Re: Linux kernel updates and ip_crossover patch

Re: Linux kernel updates and ip_crossover patch

[Mehulkumar J Patel]

[-- Attachment #1: Type: text/plain, Size: 3410 bytes --]

Hello All,

Any update on this.

Basically we need IP CROSSOVER patch to be part of pseries kernel.

best regards,
Mehul.




Olaf Hering <olh@suse.de>
29/09/2003 16:40

 
        To:     Kaena Freitas <kaena@us.ibm.com>, Mehulkumar J Patel/India/IBM@IBMIN
        cc:     Mehulkumar J Patel/India/IBM@IBMIN, Matthias Fruehauf <mfrueh@suse.de>, 
olaf@suse.de, Anil K Prasad/India/IBM@IBMIN, Daljeet Maini/India/IBM@IBMIN
        Subject:        Re: Linux kernel updates and ip_crossover patch

 

 On Wed, Sep 24, Kaena Freitas wrote:

> 
> 
> 
> 
> Hello Mehul -
> 
> Sorry it has taken me a while to respond. We do not keep any code in 
CMVC.
> All code we get from SuSE is on the ftp3 site along with all the source
> RPMs. We do have internel CVS trees, but there is no guarantee that 
those
> trees are current with the code we get from SuSE which is what your team
> should be testing.
> 
> As for the htx patch you've provided, I have copied SuSE on this email 
to
> get their comments if it can be part of their distribution.

Good morning,

did you sent the patch to netdev@oss.sgi.com?
What opinion have the network and iptables maintainers about this feature?


> (See attached file: hxecom_patch)forgot to attach the patch.
> 
> 
> e-mail: mehul.patel@in.ibm.com
> IBM Global Services
> Bangalore, India.
> Tel: 091-80-5094160
> 
> 
> 
>  
>                       Mehulkumar J   
>                       Patel                    To:       Kaena 
Freitas/Austin/IBM 
>                                                cc:       Anil K 
Prasad/India/IBM@IBMIN, Daljeet 
>                       23/09/2003 18:38          Maini/India/IBM@IBMIN    
 
>                       Please respond to        From:     Mehulkumar J 
Patel/India/IBM@IBMIN 
>                                                Subject:  Linux kernel 
updates and ip_crossover patch 
>  
>  
>  
> 
> 
> 
> Hi,
> 
> We are HTX Team.
> We get affected by changes in Linux kernel in a way where we have to 
update
> our build environment
> continuously. As of now we are doing so manually. But considering the
> effort we are thinking of making
> it automated.
> 
> Can you please tell us if there is a fixed place from where we can sync
> Linux kernel sources through
> scripts. Or do you put Linux kernel sources in cmvc or any other version
> control system.
> 
> Also, we have an exerciser named "hxecom" which requires an external 
patch,
> ip_crossover for hxecom
>  to work in single system test.
> This patch helps us in sending packets destined to IP address on the 
same
> machine without looping
> back at IP layer. Packet actually goes out to hardware and thus we are 
able
> to stress network cards.
> For this patch to work, kernel should have been compiled with netfilter.
> If netfilter is not enabled and ip_crossover patch is not applied, we 
end
> up recompiling the whole
> stuff and need to copy kernel and /lib/modules on all the test machines,
> which is bit ugly.
> Can you please include these two request from us in all p-series kernels 
?
> 
> I am attaching the patch here.
> 
> best regards,
> Mehul.
> e-mail: mehul.patel@in.ibm.com
> IBM Global Services
> Bangalore, India.
> Tel: 091-80-5094160
> 
> 
> 



-- 
USB is for mice, FireWire is for men!

sUse lINUX ag, nÜRNBERG



[-- Attachment #2: Type: text/html, Size: 7839 bytes --]

Re: Linux kernel updates and ip_crossover patch

[Matthias Fruehauf]

On Thu, Oct 30, Mehulkumar J Patel wrote:

> 
> Hello All,
> 
> Any update on this.
> 
> Basically we need IP CROSSOVER patch to be part of pseries kernel.

Well, I am not completly sure what we are talking about here ... ;-) The
usuall way if someone wants features to become part of the kernel is via
the community, in this case via the network guys as Olaf suggested or if
it is a plattform specific thing via the plattform maintainer, which is
David Engebretsen <engebret@us.ibm.com> for example for PPC at IBM.

