Re: linux-2.4 CLASSIFY patch.

Unknown <borg@xxxxxxx> · Wed, 5 Mar 2008 16:05:01 +0100 (CET)

CLASSIFY sources has been taken from:
https://svn.netfilter.org/netfilter/branches/patch-o-matic-ng/
linux-2.6.11/CLASSIFY

On Wed, 5 Mar 2008, Patrick McHardy wrote:
Unknown wrote:
On Wed, 5 Mar 2008, Patrick McHardy wrote:
If you send a patch against 2.4 I can review and ACK it.

Done.

Patch created against latest stable 2.4 tree: 2.4.36.2
ftp://borg.uu3.net/home/borg/patch/linux-2.4-classify.patch


Please send as attachment and CC netfilter-devel@xxxxxxxxxxxxxxx
and Willy Tareau.
diff -ubrN linux-2.4.36.2.orig/Documentation/Configure.help linux-2.4.36.2/Documentation/Configure.help

--- linux-2.4.36.2.orig/Documentation/Configure.help	Sun Feb 24 21:38:03 2008
+++ linux-2.4.36.2/Documentation/Configure.help	Wed Mar  5 13:48:19 2008
@@ -3209,6 +3209,17 @@
   If you want to compile it as a module, say M here and read
   <file:Documentation/modules.txt>.  If unsure, say `N'.
 
+CLASSIFY target support
+CONFIG_IP_NF_TARGET_CLASSIFY
+  This option adds a `CLASSIFY' target, which enables the user to set
+  the priority of a packet. Some qdiscs can use this value for classification,
+  among these are:
+
+  atm, cbq, dsmark, pfifo_fast, htb, prio
+
+  If you want to compile it as a module, say M here and read
+  Documentation/modules.txt.  If unsure, say `N'.
+
 ipchains (2.2-style) support
 CONFIG_IP_NF_COMPAT_IPCHAINS
   This option places ipchains (with masquerading and redirection
diff -ubrN linux-2.4.36.2.orig/include/linux/netfilter_ipv4/ipt_CLASSIFY.h linux-2.4.36.2/include/linux/netfilter_ipv4/ipt_CLASSIFY.h
--- linux-2.4.36.2.orig/include/linux/netfilter_ipv4/ipt_CLASSIFY.h	Thu Jan  1 01:00:00 1970
+++ linux-2.4.36.2/include/linux/netfilter_ipv4/ipt_CLASSIFY.h	Wed Mar  5 13:46:29 2008
@@ -0,0 +1,8 @@
+#ifndef _IPT_CLASSIFY_H
+#define _IPT_CLASSIFY_H
+
+struct ipt_classify_target_info {
+	u_int32_t priority;
+};
+
+#endif /*_IPT_CLASSIFY_H */
diff -ubrN linux-2.4.36.2.orig/net/ipv4/netfilter/Config.in linux-2.4.36.2/net/ipv4/netfilter/Config.in
--- linux-2.4.36.2.orig/net/ipv4/netfilter/Config.in	Sun Feb 24 21:38:03 2008
+++ linux-2.4.36.2/net/ipv4/netfilter/Config.in	Wed Mar  5 13:50:01 2008
@@ -103,6 +103,7 @@
     dep_tristate '    DSCP target support' CONFIG_IP_NF_TARGET_DSCP $CONFIG_IP_NF_MANGLE
  
     dep_tristate '    MARK target support' CONFIG_IP_NF_TARGET_MARK $CONFIG_IP_NF_MANGLE
+    dep_tristate '    CLASSIFY target support (EXPERIMENTAL)' CONFIG_IP_NF_TARGET_CLASSIFY $CONFIG_IP_NF_MANGLE
   fi
   dep_tristate '  LOG target support' CONFIG_IP_NF_TARGET_LOG $CONFIG_IP_NF_IPTABLES
   dep_tristate '  ULOG target support' CONFIG_IP_NF_TARGET_ULOG $CONFIG_IP_NF_IPTABLES
diff -ubrN linux-2.4.36.2.orig/net/ipv4/netfilter/Makefile linux-2.4.36.2/net/ipv4/netfilter/Makefile
--- linux-2.4.36.2.orig/net/ipv4/netfilter/Makefile	Sun Feb 24 21:38:03 2008
+++ linux-2.4.36.2/net/ipv4/netfilter/Makefile	Wed Mar  5 13:50:23 2008
@@ -89,6 +89,7 @@
 
