aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMartin Josefsson <gandalf@wlug.westbo.se>2006-11-28 20:35:06 -0500
committerDavid S. Miller <davem@sunset.davemloft.net>2006-12-03 00:31:09 -0500
commit605dcad6c85226e6d43387917b329d65b95cef39 (patch)
treee18d19e93a9c1dcf268fb1ed8e91246c3440ba5b
parente2b7606cdb602a4f69c02cfc8bebe9c63b595e24 (diff)
[NETFILTER]: nf_conntrack: rename struct nf_conntrack_protocol
Rename 'struct nf_conntrack_protocol' to 'struct nf_conntrack_l4proto' in order to help distinguish it from 'struct nf_conntrack_l3proto'. It gets rather confusing with 'nf_conntrack_protocol'. Signed-off-by: Martin Josefsson <gandalf@wlug.westbo.se> Signed-off-by: Patrick McHardy <kaber@trash.net>
-rw-r--r--include/net/netfilter/nf_conntrack_core.h10
-rw-r--r--include/net/netfilter/nf_conntrack_l3proto.h4
-rw-r--r--include/net/netfilter/nf_conntrack_l4proto.h (renamed from include/net/netfilter/nf_conntrack_protocol.h)36
-rw-r--r--net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c26
-rw-r--r--net/ipv4/netfilter/nf_conntrack_proto_icmp.c12
-rw-r--r--net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c26
-rw-r--r--net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c12
-rw-r--r--net/netfilter/nf_conntrack_core.c46
-rw-r--r--net/netfilter/nf_conntrack_ecache.c2
-rw-r--r--net/netfilter/nf_conntrack_expect.c2
-rw-r--r--net/netfilter/nf_conntrack_helper.c2
-rw-r--r--net/netfilter/nf_conntrack_l3proto_generic.c4
-rw-r--r--net/netfilter/nf_conntrack_netlink.c56
-rw-r--r--net/netfilter/nf_conntrack_proto.c72
-rw-r--r--net/netfilter/nf_conntrack_proto_generic.c6
-rw-r--r--net/netfilter/nf_conntrack_proto_sctp.c26
-rw-r--r--net/netfilter/nf_conntrack_proto_tcp.c14
-rw-r--r--net/netfilter/nf_conntrack_proto_udp.c14
-rw-r--r--net/netfilter/nf_conntrack_standalone.c30
19 files changed, 200 insertions, 200 deletions
diff --git a/include/net/netfilter/nf_conntrack_core.h b/include/net/netfilter/nf_conntrack_core.h
index 4676b492d635..7fdc72c01356 100644
--- a/include/net/netfilter/nf_conntrack_core.h
+++ b/include/net/netfilter/nf_conntrack_core.h
@@ -14,7 +14,7 @@
14 14
15#include <linux/netfilter.h> 15#include <linux/netfilter.h>
16#include <net/netfilter/nf_conntrack_l3proto.h> 16#include <net/netfilter/nf_conntrack_l3proto.h>
17#include <net/netfilter/nf_conntrack_protocol.h> 17#include <net/netfilter/nf_conntrack_l4proto.h>
18#include <net/netfilter/nf_conntrack_ecache.h> 18#include <net/netfilter/nf_conntrack_ecache.h>
19 19
20/* This header is used to share core functionality between the 20/* This header is used to share core functionality between the
@@ -32,7 +32,7 @@ extern struct nf_conntrack_l3proto *nf_ct_find_l3proto(u_int16_t pf);
32/* Like above, but you already have conntrack read lock. */ 32/* Like above, but you already have conntrack read lock. */
33extern struct nf_conntrack_l3proto *__nf_ct_find_l3proto(u_int16_t l3proto); 33extern struct nf_conntrack_l3proto *__nf_ct_find_l3proto(u_int16_t l3proto);
34 34
35struct nf_conntrack_protocol; 35struct nf_conntrack_l4proto;
36 36
37extern int 37extern int
38nf_ct_get_tuple(const struct sk_buff *skb, 38nf_ct_get_tuple(const struct sk_buff *skb,
@@ -42,13 +42,13 @@ nf_ct_get_tuple(const struct sk_buff *skb,
42 u_int8_t protonum, 42 u_int8_t protonum,
43 struct nf_conntrack_tuple *tuple, 43 struct nf_conntrack_tuple *tuple,
44 const struct nf_conntrack_l3proto *l3proto, 44 const struct nf_conntrack_l3proto *l3proto,
45 const struct nf_conntrack_protocol *protocol); 45 const struct nf_conntrack_l4proto *l4proto);
46 46
47extern int 47extern int
48nf_ct_invert_tuple(struct nf_conntrack_tuple *inverse, 48nf_ct_invert_tuple(struct nf_conntrack_tuple *inverse,
49 const struct nf_conntrack_tuple *orig, 49 const struct nf_conntrack_tuple *orig,
50 const struct nf_conntrack_l3proto *l3proto, 50 const struct nf_conntrack_l3proto *l3proto,
51 const struct nf_conntrack_protocol *protocol); 51 const struct nf_conntrack_l4proto *l4proto);
52 52
53/* Find a connection corresponding to a tuple. */ 53/* Find a connection corresponding to a tuple. */
54extern struct nf_conntrack_tuple_hash * 54extern struct nf_conntrack_tuple_hash *
@@ -76,7 +76,7 @@ extern void __nf_conntrack_attach(struct sk_buff *nskb, struct sk_buff *skb);
76int 76int
77print_tuple(struct seq_file *s, const struct nf_conntrack_tuple *tuple, 77print_tuple(struct seq_file *s, const struct nf_conntrack_tuple *tuple,
78 struct nf_conntrack_l3proto *l3proto, 78 struct nf_conntrack_l3proto *l3proto,
79 struct nf_conntrack_protocol *proto); 79 struct nf_conntrack_l4proto *proto);
80 80
81extern struct list_head *nf_conntrack_hash; 81extern struct list_head *nf_conntrack_hash;
82extern struct list_head nf_conntrack_expect_list; 82extern struct list_head nf_conntrack_expect_list;
diff --git a/include/net/netfilter/nf_conntrack_l3proto.h b/include/net/netfilter/nf_conntrack_l3proto.h
index dac43b15a5b0..ffe23a1e0b97 100644
--- a/include/net/netfilter/nf_conntrack_l3proto.h
+++ b/include/net/netfilter/nf_conntrack_l3proto.h
@@ -96,13 +96,13 @@ extern void nf_ct_l3proto_put(struct nf_conntrack_l3proto *p);
96/* Existing built-in protocols */ 96/* Existing built-in protocols */
97extern struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv4; 97extern struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv4;
98extern struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6; 98extern struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6;
99extern struct nf_conntrack_l3proto nf_conntrack_generic_l3proto; 99extern struct nf_conntrack_l3proto nf_conntrack_l3proto_generic;
100 100
101static inline struct nf_conntrack_l3proto * 101static inline struct nf_conntrack_l3proto *
102__nf_ct_l3proto_find(u_int16_t l3proto) 102__nf_ct_l3proto_find(u_int16_t l3proto)
103{ 103{
104 if (unlikely(l3proto >= AF_MAX)) 104 if (unlikely(l3proto >= AF_MAX))
105 return &nf_conntrack_generic_l3proto; 105 return &nf_conntrack_l3proto_generic;
106 return nf_ct_l3protos[l3proto]; 106 return nf_ct_l3protos[l3proto];
107} 107}
108 108
diff --git a/include/net/netfilter/nf_conntrack_protocol.h b/include/net/netfilter/nf_conntrack_l4proto.h
index 1f33737fcea5..0c6babd54396 100644
--- a/include/net/netfilter/nf_conntrack_protocol.h
+++ b/include/net/netfilter/nf_conntrack_l4proto.h
@@ -1,5 +1,5 @@
1/* 1/*
2 * Header for use in defining a given protocol for connection tracking. 2 * Header for use in defining a given L4 protocol for connection tracking.
3 * 3 *
4 * 16 Dec 2003: Yasuyuki Kozakai @USAGI <yasuyuki.kozakai@toshiba.co.jp> 4 * 16 Dec 2003: Yasuyuki Kozakai @USAGI <yasuyuki.kozakai@toshiba.co.jp>
5 * - generalized L3 protocol dependent part. 5 * - generalized L3 protocol dependent part.
