Merge branch 'master' of git://1984.lsi.us.es/net-next

author: David S. Miller <davem@davemloft.net> 2012-05-08 14:40:21 -0400
committer: David S. Miller <davem@davemloft.net> 2012-05-08 14:40:21 -0400
commit: 9bb862beb6e5839e92f709d33fda07678f062f20 (patch)
tree: a2c396712c5a2cda380034173fd07a67bfa0489f /include/linux
parent: b44907e64cc1987153f6577306108379be1523b7 (diff)
parent: d16cf20e2f2f13411eece7f7fb72c17d141c4a84 (diff)
5 files changed, 10 insertions, 74 deletions
diff --git a/include/linux/ip_vs.h b/include/linux/ip_vs.h
index be0ef3df4acb..8a2d438dc499 100644
--- a/include/linux/ip_vs.h
+++ b/include/linux/ip_vs.h
@@ -89,6 +89,7 @@
 #define IP_VS_CONN_F_TEMPLATE   0x1000          /* template, not connection */
 #define IP_VS_CONN_F_ONE_PACKET 0x2000          /* forward only one packet */
+/* Initial bits allowed in backup server */
 #define IP_VS_CONN_F_BACKUP_MASK (IP_VS_CONN_F_FWD_MASK | \
                                  IP_VS_CONN_F_NOOUTPUT | \
                                  IP_VS_CONN_F_INACTIVE | \
@@ -97,6 +98,10 @@
                                  IP_VS_CONN_F_TEMPLATE \
                                 )
+/* Bits allowed to update in backup server */
+#define IP_VS_CONN_F_BACKUP_UPD_MASK (IP_VS_CONN_F_INACTIVE | \
+                                      IP_VS_CONN_F_SEQ_MASK)
 /* Flags that are not sent to backup server start from bit 16 */
 #define IP_VS_CONN_F_NFCT       (1 << 16)       /* use netfilter conntrack */
diff --git a/include/linux/netfilter/nf_conntrack_common.h b/include/linux/netfilter/nf_conntrack_common.h
index 0d3dd66322ec..d146872a0b91 100644
--- a/include/linux/netfilter/nf_conntrack_common.h
+++ b/include/linux/netfilter/nf_conntrack_common.h
@@ -83,6 +83,10 @@ enum ip_conntrack_status {
        /* Conntrack is a fake untracked entry */
        IPS_UNTRACKED_BIT = 12,
        IPS_UNTRACKED = (1 << IPS_UNTRACKED_BIT),
+        /* Conntrack got a helper explicitly attached via CT target. */
+        IPS_HELPER_BIT = 13,
+        IPS_HELPER = (1 << IPS_HELPER_BIT),
 };
 /* Connection tracking event types */
diff --git a/include/linux/netfilter_ipv4/Kbuild b/include/linux/netfilter_ipv4/Kbuild
index 31f8bec95650..c61b8fb1a9ef 100644
--- a/include/linux/netfilter_ipv4/Kbuild
+++ b/include/linux/netfilter_ipv4/Kbuild
@@ -1,4 +1,3 @@
-header-y += ip_queue.h
 header-y += ip_tables.h
 header-y += ipt_CLUSTERIP.h
 header-y += ipt_ECN.h
diff --git a/include/linux/netfilter_ipv4/ip_queue.h b/include/linux/netfilter_ipv4/ip_queue.h
deleted file mode 100644
index a03507f465f8..000000000000
--- a/include/linux/netfilter_ipv4/ip_queue.h
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * This is a module which is used for queueing IPv4 packets and
- * communicating with userspace via netlink.
- *
- * (C) 2000 James Morris, this code is GPL.
- */
-#ifndef _IP_QUEUE_H
-#define _IP_QUEUE_H
-#ifdef __KERNEL__
-#ifdef DEBUG_IPQ
-#define QDEBUG(x...) printk(KERN_DEBUG ## x)
-#else
-#define QDEBUG(x...)
