diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-08-12 07:47:06 -0400 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-08-13 07:27:13 -0400 |
| commit | adf0516845bcd0e626323c858ece28ee58c74455 (patch) | |
| tree | c530dd74ab54fa911e2c9dc44eafc5b31d0aec2b /include/net | |
| parent | cb1b69b0b15b2897daeba8674c14c85a23a3347f (diff) | |
netfilter: remove ip_conntrack* sysctl compat code
This backward compatibility has been around for more than ten years,
since Yasuyuki Kozakai introduced IPv6 in conntrack. These days, we have
alternate /proc/net/nf_conntrack* entries, the ctnetlink interface and
the conntrack utility got adopted by many people in the user community
according to what I observed on the netfilter user mailing list.
So let's get rid of this.
Note that nf_conntrack_htable_size and unsigned int nf_conntrack_max do
not need to be exported as symbol anymore.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/net')
| -rw-r--r-- | include/net/netfilter/nf_conntrack_l4proto.h | 8 | ||||
| -rw-r--r-- | include/net/netns/conntrack.h | 8 |
2 files changed, 0 insertions, 16 deletions
diff --git a/include/net/netfilter/nf_conntrack_l4proto.h b/include/net/netfilter/nf_conntrack_l4proto.h index 1a5fb36f165f..de629f1520df 100644 --- a/include/net/netfilter/nf_conntrack_l4proto.h +++ b/include/net/netfilter/nf_conntrack_l4proto.h | |||
| @@ -134,14 +134,6 @@ void nf_ct_l4proto_pernet_unregister(struct net *net, | |||
| 134 | int nf_ct_l4proto_register(struct nf_conntrack_l4proto *proto); | 134 | int nf_ct_l4proto_register(struct nf_conntrack_l4proto *proto); |
| 135 | void nf_ct_l4proto_unregister(struct nf_conntrack_l4proto *proto); | 135 | void nf_ct_l4proto_unregister(struct nf_conntrack_l4proto *proto); |
| 136 | 136 | ||
| 137 | static inline void nf_ct_kfree_compat_sysctl_table(struct nf_proto_net *pn) | ||
| 138 | { | ||
| 139 | #if defined(CONFIG_SYSCTL) && defined(CONFIG_NF_CONNTRACK_PROC_COMPAT) | ||
| 140 | kfree(pn->ctl_compat_table); | ||
| 141 | pn->ctl_compat_table = NULL; | ||
| 142 | #endif | ||
| 143 | } | ||
| 144 | |||
| 145 | /* Generic netlink helpers */ | 137 | /* Generic netlink helpers */ |
| 146 | int nf_ct_port_tuple_to_nlattr(struct sk_buff *skb, | 138 | int nf_ct_port_tuple_to_nlattr(struct sk_buff *skb, |
| 147 | const struct nf_conntrack_tuple *tuple); | 139 | const struct nf_conntrack_tuple *tuple); |
diff --git a/include/net/netns/conntrack.h b/include/net/netns/conntrack.h index 38b1a80517f0..e469e85de3f9 100644 --- a/include/net/netns/conntrack.h +++ b/include/net/netns/conntrack.h | |||
| @@ -15,10 +15,6 @@ struct nf_proto_net { | |||
| 15 | #ifdef CONFIG_SYSCTL | 15 | #ifdef CONFIG_SYSCTL |
| 16 | struct ctl_table_header *ctl_table_header; | 16 | struct ctl_table_header *ctl_table_header; |
| 17 | struct ctl_table *ctl_table; | 17 | struct ctl_table *ctl_table; |
| 18 | #ifdef CONFIG_NF_CONNTRACK_PROC_COMPAT | ||
| 19 | struct ctl_table_header *ctl_compat_header; | ||
| 20 | struct ctl_table *ctl_compat_table; | ||
| 21 | #endif | ||
| 22 | #endif | 18 | #endif |
| 23 | unsigned int users; | 19 | unsigned int users; |
| 24 | }; | 20 | }; |
| @@ -58,10 +54,6 @@ struct nf_ip_net { | |||
| 58 | struct nf_udp_net udp; | 54 | struct nf_udp_net udp; |
| 59 | struct nf_icmp_net icmp; | 55 | struct nf_icmp_net icmp; |
| 60 | struct nf_icmp_net icmpv6; | 56 | struct nf_icmp_net icmpv6; |
| 61 | #if defined(CONFIG_SYSCTL) && defined(CONFIG_NF_CONNTRACK_PROC_COMPAT) | ||
| 62 | struct ctl_table_header *ctl_table_header; | ||
| 63 | struct ctl_table *ctl_table; | ||
| 64 | #endif | ||
| 65 | }; | 57 | }; |
| 66 | 58 | ||
| 67 | struct ct_pcpu { | 59 | struct ct_pcpu { |