@@ -7,14 +7,14 @@
7 * Derived from include/linux/netfiter_ipv4/ip_conntrack_protcol.h 7 * Derived from include/linux/netfiter_ipv4/ip_conntrack_protcol.h
8 */ 8 */
9 9
10#ifndef _NF_CONNTRACK_PROTOCOL_H 10#ifndef _NF_CONNTRACK_L4PROTO_H
11#define _NF_CONNTRACK_PROTOCOL_H 11#define _NF_CONNTRACK_L4PROTO_H
12#include <net/netfilter/nf_conntrack.h> 12#include <net/netfilter/nf_conntrack.h>
13 13
14struct seq_file; 14struct seq_file;
15struct nfattr; 15struct nfattr;
16 16
17struct nf_conntrack_protocol 17struct nf_conntrack_l4proto
18{ 18{
19 /* Next pointer. */ 19 /* Next pointer. */
20 struct list_head list; 20 struct list_head list;
@@ -22,8 +22,8 @@ struct nf_conntrack_protocol
22 /* L3 Protocol number. */ 22 /* L3 Protocol number. */
23 u_int16_t l3proto; 23 u_int16_t l3proto;
24 24
25 /* Protocol number. */ 25 /* L4 Protocol number. */
26 u_int8_t proto; 26 u_int8_t l4proto;
27 27
28 /* Protocol name */ 28 /* Protocol name */
29 const char *name; 29 const char *name;
@@ -84,25 +84,25 @@ struct nf_conntrack_protocol
84}; 84};
85 85
86/* Existing built-in protocols */ 86/* Existing built-in protocols */
87extern struct nf_conntrack_protocol nf_conntrack_protocol_tcp6; 87extern struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp6;
88extern struct nf_conntrack_protocol nf_conntrack_protocol_udp4; 88extern struct nf_conntrack_l4proto nf_conntrack_l4proto_udp4;
89extern struct nf_conntrack_protocol nf_conntrack_protocol_udp6; 89extern struct nf_conntrack_l4proto nf_conntrack_l4proto_udp6;
90extern struct nf_conntrack_protocol nf_conntrack_generic_protocol; 90extern struct nf_conntrack_l4proto nf_conntrack_l4proto_generic;
91 91
92#define MAX_NF_CT_PROTO 256 92#define MAX_NF_CT_PROTO 256
93extern struct nf_conntrack_protocol **nf_ct_protos[PF_MAX]; 93extern struct nf_conntrack_l4proto **nf_ct_protos[PF_MAX];
94 94
95extern struct nf_conntrack_protocol * 95extern struct nf_conntrack_l4proto *
96__nf_ct_proto_find(u_int16_t l3proto, u_int8_t protocol); 96__nf_ct_l4proto_find(u_int16_t l3proto, u_int8_t l4proto);
97 97
98extern struct nf_conntrack_protocol * 98extern struct nf_conntrack_l4proto *
99nf_ct_proto_find_get(u_int16_t l3proto, u_int8_t protocol); 99nf_ct_l4proto_find_get(u_int16_t l3proto, u_int8_t protocol);
100 100
101extern void nf_ct_proto_put(struct nf_conntrack_protocol *p); 101extern void nf_ct_l4proto_put(struct nf_conntrack_l4proto *p);
102 102
103/* Protocol registration. */ 103/* Protocol registration. */
104extern int nf_conntrack_protocol_register(struct nf_conntrack_protocol *proto); 104extern int nf_conntrack_l4proto_register(struct nf_conntrack_l4proto *proto);
105extern void nf_conntrack_protocol_unregister(struct nf_conntrack_protocol *proto); 105extern void nf_conntrack_l4proto_unregister(struct nf_conntrack_l4proto *proto);
106 106
107/* Generic netlink helpers */ 107/* Generic netlink helpers */
108extern int nf_ct_port_tuple_to_nfattr(struct sk_buff *skb, 108extern int nf_ct_port_tuple_to_nfattr(struct sk_buff *skb,
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
index 0af803df82b0..370df0fdb22b 100644
--- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
+++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
@@ -27,7 +27,7 @@
27#include <linux/netfilter_ipv4.h> 27#include <linux/netfilter_ipv4.h>
28#include <net/netfilter/nf_conntrack.h> 28#include <net/netfilter/nf_conntrack.h>
29#include <net/netfilter/nf_conntrack_helper.h> 29#include <net/netfilter/nf_conntrack_helper.h>
30#include <net/netfilter/nf_conntrack_protocol.h> 30#include <net/netfilter/nf_conntrack_l4proto.h>
31#include <net/netfilter/nf_conntrack_l3proto.h> 31#include <net/netfilter/nf_conntrack_l3proto.h>
32#include <net/netfilter/nf_conntrack_core.h> 32#include <net/netfilter/nf_conntrack_core.h>
33#include <net/netfilter/ipv4/nf_conntrack_ipv4.h> 33#include <net/netfilter/ipv4/nf_conntrack_ipv4.h>
@@ -429,9 +429,9 @@ struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv4 = {
429 .me = THIS_MODULE, 429 .me = THIS_MODULE,
430}; 430};
431 431
432extern struct nf_conntrack_protocol nf_conntrack_protocol_tcp4; 432extern struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp4;
433extern struct nf_conntrack_protocol nf_conntrack_protocol_udp4; 433extern struct nf_conntrack_l4proto nf_conntrack_l4proto_udp4;
434extern struct nf_conntrack_protocol nf_conntrack_protocol_icmp; 434extern struct nf_conntrack_l4proto nf_conntrack_l4proto_icmp;
435 435
436MODULE_ALIAS("nf_conntrack-" __stringify(AF_INET)); 436MODULE_ALIAS("nf_conntrack-" __stringify(AF_INET));
437MODULE_LICENSE("GPL"); 437MODULE_LICENSE("GPL");
@@ -448,19 +448,19 @@ static int __init nf_conntrack_l3proto_ipv4_init(void)
448 return ret; 448 return ret;
449 } 449 }
450 450
451 ret = nf_conntrack_protocol_register(&nf_conntrack_protocol_tcp4); 451 ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_tcp4);
452 if (ret < 0) { 452 if (ret < 0) {
453 printk("nf_conntrack_ipv4: can't register tcp.\n"); 453 printk("nf_conntrack_ipv4: can't register tcp.\n");
454 goto cleanup_sockopt; 454 goto cleanup_sockopt;
455 } 455 }
456 456
457 ret = nf_conntrack_protocol_register(&nf_conntrack_protocol_udp4); 457 ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_udp4);
458 if (ret < 0) { 458 if (ret < 0) {
459 printk("nf_conntrack_ipv4: can't register udp.\n"); 459 printk("nf_conntrack_ipv4: can't register udp.\n");
460 goto cleanup_tcp; 460 goto cleanup_tcp;
461 } 461 }
462 462
463 ret = nf_conntrack_protocol_register(&nf_conntrack_protocol_icmp); 463 ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_icmp);
464 if (ret < 0) { 464 if (ret < 0) {
465 printk("nf_conntrack_ipv4: can't register icmp.\n"); 465 printk("nf_conntrack_ipv4: can't register icmp.\n");
466 goto cleanup_udp; 466 goto cleanup_udp;
@@ -495,11 +495,11 @@ static int __init nf_conntrack_l3proto_ipv4_init(void)
495 cleanup_ipv4: 495 cleanup_ipv4:
496 nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv4); 496 nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv4);
497 cleanup_icmp: 497 cleanup_icmp:
498 nf_conntrack_protocol_unregister(&nf_conntrack_protocol_icmp); 498 nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_icmp);
499 cleanup_udp: 499 cleanup_udp:
500 nf_conntrack_protocol_unregister(&nf_conntrack_protocol_udp4); 500 nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_udp4);
501 cleanup_tcp: 501 cleanup_tcp:
502 nf_conntrack_protocol_unregister(&nf_conntrack_protocol_tcp4); 502 nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_tcp4);
503 cleanup_sockopt: 503 cleanup_sockopt:
504 nf_unregister_sockopt(&so_getorigdst); 504 nf_unregister_sockopt(&so_getorigdst);
505 return ret; 505 return ret;
@@ -513,9 +513,9 @@ static void __exit nf_conntrack_l3proto_ipv4_fini(void)
513#endif 513#endif
514 nf_unregister_hooks(ipv4_conntrack_ops, ARRAY_SIZE(ipv4_conntrack_ops)); 514 nf_unregister_hooks(ipv4_conntrack_ops, ARRAY_SIZE(ipv4_conntrack_ops));
515 nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv4); 515 nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv4);
516 nf_conntrack_protocol_unregister(&nf_conntrack_protocol_icmp); 516 nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_icmp);
517 nf_conntrack_protocol_unregister(&nf_conntrack_protocol_udp4); 517 nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_udp4);
518 nf_conntrack_protocol_unregister(&nf_conntrack_protocol_tcp4); 518 nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_tcp4);
519 nf_unregister_sockopt(&so_getorigdst); 519 nf_unregister_sockopt(&so_getorigdst);
520} 520}
521 521
diff --git a/net/ipv4/netfilter/nf_conntrack_proto_icmp.c b/net/ipv4/netfilter/nf_conntrack_proto_icmp.c
index 790f00d500c3..08223a57a44d 100644
--- a/net/ipv4/netfilter/nf_conntrack_proto_icmp.c
+++ b/net/ipv4/netfilter/nf_conntrack_proto_icmp.c
@@ -22,7 +22,7 @@
22#include <net/checksum.h> 22#include <net/checksum.h>
23#include <linux/netfilter_ipv4.h> 23#include <linux/netfilter_ipv4.h>
24#include <net/netfilter/nf_conntrack_tuple.h> 24#include <net/netfilter/nf_conntrack_tuple.h>
25#include <net/netfilter/nf_conntrack_protocol.h> 25#include <net/netfilter/nf_conntrack_l4proto.h>
26#include <net/netfilter/nf_conntrack_core.h> 26#include <net/netfilter/nf_conntrack_core.h>
27 27
28unsigned long nf_ct_icmp_timeout __read_mostly = 30*HZ; 28unsigned long nf_ct_icmp_timeout __read_mostly = 30*HZ;
@@ -152,7 +152,7 @@ icmp_error_message(struct sk_buff *skb,
152 struct icmphdr icmp; 152 struct icmphdr icmp;
153 struct iphdr ip; 153 struct iphdr ip;
154 } _in, *inside; 154 } _in, *inside;
155 struct nf_conntrack_protocol *innerproto; 155 struct nf_conntrack_l4proto *innerproto;
156 struct nf_conntrack_tuple_hash *h; 156 struct nf_conntrack_tuple_hash *h;
157 int dataoff; 157 int dataoff;
158 158
@@ -170,7 +170,7 @@ icmp_error_message(struct sk_buff *skb,
170 return -NF_ACCEPT; 170 return -NF_ACCEPT;
171 } 171 }
172 172
173 innerproto = __nf_ct_proto_find(PF_INET, inside->ip.protocol); 173 innerproto = __nf_ct_l4proto_find(PF_INET, inside->ip.protocol);
