142 lines
4.2 KiB
Diff
142 lines
4.2 KiB
Diff
diff -Naur iptables-1.4.12.2/extensions/libxt_IMQ.c iptables-1.4.12.2-imq/extensions/libxt_IMQ.c
|
|
--- iptables-1.4.12.2/extensions/libxt_IMQ.c 1970-01-01 02:00:00.000000000 +0200
|
|
+++ iptables-1.4.12.2-imq/extensions/libxt_IMQ.c 2011-09-30 13:53:21.000000000 +0300
|
|
@@ -0,0 +1,105 @@
|
|
+/* Shared library add-on to iptables to add IMQ target support. */
|
|
+#include <stdio.h>
|
|
+#include <string.h>
|
|
+#include <stdlib.h>
|
|
+#include <getopt.h>
|
|
+
|
|
+#include <xtables.h>
|
|
+#include <linux/netfilter/x_tables.h>
|
|
+#include <linux/netfilter/xt_IMQ.h>
|
|
+
|
|
+/* Function which prints out usage message. */
|
|
+static void IMQ_help(void)
|
|
+{
|
|
+ printf(
|
|
+"IMQ target options:\n"
|
|
+" --todev <N> enqueue to imq<N>, defaults to 0\n");
|
|
+
|
|
+}
|
|
+
|
|
+static struct option IMQ_opts[] = {
|
|
+ { "todev", 1, 0, '1' },
|
|
+ { 0 }
|
|
+};
|
|
+
|
|
+/* Initialize the target. */
|
|
+static void IMQ_init(struct xt_entry_target *t)
|
|
+{
|
|
+ struct xt_imq_info *mr = (struct xt_imq_info*)t->data;
|
|
+
|
|
+ mr->todev = 0;
|
|
+}
|
|
+
|
|
+/* Function which parses command options; returns true if it
|
|
+ ate an option */
|
|
+static int IMQ_parse(int c, char **argv, int invert, unsigned int *flags,
|
|
+ const void *entry, struct xt_entry_target **target)
|
|
+{
|
|
+ struct xt_imq_info *mr = (struct xt_imq_info*)(*target)->data;
|
|
+
|
|
+ switch(c) {
|
|
+ case '1':
|
|
+/* if (xtables_check_inverse(optarg, &invert, NULL, 0, argv))
|
|
+ xtables_error(PARAMETER_PROBLEM,
|
|
+ "Unexpected `!' after --todev");
|
|
+*/
|
|
+ mr->todev=atoi(optarg);
|
|
+ break;
|
|
+
|
|
+ default:
|
|
+ return 0;
|
|
+ }
|
|
+ return 1;
|
|
+}
|
|
+
|
|
+/* Prints out the targinfo. */
|
|
+static void IMQ_print(const void *ip,
|
|
+ const struct xt_entry_target *target,
|
|
+ int numeric)
|
|
+{
|
|
+ struct xt_imq_info *mr = (struct xt_imq_info*)target->data;
|
|
+
|
|
+ printf("IMQ: todev %u ", mr->todev);
|
|
+}
|
|
+
|
|
+/* Saves the union ipt_targinfo in parsable form to stdout. */
|
|
+static void IMQ_save(const void *ip, const struct xt_entry_target *target)
|
|
+{
|
|
+ struct xt_imq_info *mr = (struct xt_imq_info*)target->data;
|
|
+
|
|
+ printf(" --todev %u", mr->todev);
|
|
+}
|
|
+
|
|
+static struct xtables_target imq_target = {
|
|
+ .name = "IMQ",
|
|
+ .version = XTABLES_VERSION,
|
|
+ .family = NFPROTO_IPV4,
|
|
+ .size = XT_ALIGN(sizeof(struct xt_imq_info)),
|
|
+ .userspacesize = XT_ALIGN(sizeof(struct xt_imq_info)),
|
|
+ .help = IMQ_help,
|
|
+ .init = IMQ_init,
|
|
+ .parse = IMQ_parse,
|
|
+ .print = IMQ_print,
|
|
+ .save = IMQ_save,
|
|
+ .extra_opts = IMQ_opts,
|
|
+};
|
|
+
|
|
+static struct xtables_target imq_target6 = {
|
|
+ .name = "IMQ",
|
|
+ .version = XTABLES_VERSION,
|
|
+ .family = NFPROTO_IPV6,
|
|
+ .size = XT_ALIGN(sizeof(struct xt_imq_info)),
|
|
+ .userspacesize = XT_ALIGN(sizeof(struct xt_imq_info)),
|
|
+ .help = IMQ_help,
|
|
+ .init = IMQ_init,
|
|
+ .parse = IMQ_parse,
|
|
+ .print = IMQ_print,
|
|
+ .save = IMQ_save,
|
|
+ .extra_opts = IMQ_opts,
|
|
+};
|
|
+
|
|
+// void __attribute((constructor)) nf_ext_init(void){
|
|
+void _init(void){
|
|
+ xtables_register_target(&imq_target);
|
|
+ xtables_register_target(&imq_target6);
|
|
+}
|
|
diff -Naur iptables-1.4.12.2/extensions/libxt_IMQ.man iptables-1.4.12.2-imq/extensions/libxt_IMQ.man
|
|
--- iptables-1.4.12.2/extensions/libxt_IMQ.man 1970-01-01 02:00:00.000000000 +0200
|
|
+++ iptables-1.4.12.2-imq/extensions/libxt_IMQ.man 2011-09-30 13:53:21.000000000 +0300
|
|
@@ -0,0 +1,15 @@
|
|
+This target is used to redirect the traffic to the IMQ driver and you can apply
|
|
+QoS rules like HTB or CBQ.
|
|
+For example you can select only traffic comming from a specific interface or
|
|
+is going out on a specific interface.
|
|
+Also it permits to capture the traffic BEFORE NAT in the case of outgoing traffic
|
|
+or AFTER NAT in the case of incomming traffic.
|
|
+.TP
|
|
+\fB\-\-to\-dev\fP \fIvalue\fP
|
|
+Set the IMQ interface where to send this traffic
|
|
+.TP
|
|
+Example:
|
|
+.TP
|
|
+Redirect incomming traffic from interface eth0 to imq0 and outgoing traffic to imq1:
|
|
+iptables \-t mangle \-A FORWARD \-i eth0 \-j IMQ \-\-to\-dev 0
|
|
+iptables \-t mangle \-A FORWARD \-o eth0 \-j IMQ \-\-to\-dev 1
|
|
diff -Naur iptables-1.4.12.2/include/linux/netfilter/xt_IMQ.h iptables-1.4.12.2-imq/include/linux/netfilter/xt_IMQ.h
|
|
--- iptables-1.4.12.2/include/linux/netfilter/xt_IMQ.h 1970-01-01 02:00:00.000000000 +0200
|
|
+++ iptables-1.4.12.2-imq/include/linux/netfilter/xt_IMQ.h 2011-09-30 13:53:21.000000000 +0300
|
|
@@ -0,0 +1,9 @@
|
|
+#ifndef _XT_IMQ_H
|
|
+#define _XT_IMQ_H
|
|
+
|
|
+struct xt_imq_info {
|
|
+ unsigned int todev; /* target imq device */
|
|
+};
|
|
+
|
|
+#endif /* _XT_IMQ_H */
|
|
+
|