aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHolger Eitzenberger <holger@eitzenberger.org>2009-03-25 16:53:39 -0400
committerPatrick McHardy <kaber@trash.net>2009-03-25 16:53:39 -0400
commita400c30edb1958ceb53c4b8ce78989189b36df47 (patch)
tree827ee7b83e64597101a4bdbd6e1d0cd503fe8f87
parent5c0de29d06318ec8f6e3ba0d17d62529dbbdc1e8 (diff)
netfilter: nf_conntrack: calculate per-protocol nlattr size
Signed-off-by: Holger Eitzenberger <holger@eitzenberger.org> Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat
-rw-r--r--net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c6
-rw-r--r--net/ipv4/netfilter/nf_conntrack_proto_icmp.c6
-rw-r--r--net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c6
-rw-r--r--net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c6
-rw-r--r--net/netfilter/nf_conntrack_proto_dccp.c9
-rw-r--r--net/netfilter/nf_conntrack_proto_gre.c1
-rw-r--r--net/netfilter/nf_conntrack_proto_sctp.c10
-rw-r--r--net/netfilter/nf_conntrack_proto_tcp.c15
-rw-r--r--net/netfilter/nf_conntrack_proto_udp.c2
-rw-r--r--net/netfilter/nf_conntrack_proto_udplite.c1
10 files changed, 62 insertions, 0 deletions
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
index 8b681f24e271..7d2ead7228ac 100644
--- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
+++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
@@ -328,6 +328,11 @@ static int ipv4_nlattr_to_tuple(struct nlattr *tb[],
328 328
329 return 0; 329 return 0;
330} 330}
331
332static int ipv4_nlattr_tuple_size(void)
333{
334 return nla_policy_len(ipv4_nla_policy, CTA_IP_MAX + 1);
335}
331#endif 336#endif
332 337
333static struct nf_sockopt_ops so_getorigdst = { 338static struct nf_sockopt_ops so_getorigdst = {
@@ -347,6 +352,7 @@ struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv4 __read_mostly = {
347 .get_l4proto = ipv4_get_l4proto, 352 .get_l4proto = ipv4_get_l4proto,
348#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) 353#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
349 .tuple_to_nlattr = ipv4_tuple_to_nlattr, 354 .tuple_to_nlattr = ipv4_tuple_to_nlattr,
355 .nlattr_tuple_size = ipv4_nlattr_tuple_size,
350 .nlattr_to_tuple = ipv4_nlattr_to_tuple, 356 .nlattr_to_tuple = ipv4_nlattr_to_tuple,
351 .nla_policy = ipv4_nla_policy, 357 .nla_policy = ipv4_nla_policy,
352#endif 358#endif
diff --git a/net/ipv4/netfilter/nf_conntrack_proto_icmp.c b/net/ipv4/netfilter/nf_conntrack_proto_icmp.c
index 2a8bee26f43d..23b2c2ee869a 100644
--- a/net/ipv4/netfilter/nf_conntrack_proto_icmp.c
+++ b/net/ipv4/netfilter/nf_conntrack_proto_icmp.c
@@ -262,6 +262,11 @@ static int icmp_nlattr_to_tuple(struct nlattr *tb[],
262 262
263 return 0; 263 return 0;
264} 264}
265
266static int icmp_nlattr_tuple_size(void)
267{
268 return nla_policy_len(icmp_nla_policy, CTA_PROTO_MAX + 1);
269}
265#endif 270#endif
266 271
267#ifdef CONFIG_SYSCTL 272#ifdef CONFIG_SYSCTL
@@ -309,6 +314,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_icmp __read_mostly =
309 .me = NULL, 314 .me = NULL,
310#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) 315#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
311 .tuple_to_nlattr = icmp_tuple_to_nlattr, 316 .tuple_to_nlattr = icmp_tuple_to_nlattr,