In case that there is for some reason no solution going this path, IBM
has the possibility to request features from SuSE via the brands and via
the LTC. This is organized by Mark VanderWiele <markv@us.ibm.com>.

To be more specific: For 2.4 kernel the door is allready closed since
some weeks. In case you would like to see this patch in an upcoming SLES
9 and a 2.6 kernel, get in contact with Dave and Mark.

Hope this helps for the moment.


> best regards,
> Mehul.
> 

Best regards,

Matthias Frühauf


> 
>  Olaf Hering                                                                   
>  <olh@suse.de>         To:        Kaena Freitas <kaena@us.ibm.com>, Mehulkumar 
>                J Patel/India/IBM@IBMIN                                         
>  29/09/2003            cc:        Mehulkumar J Patel/India/IBM@IBMIN, Matthias 
>  16:40         Fruehauf <mfrueh@suse.de>, olaf@suse.de, Anil K Prasad/India/   
>                IBM@IBMIN, Daljeet Maini/India/IBM@IBMIN                        
>                        Subject:        Re: Linux kernel updates and            
>                ip_crossover patch                                              
>                                                                                
>                                                                                
> 
> 
> 
>  On Wed, Sep 24, Kaena Freitas wrote:
> 
> >
> >
> >
> >
> > Hello Mehul -
> >
> > Sorry it has taken me a while to respond. We do not keep any code in CMVC.
> > All code we get from SuSE is on the ftp3 site along with all the source
> > RPMs. We do have internel CVS trees, but there is no guarantee that those
> > trees are current with the code we get from SuSE which is what your team
> > should be testing.
> >
> > As for the htx patch you've provided, I have copied SuSE on this email to
> > get their comments if it can be part of their distribution.
> 
> Good morning,
> 
> did you sent the patch to netdev@oss.sgi.com?
> What opinion have the network and iptables maintainers about this feature?
> 
> 
> > (See attached file: hxecom_patch)forgot to attach the patch.
> >
> >
> > e-mail: mehul.patel@in.ibm.com
> > IBM Global Services
> > Bangalore, India.
> > Tel: 091-80-5094160
> >
> >
> >
> >                                                                              
>                                      
> >                       Mehulkumar J                                          
>                                      
> >                       Patel                    To:       Kaena Freitas/Austin
> /IBM                                  
> >                                                cc:       Anil K Prasad/India/
> IBM@IBMIN, Daljeet                    
> >                       23/09/2003 18:38          Maini/India/IBM@IBMIN        
>                                      
> >                       Please respond to        From:     Mehulkumar J Patel/
> India/IBM@IBMIN                        
> >                                                Subject:  Linux kernel updates
> and ip_crossover patch              
> >                                                                              
>                                      
> >                                                                              
>                                      
> >                                                                              
>                                      
> >
> >
> >
> > Hi,
> >
> > We are HTX Team.
> > We get affected by changes in Linux kernel in a way where we have to update
> > our build environment
> > continuously. As of now we are doing so manually. But considering the
> > effort we are thinking of making
> > it automated.
> >
> > Can you please tell us if there is a fixed place from where we can sync
> > Linux kernel sources through
> > scripts. Or do you put Linux kernel sources in cmvc or any other version
> > control system.
> >
> > Also, we have an exerciser named "hxecom" which requires an external patch,
> > ip_crossover for hxecom
> >  to work in single system test.
> > This patch helps us in sending packets destined to IP address on the same
> > machine without looping
> > back at IP layer. Packet actually goes out to hardware and thus we are able
> > to stress network cards.
> > For this patch to work, kernel should have been compiled with netfilter.
> > If netfilter is not enabled and ip_crossover patch is not applied, we end
> > up recompiling the whole
> > stuff and need to copy kernel and /lib/modules on all the test machines,
> > which is bit ugly.
> > Can you please include these two request from us in all p-series kernels ?
> >
> > I am attaching the patch here.
> >
> > best regards,
> > Mehul.
> > e-mail: mehul.patel@in.ibm.com
> > IBM Global Services
> > Bangalore, India.
> > Tel: 091-80-5094160
> >
> >
> >
> 
> 
> 
> --
> USB is for mice, FireWire is for men!
> 
> sUse lINUX ag, nÜRNBERG
> 
> 

-- 
	Matthias Frühauf

	Member of the spicy SuSE Linux PPC Team
------------------------------------------------------------
SuSE AG,                  Tel:   +49-911-74053-658
Deutschherrnstr. 15-19,   Fax:   +49-911-74053-483
90429 Nuernberg           Germany

               --- Peace, Love and Linux ---

Re: Linux kernel updates and ip_crossover patch

[David S. Miller]

On Thu, 30 Oct 2003 18:33:57 +0530
Mehulkumar J Patel <mehul.patel@in.ibm.com> wrote:

> Basically we need IP CROSSOVER patch to be part of pseries kernel.

