Loading net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c +0 −53 Original line number Diff line number Diff line Loading @@ -266,44 +266,6 @@ static struct nf_hook_ops ipv4_conntrack_ops[] = { }, }; #ifdef CONFIG_SYSCTL /* From nf_conntrack_proto_icmp.c */ extern unsigned int nf_ct_icmp_timeout; static struct ctl_table_header *nf_ct_ipv4_sysctl_header; static ctl_table nf_ct_sysctl_table[] = { { .ctl_name = NET_NF_CONNTRACK_ICMP_TIMEOUT, .procname = "nf_conntrack_icmp_timeout", .data = &nf_ct_icmp_timeout, .maxlen = sizeof(unsigned int), .mode = 0644, .proc_handler = &proc_dointvec_jiffies, }, { .ctl_name = 0 } }; static ctl_table nf_ct_netfilter_table[] = { { .ctl_name = NET_NETFILTER, .procname = "netfilter", .mode = 0555, .child = nf_ct_sysctl_table, }, { .ctl_name = 0 } }; static ctl_table nf_ct_net_table[] = { { .ctl_name = CTL_NET, .procname = "net", .mode = 0555, .child = nf_ct_netfilter_table, }, { .ctl_name = 0 } }; #endif /* Fast function for those who don't want to parse /proc (and I don't blame them). */ /* Reversing the socket's dst/src point of view gives us the reply Loading Loading @@ -472,20 +434,8 @@ static int __init nf_conntrack_l3proto_ipv4_init(void) printk("nf_conntrack_ipv4: can't register hooks.\n"); goto cleanup_ipv4; } #ifdef CONFIG_SYSCTL nf_ct_ipv4_sysctl_header = register_sysctl_table(nf_ct_net_table, 0); if (nf_ct_ipv4_sysctl_header == NULL) { printk("nf_conntrack: can't register to sysctl.\n"); ret = -ENOMEM; goto cleanup_hooks; } #endif return ret; #ifdef CONFIG_SYSCTL cleanup_hooks: nf_unregister_hooks(ipv4_conntrack_ops, ARRAY_SIZE(ipv4_conntrack_ops)); #endif cleanup_ipv4: nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv4); cleanup_icmp: Loading @@ -502,9 +452,6 @@ static int __init nf_conntrack_l3proto_ipv4_init(void) static void __exit nf_conntrack_l3proto_ipv4_fini(void) { synchronize_net(); #ifdef CONFIG_SYSCTL unregister_sysctl_table(nf_ct_ipv4_sysctl_header); #endif nf_unregister_hooks(ipv4_conntrack_ops, ARRAY_SIZE(ipv4_conntrack_ops)); nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv4); nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_icmp); Loading net/ipv4/netfilter/nf_conntrack_proto_icmp.c +22 −1 Original line number Diff line number Diff line Loading @@ -25,7 +25,7 @@ #include <net/netfilter/nf_conntrack_l4proto.h> #include <net/netfilter/nf_conntrack_core.h> unsigned long nf_ct_icmp_timeout __read_mostly = 30*HZ; static unsigned long nf_ct_icmp_timeout __read_mostly = 30*HZ; #if 0 #define DEBUGP printk Loading Loading @@ -321,6 +321,23 @@ static int icmp_nfattr_to_tuple(struct nfattr *tb[], } #endif #ifdef CONFIG_SYSCTL static struct ctl_table_header *icmp_sysctl_header; static struct ctl_table icmp_sysctl_table[] = { { .ctl_name = NET_NF_CONNTRACK_ICMP_TIMEOUT, .procname = "nf_conntrack_icmp_timeout", .data = &nf_ct_icmp_timeout, .maxlen = sizeof(unsigned int), .mode = 0644, .proc_handler = &proc_dointvec_jiffies, }, { .ctl_name = 0 } }; #endif /* CONFIG_SYSCTL */ struct nf_conntrack_l4proto nf_conntrack_l4proto_icmp = { .l3proto = PF_INET, Loading @@ -340,6 +357,10 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_icmp = .tuple_to_nfattr = icmp_tuple_to_nfattr, .nfattr_to_tuple = icmp_nfattr_to_tuple, #endif #ifdef CONFIG_SYSCTL .ctl_table_header = &icmp_sysctl_header, .ctl_table = icmp_sysctl_table, #endif }; EXPORT_SYMBOL(nf_conntrack_l4proto_icmp); net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c +5 −50 Original line number Diff line number Diff line Loading @@ -324,21 +324,7 @@ static struct nf_hook_ops ipv6_conntrack_ops[] = { }; #ifdef CONFIG_SYSCTL /* From nf_conntrack_proto_icmpv6.c */ extern unsigned int nf_ct_icmpv6_timeout; static struct ctl_table_header *nf_ct_ipv6_sysctl_header; static ctl_table nf_ct_sysctl_table[] = { { .ctl_name = NET_NF_CONNTRACK_ICMPV6_TIMEOUT, .procname = "nf_conntrack_icmpv6_timeout", .data = &nf_ct_icmpv6_timeout, .maxlen = sizeof(unsigned int), .mode = 0644, .proc_handler = &proc_dointvec_jiffies, }, static ctl_table nf_ct_ipv6_sysctl_table[] = { { .ctl_name = NET_NF_CONNTRACK_FRAG6_TIMEOUT, .procname = "nf_conntrack_frag6_timeout", Loading @@ -365,26 +351,6 @@ static ctl_table nf_ct_sysctl_table[] = { }, { .ctl_name = 0 } }; static ctl_table nf_ct_netfilter_table[] = { { .ctl_name = NET_NETFILTER, .procname = "netfilter", .mode = 0555, .child = nf_ct_sysctl_table, }, { .ctl_name = 0 } }; static ctl_table nf_ct_net_table[] = { { .ctl_name = CTL_NET, .procname = "net", .mode = 0555, .child = nf_ct_netfilter_table, }, { .ctl_name = 0 } }; #endif #if defined(CONFIG_NF_CT_NETLINK) || \ Loading Loading @@ -441,6 +407,10 @@ struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6 = { defined(CONFIG_NF_CT_NETLINK_MODULE) .tuple_to_nfattr = ipv6_tuple_to_nfattr, .nfattr_to_tuple = ipv6_nfattr_to_tuple, #endif #ifdef CONFIG_SYSCTL .ctl_table_path = nf_net_netfilter_sysctl_path, .ctl_table = nf_ct_ipv6_sysctl_table, #endif .get_features = ipv6_get_features, .me = THIS_MODULE, Loading Loading @@ -492,20 +462,8 @@ static int __init nf_conntrack_l3proto_ipv6_init(void) "hook.\n"); goto cleanup_ipv6; } #ifdef CONFIG_SYSCTL nf_ct_ipv6_sysctl_header = register_sysctl_table(nf_ct_net_table, 0); if (nf_ct_ipv6_sysctl_header == NULL) { printk("nf_conntrack: can't register to sysctl.\n"); ret = -ENOMEM; goto cleanup_hooks; } #endif return ret; #ifdef CONFIG_SYSCTL cleanup_hooks: nf_unregister_hooks(ipv6_conntrack_ops, ARRAY_SIZE(ipv6_conntrack_ops)); #endif cleanup_ipv6: nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv6); cleanup_icmpv6: Loading @@ -522,9 +480,6 @@ static int __init nf_conntrack_l3proto_ipv6_init(void) static void __exit nf_conntrack_l3proto_ipv6_fini(void) { synchronize_net(); #ifdef CONFIG_SYSCTL unregister_sysctl_table(nf_ct_ipv6_sysctl_header); #endif nf_unregister_hooks(ipv6_conntrack_ops, ARRAY_SIZE(ipv6_conntrack_ops)); nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv6); nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_icmpv6); Loading net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c +22 −1 Original line number Diff line number Diff line Loading @@ -33,7 +33,7 @@ #include <net/netfilter/nf_conntrack_core.h> #include <net/netfilter/ipv6/nf_conntrack_icmpv6.h> unsigned long nf_ct_icmpv6_timeout __read_mostly = 30*HZ; static unsigned long nf_ct_icmpv6_timeout __read_mostly = 30*HZ; #if 0 #define DEBUGP printk Loading Loading @@ -298,6 +298,23 @@ static int icmpv6_nfattr_to_tuple(struct nfattr *tb[], } #endif #ifdef CONFIG_SYSCTL static struct ctl_table_header *icmpv6_sysctl_header; static struct ctl_table icmpv6_sysctl_table[] = { { .ctl_name = NET_NF_CONNTRACK_ICMPV6_TIMEOUT, .procname = "nf_conntrack_icmpv6_timeout", .data = &nf_ct_icmpv6_timeout, .maxlen = sizeof(unsigned int), .mode = 0644, .proc_handler = &proc_dointvec_jiffies, }, { .ctl_name = 0 } }; #endif /* CONFIG_SYSCTL */ struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6 = { .l3proto = PF_INET6, Loading @@ -315,6 +332,10 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6 = .tuple_to_nfattr = icmpv6_tuple_to_nfattr, .nfattr_to_tuple = icmpv6_nfattr_to_tuple, #endif #ifdef CONFIG_SYSCTL .ctl_table_header = &icmpv6_sysctl_header, .ctl_table = icmpv6_sysctl_table, #endif }; EXPORT_SYMBOL(nf_conntrack_l4proto_icmpv6); net/netfilter/nf_conntrack_core.c +8 −0 Original line number Diff line number Diff line Loading @@ -1070,6 +1070,8 @@ void nf_conntrack_cleanup(void) free_conntrack_hash(nf_conntrack_hash, nf_conntrack_vmalloc, nf_conntrack_htable_size); nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_generic); /* free l3proto protocol tables */ for (i = 0; i < PF_MAX; i++) if (nf_ct_protos[i]) { Loading Loading @@ -1195,6 +1197,10 @@ int __init nf_conntrack_init(void) goto err_free_conntrack_slab; } ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_generic); if (ret < 0) goto out_free_expect_slab; /* Don't NEED lock here, but good form anyway. */ write_lock_bh(&nf_conntrack_lock); for (i = 0; i < AF_MAX; i++) Loading @@ -1212,6 +1218,8 @@ int __init nf_conntrack_init(void) return ret; out_free_expect_slab: kmem_cache_destroy(nf_conntrack_expect_cachep); err_free_conntrack_slab: nf_conntrack_unregister_cache(NF_CT_F_BASIC); err_free_hash: Loading Loading
net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c +0 −53 Original line number Diff line number Diff line Loading @@ -266,44 +266,6 @@ static struct nf_hook_ops ipv4_conntrack_ops[] = { }, }; #ifdef CONFIG_SYSCTL /* From nf_conntrack_proto_icmp.c */ extern unsigned int nf_ct_icmp_timeout; static struct ctl_table_header *nf_ct_ipv4_sysctl_header; static ctl_table nf_ct_sysctl_table[] = { { .ctl_name = NET_NF_CONNTRACK_ICMP_TIMEOUT, .procname = "nf_conntrack_icmp_timeout", .data = &nf_ct_icmp_timeout, .maxlen = sizeof(unsigned int), .mode = 0644, .proc_handler = &proc_dointvec_jiffies, }, { .ctl_name = 0 } }; static ctl_table nf_ct_netfilter_table[] = { { .ctl_name = NET_NETFILTER, .procname = "netfilter", .mode = 0555, .child = nf_ct_sysctl_table, }, { .ctl_name = 0 } }; static ctl_table nf_ct_net_table[] = { { .ctl_name = CTL_NET, .procname = "net", .mode = 0555, .child = nf_ct_netfilter_table, }, { .ctl_name = 0 } }; #endif /* Fast function for those who don't want to parse /proc (and I don't blame them). */ /* Reversing the socket's dst/src point of view gives us the reply Loading Loading @@ -472,20 +434,8 @@ static int __init nf_conntrack_l3proto_ipv4_init(void) printk("nf_conntrack_ipv4: can't register hooks.\n"); goto cleanup_ipv4; } #ifdef CONFIG_SYSCTL nf_ct_ipv4_sysctl_header = register_sysctl_table(nf_ct_net_table, 0); if (nf_ct_ipv4_sysctl_header == NULL) { printk("nf_conntrack: can't register to sysctl.\n"); ret = -ENOMEM; goto cleanup_hooks; } #endif return ret; #ifdef CONFIG_SYSCTL cleanup_hooks: nf_unregister_hooks(ipv4_conntrack_ops, ARRAY_SIZE(ipv4_conntrack_ops)); #endif cleanup_ipv4: nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv4); cleanup_icmp: Loading @@ -502,9 +452,6 @@ static int __init nf_conntrack_l3proto_ipv4_init(void) static void __exit nf_conntrack_l3proto_ipv4_fini(void) { synchronize_net(); #ifdef CONFIG_SYSCTL unregister_sysctl_table(nf_ct_ipv4_sysctl_header); #endif nf_unregister_hooks(ipv4_conntrack_ops, ARRAY_SIZE(ipv4_conntrack_ops)); nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv4); nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_icmp); Loading