174 dataoff = skb->nh.iph->ihl*4 + sizeof(inside->icmp); 174 dataoff = skb->nh.iph->ihl*4 + sizeof(inside->icmp);
175 /* Are they talking about one of our connections? */ 175 /* Are they talking about one of our connections? */
176 if (!nf_ct_get_tuple(skb, dataoff, dataoff + inside->ip.ihl*4, PF_INET, 176 if (!nf_ct_get_tuple(skb, dataoff, dataoff + inside->ip.ihl*4, PF_INET,
@@ -321,11 +321,11 @@ static int icmp_nfattr_to_tuple(struct nfattr *tb[],
321} 321}
322#endif 322#endif
323 323
324struct nf_conntrack_protocol nf_conntrack_protocol_icmp = 324struct nf_conntrack_l4proto nf_conntrack_l4proto_icmp =
325{ 325{
326 .list = { NULL, NULL }, 326 .list = { NULL, NULL },
327 .l3proto = PF_INET, 327 .l3proto = PF_INET,
328 .proto = IPPROTO_ICMP, 328 .l4proto = IPPROTO_ICMP,
329 .name = "icmp", 329 .name = "icmp",
330 .pkt_to_tuple = icmp_pkt_to_tuple, 330 .pkt_to_tuple = icmp_pkt_to_tuple,
331 .invert_tuple = icmp_invert_tuple, 331 .invert_tuple = icmp_invert_tuple,
@@ -343,4 +343,4 @@ struct nf_conntrack_protocol nf_conntrack_protocol_icmp =
343#endif 343#endif
344}; 344};
345 345
346EXPORT_SYMBOL(nf_conntrack_protocol_icmp); 346EXPORT_SYMBOL(nf_conntrack_l4proto_icmp);
diff --git a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
index e5e53fff9e38..cdbba44017df 100644
--- a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
+++ b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
@@ -33,7 +33,7 @@
33#include <linux/netfilter_ipv6.h> 33#include <linux/netfilter_ipv6.h>
34#include <net/netfilter/nf_conntrack.h> 34#include <net/netfilter/nf_conntrack.h>
35#include <net/netfilter/nf_conntrack_helper.h> 35#include <net/netfilter/nf_conntrack_helper.h>
36#include <net/netfilter/nf_conntrack_protocol.h> 36#include <net/netfilter/nf_conntrack_l4proto.h>
37#include <net/netfilter/nf_conntrack_l3proto.h> 37#include <net/netfilter/nf_conntrack_l3proto.h>
38#include <net/netfilter/nf_conntrack_core.h> 38#include <net/netfilter/nf_conntrack_core.h>
39 39
@@ -458,9 +458,9 @@ struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6 = {
458 .me = THIS_MODULE, 458 .me = THIS_MODULE,
459}; 459};
460 460
461extern struct nf_conntrack_protocol nf_conntrack_protocol_tcp6; 461extern struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp6;
462extern struct nf_conntrack_protocol nf_conntrack_protocol_udp6; 462extern struct nf_conntrack_l4proto nf_conntrack_l4proto_udp6;
463extern struct nf_conntrack_protocol nf_conntrack_protocol_icmpv6; 463extern struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6;
464extern int nf_ct_frag6_init(void); 464extern int nf_ct_frag6_init(void);
465extern void nf_ct_frag6_cleanup(void); 465extern void nf_ct_frag6_cleanup(void);
466 466
@@ -479,19 +479,19 @@ static int __init nf_conntrack_l3proto_ipv6_init(void)
479 printk("nf_conntrack_ipv6: can't initialize frag6.\n"); 479 printk("nf_conntrack_ipv6: can't initialize frag6.\n");
480 return ret; 480 return ret;
481 } 481 }
482 ret = nf_conntrack_protocol_register(&nf_conntrack_protocol_tcp6); 482 ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_tcp6);
483 if (ret < 0) { 483 if (ret < 0) {
484 printk("nf_conntrack_ipv6: can't register tcp.\n"); 484 printk("nf_conntrack_ipv6: can't register tcp.\n");
485 goto cleanup_frag6; 485 goto cleanup_frag6;
486 } 486 }
487 487
488 ret = nf_conntrack_protocol_register(&nf_conntrack_protocol_udp6); 488 ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_udp6);
489 if (ret < 0) { 489 if (ret < 0) {
490 printk("nf_conntrack_ipv6: can't register udp.\n"); 490 printk("nf_conntrack_ipv6: can't register udp.\n");
491 goto cleanup_tcp; 491 goto cleanup_tcp;
492 } 492 }
493 493
494 ret = nf_conntrack_protocol_register(&nf_conntrack_protocol_icmpv6); 494 ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_icmpv6);
495 if (ret < 0) { 495 if (ret < 0) {
496 printk("nf_conntrack_ipv6: can't register icmpv6.\n"); 496 printk("nf_conntrack_ipv6: can't register icmpv6.\n");
497 goto cleanup_udp; 497 goto cleanup_udp;
@@ -527,11 +527,11 @@ static int __init nf_conntrack_l3proto_ipv6_init(void)
527 cleanup_ipv6: 527 cleanup_ipv6:
528 nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv6); 528 nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv6);
529 cleanup_icmpv6: 529 cleanup_icmpv6:
530 nf_conntrack_protocol_unregister(&nf_conntrack_protocol_icmpv6); 530 nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_icmpv6);
531 cleanup_udp: 531 cleanup_udp:
532 nf_conntrack_protocol_unregister(&nf_conntrack_protocol_udp6); 532 nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_udp6);
533 cleanup_tcp: 533 cleanup_tcp:
534 nf_conntrack_protocol_unregister(&nf_conntrack_protocol_tcp6); 534 nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_tcp6);
535 cleanup_frag6: 535 cleanup_frag6:
536 nf_ct_frag6_cleanup(); 536 nf_ct_frag6_cleanup();
537 return ret; 537 return ret;
@@ -545,9 +545,9 @@ static void __exit nf_conntrack_l3proto_ipv6_fini(void)
545#endif 545#endif
546 nf_unregister_hooks(ipv6_conntrack_ops, ARRAY_SIZE(ipv6_conntrack_ops)); 546 nf_unregister_hooks(ipv6_conntrack_ops, ARRAY_SIZE(ipv6_conntrack_ops));
547 nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv6); 547 nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv6);
548 nf_conntrack_protocol_unregister(&nf_conntrack_protocol_icmpv6); 548 nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_icmpv6);
549 nf_conntrack_protocol_unregister(&nf_conntrack_protocol_udp6); 549 nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_udp6);
550 nf_conntrack_protocol_unregister(&nf_conntrack_protocol_tcp6); 550 nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_tcp6);
551 nf_ct_frag6_cleanup(); 551 nf_ct_frag6_cleanup();
552} 552}
553 553
diff --git a/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c b/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
index 34d447208ffd..2cdf225f162d 100644
--- a/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
+++ b/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
@@ -29,7 +29,7 @@
29#include <linux/seq_file.h> 29#include <linux/seq_file.h>
30#include <linux/netfilter_ipv6.h> 30#include <linux/netfilter_ipv6.h>
31#include <net/netfilter/nf_conntrack_tuple.h> 31#include <net/netfilter/nf_conntrack_tuple.h>
32#include <net/netfilter/nf_conntrack_protocol.h> 32#include <net/netfilter/nf_conntrack_l4proto.h>
33#include <net/netfilter/nf_conntrack_core.h> 33#include <net/netfilter/nf_conntrack_core.h>
34#include <net/netfilter/ipv6/nf_conntrack_icmpv6.h> 34#include <net/netfilter/ipv6/nf_conntrack_icmpv6.h>
35 35
@@ -155,7 +155,7 @@ icmpv6_error_message(struct sk_buff *skb,
155 struct nf_conntrack_tuple_hash *h; 155 struct nf_conntrack_tuple_hash *h;
156 struct icmp6hdr _hdr, *hp; 156 struct icmp6hdr _hdr, *hp;
157 unsigned int inip6off; 157 unsigned int inip6off;
158 struct nf_conntrack_protocol *inproto; 158 struct nf_conntrack_l4proto *inproto;
159 u_int8_t inprotonum; 159 u_int8_t inprotonum;
160 unsigned int inprotoff; 160 unsigned int inprotoff;
161 161
@@ -185,7 +185,7 @@ icmpv6_error_message(struct sk_buff *skb,
185 return -NF_ACCEPT; 185 return -NF_ACCEPT;
186 } 186 }
187 187
188 inproto = __nf_ct_proto_find(PF_INET6, inprotonum); 188 inproto = __nf_ct_l4proto_find(PF_INET6, inprotonum);
189 189
190 /* Are they talking about one of our connections? */ 190 /* Are they talking about one of our connections? */
191 if (!nf_ct_get_tuple(skb, inip6off, inprotoff, PF_INET6, inprotonum, 191 if (!nf_ct_get_tuple(skb, inip6off, inprotoff, PF_INET6, inprotonum,
@@ -301,10 +301,10 @@ static int icmpv6_nfattr_to_tuple(struct nfattr *tb[],
301} 301}
302#endif 302#endif
303 303
304struct nf_conntrack_protocol nf_conntrack_protocol_icmpv6 = 304struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6 =
305{ 305{
306 .l3proto = PF_INET6, 306 .l3proto = PF_INET6,
307 .proto = IPPROTO_ICMPV6, 307 .l4proto = IPPROTO_ICMPV6,
308 .name = "icmpv6", 308 .name = "icmpv6",
309 .pkt_to_tuple = icmpv6_pkt_to_tuple, 309 .pkt_to_tuple = icmpv6_pkt_to_tuple,
310 .invert_tuple = icmpv6_invert_tuple, 310 .invert_tuple = icmpv6_invert_tuple,
@@ -320,4 +320,4 @@ struct nf_conntrack_protocol nf_conntrack_protocol_icmpv6 =
320#endif 320#endif
321}; 321};
322 322
323EXPORT_SYMBOL(nf_conntrack_protocol_icmpv6); 323EXPORT_SYMBOL(nf_conntrack_l4proto_icmpv6);
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index 6607ed415861..441a647b7847 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -54,7 +54,7 @@
54 54
55#include <net/netfilter/nf_conntrack.h> 55#include <net/netfilter/nf_conntrack.h>
56#include <net/netfilter/nf_conntrack_l3proto.h> 56#include <net/netfilter/nf_conntrack_l3proto.h>
57#include <net/netfilter/nf_conntrack_protocol.h> 57#include <net/netfilter/nf_conntrack_l4proto.h>
58#include <net/netfilter/nf_conntrack_expect.h> 58#include <net/netfilter/nf_conntrack_expect.h>
59#include <net/netfilter/nf_conntrack_helper.h> 59#include <net/netfilter/nf_conntrack_helper.h>
60#include <net/netfilter/nf_conntrack_core.h> 60#include <net/netfilter/nf_conntrack_core.h>