317 .nlattr_tuple_size = icmp_nlattr_tuple_size,
312 .nlattr_to_tuple = icmp_nlattr_to_tuple, 318 .nlattr_to_tuple = icmp_nlattr_to_tuple,
313 .nla_policy = icmp_nla_policy, 319 .nla_policy = icmp_nla_policy,
314#endif 320#endif
diff --git a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
index e6852f617217..2a15c2d66c69 100644
--- a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
+++ b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
@@ -342,6 +342,11 @@ static int ipv6_nlattr_to_tuple(struct nlattr *tb[],
342 342
343 return 0; 343 return 0;
344} 344}
345
346static int ipv6_nlattr_tuple_size(void)
347{
348 return nla_policy_len(ipv6_nla_policy, CTA_IP_MAX + 1);
349}
345#endif 350#endif
346 351
347struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6 __read_mostly = { 352struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6 __read_mostly = {
@@ -353,6 +358,7 @@ struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6 __read_mostly = {
353 .get_l4proto = ipv6_get_l4proto, 358 .get_l4proto = ipv6_get_l4proto,
354#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) 359#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
355 .tuple_to_nlattr = ipv6_tuple_to_nlattr, 360 .tuple_to_nlattr = ipv6_tuple_to_nlattr,
361 .nlattr_tuple_size = ipv6_nlattr_tuple_size,
356 .nlattr_to_tuple = ipv6_nlattr_to_tuple, 362 .nlattr_to_tuple = ipv6_nlattr_to_tuple,
357 .nla_policy = ipv6_nla_policy, 363 .nla_policy = ipv6_nla_policy,
358#endif 364#endif
diff --git a/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c b/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
index 165b256a6fa0..032fdf415000 100644
--- a/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
+++ b/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
@@ -268,6 +268,11 @@ static int icmpv6_nlattr_to_tuple(struct nlattr *tb[],
268 268
269 return 0; 269 return 0;
270} 270}
271
272static int icmpv6_nlattr_tuple_size(void)
273{
274 return nla_policy_len(icmpv6_nla_policy, CTA_PROTO_MAX + 1);
275}
271#endif 276#endif
272 277
273#ifdef CONFIG_SYSCTL 278#ifdef CONFIG_SYSCTL
@@ -299,6 +304,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6 __read_mostly =
299 .error = icmpv6_error, 304 .error = icmpv6_error,
300#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) 305#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
301 .tuple_to_nlattr = icmpv6_tuple_to_nlattr, 306 .tuple_to_nlattr = icmpv6_tuple_to_nlattr,
307 .nlattr_tuple_size = icmpv6_nlattr_tuple_size,
302 .nlattr_to_tuple = icmpv6_nlattr_to_tuple, 308 .nlattr_to_tuple = icmpv6_nlattr_to_tuple,
303 .nla_policy = icmpv6_nla_policy, 309 .nla_policy = icmpv6_nla_policy,
304#endif 310#endif
diff --git a/net/netfilter/nf_conntrack_proto_dccp.c b/net/netfilter/nf_conntrack_proto_dccp.c
index d3d5a7fd73ce..50dac8dbe7d8 100644
--- a/net/netfilter/nf_conntrack_proto_dccp.c
+++ b/net/netfilter/nf_conntrack_proto_dccp.c
@@ -669,6 +669,12 @@ static int nlattr_to_dccp(struct nlattr *cda[], struct nf_conn *ct)
669 write_unlock_bh(&dccp_lock); 669 write_unlock_bh(&dccp_lock);
670 return 0; 670 return 0;
671} 671}
672
673static int dccp_nlattr_size(void)
