150-netfilter_imq.patch

Linux Home Server 是专门为家庭和SOHO/SMB 设计的高性价比的ISCSI 存储服务器, 具有如下的特色： 强大的iscsi 存储服务器软件； 混合iscsi 和NAS 服务；

+		to shape NATed clients.
+
+		More information can be found at: www.linuximq.net
+
+		If not sure leave the default settings alone.
+
+config IMQ_BEHAVIOR_AA
+	bool "IMQ AA"
+	help
+		This settings defines how IMQ behaves in respect to its
+		hooking in PREROUTING and POSTROUTING.
+
+		Choosing this option will make IMQ hook like this:
+
+		PREROUTING:   After NAT
+		POSTROUTING:  After NAT
+
+		More information can be found at: www.linuximq.net
+
+		If not sure leave the default settings alone.
+
+config IMQ_BEHAVIOR_AB
+	bool "IMQ AB"
+	help
+		This settings defines how IMQ behaves in respect to its
+		hooking in PREROUTING and POSTROUTING.
+
+		Choosing this option will make IMQ hook like this:
+
+		PREROUTING:   After NAT
+		POSTROUTING:  Before NAT
+
+		More information can be found at: www.linuximq.net
+
+		If not sure leave the default settings alone.
+
+config IMQ_BEHAVIOR_BA
+	bool "IMQ BA"
+	help
+		This settings defines how IMQ behaves in respect to its
+		hooking in PREROUTING and POSTROUTING.
+
+		Choosing this option will make IMQ hook like this:
+
+		PREROUTING:   Before NAT
+		POSTROUTING:  After NAT
+
+		More information can be found at: www.linuximq.net
+
+		If not sure leave the default settings alone.
+
+config IMQ_BEHAVIOR_BB
+	bool "IMQ BB"
+	help
+		This settings defines how IMQ behaves in respect to its
+		hooking in PREROUTING and POSTROUTING.
+
+		Choosing this option will make IMQ hook like this:
+
+		PREROUTING:   Before NAT
+		POSTROUTING:  Before NAT
+
+		More information can be found at: www.linuximq.net
+
+		If not sure leave the default settings alone.
+
+endchoice
+
+config IMQ_NUM_DEVS
+
+	int "Number of IMQ devices"
+	range 2 8
+	depends on IMQ
+	default "2"
+	help
+
+		This settings defines how many IMQ devices will be
+		created.
+
+		The default value is 2.
+
+		More information can be found at: www.linuximq.net
+
+		If not sure leave the default settings alone.
+
 config TUN
 	tristate "Universal TUN/TAP device driver support"
 	select CRC32
Index: linux-2.6.21.7/drivers/net/Makefile
===================================================================
--- linux-2.6.21.7.orig/drivers/net/Makefile
+++ linux-2.6.21.7/drivers/net/Makefile
@@ -124,6 +124,7 @@ obj-$(CONFIG_SLIP) += slip.o
 obj-$(CONFIG_SLHC) += slhc.o
 
