diff options
| author | Tim Gardner <tim.gardner@canonical.com> | 2010-06-25 08:46:56 -0400 |
|---|---|---|
| committer | Patrick McHardy <kaber@trash.net> | 2010-06-25 08:46:56 -0400 |
| commit | d70a011dbbaa6335a19deb63ec3eb613f48faafd (patch) | |
| tree | 4e48761050dd9131fc8435972300a1e83f6e1012 | |
| parent | a8756201ba4189bca3ee1a6ec4e290f467ee09ab (diff) | |
netfilter: complete the deprecation of CONFIG_NF_CT_ACCT
CONFIG_NF_CT_ACCT has been deprecated for awhile and
was originally scheduled for removal by 2.6.29.
Removing support for this config option also stops
this deprecation warning message in the kernel log.
[ 61.669627] nf_conntrack version 0.5.0 (16384 buckets, 65536 max)
[ 61.669850] CONFIG_NF_CT_ACCT is deprecated and will be removed soon. Please use
[ 61.669852] nf_conntrack.acct=1 kernel parameter, acct=1 nf_conntrack module option or
[ 61.669853] sysctl net.netfilter.nf_conntrack_acct=1 to enable it.
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
[Patrick: changed default value to 0]
Signed-off-by: Patrick McHardy <kaber@trash.net>
| -rw-r--r-- | Documentation/feature-removal-schedule.txt | 9 | ||||
| -rw-r--r-- | Documentation/kernel-parameters.txt | 3 | ||||
| -rw-r--r-- | net/netfilter/Kconfig | 22 | ||||
| -rw-r--r-- | net/netfilter/nf_conntrack_acct.c | 14 |
4 files changed, 2 insertions, 46 deletions
diff --git a/Documentation/feature-removal-schedule.txt b/Documentation/feature-removal-schedule.txt index 672be0109d02..92f021aac92c 100644 --- a/Documentation/feature-removal-schedule.txt +++ b/Documentation/feature-removal-schedule.txt | |||
| @@ -303,15 +303,6 @@ Who: Johannes Berg <johannes@sipsolutions.net> | |||
| 303 | 303 | ||
| 304 | --------------------------- | 304 | --------------------------- |
| 305 | 305 | ||
| 306 | What: CONFIG_NF_CT_ACCT | ||
| 307 | When: 2.6.29 | ||
| 308 | Why: Accounting can now be enabled/disabled without kernel recompilation. | ||
| 309 | Currently used only to set a default value for a feature that is also | ||
| 310 | controlled by a kernel/module/sysfs/sysctl parameter. | ||
| 311 | Who: Krzysztof Piotr Oledzki <ole@ans.pl> | ||
| 312 | |||
| 313 | --------------------------- | ||
| 314 | |||
| 315 | What: sysfs ui for changing p4-clockmod parameters | 306 | What: sysfs ui for changing p4-clockmod parameters |
| 316 | When: September 2009 | 307 | When: September 2009 |
| 317 | Why: See commits 129f8ae9b1b5be94517da76009ea956e89104ce8 and | 308 | Why: See commits 129f8ae9b1b5be94517da76009ea956e89104ce8 and |
diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt index 1808f1157f30..cee62515ffa1 100644 --- a/Documentation/kernel-parameters.txt +++ b/Documentation/kernel-parameters.txt | |||
| @@ -1597,8 +1597,7 @@ and is between 256 and 4096 characters. It is defined in the file | |||
| 1597 | [NETFILTER] Enable connection tracking flow accounting | 1597 | [NETFILTER] Enable connection tracking flow accounting |
| 1598 | 0 to disable accounting | 1598 | 0 to disable accounting |
| 1599 | 1 to enable accounting | 1599 | 1 to enable accounting |
| 1600 | Default value depends on CONFIG_NF_CT_ACCT that is | 1600 | Default value is 0. |
| 1601 | going to be removed in 2.6.29. | ||
| 1602 | 1601 | ||
| 1603 | nfsaddrs= [NFS] | 1602 | nfsaddrs= [NFS] |
| 1604 | See Documentation/filesystems/nfs/nfsroot.txt. | 1603 | See Documentation/filesystems/nfs/nfsroot.txt. |
diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig index 21be53598987..aa2f106347e4 100644 --- a/net/netfilter/Kconfig +++ b/net/netfilter/Kconfig | |||
| @@ -40,27 +40,6 @@ config NF_CONNTRACK | |||
| 40 | 40 | ||
| 41 | if NF_CONNTRACK | 41 | if NF_CONNTRACK |
| 42 | 42 | ||
| 43 | config NF_CT_ACCT | ||
| 44 | bool "Connection tracking flow accounting" | ||