This is not how the Linux community works.  You don't say "hey, we
_NEED_ this" and like magic it gets added to the Linux kernel.

Rather, it gets added because someone submits it and the community
sees a need for the feature.

As networking maintainer what I see is that this feature is needed by
and used by only a very small group of people for very specialized
purposes.  Therefore there is no urgency to add this to the kernel
sources any time soon.

You can continue whining, complaining about how much you personally
_NEED_ the ip_crossover patch, but that isn't going to help you
arrive at your goal.  Rather you should spend time explaining to
the community what value it gives to them and why it would be useful
to anything other than very specialized cases and uses.

Re: Linux kernel updates and ip_crossover patch

[James R. Leu]

I agree with David that this patch has a very narrow scope.  I think a
more generic solution for a virtualized IP stack would be used by many more
people, and still solve this specific problem.

I have a patch for 'virtualizing' the IPv4 stack for the 2.4 kernel
series.  I'm working on porting it to the 2.6 kernels and adding the
same functionality for IPv6.

If you're interested in checking out the 2.4 kernel patch you can get
the latest stable version from http://linux-vrf.sf.net/

That page also descibes howto get the most recent version from
my development tree.

-- 
James R. Leu
jleu@mindspring.com

On Thu, Oct 30, 2003 at 09:53:12AM -0800, David S. Miller wrote:
> On Thu, 30 Oct 2003 18:33:57 +0530
> Mehulkumar J Patel <mehul.patel@in.ibm.com> wrote:
> 
> > Basically we need IP CROSSOVER patch to be part of pseries kernel.
> 
> This is not how the Linux community works.  You don't say "hey, we
> _NEED_ this" and like magic it gets added to the Linux kernel.
> 
> Rather, it gets added because someone submits it and the community
> sees a need for the feature.
> 
> As networking maintainer what I see is that this feature is needed by
> and used by only a very small group of people for very specialized
> purposes.  Therefore there is no urgency to add this to the kernel
> sources any time soon.
> 
> You can continue whining, complaining about how much you personally
> _NEED_ the ip_crossover patch, but that isn't going to help you
> arrive at your goal.  Rather you should spend time explaining to
> the community what value it gives to them and why it would be useful
> to anything other than very specialized cases and uses.

Re: Linux kernel updates and ip_crossover patch

[Andi Kleen]

On Thu, 30 Oct 2003 18:33:57 +0530
Mehulkumar J Patel <mehul.patel@in.ibm.com> wrote:

> Any update on this.
> 
> Basically we need IP CROSSOVER patch to be part of pseries kernel.

I don't think it will happen anytime soon.  But the ip_crossover patch
just create a single file which is a self contained module. You can compile
that file outside the kernel tree and load it into your running kernel.

See http://www.kernelnewbies.org etc. on how to build external modules.

-Andi

Re: Linux kernel updates and ip_crossover patch

[Mehulkumar J Patel]

[-- Attachment #1: Type: text/plain, Size: 3640 bytes --]

Hi,

We at IBM need IP CROSSOVER module as part of kernel source.

I sent the request to SuSe for the same and they got back to me and their 
response is in this mail thread below.

Can you please let me know what do you think about IP CROSSOVER feature ?

best regards,
Mehul.
----- Forwarded by Mehulkumar J Patel/India/IBM on 27/10/2003 17:42 -----


Olaf Hering <olh@suse.de>
29/09/2003 16:40

 
        To:     Kaena Freitas <kaena@us.ibm.com>, Mehulkumar J Patel/India/IBM@IBMIN
        cc:     Mehulkumar J Patel/India/IBM@IBMIN, Matthias Fruehauf <mfrueh@suse.de>, 
olaf@suse.de, Anil K Prasad/India/IBM@IBMIN, Daljeet Maini/India/IBM@IBMIN
        Subject:        Re: Linux kernel updates and ip_crossover patch

 

 On Wed, Sep 24, Kaena Freitas wrote:

> 
> 
> 
> 
> Hello Mehul -
> 
> Sorry it has taken me a while to respond. We do not keep any code in 
CMVC.
> All code we get from SuSE is on the ftp3 site along with all the source
> RPMs. We do have internel CVS trees, but there is no guarantee that 
those
> trees are current with the code we get from SuSE which is what your team
> should be testing.
> 
> As for the htx patch you've provided, I have copied SuSE on this email 
to
> get their comments if it can be part of their distribution.