 obj-$(CONFIG_DUMMY) += dummy.o
+obj-$(CONFIG_IMQ) += imq.o
 obj-$(CONFIG_IFB) += ifb.o
 obj-$(CONFIG_DE600) += de600.o
 obj-$(CONFIG_DE620) += de620.o
Index: linux-2.6.21.7/include/linux/imq.h
===================================================================
--- /dev/null
+++ linux-2.6.21.7/include/linux/imq.h
@@ -0,0 +1,9 @@
+#ifndef _IMQ_H
+#define _IMQ_H
+
+#define IMQ_MAX_DEVS   16
+
+#define IMQ_F_IFMASK   0x7f
+#define IMQ_F_ENQUEUE  0x80
+
+#endif /* _IMQ_H */
Index: linux-2.6.21.7/include/linux/netfilter_ipv4/ipt_IMQ.h
===================================================================
--- /dev/null
+++ linux-2.6.21.7/include/linux/netfilter_ipv4/ipt_IMQ.h
@@ -0,0 +1,8 @@
+#ifndef _IPT_IMQ_H
+#define _IPT_IMQ_H
+
+struct ipt_imq_info {
+	unsigned int todev;     /* target imq device */
+};
+
+#endif /* _IPT_IMQ_H */
Index: linux-2.6.21.7/include/linux/netfilter_ipv6/ip6t_IMQ.h
===================================================================
--- /dev/null
+++ linux-2.6.21.7/include/linux/netfilter_ipv6/ip6t_IMQ.h
@@ -0,0 +1,8 @@
+#ifndef _IP6T_IMQ_H
+#define _IP6T_IMQ_H
+
+struct ip6t_imq_info {
+	unsigned int todev;     /* target imq device */
+};
+
+#endif /* _IP6T_IMQ_H */
Index: linux-2.6.21.7/include/linux/skbuff.h
===================================================================
--- linux-2.6.21.7.orig/include/linux/skbuff.h
+++ linux-2.6.21.7/include/linux/skbuff.h
@@ -294,6 +294,10 @@ struct sk_buff {
 #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
 	struct sk_buff		*nfct_reasm;
 #endif
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+	unsigned char		imq_flags;
+	struct nf_info		*nf_info;
+#endif
 #ifdef CONFIG_BRIDGE_NETFILTER
 	struct nf_bridge_info	*nf_bridge;
 #endif
Index: linux-2.6.21.7/net/core/dev.c
===================================================================
--- linux-2.6.21.7.orig/net/core/dev.c
+++ linux-2.6.21.7/net/core/dev.c
@@ -94,6 +94,9 @@
 #include <linux/skbuff.h>
 #include <net/sock.h>
 #include <linux/rtnetlink.h>
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+#include <linux/imq.h>
+#endif
 #include <linux/proc_fs.h>
 #include <linux/seq_file.h>
 #include <linux/stat.h>
@@ -1340,7 +1343,11 @@ static int dev_gso_segment(struct sk_buf
 int dev_hard_start_xmit(struct sk_buff *skb, struct net_device *dev)
 {
 	if (likely(!skb->next)) {
-		if (netdev_nit)
+		if (netdev_nit
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+		    && !(skb->imq_flags & IMQ_F_ENQUEUE)
+#endif
+		    )
 			dev_queue_xmit_nit(skb, dev);
 
 		if (netif_needs_gso(dev, skb)) {
Index: linux-2.6.21.7/net/core/skbuff.c
===================================================================
--- linux-2.6.21.7.orig/net/core/skbuff.c
+++ linux-2.6.21.7/net/core/skbuff.c
@@ -430,6 +430,10 @@ struct sk_buff *skb_clone(struct sk_buff
 	C(nfct_reasm);
 	nf_conntrack_get_reasm(skb->nfct_reasm);
 #endif
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+	C(imq_flags);
+	C(nf_info);
+#endif /*CONFIG_IMQ*/
 #ifdef CONFIG_BRIDGE_NETFILTER
 	C(nf_bridge);
 	nf_bridge_get(skb->nf_bridge);
@@ -494,6 +498,10 @@ static void copy_skb_header(struct sk_bu
 #if defined(CONFIG_IP_VS) || defined(CONFIG_IP_VS_MODULE)
 	new->ipvs_property = old->ipvs_property;
 #endif
+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
+	new->imq_flags	= old->imq_flags;
+	new->nf_info	= old->nf_info;
+#endif /*CONFIG_IMQ*/
 #ifdef CONFIG_BRIDGE_NETFILTER
 	new->nf_bridge	= old->nf_bridge;
 	nf_bridge_get(old->nf_bridge);
Index: linux-2.6.21.7/net/ipv4/netfilter/ipt_IMQ.c
===================================================================
--- /dev/null
+++ linux-2.6.21.7/net/ipv4/netfilter/ipt_IMQ.c
@@ -0,0 +1,69 @@
+/*
+ * This target marks packets to be enqueued to an imq device
+ */
+#include <linux/module.h>
+#include <linux/skbuff.h>
+#include <linux/netfilter_ipv4/ip_tables.h>
+#include <linux/netfilter_ipv4/ipt_IMQ.h>
+#include <linux/imq.h>
+
+static unsigned int imq_target(struct sk_buff **pskb,
+			       const struct net_device *in,
+			       const struct net_device *out,
+			       unsigned int hooknum,
+			       const struct xt_target *target,
+			       const void *targinfo)
+{
+	struct ipt_imq_info *mr = (struct ipt_imq_info*)targinfo;
+
+	(*pskb)->imq_flags = mr->todev | IMQ_F_ENQUEUE;
+
+	return XT_CONTINUE;
+}
+
+static int imq_checkentry(const char *tablename,
+			  const void *e,
+			  const struct xt_target *target,
+			  void *targinfo,
+			  unsigned int hook_mask)
+{
+	struct ipt_imq_info *mr;
+
+	mr = (struct ipt_imq_info*)targinfo;
+
+	if (mr->todev > IMQ_MAX_DEVS) {
+		printk(KERN_WARNING
+		       "IMQ: invalid device specified, highest is %u\n",
+		       IMQ_MAX_DEVS);
+		return 0;
+	}
+
+	return 1;
+}
+
+static struct xt_target ipt_imq_reg = {
+	.name		= "IMQ",
+	.family		= AF_INET,
+	.target		= imq_target,
+	.targetsize	= sizeof(struct ipt_imq_info),
+	.checkentry	= imq_checkentry,
+	.me		= THIS_MODULE,
+	.table		= "mangle"
+};
+
+static int __init init(void)
+{
+	return xt_register_target(&ipt_imq_reg);
+}
+
+static void __exit fini(void)
+{
+	xt_unregister_target(&ipt_imq_reg);
+}
+
+module_init(init);
+module_exit(fini);
+
+MODULE_AUTHOR("http://www.linuximq.net");
+MODULE_DESCRIPTION("Pseudo-driver for the intermediate queue device. See http://www.linuximq.net/ for more information.");
+MODULE_LICENSE("GPL");
Index: linux-2.6.21.7/net/ipv4/netfilter/Kconfig
===================================================================
--- linux-2.6.21.7.orig/net/ipv4/netfilter/Kconfig
+++ linux-2.6.21.7/net/ipv4/netfilter/Kconfig
@@ -587,6 +587,17 @@ config IP_NF_MANGLE
 