@@ -256,7 +256,7 @@ nf_ct_get_tuple(const struct sk_buff *skb,
256 u_int8_t protonum, 256 u_int8_t protonum,
257 struct nf_conntrack_tuple *tuple, 257 struct nf_conntrack_tuple *tuple,
258 const struct nf_conntrack_l3proto *l3proto, 258 const struct nf_conntrack_l3proto *l3proto,
259 const struct nf_conntrack_protocol *protocol) 259 const struct nf_conntrack_l4proto *l4proto)
260{ 260{
261 NF_CT_TUPLE_U_BLANK(tuple); 261 NF_CT_TUPLE_U_BLANK(tuple);
262 262
@@ -267,14 +267,14 @@ nf_ct_get_tuple(const struct sk_buff *skb,
267 tuple->dst.protonum = protonum; 267 tuple->dst.protonum = protonum;
268 tuple->dst.dir = IP_CT_DIR_ORIGINAL; 268 tuple->dst.dir = IP_CT_DIR_ORIGINAL;
269 269
270 return protocol->pkt_to_tuple(skb, dataoff, tuple); 270 return l4proto->pkt_to_tuple(skb, dataoff, tuple);
271} 271}
272 272
273int 273int
274nf_ct_invert_tuple(struct nf_conntrack_tuple *inverse, 274nf_ct_invert_tuple(struct nf_conntrack_tuple *inverse,
275 const struct nf_conntrack_tuple *orig, 275 const struct nf_conntrack_tuple *orig,
276 const struct nf_conntrack_l3proto *l3proto, 276 const struct nf_conntrack_l3proto *l3proto,
277 const struct nf_conntrack_protocol *protocol) 277 const struct nf_conntrack_l4proto *l4proto)
278{ 278{
279 NF_CT_TUPLE_U_BLANK(inverse); 279 NF_CT_TUPLE_U_BLANK(inverse);
280 280
@@ -285,7 +285,7 @@ nf_ct_invert_tuple(struct nf_conntrack_tuple *inverse,
285 inverse->dst.dir = !orig->dst.dir; 285 inverse->dst.dir = !orig->dst.dir;
286 286
287 inverse->dst.protonum = orig->dst.protonum; 287 inverse->dst.protonum = orig->dst.protonum;
288 return protocol->invert_tuple(inverse, orig); 288 return l4proto->invert_tuple(inverse, orig);
289} 289}
290 290
291static void 291static void
@@ -305,7 +305,7 @@ destroy_conntrack(struct nf_conntrack *nfct)
305{ 305{
306 struct nf_conn *ct = (struct nf_conn *)nfct; 306 struct nf_conn *ct = (struct nf_conn *)nfct;
307 struct nf_conntrack_l3proto *l3proto; 307 struct nf_conntrack_l3proto *l3proto;
308 struct nf_conntrack_protocol *proto; 308 struct nf_conntrack_l4proto *l4proto;
309 309
310 DEBUGP("destroy_conntrack(%p)\n", ct); 310 DEBUGP("destroy_conntrack(%p)\n", ct);
311 NF_CT_ASSERT(atomic_read(&nfct->use) == 0); 311 NF_CT_ASSERT(atomic_read(&nfct->use) == 0);
@@ -321,9 +321,9 @@ destroy_conntrack(struct nf_conntrack *nfct)
321 if (l3proto && l3proto->destroy) 321 if (l3proto && l3proto->destroy)
322 l3proto->destroy(ct); 322 l3proto->destroy(ct);
323 323
324 proto = __nf_ct_proto_find(ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.l3num, ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.protonum); 324 l4proto = __nf_ct_l4proto_find(ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.l3num, ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.protonum);
325 if (proto && proto->destroy) 325 if (l4proto && l4proto->destroy)
326 proto->destroy(ct); 326 l4proto->destroy(ct);
327 327
328 if (nf_conntrack_destroyed) 328 if (nf_conntrack_destroyed)
329 nf_conntrack_destroyed(ct); 329 nf_conntrack_destroyed(ct);
@@ -647,7 +647,7 @@ void nf_conntrack_free(struct nf_conn *conntrack)
647static struct nf_conntrack_tuple_hash * 647static struct nf_conntrack_tuple_hash *
648init_conntrack(const struct nf_conntrack_tuple *tuple, 648init_conntrack(const struct nf_conntrack_tuple *tuple,
649 struct nf_conntrack_l3proto *l3proto, 649 struct nf_conntrack_l3proto *l3proto,
650 struct nf_conntrack_protocol *protocol, 650 struct nf_conntrack_l4proto *l4proto,
651 struct sk_buff *skb, 651 struct sk_buff *skb,
652 unsigned int dataoff) 652 unsigned int dataoff)
653{ 653{
@@ -655,7 +655,7 @@ init_conntrack(const struct nf_conntrack_tuple *tuple,
655 struct nf_conntrack_tuple repl_tuple; 655 struct nf_conntrack_tuple repl_tuple;
656 struct nf_conntrack_expect *exp; 656 struct nf_conntrack_expect *exp;
657 657
658 if (!nf_ct_invert_tuple(&repl_tuple, tuple, l3proto, protocol)) { 658 if (!nf_ct_invert_tuple(&repl_tuple, tuple, l3proto, l4proto)) {
659 DEBUGP("Can't invert tuple.\n"); 659 DEBUGP("Can't invert tuple.\n");
660 return NULL; 660 return NULL;
661 } 661 }
@@ -666,7 +666,7 @@ init_conntrack(const struct nf_conntrack_tuple *tuple,
666 return (struct nf_conntrack_tuple_hash *)conntrack; 666 return (struct nf_conntrack_tuple_hash *)conntrack;
667 } 667 }
668 668
669 if (!protocol->new(conntrack, skb, dataoff)) { 669 if (!l4proto->new(conntrack, skb, dataoff)) {
670 nf_conntrack_free(conntrack); 670 nf_conntrack_free(conntrack);
671 DEBUGP("init conntrack: can't track with proto module\n"); 671 DEBUGP("init conntrack: can't track with proto module\n");
672 return NULL; 672 return NULL;
@@ -718,7 +718,7 @@ resolve_normal_ct(struct sk_buff *skb,
718 u_int16_t l3num, 718 u_int16_t l3num,
719 u_int8_t protonum, 719 u_int8_t protonum,
720 struct nf_conntrack_l3proto *l3proto, 720 struct nf_conntrack_l3proto *l3proto,
721 struct nf_conntrack_protocol *proto, 721 struct nf_conntrack_l4proto *l4proto,
722 int *set_reply, 722 int *set_reply,
723 enum ip_conntrack_info *ctinfo) 723 enum ip_conntrack_info *ctinfo)
724{ 724{
@@ -728,7 +728,7 @@ resolve_normal_ct(struct sk_buff *skb,
728 728
729 if (!nf_ct_get_tuple(skb, (unsigned int)(skb->nh.raw - skb->data), 729 if (!nf_ct_get_tuple(skb, (unsigned int)(skb->nh.raw - skb->data),
730 dataoff, l3num, protonum, &tuple, l3proto, 730 dataoff, l3num, protonum, &tuple, l3proto,
731 proto)) { 731 l4proto)) {
732 DEBUGP("resolve_normal_ct: Can't get tuple\n"); 732 DEBUGP("resolve_normal_ct: Can't get tuple\n");
733 return NULL; 733 return NULL;
734 } 734 }
@@ -736,7 +736,7 @@ resolve_normal_ct(struct sk_buff *skb,
736 /* look for tuple match */ 736 /* look for tuple match */
737 h = nf_conntrack_find_get(&tuple, NULL); 737 h = nf_conntrack_find_get(&tuple, NULL);
738 if (!h) { 738 if (!h) {
739 h = init_conntrack(&tuple, l3proto, proto, skb, dataoff); 739 h = init_conntrack(&tuple, l3proto, l4proto, skb, dataoff);
740 if (!h) 740 if (!h)
741 return NULL; 741 return NULL;
742 if (IS_ERR(h)) 742 if (IS_ERR(h))
@@ -774,7 +774,7 @@ nf_conntrack_in(int pf, unsigned int hooknum, struct sk_buff **pskb)
774 struct nf_conn *ct; 774 struct nf_conn *ct;
775 enum ip_conntrack_info ctinfo; 775 enum ip_conntrack_info ctinfo;
776 struct nf_conntrack_l3proto *l3proto; 776 struct nf_conntrack_l3proto *l3proto;
777 struct nf_conntrack_protocol *proto; 777 struct nf_conntrack_l4proto *l4proto;
778 unsigned int dataoff; 778 unsigned int dataoff;
779 u_int8_t protonum; 779 u_int8_t protonum;
780 int set_reply = 0; 780 int set_reply = 0;
@@ -792,19 +792,19 @@ nf_conntrack_in(int pf, unsigned int hooknum, struct sk_buff **pskb)
792 return -ret; 792 return -ret;
793 } 793 }
794 794
795 proto = __nf_ct_proto_find((u_int16_t)pf, protonum); 795 l4proto = __nf_ct_l4proto_find((u_int16_t)pf, protonum);
796 796
797 /* It may be an special packet, error, unclean... 797 /* It may be an special packet, error, unclean...
798 * inverse of the return code tells to the netfilter 798 * inverse of the return code tells to the netfilter
799 * core what to do with the packet. */ 799 * core what to do with the packet. */
800 if (proto->error != NULL && 800 if (l4proto->error != NULL &&
801 (ret = proto->error(*pskb, dataoff, &ctinfo, pf, hooknum)) <= 0) { 801 (ret = l4proto->error(*pskb, dataoff, &ctinfo, pf, hooknum)) <= 0) {
802 NF_CT_STAT_INC(error); 802 NF_CT_STAT_INC(error);
803 NF_CT_STAT_INC(invalid); 803 NF_CT_STAT_INC(invalid);
804 return -ret; 804 return -ret;
805 } 805 }
806 806
807 ct = resolve_normal_ct(*pskb, dataoff, pf, protonum, l3proto, proto, 807 ct = resolve_normal_ct(*pskb, dataoff, pf, protonum, l3proto, l4proto,
808 &set_reply, &ctinfo); 808 &set_reply, &ctinfo);
809 if (!ct) { 809 if (!ct) {
810 /* Not valid part of a connection */ 810 /* Not valid part of a connection */
@@ -820,7 +820,7 @@ nf_conntrack_in(int pf, unsigned int hooknum, struct sk_buff **pskb)
820 820
821 NF_CT_ASSERT((*pskb)->nfct); 821 NF_CT_ASSERT((*pskb)->nfct);
822 822
823 ret = proto->packet(ct, *pskb, dataoff, ctinfo, pf, hooknum); 823 ret = l4proto->packet(ct, *pskb, dataoff, ctinfo, pf, hooknum);
824 if (ret < 0) { 824 if (ret < 0) {
825 /* Invalid: inverse of the return code tells 825 /* Invalid: inverse of the return code tells
826 * the netfilter core what to do */ 826 * the netfilter core what to do */
@@ -842,7 +842,7 @@ int nf_ct_invert_tuplepr(struct nf_conntrack_tuple *inverse,
842{ 842{
843 return nf_ct_invert_tuple(inverse, orig, 843 return nf_ct_invert_tuple(inverse, orig,
844 __nf_ct_l3proto_find(orig->src.l3num), 844 __nf_ct_l3proto_find(orig->src.l3num),
845 __nf_ct_proto_find(orig->src.l3num, 845 __nf_ct_l4proto_find(orig->src.l3num,
846 orig->dst.protonum)); 846 orig->dst.protonum));
847} 847}
848 848
@@ -1199,7 +1199,7 @@ int __init nf_conntrack_init(void)
1199 /* Don't NEED lock here, but good form anyway. */ 1199 /* Don't NEED lock here, but good form anyway. */
1200 write_lock_bh(&nf_conntrack_lock); 1200 write_lock_bh(&nf_conntrack_lock);
1201 for (i = 0; i < PF_MAX; i++) 1201 for (i = 0; i < PF_MAX; i++)
