aboutsummaryrefslogtreecommitdiffstats
path: root/package/network/utils/iptables/patches/010-add-savedscp-support.patch
diff options
context:
space:
mode:
Diffstat (limited to 'package/network/utils/iptables/patches/010-add-savedscp-support.patch')
-rw-r--r--package/network/utils/iptables/patches/010-add-savedscp-support.patch214
1 files changed, 0 insertions, 214 deletions
diff --git a/package/network/utils/iptables/patches/010-add-savedscp-support.patch b/package/network/utils/iptables/patches/010-add-savedscp-support.patch
deleted file mode 100644
index c85aa9ead2..0000000000
--- a/package/network/utils/iptables/patches/010-add-savedscp-support.patch
+++ /dev/null
@@ -1,214 +0,0 @@
-From 69b427fb5e1211c1110ce63be62b70504d04b0ff Mon Sep 17 00:00:00 2001
-From: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
-Date: Sat, 23 Mar 2019 10:21:03 +0000
-Subject: [PATCH] savedscp
-
-Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
----
- extensions/libxt_CONNMARK.c | 68 ++++++++++++++++++++++++++-
- include/linux/netfilter/xt_connmark.h | 3 +-
- 2 files changed, 69 insertions(+), 2 deletions(-)
-
---- a/extensions/libxt_CONNMARK.c
-+++ b/extensions/libxt_CONNMARK.c
-@@ -22,6 +22,7 @@
- #include <stdbool.h>
- #include <stdint.h>
- #include <stdio.h>
-+#include <strings.h>
- #include <xtables.h>
- #include <linux/netfilter/xt_CONNMARK.h>
-
-@@ -49,6 +50,7 @@ enum {
- O_CTMASK,
- O_NFMASK,
- O_MASK,
-+ O_SAVEDSCP_MARK,
- F_SET_MARK = 1 << O_SET_MARK,
- F_SAVE_MARK = 1 << O_SAVE_MARK,
- F_RESTORE_MARK = 1 << O_RESTORE_MARK,
-@@ -61,8 +63,10 @@ enum {
- F_CTMASK = 1 << O_CTMASK,
- F_NFMASK = 1 << O_NFMASK,
- F_MASK = 1 << O_MASK,
-+ F_SAVEDSCP_MARK = 1 << O_SAVEDSCP_MARK,
- F_OP_ANY = F_SET_MARK | F_SAVE_MARK | F_RESTORE_MARK |
-- F_AND_MARK | F_OR_MARK | F_XOR_MARK | F_SET_XMARK,
-+ F_AND_MARK | F_OR_MARK | F_XOR_MARK | F_SET_XMARK |
-+ F_SAVEDSCP_MARK,
- };
-
- static const char *const xt_connmark_shift_ops[] = {
-@@ -75,6 +79,7 @@ static void CONNMARK_help(void)
- printf(
- "CONNMARK target options:\n"
- " --set-mark value[/mask] Set conntrack mark value\n"
-+" --savedscp-mark dscpmask/statemask Save DSCP to conntrack mark value\n"
- " --save-mark [--mask mask] Save the packet nfmark in the connection\n"
- " --restore-mark [--mask mask] Restore saved nfmark value\n");
- }
-@@ -83,6 +88,8 @@ static void CONNMARK_help(void)
- static const struct xt_option_entry CONNMARK_opts[] = {
- {.name = "set-mark", .id = O_SET_MARK, .type = XTTYPE_MARKMASK32,
- .excl = F_OP_ANY},
-+ {.name = "savedscp-mark", .id = O_SAVEDSCP_MARK, .type = XTTYPE_MARKMASK32,
-+ .excl = F_OP_ANY},
- {.name = "save-mark", .id = O_SAVE_MARK, .type = XTTYPE_NONE,
- .excl = F_OP_ANY},
- {.name = "restore-mark", .id = O_RESTORE_MARK, .type = XTTYPE_NONE,
-@@ -98,6 +105,8 @@ static const struct xt_option_entry conn