 	  To compile it as a module, choose M here.  If unsure, say N.
 
+config IP_NF_TARGET_IMQ
+       tristate "IMQ target support"
+       depends on IP_NF_MANGLE
+       help
+         This option adds a `IMQ' target which is used to specify if and
+         to which IMQ device packets should get enqueued/dequeued.
+
+	 For more information visit: http://www.linuximq.net/
+
+         To compile it as a module, choose M here.  If unsure, say N.
+
 config IP_NF_TARGET_TOS
 	tristate "TOS target support"
 	depends on IP_NF_MANGLE
Index: linux-2.6.21.7/net/ipv4/netfilter/Makefile
===================================================================
--- linux-2.6.21.7.orig/net/ipv4/netfilter/Makefile
+++ linux-2.6.21.7/net/ipv4/netfilter/Makefile
@@ -99,6 +99,7 @@ obj-$(CONFIG_IP_NF_MATCH_IPP2P) += ipt_i
 obj-$(CONFIG_IP_NF_TARGET_REJECT) += ipt_REJECT.o
 obj-$(CONFIG_IP_NF_TARGET_TOS) += ipt_TOS.o
 obj-$(CONFIG_IP_NF_TARGET_ECN) += ipt_ECN.o
+obj-$(CONFIG_IP_NF_TARGET_IMQ) += ipt_IMQ.o
 obj-$(CONFIG_IP_NF_TARGET_MASQUERADE) += ipt_MASQUERADE.o
 obj-$(CONFIG_IP_NF_TARGET_REDIRECT) += ipt_REDIRECT.o
 obj-$(CONFIG_IP_NF_TARGET_NETMAP) += ipt_NETMAP.o
Index: linux-2.6.21.7/net/ipv6/netfilter/ip6t_IMQ.c
===================================================================
--- /dev/null
+++ linux-2.6.21.7/net/ipv6/netfilter/ip6t_IMQ.c
@@ -0,0 +1,69 @@
+/*
+ * This target marks packets to be enqueued to an imq device
+ */
+#include <linux/module.h>
+#include <linux/skbuff.h>
+#include <linux/netfilter_ipv6/ip6_tables.h>
+#include <linux/netfilter_ipv6/ip6t_IMQ.h>
+#include <linux/imq.h>
+
+static unsigned int imq_target(struct sk_buff **pskb,
+			       const struct net_device *in,
+			       const struct net_device *out,
+			       unsigned int hooknum,
+			       const struct xt_target *target,
+			       const void *targinfo)
+{
+	struct ip6t_imq_info *mr = (struct ip6t_imq_info*)targinfo;
+
+	(*pskb)->imq_flags = mr->todev | IMQ_F_ENQUEUE;
+
+	return XT_CONTINUE;
+}
+
+static int imq_checkentry(const char *tablename,
+			  const void *entry,
+			  const struct xt_target *target,
+			  void *targinfo,
+			  unsigned int hook_mask)
+{
+	struct ip6t_imq_info *mr;
+
+	mr = (struct ip6t_imq_info*)targinfo;
+
+	if (mr->todev > IMQ_MAX_DEVS) {
+		printk(KERN_WARNING
+		       "IMQ: invalid device specified, highest is %u\n",
+		       IMQ_MAX_DEVS);
+		return 0;
+	}
+
+	return 1;
+}
+
+static struct xt_target ip6t_imq_reg = {
+	.name           = "IMQ",
+	.family		= AF_INET6,
+	.target         = imq_target,
+	.targetsize	= sizeof(struct ip6t_imq_info),
+	.table		= "mangle",
+	.checkentry     = imq_checkentry,
+	.me             = THIS_MODULE
+};
+
+static int __init init(void)
+{
+	return xt_register_target(&ip6t_imq_reg);
+}
+
+static void __exit fini(void)
+{
+	xt_unregister_target(&ip6t_imq_reg);
+}
+
+module_init(init);
+module_exit(fini);
+
+MODULE_AUTHOR("http://www.linuximq.net");
+MODULE_DESCRIPTION("Pseudo-driver for the intermediate queue device. See http://www.linuximq.net/ for more information.");
+MODULE_LICENSE("GPL");
Index: linux-2.6.21.7/net/ipv6/netfilter/Kconfig
===================================================================
--- linux-2.6.21.7.orig/net/ipv6/netfilter/Kconfig
+++ linux-2.6.21.7/net/ipv6/netfilter/Kconfig
@@ -173,6 +173,15 @@ config IP6_NF_MANGLE
 