674{
675 return nla_total_size(0) /* CTA_PROTOINFO_DCCP */
676 + nla_policy_len(dccp_nla_policy, CTA_PROTOINFO_DCCP_MAX + 1);
677}
672#endif 678#endif
673 679
674#ifdef CONFIG_SYSCTL 680#ifdef CONFIG_SYSCTL
@@ -749,8 +755,10 @@ static struct nf_conntrack_l4proto dccp_proto4 __read_mostly = {
749 .print_conntrack = dccp_print_conntrack, 755 .print_conntrack = dccp_print_conntrack,
750#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) 756#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
751 .to_nlattr = dccp_to_nlattr, 757 .to_nlattr = dccp_to_nlattr,
758 .nlattr_size = dccp_nlattr_size,
752 .from_nlattr = nlattr_to_dccp, 759 .from_nlattr = nlattr_to_dccp,
753 .tuple_to_nlattr = nf_ct_port_tuple_to_nlattr, 760 .tuple_to_nlattr = nf_ct_port_tuple_to_nlattr,
761 .nlattr_tuple_size = nf_ct_port_nlattr_tuple_size,
754 .nlattr_to_tuple = nf_ct_port_nlattr_to_tuple, 762 .nlattr_to_tuple = nf_ct_port_nlattr_to_tuple,
755 .nla_policy = nf_ct_port_nla_policy, 763 .nla_policy = nf_ct_port_nla_policy,
756#endif 764#endif
@@ -771,6 +779,7 @@ static struct nf_conntrack_l4proto dccp_proto6 __read_mostly = {
771 .to_nlattr = dccp_to_nlattr, 779 .to_nlattr = dccp_to_nlattr,
772 .from_nlattr = nlattr_to_dccp, 780 .from_nlattr = nlattr_to_dccp,
773 .tuple_to_nlattr = nf_ct_port_tuple_to_nlattr, 781 .tuple_to_nlattr = nf_ct_port_tuple_to_nlattr,
782 .nlattr_tuple_size = nf_ct_port_nlattr_tuple_size,
774 .nlattr_to_tuple = nf_ct_port_nlattr_to_tuple, 783 .nlattr_to_tuple = nf_ct_port_nlattr_to_tuple,
775 .nla_policy = nf_ct_port_nla_policy, 784 .nla_policy = nf_ct_port_nla_policy,
776#endif 785#endif
diff --git a/net/netfilter/nf_conntrack_proto_gre.c b/net/netfilter/nf_conntrack_proto_gre.c
index 1b279f9d6bf3..117b80112fcb 100644
--- a/net/netfilter/nf_conntrack_proto_gre.c
+++ b/net/netfilter/nf_conntrack_proto_gre.c
@@ -293,6 +293,7 @@ static struct nf_conntrack_l4proto nf_conntrack_l4proto_gre4 __read_mostly = {
293 .me = THIS_MODULE, 293 .me = THIS_MODULE,
294#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) 294#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
295 .tuple_to_nlattr = nf_ct_port_tuple_to_nlattr, 295 .tuple_to_nlattr = nf_ct_port_tuple_to_nlattr,
296 .nlattr_tuple_size = nf_ct_port_nlattr_tuple_size,
296 .nlattr_to_tuple = nf_ct_port_nlattr_to_tuple, 297 .nlattr_to_tuple = nf_ct_port_nlattr_to_tuple,
297 .nla_policy = nf_ct_port_nla_policy, 298 .nla_policy = nf_ct_port_nla_policy,
298#endif 299#endif
diff --git a/net/netfilter/nf_conntrack_proto_sctp.c b/net/netfilter/nf_conntrack_proto_sctp.c
index 74e037901199..101b4ad9e817 100644
--- a/net/netfilter/nf_conntrack_proto_sctp.c
+++ b/net/netfilter/nf_conntrack_proto_sctp.c
@@ -537,6 +537,12 @@ static int nlattr_to_sctp(struct nlattr *cda[], struct nf_conn *ct)
537 537
538 return 0; 538 return 0;
539} 539}
540
541static int sctp_nlattr_size(void)
542{
543 return nla_total_size(0) /* CTA_PROTOINFO_SCTP */
544 + nla_policy_len(sctp_nla_policy, CTA_PROTOINFO_SCTP_MAX + 1);
545}
540#endif 546#endif
541 547
542#ifdef CONFIG_SYSCTL 548#ifdef CONFIG_SYSCTL
@@ -668,8 +674,10 @@ static struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp4 __read_mostly = {