Good morning,

did you sent the patch to netdev@oss.sgi.com?
What opinion have the network and iptables maintainers about this feature?


> (See attached file: hxecom_patch)forgot to attach the patch.
> 
> 
> e-mail: mehul.patel@in.ibm.com
> IBM Global Services
> Bangalore, India.
> Tel: 091-80-5094160
> 
> 
> 
>  
>                       Mehulkumar J   
>                       Patel                    To:       Kaena 
Freitas/Austin/IBM 
>                                                cc:       Anil K 
Prasad/India/IBM@IBMIN, Daljeet 
>                       23/09/2003 18:38          Maini/India/IBM@IBMIN    
 
>                       Please respond to        From:     Mehulkumar J 
Patel/India/IBM@IBMIN 
>                                                Subject:  Linux kernel 
updates and ip_crossover patch 
>  
>  
>  
> 
> 
> 
> Hi,
> 
> We are HTX Team.
> We get affected by changes in Linux kernel in a way where we have to 
update
> our build environment
> continuously. As of now we are doing so manually. But considering the
> effort we are thinking of making
> it automated.
> 
> Can you please tell us if there is a fixed place from where we can sync
> Linux kernel sources through
> scripts. Or do you put Linux kernel sources in cmvc or any other version
> control system.
> 
> Also, we have an exerciser named "hxecom" which requires an external 
patch,
> ip_crossover for hxecom
>  to work in single system test.
> This patch helps us in sending packets destined to IP address on the 
same
> machine without looping
> back at IP layer. Packet actually goes out to hardware and thus we are 
able
> to stress network cards.
> For this patch to work, kernel should have been compiled with netfilter.
> If netfilter is not enabled and ip_crossover patch is not applied, we 
end
> up recompiling the whole
> stuff and need to copy kernel and /lib/modules on all the test machines,
> which is bit ugly.
> Can you please include these two request from us in all p-series kernels 
?
> 
> I am attaching the patch here.
> 
> best regards,
> Mehul.
> e-mail: mehul.patel@in.ibm.com
> IBM Global Services
> Bangalore, India.
> Tel: 091-80-5094160
> 
> 
> 



-- 
USB is for mice, FireWire is for men!

sUse lINUX ag, nÜRNBERG



[-- Attachment #2: Type: text/html, Size: 8122 bytes --]

Re: Linux kernel updates and ip_crossover patch

[Ben Greear]

Mehulkumar J Patel wrote:
> 
> Hi,
> 
> We at IBM need IP CROSSOVER module as part of kernel source.

Please send the ip-crossover patch to netdev.  I have written a patch
to do the same thing, and am interested to see how this patch differs.

Thanks,
Ben

-- 
Ben Greear <greearb@candelatech.com>
Candela Technologies Inc  http://www.candelatech.com

Re: Linux kernel updates and ip_crossover patch

[Anil K Prasad]

>>
>> We at IBM need IP CROSSOVER module as part of kernel source.

>Please send the ip-crossover patch to netdev.  I have written a patch
>to do the same thing, and am interested to see how this patch differs.

Here is the patch for IP-Cross over module.

Thanks,
Anil.

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------


diff -urpN --exclude TAGS -X
/home/rusty/devel/kernel/kernel-patches/current-dontdiff --minimal
linux-2.4.21/Documentation/Configure.help
working-2.4.21-crossover/Documentation/Configure.help
--- linux-2.4.21/Documentation/Configure.help
2003-06-14 13:59:23.000000000 +1000
+++ working-2.4.21-crossover/Documentation/Configure.help
  2003-07-10 18:16:04.000000000 +1000
@@ -2954,6 +2954,18 @@ CONFIG_IP_NF_COMPAT_IPFWADM
   If you want to compile it as a module, say M here and read
   <file:Documentation/modules.txt>.  If unsure, say `N'.

