Add IPv6 support to dscp match.

4 files changed, 58 insertions, 41 deletions

diff --git a/extensions/Makefile b/extensions/Makefile
index 6b9a3e98..1a757e72 100644
--- a/extensions/Makefile
+++ b/extensions/Makefile
@@ -5,9 +5,9 @@
 # header files are present in the include/linux directory of this iptables
 # package (HW)
 #
-PF_EXT_SLIB:=ah addrtype comment connlimit connmark conntrack dscp ecn hashlimit helper icmp iprange owner policy realm state tos ttl unclean CLASSIFY CONNMARK DNAT DSCP ECN LOG MARK MASQUERADE MIRROR NETMAP NFQUEUE REDIRECT REJECT SAME SNAT TCPMSS TOS TTL TRACE ULOG
+PF_EXT_SLIB:=ah addrtype comment connlimit connmark conntrack ecn hashlimit helper icmp iprange owner policy realm state tos ttl unclean CLASSIFY CONNMARK DNAT DSCP ECN LOG MARK MASQUERADE MIRROR NETMAP NFQUEUE REDIRECT REJECT SAME SNAT TCPMSS TOS TTL TRACE ULOG
 PF6_EXT_SLIB:=connlimit connmark eui64 hl icmp6 owner policy state CONNMARK HL LOG NFQUEUE MARK TCPMSS TRACE
-PFX_EXT_SLIB:=esp length limit mac mark multiport physdev pkttype sctp standard tcp tcpmss udp NOTRACK
+PFX_EXT_SLIB:=dscp esp length limit mac mark multiport physdev pkttype sctp standard tcp tcpmss udp NOTRACK
 
 ifeq ($(DO_SELINUX), 1)
 PF_EXT_SE_SLIB:=SECMARK CONNSECMARK
diff --git a/extensions/libipt_dscp.c b/extensions/libxt_dscp.c
index 6a8cac8a..8ca74443 100644
--- a/extensions/libipt_dscp.c
+++ b/extensions/libxt_dscp.c
@@ -17,9 +17,9 @@
 #include <stdlib.h>
 #include <getopt.h>
 
-#include <iptables.h>
-#include <linux/netfilter_ipv4/ip_tables.h>
-#include <linux/netfilter_ipv4/ipt_dscp.h>
+#include <xtables.h>
+#include <linux/netfilter/x_tables.h>
+#include <linux/netfilter/xt_dscp.h>
 
 /* This is evil, but it's my code - HW*/
 #include "libipt_dscp_helper.c"
@@ -46,7 +46,7 @@ static struct option opts[] = {
 };
 
 static void
-parse_dscp(const char *s, struct ipt_dscp_info *dinfo)
+parse_dscp(const char *s, struct xt_dscp_info *dinfo)
 {
 	unsigned int dscp;
        
@@ -54,7 +54,7 @@ parse_dscp(const char *s, struct ipt_dscp_info *dinfo)
 		exit_error(PARAMETER_PROBLEM,
 			   "Invalid dscp `%s'\n", s);
 
-	if (dscp > IPT_DSCP_MAX)
+	if (dscp > XT_DSCP_MAX)
 		exit_error(PARAMETER_PROBLEM,
 			   "DSCP `%d` out of range\n", dscp);
 
@@ -64,7 +64,7 @@ parse_dscp(const char *s, struct ipt_dscp_info *dinfo)
 
 
 static void
-parse_class(const char *s, struct ipt_dscp_info *dinfo)
+parse_class(const char *s, struct xt_dscp_info *dinfo)
 {
 	unsigned int dscp = class_to_dscp(s);
 
@@ -79,8 +79,8 @@ parse(int c, char **argv, int invert, unsigned int *flags,
       unsigned int *nfcache,
       struct xt_entry_match **match)
 {
-	struct ipt_dscp_info *dinfo
-		= (struct ipt_dscp_info *)(*match)->data;
+	struct xt_dscp_info *dinfo
+		= (struct xt_dscp_info *)(*match)->data;
 
