diff options
author | Tim Gardner <tim.gardner@canonical.com> | 2010-06-25 08:46:56 -0400 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2010-06-25 08:46:56 -0400 |
commit | d70a011dbbaa6335a19deb63ec3eb613f48faafd (patch) | |
tree | 4e48761050dd9131fc8435972300a1e83f6e1012 | |
parent | a8756201ba4189bca3ee1a6ec4e290f467ee09ab (diff) |
netfilter: complete the deprecation of CONFIG_NF_CT_ACCT
CONFIG_NF_CT_ACCT has been deprecated for awhile and
was originally scheduled for removal by 2.6.29.
Removing support for this config option also stops
this deprecation warning message in the kernel log.
[ 61.669627] nf_conntrack version 0.5.0 (16384 buckets, 65536 max)
[ 61.669850] CONFIG_NF_CT_ACCT is deprecated and will be removed soon. Please use
[ 61.669852] nf_conntrack.acct=1 kernel parameter, acct=1 nf_conntrack module option or
[ 61.669853] sysctl net.netfilter.nf_conntrack_acct=1 to enable it.
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
[Patrick: changed default value to 0]
Signed-off-by: Patrick McHardy <kaber@trash.net>
-rw-r--r-- | Documentation/feature-removal-schedule.txt | 9 | ||||
-rw-r--r-- | Documentation/kernel-parameters.txt | 3 | ||||
-rw-r--r-- | net/netfilter/Kconfig | 22 | ||||
-rw-r--r-- | net/netfilter/nf_conntrack_acct.c | 14 |
4 files changed, 2 insertions, 46 deletions
diff --git a/Documentation/feature-removal-schedule.txt b/Documentation/feature-removal-schedule.txt index 672be0109d02..92f021aac92c 100644 --- a/Documentation/feature-removal-schedule.txt +++ b/Documentation/feature-removal-schedule.txt | |||
@@ -303,15 +303,6 @@ Who: Johannes Berg <johannes@sipsolutions.net> | |||
303 | 303 | ||
304 | --------------------------- | 304 | --------------------------- |
305 | 305 | ||
306 | What: CONFIG_NF_CT_ACCT | ||
307 | When: 2.6.29 | ||
308 | Why: Accounting can now be enabled/disabled without kernel recompilation. | ||
309 | Currently used only to set a default value for a feature that is also | ||
310 | controlled by a kernel/module/sysfs/sysctl parameter. | ||
311 | Who: Krzysztof Piotr Oledzki <ole@ans.pl> | ||
312 | |||
313 | --------------------------- | ||
314 | |||
315 | What: sysfs ui for changing p4-clockmod parameters | 306 | What: sysfs ui for changing p4-clockmod parameters |
316 | When: September 2009 | 307 | When: September 2009 |
317 | Why: See commits 129f8ae9b1b5be94517da76009ea956e89104ce8 and | 308 | Why: See commits 129f8ae9b1b5be94517da76009ea956e89104ce8 and |
diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt index 1808f1157f30..cee62515ffa1 100644 --- a/Documentation/kernel-parameters.txt +++ b/Documentation/kernel-parameters.txt | |||
@@ -1597,8 +1597,7 @@ and is between 256 and 4096 characters. It is defined in the file | |||
1597 | [NETFILTER] Enable connection tracking flow accounting | 1597 | [NETFILTER] Enable connection tracking flow accounting |
1598 | 0 to disable accounting | 1598 | 0 to disable accounting |
1599 | 1 to enable accounting | 1599 | 1 to enable accounting |
1600 | Default value depends on CONFIG_NF_CT_ACCT that is | 1600 | Default value is 0. |
1601 | going to be removed in 2.6.29. | ||
1602 | 1601 | ||
1603 | nfsaddrs= [NFS] | 1602 | nfsaddrs= [NFS] |
1604 | See Documentation/filesystems/nfs/nfsroot.txt. | 1603 | See Documentation/filesystems/nfs/nfsroot.txt. |
diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig index 21be53598987..aa2f106347e4 100644 --- a/net/netfilter/Kconfig +++ b/net/netfilter/Kconfig | |||
@@ -40,27 +40,6 @@ config NF_CONNTRACK | |||
40 | 40 | ||
41 | if NF_CONNTRACK | 41 | if NF_CONNTRACK |
42 | 42 | ||
43 | config NF_CT_ACCT | ||