668 .me = THIS_MODULE, 674 .me = THIS_MODULE,
669#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) 675#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
670 .to_nlattr = sctp_to_nlattr, 676 .to_nlattr = sctp_to_nlattr,
677 .nlattr_size = sctp_nlattr_size,
671 .from_nlattr = nlattr_to_sctp, 678 .from_nlattr = nlattr_to_sctp,
672 .tuple_to_nlattr = nf_ct_port_tuple_to_nlattr, 679 .tuple_to_nlattr = nf_ct_port_tuple_to_nlattr,
680 .nlattr_tuple_size = nf_ct_port_nlattr_tuple_size,
673 .nlattr_to_tuple = nf_ct_port_nlattr_to_tuple, 681 .nlattr_to_tuple = nf_ct_port_nlattr_to_tuple,
674 .nla_policy = nf_ct_port_nla_policy, 682 .nla_policy = nf_ct_port_nla_policy,
675#endif 683#endif
@@ -696,8 +704,10 @@ static struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp6 __read_mostly = {
696 .me = THIS_MODULE, 704 .me = THIS_MODULE,
697#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) 705#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
698 .to_nlattr = sctp_to_nlattr, 706 .to_nlattr = sctp_to_nlattr,
707 .nlattr_size = sctp_nlattr_size,
699 .from_nlattr = nlattr_to_sctp, 708 .from_nlattr = nlattr_to_sctp,
700 .tuple_to_nlattr = nf_ct_port_tuple_to_nlattr, 709 .tuple_to_nlattr = nf_ct_port_tuple_to_nlattr,
710 .nlattr_tuple_size = nf_ct_port_nlattr_tuple_size,
701 .nlattr_to_tuple = nf_ct_port_nlattr_to_tuple, 711 .nlattr_to_tuple = nf_ct_port_nlattr_to_tuple,
702 .nla_policy = nf_ct_port_nla_policy, 712 .nla_policy = nf_ct_port_nla_policy,
703#endif 713#endif
diff --git a/net/netfilter/nf_conntrack_proto_tcp.c b/net/netfilter/nf_conntrack_proto_tcp.c
index 7d3944f02ea1..9b9e6718b2d3 100644
--- a/net/netfilter/nf_conntrack_proto_tcp.c
+++ b/net/netfilter/nf_conntrack_proto_tcp.c
@@ -1183,6 +1183,17 @@ static int nlattr_to_tcp(struct nlattr *cda[], struct nf_conn *ct)
1183 1183
1184 return 0; 1184 return 0;
1185} 1185}
1186
1187static int tcp_nlattr_size(void)
1188{
1189 return nla_total_size(0) /* CTA_PROTOINFO_TCP */
1190 + nla_policy_len(tcp_nla_policy, CTA_PROTOINFO_TCP_MAX + 1);
1191}
1192
1193static int tcp_nlattr_tuple_size(void)
1194{
1195 return nla_policy_len(nf_ct_port_nla_policy, CTA_PROTO_MAX + 1);
1196}
1186#endif 1197#endif
1187 1198
1188#ifdef CONFIG_SYSCTL 1199#ifdef CONFIG_SYSCTL
@@ -1398,9 +1409,11 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp4 __read_mostly =
1398 .error = tcp_error, 1409 .error = tcp_error,
1399#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) 1410#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
1400 .to_nlattr = tcp_to_nlattr, 1411 .to_nlattr = tcp_to_nlattr,
1412 .nlattr_size = tcp_nlattr_size,
1401 .from_nlattr = nlattr_to_tcp, 1413 .from_nlattr = nlattr_to_tcp,
1402 .tuple_to_nlattr = nf_ct_port_tuple_to_nlattr, 1414 .tuple_to_nlattr = nf_ct_port_tuple_to_nlattr,
1403 .nlattr_to_tuple = nf_ct_port_nlattr_to_tuple, 1415 .nlattr_to_tuple = nf_ct_port_nlattr_to_tuple,
1416 .nlattr_tuple_size = tcp_nlattr_tuple_size,
1404 .nla_policy = nf_ct_port_nla_policy, 1417 .nla_policy = nf_ct_port_nla_policy,
1405#endif 1418#endif
1406#ifdef CONFIG_SYSCTL 1419#ifdef CONFIG_SYSCTL
@@ -1428,9 +1441,11 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp6 __read_mostly =
