Installing IMQ support in the kernel
What you will need:
a recent kernel source (we recommend to use the last stable version)
the latest IMQ patch for the given kernel version
stuff needed for compiling the kernel(you will probably need gcc, make, and binutils)
you have to be able to configure, compile and install a kernel by yourself before attempting to install IMQ
Untar the kernel source:
tar xjf linux-XXX.tar.bz2
Change directory into the kernel source tree's root:
Patch the kernel:
patch -p1 < linux-XXX-imq.diff
XXX is the version of the kernel.
If the patch applied cleanly, then go on to configuring and compiling the kernel. (If you see lines similar to
Hunk #1 FAILED at 3040., then something went wrong. Check that the patch is suitable for the given kernel version, and that your kernel source is not altered or broken.
Configuring the kernel
Configure the kernel as you used to (eg. menuconfig, xconfig, oldconfig, config, ...).
You must set at least these variables to have IMQ work:
CONFIG_IMQ (Network device support/IMQ (intermediate queueing device) support)
CONFIG_IP_NF_TARGET_IMQ (Networking options/IP: Netfilter Configuration/IMQ target support) and its dependencies:
CONFIG_NETFILTER (Networking options/Network packet filtering (replaces ipchains))
CONFIG_IP_NF_IPTABLES (Networking options/IP: Netfilter Configuration/IP tables support (required for filtering/masq/NAT))
CONFIG_IP_NF_MANGLE (Networking options/IP: Netfilter Configuration/Packet mangling)
optionally CONFIG_IP6_NF_TARGET_IMQ (Networking options/IPv6: Netfilter Configuration/IMQ target support)
CONFIG_IPV6 (Networking options/The IPv6 protocol)
CONFIG_IP6_NF_IPTABLES (Networking options/IPv6: Netfilter Configuration/IP6 tables support (required for filtering/masq/NAT))
CONFIG_IP6_NF_MANGLE (Networking options/IPv6: Netfilter Configuration/Packet mangling)
CONFIG_NET_SCHED (Networking options/QoS and/or fair queueing/QoS and/or fair queueing)
CONFIG_IP_NF_TARGET_MARK (Networking options/IP: Netfilter Configuration/MARK target support)
CONFIG_IP6_NF_TARGET_MARK (Networking options/IPv6: Netfilter Configuration/MARK target support) and some netfilter match targets
You can put any or all of these parts in modules if you like (and is possible because of dependencies). You can compile and install the kernel as you usually do.
Installing IMQ support in iptables
What you will need:
a relatively recent iptables source
the latest IMQ patch for the given version of iptables
some familiarity with compiling and installing an application from source
Source and tools in hand, change directory:
patch -p1 < iptables-XXX-imq.diff
And chmod the scripts it creates:
chmod +x extensions/.IMQ-test*
Now you have patched source.
Make sure you removed old iptables installation (esp. remove your distro's package, if installed); otherwise you may end up with a screwed install (iptables binary finds modules in the wrong place), and it won't work.