- .excl = F_OP_ANY},
- {.name = "set-mark", .id = O_SET_MARK, .type = XTTYPE_MARKMASK32,
- .excl = F_OP_ANY},
-+ {.name = "savedscp-mark", .id = O_SAVEDSCP_MARK, .type = XTTYPE_MARKMASK32,
-+ .excl = F_OP_ANY},
- {.name = "and-mark", .id = O_AND_MARK, .type = XTTYPE_UINT32,
- .excl = F_OP_ANY},
- {.name = "or-mark", .id = O_OR_MARK, .type = XTTYPE_UINT32,
-@@ -124,6 +133,8 @@ static const struct xt_option_entry conn
- .excl = F_OP_ANY},
- {.name = "set-mark", .id = O_SET_MARK, .type = XTTYPE_MARKMASK32,
- .excl = F_OP_ANY},
-+ {.name = "savedscp-mark", .id = O_SAVEDSCP_MARK, .type = XTTYPE_MARKMASK32,
-+ .excl = F_OP_ANY},
- {.name = "and-mark", .id = O_AND_MARK, .type = XTTYPE_UINT32,
- .excl = F_OP_ANY},
- {.name = "or-mark", .id = O_OR_MARK, .type = XTTYPE_UINT32,
-@@ -158,6 +169,7 @@ static void connmark_tg_help(void)
- " --restore-mark [--ctmask mask] [--nfmask mask]\n"
- " Copy nfmark to ctmark using masks\n"
- " --set-mark value[/mask] Set conntrack mark value\n"
-+" --savedscp-mark value/mask Save DSCP to conntrack mark value\n"
- " --save-mark [--mask mask] Save the packet nfmark in the connection\n"
- " --restore-mark [--mask mask] Restore saved nfmark value\n"
- " --and-mark value Binary AND the ctmark with bits\n"
-@@ -210,6 +222,11 @@ static void CONNMARK_parse(struct xt_opt
- markinfo->mark = cb->val.mark;
- markinfo->mask = cb->val.mask;
- break;
-+ case O_SAVEDSCP_MARK:
-+ markinfo->mode = XT_CONNMARK_SAVEDSCP;
-+ markinfo->mark = cb->val.mark;
-+ markinfo->mask = cb->val.mask;
-+ break;
- case O_SAVE_MARK:
- markinfo->mode = XT_CONNMARK_SAVE;
- break;
-@@ -238,6 +255,19 @@ static void connmark_tg_parse(struct xt_
- info->ctmark = cb->val.mark;
- info->ctmask = cb->val.mark | cb->val.mask;
- break;
-+ case O_SAVEDSCP_MARK:
-+ info->mode = XT_CONNMARK_SAVEDSCP;
-+ info->ctmark = cb->val.mark;
-+ info->ctmask = cb->val.mask;
-+ info->nfmask = info->ctmark ? ffs(info->ctmark) - 1 : 0;
-+ /* need 6 contiguous bits */
-+ if ((0x3f & (info->ctmark >> info->nfmask)) != 0x3f)
-+ xtables_error(PARAMETER_PROBLEM,
-+ "CONNMARK savedscp: insufficient contiguous dscpmask bits");
-+ if (info->ctmark & info->ctmask)
-+ xtables_error(PARAMETER_PROBLEM,
-+ "CONNMARK savedscp: dscpmask/statemask bits overlap");
-+ break;
- case O_AND_MARK:
- info->mode = XT_CONNMARK_SET;
- info->ctmark = 0;
-@@ -283,6 +313,19 @@ static void connmark_tg_parse_v2(struct
- info->ctmark = cb->val.mark;
- info->ctmask = cb->val.mark | cb->val.mask;
- break;
-+ case O_SAVEDSCP_MARK:
-+ info->mode = XT_CONNMARK_SAVEDSCP;
-+ info->ctmark = cb->val.mark;
-+ info->ctmask = cb->val.mask;
-+ info->shift_bits = info->ctmark ? ffs(info->ctmark) - 1 : 0;
-+ /* need 6 contiguous bits */
-+ if ((0x3f & (info->ctmark >> info->shift_bits)) != 0x3f)
-+ xtables_error(PARAMETER_PROBLEM,
