if (status < 0) {
-diff -uNr --exclude='*~' linux-2.6.27.21/net/netfilter/xt_IMQ.c linux-2.6.27.21-imq/net/netfilter/xt_IMQ.c
---- linux-2.6.27.21/net/netfilter/xt_IMQ.c 1970-01-01 02:00:00.000000000 +0200
-+++ linux-2.6.27.21-imq/net/netfilter/xt_IMQ.c 2009-04-20 23:48:35.708017126 +0300
-@@ -0,0 +1,81 @@
-+/*
-+ * This target marks packets to be enqueued to an imq device
-+ */
-+#include <linux/module.h>
-+#include <linux/skbuff.h>
-+#include <linux/netfilter/x_tables.h>
-+#include <linux/netfilter/xt_IMQ.h>
-+#include <linux/imq.h>
-+
-+static unsigned int imq_target(struct sk_buff *pskb,
-+ const struct net_device *in,
-+ const struct net_device *out,
-+ unsigned int hooknum,
-+ const struct xt_target *target,
-+ const void *targinfo)
-+{
-+ const struct xt_imq_info *mr = targinfo;
-+
-+ pskb->imq_flags = (mr->todev & IMQ_F_IFMASK) | IMQ_F_ENQUEUE;
-+
-+ return XT_CONTINUE;
-+}
-+
-+static bool imq_checkentry(const char *tablename,
-+ const void *entry,
-+ const struct xt_target *target,
-+ void *targinfo,
-+ unsigned int hook_mask)
-+{
-+ struct xt_imq_info *mr = targinfo;
-+
-+ if (mr->todev > IMQ_MAX_DEVS - 1) {
-+ printk(KERN_WARNING
-+ "IMQ: invalid device specified, highest is %u\n",
-+ IMQ_MAX_DEVS - 1);
-+ return 0;
-+ }
-+
-+ return 1;
-+}
-+
-+static struct xt_target xt_imq_reg[] __read_mostly = {
-+ {
-+ .name = "IMQ",
-+ .family = AF_INET,
-+ .target = imq_target,
-+ .targetsize = sizeof(struct xt_imq_info),
-+ .table = "mangle",
-+ .checkentry = imq_checkentry,
-+ .me = THIS_MODULE
-+ },
-+ {
-+ .name = "IMQ",
-+ .family = AF_INET6,
-+ .target = imq_target,
-+ .targetsize = sizeof(struct xt_imq_info),
-+ .table = "mangle",
-+ .checkentry = imq_checkentry,
-+ .me = THIS_MODULE
-+ },
-+};
-+
-+static int __init imq_init(void)
-+{
-+ return xt_register_targets(xt_imq_reg, ARRAY_SIZE(xt_imq_reg));
-+}
-+
-+static void __exit imq_fini(void)
-+{
-+ xt_unregister_targets(xt_imq_reg, ARRAY_SIZE(xt_imq_reg));
-+}
-+
-+module_init(imq_init);
-+module_exit(imq_fini);
-+
-+MODULE_AUTHOR("http://www.linuximq.net");
-+MODULE_DESCRIPTION("Pseudo-driver for the intermediate queue device. See http://www.linuximq.net/ for more information.");
-+MODULE_LICENSE("GPL");
-+MODULE_ALIAS("ipt_IMQ");
-+MODULE_ALIAS("ip6t_IMQ");
-+
projects / people / pmueller / ipfire-2.x.git / commitdiff