net/ipv4/netfilter/nf_conntrack_proto_icmp.c +22 −1 Original line number Diff line number Diff line Loading @@ -25,7 +25,7 @@ #include <net/netfilter/nf_conntrack_l4proto.h> #include <net/netfilter/nf_conntrack_core.h> unsigned long nf_ct_icmp_timeout __read_mostly = 30*HZ; static unsigned long nf_ct_icmp_timeout __read_mostly = 30*HZ; #if 0 #define DEBUGP printk Loading Loading @@ -321,6 +321,23 @@ static int icmp_nfattr_to_tuple(struct nfattr *tb[], } #endif #ifdef CONFIG_SYSCTL static struct ctl_table_header *icmp_sysctl_header; static struct ctl_table icmp_sysctl_table[] = { { .ctl_name = NET_NF_CONNTRACK_ICMP_TIMEOUT, .procname = "nf_conntrack_icmp_timeout", .data = &nf_ct_icmp_timeout, .maxlen = sizeof(unsigned int), .mode = 0644, .proc_handler = &proc_dointvec_jiffies, }, { .ctl_name = 0 } }; #endif /* CONFIG_SYSCTL */ struct nf_conntrack_l4proto nf_conntrack_l4proto_icmp = { .l3proto = PF_INET, Loading @@ -340,6 +357,10 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_icmp = .tuple_to_nfattr = icmp_tuple_to_nfattr, .nfattr_to_tuple = icmp_nfattr_to_tuple, #endif #ifdef CONFIG_SYSCTL .ctl_table_header = &icmp_sysctl_header, .ctl_table = icmp_sysctl_table, #endif }; EXPORT_SYMBOL(nf_conntrack_l4proto_icmp);
net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c +5 −50 Original line number Diff line number Diff line Loading @@ -324,21 +324,7 @@ static struct nf_hook_ops ipv6_conntrack_ops[] = { }; #ifdef CONFIG_SYSCTL /* From nf_conntrack_proto_icmpv6.c */ extern unsigned int nf_ct_icmpv6_timeout; static struct ctl_table_header *nf_ct_ipv6_sysctl_header; static ctl_table nf_ct_sysctl_table[] = { { .ctl_name = NET_NF_CONNTRACK_ICMPV6_TIMEOUT, .procname = "nf_conntrack_icmpv6_timeout", .data = &nf_ct_icmpv6_timeout, .maxlen = sizeof(unsigned int), .mode = 0644, .proc_handler = &proc_dointvec_jiffies, }, static ctl_table nf_ct_ipv6_sysctl_table[] = { { .ctl_name = NET_NF_CONNTRACK_FRAG6_TIMEOUT, .procname = "nf_conntrack_frag6_timeout", Loading @@ -365,26 +351,6 @@ static ctl_table nf_ct_sysctl_table[] = { }, { .ctl_name = 0 } }; static ctl_table nf_ct_netfilter_table[] = { { .ctl_name = NET_NETFILTER, .procname = "netfilter", .mode = 0555, .child = nf_ct_sysctl_table, }, { .ctl_name = 0 } }; static ctl_table nf_ct_net_table[] = { { .ctl_name = CTL_NET, .procname = "net", .mode = 0555, .child = nf_ct_netfilter_table, }, { .ctl_name = 0 } }; #endif #if defined(CONFIG_NF_CT_NETLINK) || \ Loading Loading @@ -441,6 +407,10 @@ struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6 = { defined(CONFIG_NF_CT_NETLINK_MODULE) .tuple_to_nfattr = ipv6_tuple_to_nfattr, .nfattr_to_tuple = ipv6_nfattr_to_tuple, #endif #ifdef CONFIG_SYSCTL .ctl_table_path = nf_net_netfilter_sysctl_path, .ctl_table = nf_ct_ipv6_sysctl_table, #endif .get_features = ipv6_get_features, .me = THIS_MODULE, Loading Loading @@ -492,20 +462,8 @@ static int __init nf_conntrack_l3proto_ipv6_init(void) "hook.