-#endif  /* DEBUG_IPQ */
-#else
-#include <net/if.h>
-#endif  /* ! __KERNEL__ */
-/* Messages sent from kernel */
-typedef struct ipq_packet_msg {
-        unsigned long packet_id;        /* ID of queued packet */
-        unsigned long mark;             /* Netfilter mark value */
-        long timestamp_sec;             /* Packet arrival time (seconds) */
-        long timestamp_usec;            /* Packet arrvial time (+useconds) */
-        unsigned int hook;              /* Netfilter hook we rode in on */
-        char indev_name[IFNAMSIZ];      /* Name of incoming interface */
-        char outdev_name[IFNAMSIZ];     /* Name of outgoing interface */
-        __be16 hw_protocol;             /* Hardware protocol (network order) */
-        unsigned short hw_type;         /* Hardware type */
-        unsigned char hw_addrlen;       /* Hardware address length */
-        unsigned char hw_addr[8];       /* Hardware address */
-        size_t data_len;                /* Length of packet data */
-        unsigned char payload[0];       /* Optional packet data */
-} ipq_packet_msg_t;
-/* Messages sent from userspace */
-typedef struct ipq_mode_msg {
-        unsigned char value;            /* Requested mode */
-        size_t range;                   /* Optional range of packet requested */
-} ipq_mode_msg_t;
-typedef struct ipq_verdict_msg {
-        unsigned int value;             /* Verdict to hand to netfilter */
-        unsigned long id;               /* Packet ID for this verdict */
-        size_t data_len;                /* Length of replacement data */
-        unsigned char payload[0];       /* Optional replacement packet */
-} ipq_verdict_msg_t;
-typedef struct ipq_peer_msg {
-        union {
-                ipq_verdict_msg_t verdict;
-                ipq_mode_msg_t mode;
-        } msg;
-} ipq_peer_msg_t;
-/* Packet delivery modes */
-enum {
-        IPQ_COPY_NONE,          /* Initial mode, packets are dropped */
-        IPQ_COPY_META,          /* Copy metadata */
-        IPQ_COPY_PACKET         /* Copy metadata + packet (range) */
-};
-#define IPQ_COPY_MAX IPQ_COPY_PACKET
-/* Types of messages */
-#define IPQM_BASE       0x10    /* standard netlink messages below this */
-#define IPQM_MODE       (IPQM_BASE + 1)         /* Mode request from peer */
-#define IPQM_VERDICT    (IPQM_BASE + 2)         /* Verdict from peer */ 
-#define IPQM_PACKET     (IPQM_BASE + 3)         /* Packet from kernel */
-#define IPQM_MAX        (IPQM_BASE + 4)
-#endif /*_IP_QUEUE_H*/
diff --git a/include/linux/netlink.h b/include/linux/netlink.h
index a2092f582a78..0f628ffa420c 100644
--- a/include/linux/netlink.h
+++ b/include/linux/netlink.h
@@ -7,7 +7,7 @@
 #define NETLINK_ROUTE           0       /* Routing/device hook                          */
 #define NETLINK_UNUSED          1       /* Unused number                                */
 #define NETLINK_USERSOCK        2       /* Reserved for user mode socket protocols      */
-#define NETLINK_FIREWALL        3       /* Firewalling hook                             */
+#define NETLINK_FIREWALL        3       /* Unused number, formerly ip_queue             */
 #define NETLINK_SOCK_DIAG       4       /* socket monitoring                            */
 #define NETLINK_NFLOG           5       /* netfilter/iptables ULOG */
 #define NETLINK_XFRM            6       /* ipsec */