1202 nf_ct_l3protos[i] = &nf_conntrack_generic_l3proto; 1202 nf_ct_l3protos[i] = &nf_conntrack_l3proto_generic;
1203 write_unlock_bh(&nf_conntrack_lock); 1203 write_unlock_bh(&nf_conntrack_lock);
1204 1204
1205 /* For use by REJECT target */ 1205 /* For use by REJECT target */
diff --git a/net/netfilter/nf_conntrack_ecache.c b/net/netfilter/nf_conntrack_ecache.c
index 35763e96fddb..5152efd511d0 100644
--- a/net/netfilter/nf_conntrack_ecache.c
+++ b/net/netfilter/nf_conntrack_ecache.c
@@ -22,7 +22,7 @@
22 22
23#include <net/netfilter/nf_conntrack.h> 23#include <net/netfilter/nf_conntrack.h>
24#include <net/netfilter/nf_conntrack_l3proto.h> 24#include <net/netfilter/nf_conntrack_l3proto.h>
25#include <net/netfilter/nf_conntrack_protocol.h> 25#include <net/netfilter/nf_conntrack_l4proto.h>
26#include <net/netfilter/nf_conntrack_expect.h> 26#include <net/netfilter/nf_conntrack_expect.h>
27#include <net/netfilter/nf_conntrack_helper.h> 27#include <net/netfilter/nf_conntrack_helper.h>
28#include <net/netfilter/nf_conntrack_core.h> 28#include <net/netfilter/nf_conntrack_core.h>
diff --git a/net/netfilter/nf_conntrack_expect.c b/net/netfilter/nf_conntrack_expect.c
index 076e678b3188..7269bffd8e49 100644
--- a/net/netfilter/nf_conntrack_expect.c
+++ b/net/netfilter/nf_conntrack_expect.c
@@ -338,7 +338,7 @@ static int exp_seq_show(struct seq_file *s, void *v)
338 expect->tuple.dst.protonum); 338 expect->tuple.dst.protonum);
339 print_tuple(s, &expect->tuple, 339 print_tuple(s, &expect->tuple,
340 __nf_ct_l3proto_find(expect->tuple.src.l3num), 340 __nf_ct_l3proto_find(expect->tuple.src.l3num),
341 __nf_ct_proto_find(expect->tuple.src.l3num, 341 __nf_ct_l4proto_find(expect->tuple.src.l3num,
342 expect->tuple.dst.protonum)); 342 expect->tuple.dst.protonum));
343 return seq_putc(s, '\n'); 343 return seq_putc(s, '\n');
344} 344}
diff --git a/net/netfilter/nf_conntrack_helper.c b/net/netfilter/nf_conntrack_helper.c
index 2af92204722b..5cbe55f66c15 100644
--- a/net/netfilter/nf_conntrack_helper.c
+++ b/net/netfilter/nf_conntrack_helper.c
@@ -26,7 +26,7 @@
26 26
27#include <net/netfilter/nf_conntrack.h> 27#include <net/netfilter/nf_conntrack.h>
28#include <net/netfilter/nf_conntrack_l3proto.h> 28#include <net/netfilter/nf_conntrack_l3proto.h>
29#include <net/netfilter/nf_conntrack_protocol.h> 29#include <net/netfilter/nf_conntrack_l4proto.h>
30#include <net/netfilter/nf_conntrack_helper.h> 30#include <net/netfilter/nf_conntrack_helper.h>
31#include <net/netfilter/nf_conntrack_core.h> 31#include <net/netfilter/nf_conntrack_core.h>
32 32
diff --git a/net/netfilter/nf_conntrack_l3proto_generic.c b/net/netfilter/nf_conntrack_l3proto_generic.c
index 21e0bc91cf23..1852c9d927d8 100644
--- a/net/netfilter/nf_conntrack_l3proto_generic.c
+++ b/net/netfilter/nf_conntrack_l3proto_generic.c
@@ -26,7 +26,7 @@
26 26
27#include <linux/netfilter_ipv4.h> 27#include <linux/netfilter_ipv4.h>
28#include <net/netfilter/nf_conntrack.h> 28#include <net/netfilter/nf_conntrack.h>
29#include <net/netfilter/nf_conntrack_protocol.h> 29#include <net/netfilter/nf_conntrack_l4proto.h>
30#include <net/netfilter/nf_conntrack_l3proto.h> 30#include <net/netfilter/nf_conntrack_l3proto.h>
31#include <net/netfilter/nf_conntrack_core.h> 31#include <net/netfilter/nf_conntrack_core.h>
32#include <net/netfilter/ipv4/nf_conntrack_ipv4.h> 32#include <net/netfilter/ipv4/nf_conntrack_ipv4.h>
@@ -84,7 +84,7 @@ static u_int32_t generic_get_features(const struct nf_conntrack_tuple *tuple)
84 return NF_CT_F_BASIC; 84 return NF_CT_F_BASIC;
85} 85}
86 86
87struct nf_conntrack_l3proto nf_conntrack_generic_l3proto = { 87struct nf_conntrack_l3proto nf_conntrack_l3proto_generic = {
88 .l3proto = PF_UNSPEC, 88 .l3proto = PF_UNSPEC,
89 .name = "unknown", 89 .name = "unknown",
90 .pkt_to_tuple = generic_pkt_to_tuple, 90 .pkt_to_tuple = generic_pkt_to_tuple,
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
index c3d53d91929f..dc0830220130 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -38,7 +38,7 @@
38#include <net/netfilter/nf_conntrack_expect.h> 38#include <net/netfilter/nf_conntrack_expect.h>
39#include <net/netfilter/nf_conntrack_helper.h> 39#include <net/netfilter/nf_conntrack_helper.h>
40#include <net/netfilter/nf_conntrack_l3proto.h> 40#include <net/netfilter/nf_conntrack_l3proto.h>
41#include <net/netfilter/nf_conntrack_protocol.h> 41#include <net/netfilter/nf_conntrack_l4proto.h>
42#include <linux/netfilter_ipv4/ip_nat_protocol.h> 42#include <linux/netfilter_ipv4/ip_nat_protocol.h>
43 43
44#include <linux/netfilter/nfnetlink.h> 44#include <linux/netfilter/nfnetlink.h>
@@ -51,15 +51,15 @@ static char __initdata version[] = "0.93";
51static inline int 51static inline int
52ctnetlink_dump_tuples_proto(struct sk_buff *skb, 52ctnetlink_dump_tuples_proto(struct sk_buff *skb,
53 const struct nf_conntrack_tuple *tuple, 53 const struct nf_conntrack_tuple *tuple,
54 struct nf_conntrack_protocol *proto) 54 struct nf_conntrack_l4proto *l4proto)
55{ 55{
56 int ret = 0; 56 int ret = 0;
57 struct nfattr *nest_parms = NFA_NEST(skb, CTA_TUPLE_PROTO); 57 struct nfattr *nest_parms = NFA_NEST(skb, CTA_TUPLE_PROTO);
58 58
59 NFA_PUT(skb, CTA_PROTO_NUM, sizeof(u_int8_t), &tuple->dst.protonum); 59 NFA_PUT(skb, CTA_PROTO_NUM, sizeof(u_int8_t), &tuple->dst.protonum);
60 60
61 if (likely(proto->tuple_to_nfattr)) 61 if (likely(l4proto->tuple_to_nfattr))
62 ret = proto->tuple_to_nfattr(skb, tuple); 62 ret = l4proto->tuple_to_nfattr(skb, tuple);
63 63
64 NFA_NEST_END(skb, nest_parms); 64 NFA_NEST_END(skb, nest_parms);
65 65
@@ -94,7 +94,7 @@ ctnetlink_dump_tuples(struct sk_buff *skb,
94{ 94{
95 int ret; 95 int ret;
96 struct nf_conntrack_l3proto *l3proto; 96 struct nf_conntrack_l3proto *l3proto;
97 struct nf_conntrack_protocol *proto; 97 struct nf_conntrack_l4proto *l4proto;
98 98
99 l3proto = nf_ct_l3proto_find_get(tuple->src.l3num); 99 l3proto = nf_ct_l3proto_find_get(tuple->src.l3num);
100 ret = ctnetlink_dump_tuples_ip(skb, tuple, l3proto); 100 ret = ctnetlink_dump_tuples_ip(skb, tuple, l3proto);
@@ -103,9 +103,9 @@ ctnetlink_dump_tuples(struct sk_buff *skb,
103 if (unlikely(ret < 0)) 103 if (unlikely(ret < 0))
104 return ret; 104 return ret;
105 105
106 proto = nf_ct_proto_find_get(tuple->src.l3num, tuple->dst.protonum); 106 l4proto = nf_ct_l4proto_find_get(tuple->src.l3num, tuple->dst.protonum);
107 ret = ctnetlink_dump_tuples_proto(skb, tuple, proto); 107 ret = ctnetlink_dump_tuples_proto(skb, tuple, l4proto);
108 nf_ct_proto_put(proto); 108 nf_ct_l4proto_put(l4proto);
109 109
110 return ret; 110 return ret;
111} 111}
@@ -142,27 +142,27 @@ nfattr_failure:
142static inline int 142static inline int
143ctnetlink_dump_protoinfo(struct sk_buff *skb, const struct nf_conn *ct) 143ctnetlink_dump_protoinfo(struct sk_buff *skb, const struct nf_conn *ct)
144{ 144{
145 struct nf_conntrack_protocol *proto = nf_ct_proto_find_get(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num, ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum); 145 struct nf_conntrack_l4proto *l4proto = nf_ct_l4proto_find_get(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num, ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum);
146 struct nfattr *nest_proto; 146 struct nfattr *nest_proto;
147 int ret; 147 int ret;
148 148
149 if (!proto->to_nfattr) { 149 if (!l4proto->to_nfattr) {
150 nf_ct_proto_put(proto); 150 nf_ct_l4proto_put(l4proto);
151 return 0; 151 return 0;
152 } 152 }
153 153
154 nest_proto = NFA_NEST(skb, CTA_PROTOINFO); 154 nest_proto = NFA_NEST(skb, CTA_PROTOINFO);
155 155
156 ret = proto->to_nfattr(skb, nest_proto, ct); 156 ret = l4proto->to_nfattr(skb, nest_proto, ct);
157 157
158 nf_ct_proto_put(proto); 158 nf_ct_l4proto_put(l4proto);
159 159
160 NFA_NEST_END(skb, nest_proto); 160 NFA_NEST_END(skb, nest_proto);
161 161
162 return ret; 162 return ret;
163 163
164nfattr_failure: 164nfattr_failure:
165 nf_ct_proto_put(proto); 165 nf_ct_l4proto_put(l4proto);
166 return -1; 166 return -1;
167} 167}
168 168
@@ -493,7 +493,7 @@ ctnetlink_parse_tuple_proto(struct nfattr *attr,
493 struct nf_conntrack_tuple *tuple) 493 struct nf_conntrack_tuple *tuple)
494{ 494{
495 struct nfattr *tb[CTA_PROTO_MAX]; 495 struct nfattr *tb[CTA_PROTO_MAX];
496 struct nf_conntrack_protocol *proto; 496 struct nf_conntrack_l4proto *l4proto;
497 int ret = 0; 497 int ret = 0;
498 498
499 nfattr_parse_nested(tb, CTA_PROTO_MAX, attr); 499 nfattr_parse_nested(tb, CTA_PROTO_MAX, attr);
@@ -505,12 +505,12 @@ ctnetlink_parse_tuple_proto(struct nfattr *attr,
505 return -EINVAL; 505 return -EINVAL;
506 tuple->dst.protonum = *(u_int8_t *)NFA_DATA(tb[CTA_PROTO_NUM-1]); 506 tuple->dst.protonum = *(u_int8_t *)NFA_DATA(tb[CTA_PROTO_NUM-1]);
507 507
508 proto = nf_ct_proto_find_get(tuple->src.l3num, tuple->dst.protonum); 508 l4proto = nf_ct_l4proto_find_get(tuple->src.l3num, tuple->dst.protonum);
509 509
510 if (likely(proto->nfattr_to_tuple)) 510 if (likely(l4proto->nfattr_to_tuple))
511 ret = proto->nfattr_to_tuple(tb, tuple); 511 ret = l4proto->nfattr_to_tuple(tb, tuple);
512 512
513 nf_ct_proto_put(proto); 513 nf_ct_l4proto_put(l4proto);
514 514