| 45 | depends on NETFILTER_ADVANCED | ||
| 46 | help | ||
| 47 | If this option is enabled, the connection tracking code will | ||
| 48 | keep per-flow packet and byte counters. | ||
| 49 | |||
| 50 | Those counters can be used for flow-based accounting or the | ||
| 51 | `connbytes' match. | ||
| 52 | |||
| 53 | Please note that currently this option only sets a default state. | ||
| 54 | You may change it at boot time with nf_conntrack.acct=0/1 kernel | ||
| 55 | parameter or by loading the nf_conntrack module with acct=0/1. | ||
| 56 | |||
| 57 | You may also disable/enable it on a running system with: | ||
| 58 | sysctl net.netfilter.nf_conntrack_acct=0/1 | ||
| 59 | |||
| 60 | This option will be removed in 2.6.29. | ||
| 61 | |||
| 62 | If unsure, say `N'. | ||
| 63 | |||
| 64 | config NF_CONNTRACK_MARK | 43 | config NF_CONNTRACK_MARK |
| 65 | bool 'Connection mark tracking support' | 44 | bool 'Connection mark tracking support' |
| 66 | depends on NETFILTER_ADVANCED | 45 | depends on NETFILTER_ADVANCED |
| @@ -630,7 +609,6 @@ config NETFILTER_XT_MATCH_CONNBYTES | |||
| 630 | tristate '"connbytes" per-connection counter match support' | 609 | tristate '"connbytes" per-connection counter match support' |
| 631 | depends on NF_CONNTRACK | 610 | depends on NF_CONNTRACK |
| 632 | depends on NETFILTER_ADVANCED | 611 | depends on NETFILTER_ADVANCED |
| 633 | select NF_CT_ACCT | ||
| 634 | help | 612 | help |
| 635 | This option adds a `connbytes' match, which allows you to match the | 613 | This option adds a `connbytes' match, which allows you to match the |
| 636 | number of bytes and/or packets for each direction within a connection. | 614 | number of bytes and/or packets for each direction within a connection. |
diff --git a/net/netfilter/nf_conntrack_acct.c b/net/netfilter/nf_conntrack_acct.c index ab81b380eae6..5178c691ecbf 100644 --- a/net/netfilter/nf_conntrack_acct.c +++ b/net/netfilter/nf_conntrack_acct.c | |||
| @@ -17,13 +17,7 @@ | |||
| 17 | #include <net/netfilter/nf_conntrack_extend.h> | 17 | #include <net/netfilter/nf_conntrack_extend.h> |
| 18 | #include <net/netfilter/nf_conntrack_acct.h> | 18 | #include <net/netfilter/nf_conntrack_acct.h> |
| 19 | 19 | ||
| 20 | #ifdef CONFIG_NF_CT_ACCT | 20 | static int nf_ct_acct __read_mostly; |
| 21 | #define NF_CT_ACCT_DEFAULT 1 | ||
| 22 | #else | ||
| 23 | #define NF_CT_ACCT_DEFAULT 0 | ||
| 24 | #endif | ||
| 25 | |||
| 26 | static int nf_ct_acct __read_mostly = NF_CT_ACCT_DEFAULT; | ||
| 27 | 21 | ||
| 28 | module_param_named(acct, nf_ct_acct, bool, 0644); | 22 | module_param_named(acct, nf_ct_acct, bool, 0644); |
| 29 | MODULE_PARM_DESC(acct, "Enable connection tracking flow accounting."); | 23 | MODULE_PARM_DESC(acct, "Enable connection tracking flow accounting."); |
| @@ -114,12 +108,6 @@ int nf_conntrack_acct_init(struct net *net) | |||
| 114 | net->ct.sysctl_acct = nf_ct_acct; | 108 | net->ct.sysctl_acct = nf_ct_acct; |
| 115 | 109 | ||
| 116 | if (net_eq(net, &init_net)) { | 110 | if (net_eq(net, &init_net)) { |
| 117 | #ifdef CONFIG_NF_CT_ACCT | ||
| 118 | printk(KERN_WARNING "CONFIG_NF_CT_ACCT is deprecated and will be removed soon. Please use\n"); | ||
| 119 | printk(KERN_WARNING "nf_conntrack.acct=1 kernel parameter, acct=1 nf_conntrack module option or\n"); | ||
| 120 | printk(KERN_WARNING "sysctl net.netfilter.nf_conntrack_acct=1 to enable it.\n"); | ||
| 121 | #endif | ||
| 122 | |||
| 123 | ret = nf_ct_extend_register(&acct_extend); | 111 | ret = nf_ct_extend_register(&acct_extend); |
| 124 | if (ret < 0) { | 112 | if (ret < 0) { |
| 125 | printk(KERN_ERR "nf_conntrack_acct: Unable to register extension\n"); | 113 | printk(KERN_ERR "nf_conntrack_acct: Unable to register extension\n"); |