author	David S. Miller <davem@davemloft.net>	2012-05-08 14:40:21 -0400
committer	David S. Miller <davem@davemloft.net>	2012-05-08 14:40:21 -0400
commit	9bb862beb6e5839e92f709d33fda07678f062f20 (patch)
tree	a2c396712c5a2cda380034173fd07a67bfa0489f /include/linux
parent	b44907e64cc1987153f6577306108379be1523b7 (diff)
parent	d16cf20e2f2f13411eece7f7fb72c17d141c4a84 (diff)

diff --git a/include/linux/ip_vs.h b/include/linux/ip_vs.h index be0ef3df4acb..8a2d438dc499 100644 --- a/include/linux/ip_vs.h +++ b/include/linux/ip_vs.h
@@ -89,6 +89,7 @@
89	#define IP_VS_CONN_F_TEMPLATE 0x1000 /* template, not connection */	89	#define IP_VS_CONN_F_TEMPLATE 0x1000 /* template, not connection */
90	#define IP_VS_CONN_F_ONE_PACKET 0x2000 /* forward only one packet */	90	#define IP_VS_CONN_F_ONE_PACKET 0x2000 /* forward only one packet */
91		91
		92	/* Initial bits allowed in backup server */
92	#define IP_VS_CONN_F_BACKUP_MASK (IP_VS_CONN_F_FWD_MASK \| \	93	#define IP_VS_CONN_F_BACKUP_MASK (IP_VS_CONN_F_FWD_MASK \| \
93	IP_VS_CONN_F_NOOUTPUT \| \	94	IP_VS_CONN_F_NOOUTPUT \| \
94	IP_VS_CONN_F_INACTIVE \| \	95	IP_VS_CONN_F_INACTIVE \| \
@@ -97,6 +98,10 @@
97	IP_VS_CONN_F_TEMPLATE \	98	IP_VS_CONN_F_TEMPLATE \
98	)	99	)
99		100
		101	/* Bits allowed to update in backup server */
		102	#define IP_VS_CONN_F_BACKUP_UPD_MASK (IP_VS_CONN_F_INACTIVE \| \
		103	IP_VS_CONN_F_SEQ_MASK)
		104
100	/* Flags that are not sent to backup server start from bit 16 */	105	/* Flags that are not sent to backup server start from bit 16 */
101	#define IP_VS_CONN_F_NFCT (1 << 16) /* use netfilter conntrack */	106	#define IP_VS_CONN_F_NFCT (1 << 16) /* use netfilter conntrack */
102		107


diff --git a/include/linux/netfilter/nf_conntrack_common.h b/include/linux/netfilter/nf_conntrack_common.h index 0d3dd66322ec..d146872a0b91 100644 --- a/include/linux/netfilter/nf_conntrack_common.h +++ b/include/linux/netfilter/nf_conntrack_common.h
@@ -83,6 +83,10 @@ enum ip_conntrack_status {
83	/* Conntrack is a fake untracked entry */	83	/* Conntrack is a fake untracked entry */
84	IPS_UNTRACKED_BIT = 12,	84	IPS_UNTRACKED_BIT = 12,
85	IPS_UNTRACKED = (1 << IPS_UNTRACKED_BIT),	85	IPS_UNTRACKED = (1 << IPS_UNTRACKED_BIT),
		86
		87	/* Conntrack got a helper explicitly attached via CT target. */
		88	IPS_HELPER_BIT = 13,
		89	IPS_HELPER = (1 << IPS_HELPER_BIT),
86	};	90	};
87		91
88	/* Connection tracking event types */	92	/* Connection tracking event types */


diff --git a/include/linux/netfilter_ipv4/Kbuild b/include/linux/netfilter_ipv4/Kbuild index 31f8bec95650..c61b8fb1a9ef 100644 --- a/include/linux/netfilter_ipv4/Kbuild +++ b/include/linux/netfilter_ipv4/Kbuild
@@ -1,4 +1,3 @@
1	header-y += ip_queue.h
2	header-y += ip_tables.h	1	header-y += ip_tables.h
3	header-y += ipt_CLUSTERIP.h	2	header-y += ipt_CLUSTERIP.h
4	header-y += ipt_ECN.h	3	header-y += ipt_ECN.h


diff --git a/include/linux/netfilter_ipv4/ip_queue.h b/include/linux/netfilter_ipv4/ip_queue.h deleted file mode 100644 index a03507f465f8..000000000000 --- a/include/linux/netfilter_ipv4/ip_queue.h +++ /dev/null
@@ -1,72 +0,0 @@
1	/*
2	* This is a module which is used for queueing IPv4 packets and
3	* communicating with userspace via netlink.
4	*
5	* (C) 2000 James Morris, this code is GPL.
6	*/
7	#ifndef _IP_QUEUE_H
8	#define _IP_QUEUE_H
9
10	#ifdef __KERNEL__
11	#ifdef DEBUG_IPQ
12	#define QDEBUG(x...) printk(KERN_DEBUG ## x)
13	#else
14	#define QDEBUG(x...)