 	  To compile it as a module, choose M here.  If unsure, say N.
 
+config IP6_NF_TARGET_IMQ
+	tristate "IMQ target support"
+	depends on IP6_NF_MANGLE
+	help
+          This option adds a `IMQ' target which is used to specify if and
+          to which imq device packets should get enqueued/dequeued.
+
+          To compile it as a module, choose M here.  If unsure, say N.
+
 config IP6_NF_TARGET_HL
 	tristate  'HL (hoplimit) target support'
 	depends on IP6_NF_MANGLE
Index: linux-2.6.21.7/net/ipv6/netfilter/Makefile
===================================================================
--- linux-2.6.21.7.orig/net/ipv6/netfilter/Makefile
+++ linux-2.6.21.7/net/ipv6/netfilter/Makefile
@@ -13,6 +13,7 @@ obj-$(CONFIG_IP6_NF_MATCH_EUI64) += ip6t
 obj-$(CONFIG_IP6_NF_MATCH_OWNER) += ip6t_owner.o
 obj-$(CONFIG_IP6_NF_FILTER) += ip6table_filter.o
 obj-$(CONFIG_IP6_NF_MANGLE) += ip6table_mangle.o
+obj-$(CONFIG_IP6_NF_TARGET_IMQ) += ip6t_IMQ.o
 obj-$(CONFIG_IP6_NF_TARGET_HL) += ip6t_HL.o
 obj-$(CONFIG_IP6_NF_QUEUE) += ip6_queue.o
 obj-$(CONFIG_IP6_NF_TARGET_LOG) += ip6t_LOG.o
Index: linux-2.6.21.7/net/sched/sch_generic.c
===================================================================
--- linux-2.6.21.7.orig/net/sched/sch_generic.c
+++ linux-2.6.21.7/net/sched/sch_generic.c
@@ -87,7 +87,6 @@ void qdisc_unlock_tree(struct net_device
 
    NOTE: Called under dev->queue_lock with locally disabled BH.
 */
-
 static inline int qdisc_restart(struct net_device *dev)
 {
 	struct Qdisc *q = dev->qdisc;
@@ -181,6 +180,11 @@ requeue:
 	return q->q.qlen;
 }
 
+int qdisc_restart1(struct net_device *dev)
+{
+	return qdisc_restart(dev);
+}
+
 void __qdisc_run(struct net_device *dev)
 {
 	if (unlikely(dev->qdisc == &noop_qdisc))
@@ -617,3 +621,4 @@ EXPORT_SYMBOL(qdisc_destroy);
 EXPORT_SYMBOL(qdisc_reset);
 EXPORT_SYMBOL(qdisc_lock_tree);
 EXPORT_SYMBOL(qdisc_unlock_tree);
+EXPORT_SYMBOL(qdisc_restart1);