515 return ret; 515 return ret;
516} 516}
@@ -890,18 +890,18 @@ static inline int
890ctnetlink_change_protoinfo(struct nf_conn *ct, struct nfattr *cda[]) 890ctnetlink_change_protoinfo(struct nf_conn *ct, struct nfattr *cda[])
891{ 891{
892 struct nfattr *tb[CTA_PROTOINFO_MAX], *attr = cda[CTA_PROTOINFO-1]; 892 struct nfattr *tb[CTA_PROTOINFO_MAX], *attr = cda[CTA_PROTOINFO-1];
893 struct nf_conntrack_protocol *proto; 893 struct nf_conntrack_l4proto *l4proto;
894 u_int16_t npt = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum; 894 u_int16_t npt = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum;
895 u_int16_t l3num = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num; 895 u_int16_t l3num = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num;
896 int err = 0; 896 int err = 0;
897 897
898 nfattr_parse_nested(tb, CTA_PROTOINFO_MAX, attr); 898 nfattr_parse_nested(tb, CTA_PROTOINFO_MAX, attr);
899 899
900 proto = nf_ct_proto_find_get(l3num, npt); 900 l4proto = nf_ct_l4proto_find_get(l3num, npt);
901 901
902 if (proto->from_nfattr) 902 if (l4proto->from_nfattr)
903 err = proto->from_nfattr(tb, ct); 903 err = l4proto->from_nfattr(tb, ct);
904 nf_ct_proto_put(proto); 904 nf_ct_l4proto_put(l4proto);
905 905
906 return err; 906 return err;
907} 907}
@@ -1081,7 +1081,7 @@ ctnetlink_exp_dump_mask(struct sk_buff *skb,
1081{ 1081{
1082 int ret; 1082 int ret;
1083 struct nf_conntrack_l3proto *l3proto; 1083 struct nf_conntrack_l3proto *l3proto;
1084 struct nf_conntrack_protocol *proto; 1084 struct nf_conntrack_l4proto *l4proto;
1085 struct nfattr *nest_parms = NFA_NEST(skb, CTA_EXPECT_MASK); 1085 struct nfattr *nest_parms = NFA_NEST(skb, CTA_EXPECT_MASK);
1086 1086
1087 l3proto = nf_ct_l3proto_find_get(tuple->src.l3num); 1087 l3proto = nf_ct_l3proto_find_get(tuple->src.l3num);
@@ -1091,9 +1091,9 @@ ctnetlink_exp_dump_mask(struct sk_buff *skb,
1091 if (unlikely(ret < 0)) 1091 if (unlikely(ret < 0))
1092 goto nfattr_failure; 1092 goto nfattr_failure;
1093 1093
1094 proto = nf_ct_proto_find_get(tuple->src.l3num, tuple->dst.protonum); 1094 l4proto = nf_ct_l4proto_find_get(tuple->src.l3num, tuple->dst.protonum);
1095 ret = ctnetlink_dump_tuples_proto(skb, mask, proto); 1095 ret = ctnetlink_dump_tuples_proto(skb, mask, l4proto);
1096 nf_ct_proto_put(proto); 1096 nf_ct_l4proto_put(l4proto);
1097 if (unlikely(ret < 0)) 1097 if (unlikely(ret < 0))
1098 goto nfattr_failure; 1098 goto nfattr_failure;
1099 1099
diff --git a/net/netfilter/nf_conntrack_proto.c b/net/netfilter/nf_conntrack_proto.c
index 24c61a384716..330b9acc62d8 100644
--- a/net/netfilter/nf_conntrack_proto.c
+++ b/net/netfilter/nf_conntrack_proto.c
@@ -24,38 +24,38 @@
24 24
25#include <net/netfilter/nf_conntrack.h> 25#include <net/netfilter/nf_conntrack.h>
26#include <net/netfilter/nf_conntrack_l3proto.h> 26#include <net/netfilter/nf_conntrack_l3proto.h>
27#include <net/netfilter/nf_conntrack_protocol.h> 27#include <net/netfilter/nf_conntrack_l4proto.h>
28#include <net/netfilter/nf_conntrack_core.h> 28#include <net/netfilter/nf_conntrack_core.h>
29 29
30struct nf_conntrack_protocol **nf_ct_protos[PF_MAX] __read_mostly; 30struct nf_conntrack_l4proto **nf_ct_protos[PF_MAX] __read_mostly;
31struct nf_conntrack_l3proto *nf_ct_l3protos[PF_MAX] __read_mostly; 31struct nf_conntrack_l3proto *nf_ct_l3protos[PF_MAX] __read_mostly;
32 32
33struct nf_conntrack_protocol * 33struct nf_conntrack_l4proto *
34__nf_ct_proto_find(u_int16_t l3proto, u_int8_t protocol) 34__nf_ct_l4proto_find(u_int16_t l3proto, u_int8_t l4proto)
35{ 35{
36 if (unlikely(l3proto >= AF_MAX || nf_ct_protos[l3proto] == NULL)) 36 if (unlikely(l3proto >= AF_MAX || nf_ct_protos[l3proto] == NULL))
37 return &nf_conntrack_generic_protocol; 37 return &nf_conntrack_l4proto_generic;
38 38
39 return nf_ct_protos[l3proto][protocol]; 39 return nf_ct_protos[l3proto][l4proto];
40} 40}
41 41
42/* this is guaranteed to always return a valid protocol helper, since 42/* this is guaranteed to always return a valid protocol helper, since
43 * it falls back to generic_protocol */ 43 * it falls back to generic_protocol */
44struct nf_conntrack_protocol * 44struct nf_conntrack_l4proto *
45nf_ct_proto_find_get(u_int16_t l3proto, u_int8_t protocol) 45nf_ct_l4proto_find_get(u_int16_t l3proto, u_int8_t l4proto)
46{ 46{
47 struct nf_conntrack_protocol *p; 47 struct nf_conntrack_l4proto *p;
48 48
49 preempt_disable(); 49 preempt_disable();
50 p = __nf_ct_proto_find(l3proto, protocol); 50 p = __nf_ct_l4proto_find(l3proto, l4proto);
51 if (!try_module_get(p->me)) 51 if (!try_module_get(p->me))
52 p = &nf_conntrack_generic_protocol; 52 p = &nf_conntrack_l4proto_generic;
53 preempt_enable(); 53 preempt_enable();
54 54
55 return p; 55 return p;
56} 56}
57 57
58void nf_ct_proto_put(struct nf_conntrack_protocol *p) 58void nf_ct_l4proto_put(struct nf_conntrack_l4proto *p)
59{ 59{
60 module_put(p->me); 60 module_put(p->me);
61} 61}
@@ -68,7 +68,7 @@ nf_ct_l3proto_find_get(u_int16_t l3proto)
68 preempt_disable(); 68 preempt_disable();
69 p = __nf_ct_l3proto_find(l3proto); 69 p = __nf_ct_l3proto_find(l3proto);
70 if (!try_module_get(p->me)) 70 if (!try_module_get(p->me))
71 p = &nf_conntrack_generic_l3proto; 71 p = &nf_conntrack_l3proto_generic;
72 preempt_enable(); 72 preempt_enable();
73 73
74 return p; 74 return p;
@@ -86,7 +86,7 @@ nf_ct_l3proto_try_module_get(unsigned short l3proto)
86 struct nf_conntrack_l3proto *p; 86 struct nf_conntrack_l3proto *p;
87 87
88retry: p = nf_ct_l3proto_find_get(l3proto); 88retry: p = nf_ct_l3proto_find_get(l3proto);
89 if (p == &nf_conntrack_generic_l3proto) { 89 if (p == &nf_conntrack_l3proto_generic) {
90 ret = request_module("nf_conntrack-%d", l3proto); 90 ret = request_module("nf_conntrack-%d", l3proto);
91 if (!ret) 91 if (!ret)
92 goto retry; 92 goto retry;
@@ -114,14 +114,14 @@ static int kill_l3proto(struct nf_conn *i, void *data)
114 ((struct nf_conntrack_l3proto *)data)->l3proto); 114 ((struct nf_conntrack_l3proto *)data)->l3proto);
115} 115}
116 116
117static int kill_proto(struct nf_conn *i, void *data) 117static int kill_l4proto(struct nf_conn *i, void *data)
118{ 118{
119 struct nf_conntrack_protocol *proto; 119 struct nf_conntrack_l4proto *l4proto;
120 proto = (struct nf_conntrack_protocol *)data; 120 l4proto = (struct nf_conntrack_l4proto *)data;
121 return (i->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum == 121 return (i->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum ==
122 proto->proto) && 122 l4proto->l4proto) &&
123 (i->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num == 123 (i->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num ==
124 proto->l3proto); 124 l4proto->l3proto);
125} 125}
126 126
127int nf_conntrack_l3proto_register(struct nf_conntrack_l3proto *proto) 127int nf_conntrack_l3proto_register(struct nf_conntrack_l3proto *proto)
@@ -129,7 +129,7 @@ int nf_conntrack_l3proto_register(struct nf_conntrack_l3proto *proto)
129 int ret = 0; 129 int ret = 0;
130 130
131 write_lock_bh(&nf_conntrack_lock); 131 write_lock_bh(&nf_conntrack_lock);
132 if (nf_ct_l3protos[proto->l3proto] != &nf_conntrack_generic_l3proto) { 132 if (nf_ct_l3protos[proto->l3proto] != &nf_conntrack_l3proto_generic) {
133 ret = -EBUSY; 133 ret = -EBUSY;
134 goto out; 134 goto out;
135 } 135 }
@@ -143,7 +143,7 @@ out:
143void nf_conntrack_l3proto_unregister(struct nf_conntrack_l3proto *proto) 143void nf_conntrack_l3proto_unregister(struct nf_conntrack_l3proto *proto)
144{ 144{
145 write_lock_bh(&nf_conntrack_lock); 145 write_lock_bh(&nf_conntrack_lock);
146 nf_ct_l3protos[proto->l3proto] = &nf_conntrack_generic_l3proto; 146 nf_ct_l3protos[proto->l3proto] = &nf_conntrack_l3proto_generic;
147 write_unlock_bh(&nf_conntrack_lock); 147 write_unlock_bh(&nf_conntrack_lock);
148 148
149 /* Somebody could be still looking at the proto in bh. */ 149 /* Somebody could be still looking at the proto in bh. */
@@ -155,43 +155,43 @@ void nf_conntrack_l3proto_unregister(struct nf_conntrack_l3proto *proto)
155 155
156/* FIXME: Allow NULL functions and sub in pointers to generic for 156/* FIXME: Allow NULL functions and sub in pointers to generic for
157 them. --RR */ 157 them. --RR */
158int nf_conntrack_protocol_register(struct nf_conntrack_protocol *proto) 158int nf_conntrack_l4proto_register(struct nf_conntrack_l4proto *l4proto)
159{ 159{
160 int ret = 0; 160 int ret = 0;
161 161
162retry: 162retry:
163 write_lock_bh(&nf_conntrack_lock); 163 write_lock_bh(&nf_conntrack_lock);
164 if (nf_ct_protos[proto->l3proto]) { 164 if (nf_ct_protos[l4proto->l3proto]) {
165 if (nf_ct_protos[proto->l3proto][proto->proto] 165 if (nf_ct_protos[l4proto->l3proto][l4proto->l4proto]
166 != &nf_conntrack_generic_protocol) { 166 != &nf_conntrack_l4proto_generic) {
167 ret = -EBUSY; 167 ret = -EBUSY;
168 goto out_unlock; 168 goto out_unlock;
169 } 169 }
170 } else { 170 } else {
171 /* l3proto may be loaded latter. */ 171 /* l3proto may be loaded latter. */
172 struct nf_conntrack_protocol **proto_array; 172 struct nf_conntrack_l4proto **proto_array;
173 int i; 173 int i;
