--- zzzz-none-000/linux-4.19.183/net/netfilter/nf_conntrack_sip.c	2021-03-24 10:07:39.000000000 +0000
+++ bcm63-7530ax-756/linux-4.19.183/net/netfilter/nf_conntrack_sip.c	2023-06-28 08:54:21.000000000 +0000
@@ -27,6 +27,10 @@
 #include <net/netfilter/nf_conntrack_helper.h>
 #include <net/netfilter/nf_conntrack_zones.h>
 #include <linux/netfilter/nf_conntrack_sip.h>
+#if defined(CONFIG_BCM_KF_NETFILTER_SIP)
+#include <net/netfilter/nf_conntrack_tuple.h>
+#include <linux/iqos.h>
+#endif
 
 MODULE_LICENSE("GPL");
 MODULE_AUTHOR("Christian Hentschel <chentschel@arnet.com.ar>");
@@ -837,6 +841,45 @@
 	spin_unlock_bh(&nf_conntrack_expect_lock);
 }
 
+#if defined(CONFIG_BCM_KF_NETFILTER_SIP)
+static void bcm_sip_expectfn(struct nf_conn *ct,
+		struct nf_conntrack_expect *exp)
+{
+	iqos_add_L4port(IPPROTO_UDP,
+			ntohs(ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u.udp.port),
+			IQOS_ENT_DYN, IQOS_PRIO_HIGH );
+	iqos_add_L4port( IPPROTO_UDP,
+			ntohs(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u.udp.port),
+			IQOS_ENT_DYN,
+			IQOS_PRIO_HIGH );
+	set_bit(IPS_IQOS_BIT, &ct->status);
+}
+static inline unsigned int bcm_nf_sip_sdp_media(struct sk_buff *skb, unsigned int protoff,
+		unsigned int dataoff,
+		const char **dptr, unsigned int *datalen,
+		struct nf_conntrack_expect *rtp_exp,
+		struct nf_conntrack_expect *rtcp_exp,
+		unsigned int mediaoff,
+		unsigned int medialen,
+		union nf_inet_addr *rtp_addr)
+{
+	/* even when NAT is not present we need to call expectfn to add RTP&RTCP
+	 * ports to IQ table
+	 */
+	rtp_exp->expectfn = bcm_sip_expectfn;
+	rtcp_exp->expectfn = bcm_sip_expectfn;
+
+	if (nf_ct_expect_related(rtp_exp) == 0) {
+		if (nf_ct_expect_related(rtcp_exp) != 0)
+			nf_ct_unexpect_related(rtp_exp);
+		else{
+			return NF_ACCEPT;
+		}
+	}
+	return NF_DROP;
+}
+#endif
+
 static int set_expected_rtp_rtcp(struct sk_buff *skb, unsigned int protoff,
 				 unsigned int dataoff,
 				 const char **dptr, unsigned int *datalen,
@@ -938,6 +981,12 @@
 				       datalen, rtp_exp, rtcp_exp,
 				       mediaoff, medialen, daddr);
 	else {
+#if defined(CONFIG_BCM_KF_NETFILTER_SIP)
+		ret = bcm_nf_sip_sdp_media(skb, protoff, dataoff, dptr,
+				datalen, rtp_exp, rtcp_exp,
+				mediaoff, medialen, daddr);
+#else
+
 		/* -EALREADY handling works around end-points that send
 		 * SDP messages with identical port but different media type,
 		 * we pretend expectation was set up.
@@ -952,6 +1001,7 @@
 			else if (errp == 0)
 				nf_ct_unexpect_related(rtp_exp);
 		}
+#endif
 	}
 	nf_ct_expect_put(rtcp_exp);
 err2:
@@ -1167,6 +1217,31 @@
 {
 	enum ip_conntrack_info ctinfo;
 	struct nf_conn *ct = nf_ct_get(skb, &ctinfo);
+#if defined(CONFIG_BCM_KF_NETFILTER_SIP) && defined(CONFIG_BCM_NF_DERIVED_CONN)
+	struct nf_conn *child;
+
+ 	BCM_DERIVED_CONN_LOCK_BH();
+	list_for_each_entry(child, &ct->bcm_ext.derived_connections, bcm_ext.derived_list) {
+
+	/* cdrouter_sip_60 */
+#if defined(CONFIG_BLOG)
+		blog_lock();
+		if ((child->bcm_ext.blog_key[IP_CT_DIR_ORIGINAL] != BLOG_KEY_FC_INVALID)
+			|| (child->bcm_ext.blog_key[IP_CT_DIR_REPLY] != BLOG_KEY_FC_INVALID)) {
+			/* remove flow from flow cache */
+			blog_notify(DESTROY_FLOWTRACK, (void*)child,
+								(uint32_t)child->bcm_ext.blog_key[IP_CT_DIR_ORIGINAL],
+								(uint32_t)child->bcm_ext.blog_key[IP_CT_DIR_REPLY]);
+
+		}
+		blog_unlock();
+#endif
+		child->bcm_ext.derived_timeout = 5*HZ;
+		nf_ct_refresh(child, skb, 5*HZ);
+		set_bit(IPS_FIXED_TIMEOUT_BIT, &child->status);  /* dont refresh */
+	}
+ 	BCM_DERIVED_CONN_UNLOCK_BH();
+#endif
 
 	flush_expectations(ct, true);
 	return NF_ACCEPT;
@@ -1357,6 +1432,9 @@
 	SIP_HANDLER("ACK", process_sdp, NULL),
 	SIP_HANDLER("PRACK", process_sdp, process_prack_response),
 	SIP_HANDLER("BYE", process_bye_request, NULL),
+#if defined(CONFIG_BCM_KF_NETFILTER_SIP)
+	SIP_HANDLER("CANCEL", process_bye_request, NULL), /*cdrouter_sip_62*/
+#endif
 	SIP_HANDLER("REGISTER", process_register_request, process_register_response),
 };
 
@@ -1619,7 +1697,18 @@
 
 static void __exit nf_conntrack_sip_fini(void)
 {
+#if defined(CONFIG_BCM_KF_NETFILTER_SIP)
+	int i;
+
+	for (i = 0; i < ports_c; i++) {
+
+		/* unregister the SIP ports with ingress QoS classifier */
+		iqos_rem_L4port( IPPROTO_UDP, ports[i], IQOS_ENT_STAT );
+		iqos_rem_L4port( IPPROTO_TCP, ports[i], IQOS_ENT_STAT );
+	}
+#endif
 	nf_conntrack_helpers_unregister(sip, ports_c * 4);
+
 }
 
 static int __init nf_conntrack_sip_init(void)
@@ -1655,6 +1744,13 @@
 		pr_err("failed to register helpers\n");
 		return ret;
 	}
+
+#if defined(CONFIG_BCM_KF_NETFILTER_SIP)
+		/* register the SIP ports with ingress QoS classifier */
+		iqos_add_L4port( IPPROTO_UDP, ports[i], IQOS_ENT_STAT, IQOS_PRIO_HIGH );
+		iqos_add_L4port( IPPROTO_TCP, ports[i], IQOS_ENT_STAT, IQOS_PRIO_HIGH );
+#endif
+
 	return 0;
 }