+IP forced crossover support (EXPERIMENTAL)
+CONFIG_IP_NF_CROSSOVER
+  This option allows you to connect two local network cards
+  with a crossover cable, and then force packets to pass over
+  that cable (Linux will normally short-circuit such packets).
+
+  If you want to compile it as a module, say M here and read
+  <file:Documentation/modules.txt>: the module will be called
+  ip_crossover.
+
+  Say `N'.
+
 EUI64 address check (EXPERIMENTAL)
 CONFIG_IP6_NF_MATCH_EUI64
   This module performs checking on the IPv6 source address
diff -urpN --exclude TAGS -X
/home/rusty/devel/kernel/kernel-patches/current-dontdiff --minimal
linux-2.4.21/net/ipv4/netfilter/Config.in
working-2.4.21-crossover/net/ipv4/netfilter/Config.in
--- linux-2.4.21/net/ipv4/netfilter/Config.in
2003-06-14 14:00:02.000000000 +1000
+++ working-2.4.21-crossover/net/ipv4/netfilter/Config.in
  2003-07-10 18:14:41.000000000 +1000
@@ -129,4 +129,7 @@ if [ "$CONFIG_IP_NF_CONNTRACK" != "y" ];
     fi
   fi
 fi
+
+dep_tristate '  IP forced crossover support (EXPERIMENTAL)'
CONFIG_IP_NF_CROSSOVER $CONFIG_EXPERIMENTAL
+
 endmenu
diff -urpN --exclude TAGS -X
/home/rusty/devel/kernel/kernel-patches/current-dontdiff --minimal
linux-2.4.21/net/ipv4/netfilter/Makefile
working-2.4.21-crossover/net/ipv4/netfilter/Makefile
--- linux-2.4.21/net/ipv4/netfilter/Makefile
2003-06-14 14:00:02.000000000 +1000
+++ working-2.4.21-crossover/net/ipv4/netfilter/Makefile
  2003-07-10 18:13:23.000000000 +1000
@@ -110,6 +110,8 @@ obj-$(CONFIG_IP_NF_COMPAT_IPFWADM) += ip

 obj-$(CONFIG_IP_NF_QUEUE) += ip_queue.o

+obj-$(CONFIG_IP_NF_CROSSOVER) += ip_crossover.o
+
 include $(TOPDIR)/Rules.make

 ip_conntrack.o: $(ip_conntrack-objs)
diff -urpN --exclude TAGS -X
/home/rusty/devel/kernel/kernel-patches/current-dontdiff --minimal
linux-2.4.21/net/ipv4/netfilter/ip_crossover.c
working-2.4.21-crossover/net/ipv4/netfilter/ip_crossover.c
--- linux-2.4.21/net/ipv4/netfilter/ip_crossover.c
1970-01-01 10:00:00.000000000 +1000
+++ working-2.4.21-crossover/net/ipv4/netfilter/ip_crossover.c
        2003-07-10 18:36:47.000000000 +1000
@@ -0,0 +1,262 @@
+/* Copyright 2003 Rusty Russell, IBM Corporation.
+ *
+ * Simple packet mangling.  The idea is to use a crossover between two
+ * local NICs for testing, then this module creates "phantom" boxes on
+ * each network at the interface address + 1.
+ *
+ * Packets sent to one phantom will come in like they came from the other.
+ *
+ * Usage:
+ *   ifconfig eth0 192.168.1.1
+ *   ifconfig eth1 192.168.2.1
+ *   arp -s 192.168.1.2 <hardware address of eth1>
+ *   arp -s 192.168.2.2 <hardware address of eth0>
+ *   modprobe ip_crossover dev1=eth0 dev2=eth1
+ *
+ *   Then doing ping 192.168.1.2, ICMP ping goes out eth0 and comes
+ *   back in eth1.  Reply goes out eth1 and comes back in eth0.  */
+#include <linux/config.h>
+#include <linux/netfilter_ipv4.h>
+#include <linux/ip.h>
+#include <linux/skbuff.h>
+#include <linux/netdevice.h>
+#include <linux/inetdevice.h>
+#include <linux/tcp.h>
+#include <linux/udp.h>
+#include <linux/icmp.h>
+#include <linux/version.h>
+#include <linux/module.h>
+#include <net/ip.h>
+#include <asm/checksum.h>
+
+struct ifinfo
+{
+                         /* Keep track of name so we can drop reference.
*/
+                         char name[IFNAMSIZ];
+
+                         /* Cached interface addr. */
+                         u32 ifaddr;
+
+                         /* "Phantom" box which gets mapped. */
+                         u32 phantom;
+};
+
+static struct ifinfo devinfo1, devinfo2;
+
+/* Stolen from Alexey's ip_nat_dumb. */
+static int nat_header(struct sk_buff *skb, u32 saddr, u32 daddr)
+{
+                         struct iphdr *iph = skb->nh.iph;
+
+                         u32 odaddr = iph->daddr;
+                         u32 osaddr = iph->saddr;
+                         u16 check;
+
+                         /* Rewrite IP header */
+                         iph->saddr = saddr;
+                         iph->daddr = daddr;
+                         iph->check = 0;
+                         iph->check = ip_fast_csum((unsigned char *)iph,
iph->ihl);
+
+                         /* If it is the first fragment, rewrite protocol
headers */
+                         if (!(iph->frag_off & htons(IP_OFFSET))) {
+                                                 u16 *cksum;
+
+                                                 switch(iph->protocol) {
+                                                 case IPPROTO_TCP:
+
cksum  = (u16*)&((struct tcphdr*)
+