44 | bool "Connection tracking flow accounting" | ||
45 | depends on NETFILTER_ADVANCED | ||
46 | help | ||
47 | If this option is enabled, the connection tracking code will | ||
48 | keep per-flow packet and byte counters. | ||
49 | |||
50 | Those counters can be used for flow-based accounting or the | ||
51 | `connbytes' match. | ||
52 | |||
53 | Please note that currently this option only sets a default state. | ||
54 | You may change it at boot time with nf_conntrack.acct=0/1 kernel | ||
55 | parameter or by loading the nf_conntrack module with acct=0/1. | ||
56 | |||
57 | You may also disable/enable it on a running system with: | ||
58 | sysctl net.netfilter.nf_conntrack_acct=0/1 | ||
59 | |||
60 | This option will be removed in 2.6.29. | ||
61 | |||
62 | If unsure, say `N'. | ||
63 | |||
64 | config NF_CONNTRACK_MARK | 43 | config NF_CONNTRACK_MARK |
65 | bool 'Connection mark tracking support' | 44 | bool 'Connection mark tracking support' |
66 | depends on NETFILTER_ADVANCED | 45 | depends on NETFILTER_ADVANCED |
@@ -630,7 +609,6 @@ config NETFILTER_XT_MATCH_CONNBYTES | |||
630 | tristate '"connbytes" per-connection counter match support' | 609 | tristate '"connbytes" per-connection counter match support' |
631 | depends on NF_CONNTRACK | 610 | depends on NF_CONNTRACK |
632 | depends on NETFILTER_ADVANCED | 611 | depends on NETFILTER_ADVANCED |
633 | select NF_CT_ACCT | ||
634 | help | 612 | help |
635 | This option adds a `connbytes' match, which allows you to match the | 613 | This option adds a `connbytes' match, which allows you to match the |
636 | number of bytes and/or packets for each direction within a connection. | 614 | number of bytes and/or packets for each direction within a connection. |
diff --git a/net/netfilter/nf_conntrack_acct.c b/net/netfilter/nf_conntrack_acct.c index ab81b380eae6..5178c691ecbf 100644 --- a/net/netfilter/nf_conntrack_acct.c +++ b/net/netfilter/nf_conntrack_acct.c | |||
@@ -17,13 +17,7 @@ | |||
17 | #include <net/netfilter/nf_conntrack_extend.h> | 17 | #include <net/netfilter/nf_conntrack_extend.h> |
18 | #include <net/netfilter/nf_conntrack_acct.h> | 18 | #include <net/netfilter/nf_conntrack_acct.h> |
19 | 19 | ||
20 | #ifdef CONFIG_NF_CT_ACCT | 20 | static int nf_ct_acct __read_mostly; |
21 | #define NF_CT_ACCT_DEFAULT 1 | ||
22 | #else | ||
23 | #define NF_CT_ACCT_DEFAULT 0 | ||
24 | #endif | ||
25 | |||
26 | static int nf_ct_acct __read_mostly = NF_CT_ACCT_DEFAULT; | ||
27 | 21 | ||
28 | module_param_named(acct, nf_ct_acct, bool, 0644); | 22 | module_param_named(acct, nf_ct_acct, bool, 0644); |
29 | MODULE_PARM_DESC(acct, "Enable connection tracking flow accounting."); | 23 | MODULE_PARM_DESC(acct, "Enable connection tracking flow accounting."); |
@@ -114,12 +108,6 @@ int nf_conntrack_acct_init(struct net *net) | |||
114 | net->ct.sysctl_acct = nf_ct_acct; | 108 | net->ct.sysctl_acct = nf_ct_acct; |
115 | 109 | ||
116 | if (net_eq(net, &init_net)) { | 110 | if (net_eq(net, &init_net)) { |
117 | #ifdef CONFIG_NF_CT_ACCT | ||
118 | printk(KERN_WARNING "CONFIG_NF_CT_ACCT is deprecated and will be removed soon. Please use\n"); | ||
119 | printk(KERN_WARNING "nf_conntrack.acct=1 kernel parameter, acct=1 nf_conntrack module option or\n"); | ||
120 | printk(KERN_WARNING "sysctl net.netfilter.nf_conntrack_acct=1 to enable it.\n"); | ||
121 | #endif | ||
122 | |||
123 | ret = nf_ct_extend_register(&acct_extend); | 111 | ret = nf_ct_extend_register(&acct_extend); |
124 | if (ret < 0) { | 112 | if (ret < 0) { |
125 | printk(KERN_ERR "nf_conntrack_acct: Unable to register extension\n"); | 113 | printk(KERN_ERR "nf_conntrack_acct: Unable to register extension\n"); |