174 174
175 write_unlock_bh(&nf_conntrack_lock); 175 write_unlock_bh(&nf_conntrack_lock);
176 176
177 proto_array = (struct nf_conntrack_protocol **) 177 proto_array = (struct nf_conntrack_l4proto **)
178 kmalloc(MAX_NF_CT_PROTO * 178 kmalloc(MAX_NF_CT_PROTO *
179 sizeof(struct nf_conntrack_protocol *), 179 sizeof(struct nf_conntrack_l4proto *),
180 GFP_KERNEL); 180 GFP_KERNEL);
181 if (proto_array == NULL) { 181 if (proto_array == NULL) {
182 ret = -ENOMEM; 182 ret = -ENOMEM;
183 goto out; 183 goto out;
184 } 184 }
185 for (i = 0; i < MAX_NF_CT_PROTO; i++) 185 for (i = 0; i < MAX_NF_CT_PROTO; i++)
186 proto_array[i] = &nf_conntrack_generic_protocol; 186 proto_array[i] = &nf_conntrack_l4proto_generic;
187 187
188 write_lock_bh(&nf_conntrack_lock); 188 write_lock_bh(&nf_conntrack_lock);
189 if (nf_ct_protos[proto->l3proto]) { 189 if (nf_ct_protos[l4proto->l3proto]) {
190 /* bad timing, but no problem */ 190 /* bad timing, but no problem */
191 write_unlock_bh(&nf_conntrack_lock); 191 write_unlock_bh(&nf_conntrack_lock);
192 kfree(proto_array); 192 kfree(proto_array);
193 } else { 193 } else {
194 nf_ct_protos[proto->l3proto] = proto_array; 194 nf_ct_protos[l4proto->l3proto] = proto_array;
195 write_unlock_bh(&nf_conntrack_lock); 195 write_unlock_bh(&nf_conntrack_lock);
196 } 196 }
197 197
@@ -202,7 +202,7 @@ retry:
202 goto retry; 202 goto retry;
203 } 203 }
204 204
205 nf_ct_protos[proto->l3proto][proto->proto] = proto; 205 nf_ct_protos[l4proto->l3proto][l4proto->l4proto] = l4proto;
206 206
207out_unlock: 207out_unlock:
208 write_unlock_bh(&nf_conntrack_lock); 208 write_unlock_bh(&nf_conntrack_lock);
@@ -210,16 +210,16 @@ out:
210 return ret; 210 return ret;
211} 211}
212 212
213void nf_conntrack_protocol_unregister(struct nf_conntrack_protocol *proto) 213void nf_conntrack_l4proto_unregister(struct nf_conntrack_l4proto *l4proto)
214{ 214{
215 write_lock_bh(&nf_conntrack_lock); 215 write_lock_bh(&nf_conntrack_lock);
216 nf_ct_protos[proto->l3proto][proto->proto] 216 nf_ct_protos[l4proto->l3proto][l4proto->l4proto]
217 = &nf_conntrack_generic_protocol; 217 = &nf_conntrack_l4proto_generic;
218 write_unlock_bh(&nf_conntrack_lock); 218 write_unlock_bh(&nf_conntrack_lock);
219 219
220 /* Somebody could be still looking at the proto in bh. */ 220 /* Somebody could be still looking at the proto in bh. */
221 synchronize_net(); 221 synchronize_net();
222 222
223 /* Remove all contrack entries for this protocol */ 223 /* Remove all contrack entries for this protocol */
224 nf_ct_iterate_cleanup(kill_proto, proto); 224 nf_ct_iterate_cleanup(kill_l4proto, l4proto);
225} 225}
diff --git a/net/netfilter/nf_conntrack_proto_generic.c b/net/netfilter/nf_conntrack_proto_generic.c
index 26408bb0955b..f44811e0b475 100644
--- a/net/netfilter/nf_conntrack_proto_generic.c
+++ b/net/netfilter/nf_conntrack_proto_generic.c
@@ -15,7 +15,7 @@
15#include <linux/sched.h> 15#include <linux/sched.h>
16#include <linux/timer.h> 16#include <linux/timer.h>
17#include <linux/netfilter.h> 17#include <linux/netfilter.h>
18#include <net/netfilter/nf_conntrack_protocol.h> 18#include <net/netfilter/nf_conntrack_l4proto.h>
19 19
20unsigned int nf_ct_generic_timeout __read_mostly = 600*HZ; 20unsigned int nf_ct_generic_timeout __read_mostly = 600*HZ;
21 21
@@ -71,10 +71,10 @@ static int new(struct nf_conn *conntrack, const struct sk_buff *skb,
71 return 1; 71 return 1;
72} 72}
73 73
74struct nf_conntrack_protocol nf_conntrack_generic_protocol = 74struct nf_conntrack_l4proto nf_conntrack_l4proto_generic =
75{ 75{
76 .l3proto = PF_UNSPEC, 76 .l3proto = PF_UNSPEC,
77 .proto = 0, 77 .l4proto = 0,
78 .name = "unknown", 78 .name = "unknown",
79 .pkt_to_tuple = generic_pkt_to_tuple, 79 .pkt_to_tuple = generic_pkt_to_tuple,
80 .invert_tuple = generic_invert_tuple, 80 .invert_tuple = generic_invert_tuple,
diff --git a/net/netfilter/nf_conntrack_proto_sctp.c b/net/netfilter/nf_conntrack_proto_sctp.c
index ba3e31f2acd7..5115619138e4 100644
--- a/net/netfilter/nf_conntrack_proto_sctp.c
+++ b/net/netfilter/nf_conntrack_proto_sctp.c
@@ -32,7 +32,7 @@
32#include <linux/interrupt.h> 32#include <linux/interrupt.h>
33 33
34#include <net/netfilter/nf_conntrack.h> 34#include <net/netfilter/nf_conntrack.h>
35#include <net/netfilter/nf_conntrack_protocol.h> 35#include <net/netfilter/nf_conntrack_l4proto.h>
36#include <net/netfilter/nf_conntrack_ecache.h> 36#include <net/netfilter/nf_conntrack_ecache.h>
37 37
38#if 0 38#if 0
@@ -509,9 +509,9 @@ static int sctp_new(struct nf_conn *conntrack, const struct sk_buff *skb,
509 return 1; 509 return 1;
510} 510}
511 511
512struct nf_conntrack_protocol nf_conntrack_protocol_sctp4 = { 512struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp4 = {
513 .l3proto = PF_INET, 513 .l3proto = PF_INET,
514 .proto = IPPROTO_SCTP, 514 .l4proto = IPPROTO_SCTP,
515 .name = "sctp", 515 .name = "sctp",
516 .pkt_to_tuple = sctp_pkt_to_tuple, 516 .pkt_to_tuple = sctp_pkt_to_tuple,
517 .invert_tuple = sctp_invert_tuple, 517 .invert_tuple = sctp_invert_tuple,
@@ -523,9 +523,9 @@ struct nf_conntrack_protocol nf_conntrack_protocol_sctp4 = {
523 .me = THIS_MODULE 523 .me = THIS_MODULE
524}; 524};
525 525
526struct nf_conntrack_protocol nf_conntrack_protocol_sctp6 = { 526struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp6 = {
527 .l3proto = PF_INET6, 527 .l3proto = PF_INET6,
528 .proto = IPPROTO_SCTP, 528 .l4proto = IPPROTO_SCTP,
529 .name = "sctp", 529 .name = "sctp",
530 .pkt_to_tuple = sctp_pkt_to_tuple, 530 .pkt_to_tuple = sctp_pkt_to_tuple,
531 .invert_tuple = sctp_invert_tuple, 531 .invert_tuple = sctp_invert_tuple,
@@ -625,14 +625,14 @@ int __init nf_conntrack_proto_sctp_init(void)
625{ 625{
626 int ret; 626 int ret;
627 627
628 ret = nf_conntrack_protocol_register(&nf_conntrack_protocol_sctp4); 628 ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_sctp4);
629 if (ret) { 629 if (ret) {
630 printk("nf_conntrack_proto_sctp4: protocol register failed\n"); 630 printk("nf_conntrack_l4proto_sctp4: protocol register failed\n");
631 goto out; 631 goto out;
632 } 632 }
633 ret = nf_conntrack_protocol_register(&nf_conntrack_protocol_sctp6); 633 ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_sctp6);
634 if (ret) { 634 if (ret) {
635 printk("nf_conntrack_proto_sctp6: protocol register failed\n"); 635 printk("nf_conntrack_l4proto_sctp6: protocol register failed\n");
636 goto cleanup_sctp4; 636 goto cleanup_sctp4;
637 } 637 }
638 638
@@ -648,10 +648,10 @@ int __init nf_conntrack_proto_sctp_init(void)
648 648
649#ifdef CONFIG_SYSCTL 649#ifdef CONFIG_SYSCTL
650 cleanup: 650 cleanup:
651 nf_conntrack_protocol_unregister(&nf_conntrack_protocol_sctp6); 651 nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_sctp6);
652#endif 652#endif
653 cleanup_sctp4: 653 cleanup_sctp4:
654 nf_conntrack_protocol_unregister(&nf_conntrack_protocol_sctp4); 654 nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_sctp4);
655 out: 655 out:
656 DEBUGP("SCTP conntrack module loading %s\n", 656 DEBUGP("SCTP conntrack module loading %s\n",
657 ret ? "failed": "succeeded"); 657 ret ? "failed": "succeeded");
@@ -660,8 +660,8 @@ int __init nf_conntrack_proto_sctp_init(void)
660 660
661void __exit nf_conntrack_proto_sctp_fini(void) 661void __exit nf_conntrack_proto_sctp_fini(void)
662{ 662{
663 nf_conntrack_protocol_unregister(&nf_conntrack_protocol_sctp6); 663 nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_sctp6);
664 nf_conntrack_protocol_unregister(&nf_conntrack_protocol_sctp4); 664 nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_sctp4);
665#ifdef CONFIG_SYSCTL 665#ifdef CONFIG_SYSCTL
666 unregister_sysctl_table(nf_ct_sysctl_header); 666 unregister_sysctl_table(nf_ct_sysctl_header);
667#endif 667#endif
diff --git a/net/netfilter/nf_conntrack_proto_tcp.c b/net/netfilter/nf_conntrack_proto_tcp.c
index e6b6f23ecdd6..32b88b7efc46 100644
--- a/net/netfilter/nf_conntrack_proto_tcp.c
+++ b/net/netfilter/nf_conntrack_proto_tcp.c
@@ -42,7 +42,7 @@
42#include <linux/netfilter_ipv4.h> 42#include <linux/netfilter_ipv4.h>
43#include <linux/netfilter_ipv6.h> 43#include <linux/netfilter_ipv6.h>
44#include <net/netfilter/nf_conntrack.h> 44#include <net/netfilter/nf_conntrack.h>
45#include <net/netfilter/nf_conntrack_protocol.h> 45#include <net/netfilter/nf_conntrack_l4proto.h>
46#include <net/netfilter/nf_conntrack_ecache.h> 46#include <net/netfilter/nf_conntrack_ecache.h>
47 47
48#if 0 48#if 0
@@ -1169,10 +1169,10 @@ static int nfattr_to_tcp(struct nfattr *cda[], struct nf_conn *ct)
1169} 1169}
1170#endif 1170#endif
1171 1171
1172struct nf_conntrack_protocol nf_conntrack_protocol_tcp4 = 1172struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp4 =
1173{ 1173{
1174 .l3proto = PF_INET, 1174 .l3proto = PF_INET,
1175 .proto = IPPROTO_TCP, 1175 .l4proto = IPPROTO_TCP,
1176 .name = "tcp", 1176 .name = "tcp",
1177 .pkt_to_tuple = tcp_pkt_to_tuple, 1177 .pkt_to_tuple = tcp_pkt_to_tuple,
1178 .invert_tuple = tcp_invert_tuple, 1178 .invert_tuple = tcp_invert_tuple,
@@ -1190,10 +1190,10 @@ struct nf_conntrack_protocol nf_conntrack_protocol_tcp4 =