(((char*)iph)+(iph->ihl<<2)))->check;
+
if ((u8*)(cksum+1) > skb->tail)
+
                    return 0;
+
check = *cksum;
+
if (skb->ip_summed != CHECKSUM_HW)
+
                    check = ~check;
+
check = csum_tcpudp_magic(iph->saddr, iph->daddr,
+
                                                                      0, 0,
check);
+
check = csum_tcpudp_magic(~osaddr, ~odaddr, 0, 0,
+

~check);
+
if (skb->ip_summed == CHECKSUM_HW)
+
                    check = ~check;
+
*cksum = check;
+
break;
+                                                 case IPPROTO_UDP:
+
cksum  = (u16*)&((struct udphdr*)
+

(((char*)iph)+(iph->ihl<<2)))->check;
+
if ((u8*)(cksum+1) > skb->tail)
+
                    return 0;
+
if ((check = *cksum) != 0) {
+
                    check = csum_tcpudp_magic(iph->saddr,
+

                iph->daddr, 0, 0,
+

                ~check);
+
                    check = csum_tcpudp_magic(~osaddr, ~odaddr,
+

                0, 0, ~check);
+
                    *cksum = check ? : 0xFFFF;
+                                                                         }
+
break;
+                                                 case IPPROTO_ICMP:
+                                                 {
+
struct icmphdr *icmph
+
                    = (struct icmphdr*)((char*)iph+(iph->ihl<<2));
+
struct iphdr *ciph;
+
u32 idaddr, isaddr;
+
+
if ((icmph->type != ICMP_DEST_UNREACH) &&
+
(icmph->type != ICMP_TIME_EXCEEDED) &&
+
(icmph->type != ICMP_PARAMETERPROB))
+
                    break;
+
+
ciph = (struct iphdr *) (icmph + 1);
+
+
if ((u8*)(ciph+1) > skb->tail)
+
                    return 0;
+
+
isaddr = ciph->saddr;
+
idaddr = ciph->daddr;
+
+
/* Change addresses inside ICMP packet. */
+
ciph->daddr = iph->saddr;
+
ciph->saddr = iph->daddr;
+
cksum  = &icmph->checksum;
+
/* Using tcpudp primitive. Why not? */
+
check  = csum_tcpudp_magic(ciph->saddr, ciph->daddr,
+
                                                                       0,
0, ~(*cksum));
+
*cksum = csum_tcpudp_magic(~isaddr, ~idaddr, 0, 0,
+