-+ "CONNMARK savedscp: insufficient contiguous dscpmask bits");
-+ if (info->ctmark & info->ctmask)
-+ xtables_error(PARAMETER_PROBLEM,
-+ "CONNMARK savedscp: dscpmask/statemask bits overlap");
-+ break;
- case O_AND_MARK:
- info->mode = XT_CONNMARK_SET;
- info->ctmark = 0;
-@@ -351,6 +394,11 @@ static void CONNMARK_print(const void *i
- print_mark(markinfo->mark);
- print_mask("/", markinfo->mask);
- break;
-+ case XT_CONNMARK_SAVEDSCP:
-+ printf(" CONNMARK savedscp ");
-+ print_mark(markinfo->mark);
-+ print_mask("/", markinfo->mask);
-+ break;
- case XT_CONNMARK_SAVE:
- printf(" CONNMARK save ");
- print_mask("mask ", markinfo->mask);
-@@ -386,6 +434,10 @@ connmark_tg_print(const void *ip, const
- printf(" CONNMARK xset 0x%x/0x%x",
- info->ctmark, info->ctmask);
- break;
-+ case XT_CONNMARK_SAVEDSCP:
-+ printf(" CONNMARK DSCP set 0x%x/0x%x",
-+ info->ctmark, info->ctmask);
-+ break;
- case XT_CONNMARK_SAVE:
- if (info->nfmask == UINT32_MAX && info->ctmask == UINT32_MAX)
- printf(" CONNMARK save");
-@@ -433,6 +485,10 @@ connmark_tg_print_v2(const void *ip, con
- printf(" CONNMARK xset 0x%x/0x%x",
- info->ctmark, info->ctmask);
- break;
-+ case XT_CONNMARK_SAVEDSCP:
-+ printf(" CONNMARK DSCP xset 0x%x/0x%x",
-+ info->ctmark, info->ctmask);
-+ break;
- case XT_CONNMARK_SAVE:
- if (info->nfmask == UINT32_MAX && info->ctmask == UINT32_MAX)
- printf(" CONNMARK save");
-@@ -474,6 +530,11 @@ static void CONNMARK_save(const void *ip
- print_mark(markinfo->mark);
- print_mask("/", markinfo->mask);
- break;
-+ case XT_CONNMARK_SAVEDSCP:
-+ printf(" --savedscp-mark ");
-+ print_mark(markinfo->mark);
-+ print_mask("/", markinfo->mask);
-+ break;
- case XT_CONNMARK_SAVE:
- printf(" --save-mark ");
- print_mask("--mask ", markinfo->mask);
-@@ -505,6 +566,9 @@ connmark_tg_save(const void *ip, const s
- case XT_CONNMARK_SET:
- printf(" --set-xmark 0x%x/0x%x", info->ctmark, info->ctmask);
- break;
-+ case XT_CONNMARK_SAVEDSCP:
-+ printf(" --savedscp-mark 0x%x/0x%x", info->ctmark, info->ctmask);
-+ break;
- case XT_CONNMARK_SAVE:
- printf(" --save-mark --nfmask 0x%x --ctmask 0x%x",
- info->nfmask, info->ctmask);
-@@ -529,6 +593,9 @@ connmark_tg_save_v2(const void *ip, cons
- case XT_CONNMARK_SET:
- printf(" --set-xmark 0x%x/0x%x", info->ctmark, info->ctmask);
- break;
-+ case XT_CONNMARK_SAVEDSCP:
-+ printf(" --savedscp-mark 0x%x/0x%x", info->ctmark, info->ctmask);
-+ break;
- case XT_CONNMARK_SAVE:
- printf(" --save-mark --nfmask 0x%x --ctmask 0x%x",
- info->nfmask, info->ctmask);
---- a/include/linux/netfilter/xt_connmark.h
-+++ b/include/linux/netfilter/xt_connmark.h
-@@ -15,7 +15,8 @@
- enum {
- XT_CONNMARK_SET = 0,
- XT_CONNMARK_SAVE,
-- XT_CONNMARK_RESTORE
-+ XT_CONNMARK_RESTORE,
-+ XT_CONNMARK_SAVEDSCP
- };
-
- struct xt_connmark_tginfo1 {
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-15 11:47:32 +0000