15	#endif /* DEBUG_IPQ */
16	#else
17	#include <net/if.h>
18	#endif /* ! __KERNEL__ */
19
20	/* Messages sent from kernel */
21	typedef struct ipq_packet_msg {
22	unsigned long packet_id; /* ID of queued packet */
23	unsigned long mark; /* Netfilter mark value */
24	long timestamp_sec; /* Packet arrival time (seconds) */
25	long timestamp_usec; /* Packet arrvial time (+useconds) */
26	unsigned int hook; /* Netfilter hook we rode in on */
27	char indev_name[IFNAMSIZ]; /* Name of incoming interface */
28	char outdev_name[IFNAMSIZ]; /* Name of outgoing interface */
29	__be16 hw_protocol; /* Hardware protocol (network order) */
30	unsigned short hw_type; /* Hardware type */
31	unsigned char hw_addrlen; /* Hardware address length */
32	unsigned char hw_addr[8]; /* Hardware address */
33	size_t data_len; /* Length of packet data */
34	unsigned char payload[0]; /* Optional packet data */
35	} ipq_packet_msg_t;
36
37	/* Messages sent from userspace */
38	typedef struct ipq_mode_msg {
39	unsigned char value; /* Requested mode */
40	size_t range; /* Optional range of packet requested */
41	} ipq_mode_msg_t;
42
43	typedef struct ipq_verdict_msg {
44	unsigned int value; /* Verdict to hand to netfilter */
45	unsigned long id; /* Packet ID for this verdict */
46	size_t data_len; /* Length of replacement data */
47	unsigned char payload[0]; /* Optional replacement packet */
48	} ipq_verdict_msg_t;
49
50	typedef struct ipq_peer_msg {
51	union {
52	ipq_verdict_msg_t verdict;
53	ipq_mode_msg_t mode;
54	} msg;
55	} ipq_peer_msg_t;
56
57	/* Packet delivery modes */
58	enum {
59	IPQ_COPY_NONE, /* Initial mode, packets are dropped */
60	IPQ_COPY_META, /* Copy metadata */
61	IPQ_COPY_PACKET /* Copy metadata + packet (range) */
62	};
63	#define IPQ_COPY_MAX IPQ_COPY_PACKET
64
65	/* Types of messages */
66	#define IPQM_BASE 0x10 /* standard netlink messages below this */
67	#define IPQM_MODE (IPQM_BASE + 1) /* Mode request from peer */
68	#define IPQM_VERDICT (IPQM_BASE + 2) /* Verdict from peer */
69	#define IPQM_PACKET (IPQM_BASE + 3) /* Packet from kernel */
70	#define IPQM_MAX (IPQM_BASE + 4)
71
72	#endif /_IP_QUEUE_H/


diff --git a/include/linux/netlink.h b/include/linux/netlink.h index a2092f582a78..0f628ffa420c 100644 --- a/include/linux/netlink.h +++ b/include/linux/netlink.h
@@ -7,7 +7,7 @@
7	#define NETLINK_ROUTE 0 /* Routing/device hook */	7	#define NETLINK_ROUTE 0 /* Routing/device hook */
8	#define NETLINK_UNUSED 1 /* Unused number */	8	#define NETLINK_UNUSED 1 /* Unused number */
9	#define NETLINK_USERSOCK 2 /* Reserved for user mode socket protocols */	9	#define NETLINK_USERSOCK 2 /* Reserved for user mode socket protocols */
10	#define NETLINK_FIREWALL 3 /* Firewalling hook */	10	#define NETLINK_FIREWALL 3 /* Unused number, formerly ip_queue */
11	#define NETLINK_SOCK_DIAG 4 /* socket monitoring */	11	#define NETLINK_SOCK_DIAG 4 /* socket monitoring */
12	#define NETLINK_NFLOG 5 /* netfilter/iptables ULOG */	12	#define NETLINK_NFLOG 5 /* netfilter/iptables ULOG */
13	#define NETLINK_XFRM 6 /* ipsec */	13	#define NETLINK_XFRM 6 /* ipsec */