1190#endif 1190#endif
1191}; 1191};
1192 1192
1193struct nf_conntrack_protocol nf_conntrack_protocol_tcp6 = 1193struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp6 =
1194{ 1194{
1195 .l3proto = PF_INET6, 1195 .l3proto = PF_INET6,
1196 .proto = IPPROTO_TCP, 1196 .l4proto = IPPROTO_TCP,
1197 .name = "tcp", 1197 .name = "tcp",
1198 .pkt_to_tuple = tcp_pkt_to_tuple, 1198 .pkt_to_tuple = tcp_pkt_to_tuple,
1199 .invert_tuple = tcp_invert_tuple, 1199 .invert_tuple = tcp_invert_tuple,
@@ -1211,5 +1211,5 @@ struct nf_conntrack_protocol nf_conntrack_protocol_tcp6 =
1211#endif 1211#endif
1212}; 1212};
1213 1213
1214EXPORT_SYMBOL(nf_conntrack_protocol_tcp4); 1214EXPORT_SYMBOL(nf_conntrack_l4proto_tcp4);
1215EXPORT_SYMBOL(nf_conntrack_protocol_tcp6); 1215EXPORT_SYMBOL(nf_conntrack_l4proto_tcp6);
diff --git a/net/netfilter/nf_conntrack_proto_udp.c b/net/netfilter/nf_conntrack_proto_udp.c
index cf9db035d39a..200d7d324362 100644
--- a/net/netfilter/nf_conntrack_proto_udp.c
+++ b/net/netfilter/nf_conntrack_proto_udp.c
@@ -26,7 +26,7 @@
26#include <linux/netfilter.h> 26#include <linux/netfilter.h>
27#include <linux/netfilter_ipv4.h> 27#include <linux/netfilter_ipv4.h>
28#include <linux/netfilter_ipv6.h> 28#include <linux/netfilter_ipv6.h>
29#include <net/netfilter/nf_conntrack_protocol.h> 29#include <net/netfilter/nf_conntrack_l4proto.h>
30#include <net/netfilter/nf_conntrack_ecache.h> 30#include <net/netfilter/nf_conntrack_ecache.h>
31 31
32unsigned int nf_ct_udp_timeout __read_mostly = 30*HZ; 32unsigned int nf_ct_udp_timeout __read_mostly = 30*HZ;
@@ -148,10 +148,10 @@ static int udp_error(struct sk_buff *skb, unsigned int dataoff,
148 return NF_ACCEPT; 148 return NF_ACCEPT;
149} 149}
150 150
151struct nf_conntrack_protocol nf_conntrack_protocol_udp4 = 151struct nf_conntrack_l4proto nf_conntrack_l4proto_udp4 =
152{ 152{
153 .l3proto = PF_INET, 153 .l3proto = PF_INET,
154 .proto = IPPROTO_UDP, 154 .l4proto = IPPROTO_UDP,
155 .name = "udp", 155 .name = "udp",
156 .pkt_to_tuple = udp_pkt_to_tuple, 156 .pkt_to_tuple = udp_pkt_to_tuple,
157 .invert_tuple = udp_invert_tuple, 157 .invert_tuple = udp_invert_tuple,
@@ -167,10 +167,10 @@ struct nf_conntrack_protocol nf_conntrack_protocol_udp4 =
167#endif 167#endif
168}; 168};
169 169
170struct nf_conntrack_protocol nf_conntrack_protocol_udp6 = 170struct nf_conntrack_l4proto nf_conntrack_l4proto_udp6 =
171{ 171{
172 .l3proto = PF_INET6, 172 .l3proto = PF_INET6,
173 .proto = IPPROTO_UDP, 173 .l4proto = IPPROTO_UDP,
174 .name = "udp", 174 .name = "udp",
175 .pkt_to_tuple = udp_pkt_to_tuple, 175 .pkt_to_tuple = udp_pkt_to_tuple,
176 .invert_tuple = udp_invert_tuple, 176 .invert_tuple = udp_invert_tuple,
@@ -186,5 +186,5 @@ struct nf_conntrack_protocol nf_conntrack_protocol_udp6 =
186#endif 186#endif
187}; 187};
188 188
189EXPORT_SYMBOL(nf_conntrack_protocol_udp4); 189EXPORT_SYMBOL(nf_conntrack_l4proto_udp4);
190EXPORT_SYMBOL(nf_conntrack_protocol_udp6); 190EXPORT_SYMBOL(nf_conntrack_l4proto_udp6);
diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c
index eb031d20e510..6ebac7d9ee69 100644
--- a/net/netfilter/nf_conntrack_standalone.c
+++ b/net/netfilter/nf_conntrack_standalone.c
@@ -35,7 +35,7 @@
35#include <net/netfilter/nf_conntrack.h> 35#include <net/netfilter/nf_conntrack.h>
36#include <net/netfilter/nf_conntrack_core.h> 36#include <net/netfilter/nf_conntrack_core.h>
37#include <net/netfilter/nf_conntrack_l3proto.h> 37#include <net/netfilter/nf_conntrack_l3proto.h>
38#include <net/netfilter/nf_conntrack_protocol.h> 38#include <net/netfilter/nf_conntrack_l4proto.h>
39#include <net/netfilter/nf_conntrack_expect.h> 39#include <net/netfilter/nf_conntrack_expect.h>
40#include <net/netfilter/nf_conntrack_helper.h> 40#include <net/netfilter/nf_conntrack_helper.h>
41 41
@@ -54,9 +54,9 @@ DECLARE_PER_CPU(struct ip_conntrack_stat, nf_conntrack_stat);
54int 54int
55print_tuple(struct seq_file *s, const struct nf_conntrack_tuple *tuple, 55print_tuple(struct seq_file *s, const struct nf_conntrack_tuple *tuple,
56 struct nf_conntrack_l3proto *l3proto, 56 struct nf_conntrack_l3proto *l3proto,
57 struct nf_conntrack_protocol *proto) 57 struct nf_conntrack_l4proto *l4proto)
58{ 58{
59 return l3proto->print_tuple(s, tuple) || proto->print_tuple(s, tuple); 59 return l3proto->print_tuple(s, tuple) || l4proto->print_tuple(s, tuple);
60} 60}
61 61
62#ifdef CONFIG_NF_CT_ACCT 62#ifdef CONFIG_NF_CT_ACCT
@@ -135,7 +135,7 @@ static int ct_seq_show(struct seq_file *s, void *v)
135 const struct nf_conntrack_tuple_hash *hash = v; 135 const struct nf_conntrack_tuple_hash *hash = v;
136 const struct nf_conn *conntrack = nf_ct_tuplehash_to_ctrack(hash); 136 const struct nf_conn *conntrack = nf_ct_tuplehash_to_ctrack(hash);
137 struct nf_conntrack_l3proto *l3proto; 137 struct nf_conntrack_l3proto *l3proto;
138 struct nf_conntrack_protocol *proto; 138 struct nf_conntrack_l4proto *l4proto;
139 139
140 ASSERT_READ_LOCK(&nf_conntrack_lock); 140 ASSERT_READ_LOCK(&nf_conntrack_lock);
141 NF_CT_ASSERT(conntrack); 141 NF_CT_ASSERT(conntrack);
@@ -148,16 +148,16 @@ static int ct_seq_show(struct seq_file *s, void *v)
148 .tuple.src.l3num); 148 .tuple.src.l3num);
149 149
150 NF_CT_ASSERT(l3proto); 150 NF_CT_ASSERT(l3proto);
151 proto = __nf_ct_proto_find(conntrack->tuplehash[IP_CT_DIR_ORIGINAL] 151 l4proto = __nf_ct_l4proto_find(conntrack->tuplehash[IP_CT_DIR_ORIGINAL]
152 .tuple.src.l3num, 152 .tuple.src.l3num,
153 conntrack->tuplehash[IP_CT_DIR_ORIGINAL] 153 conntrack->tuplehash[IP_CT_DIR_ORIGINAL]
154 .tuple.dst.protonum); 154 .tuple.dst.protonum);
155 NF_CT_ASSERT(proto); 155 NF_CT_ASSERT(l4proto);
156 156
157 if (seq_printf(s, "%-8s %u %-8s %u %ld ", 157 if (seq_printf(s, "%-8s %u %-8s %u %ld ",
158 l3proto->name, 158 l3proto->name,
159 conntrack->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num, 159 conntrack->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num,
160 proto->name, 160 l4proto->name,
161 conntrack->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum, 161 conntrack->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum,
162 timer_pending(&conntrack->timeout) 162 timer_pending(&conntrack->timeout)
163 ? (long)(conntrack->timeout.expires - jiffies)/HZ : 0) != 0) 163 ? (long)(conntrack->timeout.expires - jiffies)/HZ : 0) != 0)
@@ -166,11 +166,11 @@ static int ct_seq_show(struct seq_file *s, void *v)
166 if (l3proto->print_conntrack(s, conntrack)) 166 if (l3proto->print_conntrack(s, conntrack))
167 return -ENOSPC; 167 return -ENOSPC;
168 168
169 if (proto->print_conntrack(s, conntrack)) 169 if (l4proto->print_conntrack(s, conntrack))
170 return -ENOSPC; 170 return -ENOSPC;
171 171
172 if (print_tuple(s, &conntrack->tuplehash[IP_CT_DIR_ORIGINAL].tuple, 172 if (print_tuple(s, &conntrack->tuplehash[IP_CT_DIR_ORIGINAL].tuple,
173 l3proto, proto)) 173 l3proto, l4proto))
174 return -ENOSPC; 174 return -ENOSPC;
175 175
176 if (seq_print_counters(s, &conntrack->counters[IP_CT_DIR_ORIGINAL])) 176 if (seq_print_counters(s, &conntrack->counters[IP_CT_DIR_ORIGINAL]))
@@ -181,7 +181,7 @@ static int ct_seq_show(struct seq_file *s, void *v)
181 return -ENOSPC; 181 return -ENOSPC;
182 182
183 if (print_tuple(s, &conntrack->tuplehash[IP_CT_DIR_REPLY].tuple, 183 if (print_tuple(s, &conntrack->tuplehash[IP_CT_DIR_REPLY].tuple,
184 l3proto, proto)) 184 l3proto, l4proto))
185 return -ENOSPC; 185 return -ENOSPC;
186 186
187 if (seq_print_counters(s, &conntrack->counters[IP_CT_DIR_REPLY])) 187 if (seq_print_counters(s, &conntrack->counters[IP_CT_DIR_REPLY]))
@@ -655,8 +655,8 @@ EXPORT_SYMBOL(nf_ct_l3proto_try_module_get);
655EXPORT_SYMBOL(nf_ct_l3proto_module_put); 655EXPORT_SYMBOL(nf_ct_l3proto_module_put);
656EXPORT_SYMBOL(nf_conntrack_l3proto_register); 656EXPORT_SYMBOL(nf_conntrack_l3proto_register);
657EXPORT_SYMBOL(nf_conntrack_l3proto_unregister); 657EXPORT_SYMBOL(nf_conntrack_l3proto_unregister);
658EXPORT_SYMBOL(nf_conntrack_protocol_register); 658EXPORT_SYMBOL(nf_conntrack_l4proto_register);
659EXPORT_SYMBOL(nf_conntrack_protocol_unregister); 659EXPORT_SYMBOL(nf_conntrack_l4proto_unregister);
660EXPORT_SYMBOL(nf_ct_invert_tuplepr); 660EXPORT_SYMBOL(nf_ct_invert_tuplepr);
661EXPORT_SYMBOL(nf_conntrack_destroyed); 661EXPORT_SYMBOL(nf_conntrack_destroyed);
662EXPORT_SYMBOL(need_conntrack); 662EXPORT_SYMBOL(need_conntrack);
@@ -665,9 +665,9 @@ EXPORT_SYMBOL(nf_conntrack_helper_unregister);
665EXPORT_SYMBOL(nf_ct_iterate_cleanup); 665EXPORT_SYMBOL(nf_ct_iterate_cleanup);
666EXPORT_SYMBOL(__nf_ct_refresh_acct); 666EXPORT_SYMBOL(__nf_ct_refresh_acct);
667EXPORT_SYMBOL(nf_ct_protos); 667EXPORT_SYMBOL(nf_ct_protos);
668EXPORT_SYMBOL(__nf_ct_proto_find); 668EXPORT_SYMBOL(__nf_ct_l4proto_find);
669EXPORT_SYMBOL(nf_ct_proto_find_get); 669EXPORT_SYMBOL(nf_ct_l4proto_find_get);
670EXPORT_SYMBOL(nf_ct_proto_put); 670EXPORT_SYMBOL(nf_ct_l4proto_put);
671EXPORT_SYMBOL(nf_ct_l3proto_find_get); 671EXPORT_SYMBOL(nf_ct_l3proto_find_get);
672EXPORT_SYMBOL(nf_ct_l3proto_put); 672EXPORT_SYMBOL(nf_ct_l3proto_put);
673EXPORT_SYMBOL(nf_ct_l3protos); 673EXPORT_SYMBOL(nf_ct_l3protos);