~check);
+
break;
+                                                 }
+                                                 default:
+
break;
+                                                 }
+                         }
+                         return 1;
+}
+
+static unsigned int xover_hook(unsigned int hook,
+
struct sk_buff **pskb,
+
const struct net_device *in,
+
const struct net_device *out,
+
int (*okfn)(struct sk_buff *))
+{
+                         /* Going out to phantom box 1: change it to
coming from
+           phantom box 2, and vice versa. */
+                         if ((*pskb)->nh.iph->daddr == devinfo1.phantom) {
+                                    /*           printk(KERN_DEBUG "dev1:
%u.%u.%u.%u->%u.%u.%u.%u"
+                                                        " becomes
%u.%u.%u.%u->%u.%u.%u.%u\n",
+
NIPQUAD((*pskb)->nh.iph->saddr),
+
NIPQUAD((*pskb)->nh.iph->daddr),
+
NIPQUAD(devinfo2.phantom),
+
NIPQUAD(devinfo2.ifaddr));*/
+                                                 if (!nat_header(*pskb,
devinfo2.phantom, devinfo2.ifaddr))
+
return NF_DROP;
+                         } else if ((*pskb)->nh.iph->daddr ==
devinfo2.phantom) {
+                         /*                      printk(KERN_DEBUG "dev1:
%u.%u.%u.%u->%u.%u.%u.%u"
+                                                        " becomes
%u.%u.%u.%u->%u.%u.%u.%u\n",
+
NIPQUAD((*pskb)->nh.iph->saddr),
+
NIPQUAD((*pskb)->nh.iph->daddr),
+
NIPQUAD(devinfo1.phantom),
+
NIPQUAD(devinfo1.ifaddr));*/
+                                                 if (!nat_header(*pskb,
devinfo1.phantom, devinfo1.ifaddr))
+
return NF_DROP;
+                         }
+
+                         return NF_ACCEPT;
+}
+
+static int __set_dev(const char *name, struct ifinfo *ifi)
+{
+                         struct net_device *dev;
+                         struct in_device *indev;
+
+                         dev = dev_get_by_name(name);
+                         if (!dev)
+                                                 goto fail;
+                         indev = __in_dev_get(dev);
+                         if (!indev || !indev->ifa_list)
+                                                 goto put_fail;
+
+                         ifi->ifaddr = indev->ifa_list->ifa_address;
+                         ifi->phantom =
htonl(ntohl(indev->ifa_list->ifa_address) + 1);
+                         if (ifi->phantom ==
indev->ifa_list->ifa_broadcast)
+                                                 goto put_fail;
+
+                         strncpy(ifi->name, name, sizeof(ifi->name)-1);
+                         printk(KERN_INFO "ip_crossover: phantom for %s:
%u.%u.%u.%u\n",
+                                ifi->name, NIPQUAD(ifi->phantom));
+                         return 0;
+
+put_fail:
+                         dev_put(dev);
+fail:
+                         printk(KERN_WARNING "ip_crossover: device %s is
not usable.\n", name);
+                         return -ENOENT;
+}
+
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,5,50)
+#include <linux/moduleparam.h>
+static int set_dev(const char *val, struct kernel_param *kp)
+{
+                         return __set_dev(val, kp->arg);
+}
+module_param_call(dev1, set_dev, NULL, &devinfo1, 0);
+module_param_call(dev2, set_dev, NULL, &devinfo2, 0);
+
+#define compat_parse_params()
+#define NF_HOOK_OWNER .owner = THIS_MODULE,
+#else
+static char *dev1, *dev2;
+
+MODULE_PARM(dev1, "s");
+MODULE_PARM(dev2, "s");
+
+static void compat_parse_params(void)
+{
+                         if (dev1)
+                                                 __set_dev(dev1,
&devinfo1);
+                         if (dev2)
+                                                 __set_dev(dev2,
&devinfo2);
+}
+
+#define NF_HOOK_OWNER
+#endif /* KERNEL_VERSION */
+
+static struct nf_hook_ops xover_ops
+= { .hook = xover_hook,
+    .pf = PF_INET,
+    .hooknum = NF_IP_POST_ROUTING,
+    .priority = NF_IP_PRI_MANGLE,
+    NF_HOOK_OWNER
+};
+
+static int __init init(void)
+{
+                         compat_parse_params();
+
+                         if (!devinfo1.name[0] || !devinfo2.name[0]) {
+                                                 printk(KERN_ERR
"ip_crossover: need dev1 and dev2 args\n");
+                                                 return -EINVAL;
+                         }
+
+                         return nf_register_hook(&xover_ops);
+}
+
+static void __exit fini(void)
+{
+                         struct net_device *dev;
+
+                         nf_unregister_hook(&xover_ops);
+
+                         /* Release devices. */
+                         dev = dev_get_by_name(devinfo1.name);
+                         dev_put(dev);
+                         dev_put(dev);
+
+                         dev = dev_get_by_name(devinfo2.name);
+                         dev_put(dev);
+                         dev_put(dev);
+}
+
+module_init(init);
+module_exit(fini);
+MODULE_LICENSE("GPL");
+MODULE_PARM_DESC(dev1, "First device for crossover (required)");
+MODULE_PARM_DESC(dev2, "Second device for crossover (required)");