\n"); goto cleanup_ipv6; } #ifdef CONFIG_SYSCTL nf_ct_ipv6_sysctl_header = register_sysctl_table(nf_ct_net_table, 0); if (nf_ct_ipv6_sysctl_header == NULL) { printk("nf_conntrack: can't register to sysctl.\n"); ret = -ENOMEM; goto cleanup_hooks; } #endif return ret; #ifdef CONFIG_SYSCTL cleanup_hooks: nf_unregister_hooks(ipv6_conntrack_ops, ARRAY_SIZE(ipv6_conntrack_ops)); #endif cleanup_ipv6: nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv6); cleanup_icmpv6: Loading @@ -522,9 +480,6 @@ static int __init nf_conntrack_l3proto_ipv6_init(void) static void __exit nf_conntrack_l3proto_ipv6_fini(void) { synchronize_net(); #ifdef CONFIG_SYSCTL unregister_sysctl_table(nf_ct_ipv6_sysctl_header); #endif nf_unregister_hooks(ipv6_conntrack_ops, ARRAY_SIZE(ipv6_conntrack_ops)); nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv6); nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_icmpv6); Loading
net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c +22 −1 Original line number Diff line number Diff line Loading @@ -33,7 +33,7 @@ #include <net/netfilter/nf_conntrack_core.h> #include <net/netfilter/ipv6/nf_conntrack_icmpv6.h> unsigned long nf_ct_icmpv6_timeout __read_mostly = 30*HZ; static unsigned long nf_ct_icmpv6_timeout __read_mostly = 30*HZ; #if 0 #define DEBUGP printk Loading Loading @@ -298,6 +298,23 @@ static int icmpv6_nfattr_to_tuple(struct nfattr *tb[], } #endif #ifdef CONFIG_SYSCTL static struct ctl_table_header *icmpv6_sysctl_header; static struct ctl_table icmpv6_sysctl_table[] = { { .ctl_name = NET_NF_CONNTRACK_ICMPV6_TIMEOUT, .procname = "nf_conntrack_icmpv6_timeout", .data = &nf_ct_icmpv6_timeout, .maxlen = sizeof(unsigned int), .mode = 0644, .proc_handler = &proc_dointvec_jiffies, }, { .ctl_name = 0 } }; #endif /* CONFIG_SYSCTL */ struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6 = { .l3proto = PF_INET6, Loading @@ -315,6 +332,10 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6 = .tuple_to_nfattr = icmpv6_tuple_to_nfattr, .nfattr_to_tuple = icmpv6_nfattr_to_tuple, #endif #ifdef CONFIG_SYSCTL .ctl_table_header = &icmpv6_sysctl_header, .ctl_table = icmpv6_sysctl_table, #endif }; EXPORT_SYMBOL(nf_conntrack_l4proto_icmpv6);
net/netfilter/nf_conntrack_core.c +8 −0 Original line number Diff line number Diff line Loading @@ -1070,6 +1070,8 @@ void nf_conntrack_cleanup(void) free_conntrack_hash(nf_conntrack_hash, nf_conntrack_vmalloc, nf_conntrack_htable_size); nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_generic); /* free l3proto protocol tables */ for (i = 0; i < PF_MAX; i++) if (nf_ct_protos[i]) { Loading Loading @@ -1195,6 +1197,10 @@ int __init nf_conntrack_init(void) goto err_free_conntrack_slab; } ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_generic); if (ret < 0) goto out_free_expect_slab; /* Don't NEED lock here, but good form anyway. */ write_lock_bh(&nf_conntrack_lock); for (i = 0; i < AF_MAX; i++) Loading @@ -1212,6 +1218,8 @@ int __init nf_conntrack_init(void) return ret; out_free_expect_slab: kmem_cache_destroy(nf_conntrack_expect_cachep); err_free_conntrack_slab: nf_conntrack_unregister_cache(NF_CT_F_BASIC); err_free_hash: Loading
Patrick McHardy <kaber@trash.net>Patrick McHardy <kaber@trash.net>