 # targets
 obj-$(CONFIG_IP_NF_TARGET_REJECT) += ipt_REJECT.o
+obj-$(CONFIG_IP_NF_TARGET_CLASSIFY) += ipt_CLASSIFY.o
 obj-$(CONFIG_IP_NF_TARGET_MIRROR) += ipt_MIRROR.o
 obj-$(CONFIG_IP_NF_TARGET_TOS) += ipt_TOS.o
 obj-$(CONFIG_IP_NF_TARGET_ECN) += ipt_ECN.o
diff -ubrN linux-2.4.36.2.orig/net/ipv4/netfilter/ipt_CLASSIFY.c linux-2.4.36.2/net/ipv4/netfilter/ipt_CLASSIFY.c
--- linux-2.4.36.2.orig/net/ipv4/netfilter/ipt_CLASSIFY.c	Thu Jan  1 01:00:00 1970
+++ linux-2.4.36.2/net/ipv4/netfilter/ipt_CLASSIFY.c	Wed Mar  5 13:49:00 2008
@@ -0,0 +1,82 @@
+/*
+ * This is a module which is used for setting the skb->priority field
+ * of an skb for qdisc classification.
+ */
+
+#include <linux/module.h>
+#include <linux/skbuff.h>
+#include <linux/ip.h>
+#include <net/checksum.h>
+
+#include <linux/netfilter_ipv4/ip_tables.h>
+#include <linux/netfilter_ipv4/ipt_CLASSIFY.h>
+
+MODULE_AUTHOR("Patrick McHardy <kaber@xxxxxxxxx>");
+MODULE_LICENSE("GPL");
+MODULE_DESCRIPTION("iptables qdisc classification target module");
+
+static unsigned int
+target(struct sk_buff **pskb,
+       unsigned int hooknum,
+       const struct net_device *in,
+       const struct net_device *out,
+       const void *targinfo,
+       void *userinfo)
+{
+	const struct ipt_classify_target_info *clinfo = targinfo;
+
+	if((*pskb)->priority != clinfo->priority) {
+		(*pskb)->priority = clinfo->priority;
+		(*pskb)->nfcache |= NFC_ALTERED;
+	}
+
+	return IPT_CONTINUE;
+}
+
+static int
+checkentry(const char *tablename,
+           const struct ipt_entry *e,
+           void *targinfo,
+           unsigned int targinfosize,
+           unsigned int hook_mask)
+{
+	if (targinfosize != IPT_ALIGN(sizeof(struct ipt_classify_target_info))){
+		printk(KERN_ERR "CLASSIFY: invalid size (%u != %u).\n",
+		       targinfosize,
+		       IPT_ALIGN(sizeof(struct ipt_classify_target_info)));
+		return 0;
+	}
+	
+	if (hook_mask & ~(1 << NF_IP_POST_ROUTING)) {
+		printk(KERN_ERR "CLASSIFY: only valid in POST_ROUTING.\n");
+		return 0;
+	}
+
+	if (strcmp(tablename, "mangle") != 0) {
+		printk(KERN_WARNING "CLASSIFY: can only be called from "
+		                    "\"mangle\" table, not \"%s\".\n",
+		                    tablename);
+		return 0;
+	}
+
+	return 1;
+}
+
+static struct ipt_target ipt_classify_reg
+= { { NULL, NULL }, "CLASSIFY", target, checkentry, NULL, THIS_MODULE };
+
+static int __init init(void)
+{
+	if (ipt_register_target(&ipt_classify_reg))
+		return -EINVAL;
+
+	return 0;
+}
+
+static void __exit fini(void)
+{
+	ipt_unregister_target(&ipt_classify_reg);
+}
+
+module_init(init);
+module_exit(fini);




