diff --git a/extensions/libxt_IMQ.c b/extensions/libxt_IMQ.c new file mode 100644 index 0000000..af632f2 --- /dev/null +++ b/extensions/libxt_IMQ.c @@ -0,0 +1,103 @@ +/* Shared library add-on to iptables to add IMQ target support. */ +#include +#include +#include +#include + +#include +#include +#include + +/* Function which prints out usage message. */ +static void IMQ_help(void) +{ + printf( +"IMQ target options:\n" +" --todev enqueue to imq, defaults to 0\n"); + +} + +static struct option IMQ_opts[] = { + { "todev", 1, 0, '1' }, + { 0 } +}; + +/* Initialize the target. */ +static void IMQ_init(struct xt_entry_target *t) +{ + struct xt_imq_info *mr = (struct xt_imq_info*)t->data; + + mr->todev = 0; +} + +/* Function which parses command options; returns true if it + ate an option */ +static int IMQ_parse(int c, char **argv, int invert, unsigned int *flags, + const void *entry, struct xt_entry_target **target) +{ + struct xt_imq_info *mr = (struct xt_imq_info*)(*target)->data; + + switch(c) { + case '1': + if (xtables_check_inverse(optarg, &invert, NULL, 0, argv)) + xtables_error(PARAMETER_PROBLEM, + "Unexpected `!' after --todev"); + mr->todev=atoi(optarg); + break; + default: + return 0; + } + return 1; +} + +/* Prints out the targinfo. */ +static void IMQ_print(const void *ip, + const struct xt_entry_target *target, + int numeric) +{ + struct xt_imq_info *mr = (struct xt_imq_info*)target->data; + + printf("IMQ: todev %u ", mr->todev); +} + +/* Saves the union ipt_targinfo in parsable form to stdout. */ +static void IMQ_save(const void *ip, const struct xt_entry_target *target) +{ + struct xt_imq_info *mr = (struct xt_imq_info*)target->data; + + printf("--todev %u", mr->todev); +} + +static struct xtables_target imq_target = { + .name = "IMQ", + .version = XTABLES_VERSION, + .family = NFPROTO_IPV4, + .size = XT_ALIGN(sizeof(struct xt_imq_info)), + .userspacesize = XT_ALIGN(sizeof(struct xt_imq_info)), + .help = IMQ_help, + .init = IMQ_init, + .parse = IMQ_parse, + .print = IMQ_print, + .save = IMQ_save, + .extra_opts = IMQ_opts, +}; + +static struct xtables_target imq_target6 = { + .name = "IMQ", + .version = XTABLES_VERSION, + .family = NFPROTO_IPV6, + .size = XT_ALIGN(sizeof(struct xt_imq_info)), + .userspacesize = XT_ALIGN(sizeof(struct xt_imq_info)), + .help = IMQ_help, + .init = IMQ_init, + .parse = IMQ_parse, + .print = IMQ_print, + .save = IMQ_save, + .extra_opts = IMQ_opts, +}; + +// void __attribute((constructor)) nf_ext_init(void){ +void _init(void){ + xtables_register_target(&imq_target); + xtables_register_target(&imq_target6); +} diff --git a/extensions/libxt_IMQ.man b/extensions/libxt_IMQ.man new file mode 100644 index 0000000..6e3e896 --- /dev/null +++ b/extensions/libxt_IMQ.man @@ -0,0 +1,15 @@ +This target is used to redirect the traffic to the IMQ driver and you can apply +QoS rules like HTB or CBQ. +For example you can select only traffic comming from a specific interface or +is going out on a specific interface. +Also it permits to capture the traffic BEFORE NAT in the case of outgoing traffic +or AFTER NAT in the case of incomming traffic. +.TP +\fB\-\-to\-dev\fP \fIvalue\fP +Set the IMQ interface where to send this traffic +.PP +For example we want to redirect incomming traffic from interface eth0 to imq0 and outgoing traffic to imq1: +.IP +iptables \-t mangle \-A FORWARD \-i eth0 \-j IMQ \-\-to\-dev 0 +.IP +iptables \-t mangle \-A FORWARD \-o eth0 \-j IMQ \-\-to\-dev 1 diff --git a/include/linux/netfilter/xt_IMQ.h b/include/linux/netfilter/xt_IMQ.h new file mode 100644 index 0000000..9b07230 --- /dev/null +++ b/include/linux/netfilter/xt_IMQ.h @@ -0,0 +1,9 @@ +#ifndef _XT_IMQ_H +#define _XT_IMQ_H + +struct xt_imq_info { + unsigned int todev; /* target imq device */ +}; + +#endif /* _XT_IMQ_H */ +