1428 .error = tcp_error, 1441 .error = tcp_error,
1429#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) 1442#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
1430 .to_nlattr = tcp_to_nlattr, 1443 .to_nlattr = tcp_to_nlattr,
1444 .nlattr_size = tcp_nlattr_size,
1431 .from_nlattr = nlattr_to_tcp, 1445 .from_nlattr = nlattr_to_tcp,
1432 .tuple_to_nlattr = nf_ct_port_tuple_to_nlattr, 1446 .tuple_to_nlattr = nf_ct_port_tuple_to_nlattr,
1433 .nlattr_to_tuple = nf_ct_port_nlattr_to_tuple, 1447 .nlattr_to_tuple = nf_ct_port_nlattr_to_tuple,
1448 .nlattr_tuple_size = tcp_nlattr_tuple_size,
1434 .nla_policy = nf_ct_port_nla_policy, 1449 .nla_policy = nf_ct_port_nla_policy,
1435#endif 1450#endif
1436#ifdef CONFIG_SYSCTL 1451#ifdef CONFIG_SYSCTL
diff --git a/net/netfilter/nf_conntrack_proto_udp.c b/net/netfilter/nf_conntrack_proto_udp.c
index d4021179e24e..70809d117b91 100644
--- a/net/netfilter/nf_conntrack_proto_udp.c
+++ b/net/netfilter/nf_conntrack_proto_udp.c
@@ -195,6 +195,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_udp4 __read_mostly =
195#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) 195#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
196 .tuple_to_nlattr = nf_ct_port_tuple_to_nlattr, 196 .tuple_to_nlattr = nf_ct_port_tuple_to_nlattr,
197 .nlattr_to_tuple = nf_ct_port_nlattr_to_tuple, 197 .nlattr_to_tuple = nf_ct_port_nlattr_to_tuple,
198 .nlattr_tuple_size = nf_ct_port_nlattr_tuple_size,
198 .nla_policy = nf_ct_port_nla_policy, 199 .nla_policy = nf_ct_port_nla_policy,
199#endif 200#endif
200#ifdef CONFIG_SYSCTL 201#ifdef CONFIG_SYSCTL
@@ -222,6 +223,7 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_udp6 __read_mostly =
222#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) 223#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
223 .tuple_to_nlattr = nf_ct_port_tuple_to_nlattr, 224 .tuple_to_nlattr = nf_ct_port_tuple_to_nlattr,
224 .nlattr_to_tuple = nf_ct_port_nlattr_to_tuple, 225 .nlattr_to_tuple = nf_ct_port_nlattr_to_tuple,
226 .nlattr_tuple_size = nf_ct_port_nlattr_tuple_size,
225 .nla_policy = nf_ct_port_nla_policy, 227 .nla_policy = nf_ct_port_nla_policy,
226#endif 228#endif
227#ifdef CONFIG_SYSCTL 229#ifdef CONFIG_SYSCTL
diff --git a/net/netfilter/nf_conntrack_proto_udplite.c b/net/netfilter/nf_conntrack_proto_udplite.c
index 4579d8de13b1..4614696c1b88 100644
--- a/net/netfilter/nf_conntrack_proto_udplite.c
+++ b/net/netfilter/nf_conntrack_proto_udplite.c
@@ -180,6 +180,7 @@ static struct nf_conntrack_l4proto nf_conntrack_l4proto_udplite4 __read_mostly =
180 .error = udplite_error, 180 .error = udplite_error,
181#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) 181#if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE)
182 .tuple_to_nlattr = nf_ct_port_tuple_to_nlattr, 182 .tuple_to_nlattr = nf_ct_port_tuple_to_nlattr,
183 .nlattr_tuple_size = nf_ct_port_nlattr_tuple_size,
183 .nlattr_to_tuple = nf_ct_port_nlattr_to_tuple, 184 .nlattr_to_tuple = nf_ct_port_nlattr_to_tuple,
184 .nla_policy = nf_ct_port_nla_policy, 185 .nla_policy = nf_ct_port_nla_policy,
185#endif 186#endif
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-30 19:13:21 -0500