 	switch (c) {
 	case 'F':
@@ -135,8 +135,8 @@ print(const void *ip,
       const struct xt_entry_match *match,
       int numeric)
 {
-	const struct ipt_dscp_info *dinfo =
-		(const struct ipt_dscp_info *)match->data;
+	const struct xt_dscp_info *dinfo =
+		(const struct xt_dscp_info *)match->data;
 	printf("DSCP match ");
 	print_dscp(dinfo->dscp, dinfo->invert, numeric);
 }
@@ -145,19 +145,35 @@ print(const void *ip,
 static void
 save(const void *ip, const struct xt_entry_match *match)
 {
-	const struct ipt_dscp_info *dinfo =
-		(const struct ipt_dscp_info *)match->data;
+	const struct xt_dscp_info *dinfo =
+		(const struct xt_dscp_info *)match->data;
 
 	printf("--dscp ");
 	print_dscp(dinfo->dscp, dinfo->invert, 1);
 }
 
-static struct iptables_match dscp = { 
+static struct xtables_match dscp = { 
 	.next 		= NULL,
+	.family		= AF_INET,
 	.name 		= "dscp",
 	.version 	= IPTABLES_VERSION,
-	.size 		= IPT_ALIGN(sizeof(struct ipt_dscp_info)),
-	.userspacesize	= IPT_ALIGN(sizeof(struct ipt_dscp_info)),
+	.size 		= XT_ALIGN(sizeof(struct xt_dscp_info)),
+	.userspacesize	= XT_ALIGN(sizeof(struct xt_dscp_info)),
+	.help		= &help,
+	.parse		= &parse,
+	.final_check	= &final_check,
+	.print		= &print,
+	.save		= &save,
+	.extra_opts	= opts
+};
+
+static struct xtables_match dscp6 = { 
+	.next 		= NULL,
+	.family		= AF_INET6,
+	.name 		= "dscp",
+	.version 	= IPTABLES_VERSION,
+	.size 		= XT_ALIGN(sizeof(struct xt_dscp_info)),
+	.userspacesize	= XT_ALIGN(sizeof(struct xt_dscp_info)),
 	.help		= &help,
 	.parse		= &parse,
 	.final_check	= &final_check,
@@ -168,5 +184,6 @@ static struct iptables_match dscp = {
 
 void _init(void)
 {
-	register_match(&dscp);
+	xtables_register_match(&dscp);
+	xtables_register_match(&dscp6);
 }
diff --git a/include/linux/netfilter/xt_dscp.h b/include/linux/netfilter/xt_dscp.h
new file mode 100644
index 00000000..1da61e6a
--- /dev/null
+++ b/include/linux/netfilter/xt_dscp.h
@@ -0,0 +1,23 @@
+/* x_tables module for matching the IPv4/IPv6 DSCP field
+ *
+ * (C) 2002 Harald Welte <laforge@gnumonks.org>
+ * This software is distributed under GNU GPL v2, 1991
+ *
+ * See RFC2474 for a description of the DSCP field within the IP Header.
+ *
+ * xt_dscp.h,v 1.3 2002/08/05 19:00:21 laforge Exp
+*/
+#ifndef _XT_DSCP_H
+#define _XT_DSCP_H
+
+#define XT_DSCP_MASK	0xfc	/* 11111100 */
+#define XT_DSCP_SHIFT	2
+#define XT_DSCP_MAX	0x3f	/* 00111111 */
+
+/* match info */
+struct xt_dscp_info {
+	u_int8_t dscp;
+	u_int8_t invert;
+};
+
+#endif /* _XT_DSCP_H */
diff --git a/include/linux/netfilter_ipv4/ipt_dscp.h b/include/linux/netfilter_ipv4/ipt_dscp.h
deleted file mode 100644
index b6c59bdd..00000000
--- a/include/linux/netfilter_ipv4/ipt_dscp.h
+++ /dev/null
@@ -1,23 +0,0 @@
-/* iptables module for matching the IPv4 DSCP field
- *
- * (C) 2002 Harald Welte <laforge@gnumonks.org>
- * This software is distributed under GNU GPL v2, 1991
- * 
- * See RFC2474 for a description of the DSCP field within the IP Header.
- *
- * Id: ipt_dscp.h,v 1.3 2002/08/05 19:00:21 laforge Exp
-*/
-#ifndef _IPT_DSCP_H
-#define _IPT_DSCP_H
-
-#define IPT_DSCP_MASK	0xfc	/* 11111100 */
-#define IPT_DSCP_SHIFT	2
-#define IPT_DSCP_MAX	0x3f	/* 00111111 */
-
-/* match info */
-struct ipt_dscp_info {
-	u_int8_t dscp;
-	u_int8_t invert;
-};
-
-#endif /* _IPT_DSCP_H */