aboutsummaryrefslogtreecommitdiffstats
path: root/include/net
diff options
context:
space:
mode:
authorAlexey Dobriyan <adobriyan@gmail.com>2008-10-08 05:35:02 -0400
committerPatrick McHardy <kaber@trash.net>2008-10-08 05:35:02 -0400
commit5a1fb391d881905e89623d78858d05b248cbc86a (patch)
tree5a373417064f8792f413b22be37302fe0668966e /include/net
parentdfdb8d791877052bbb527d9688d94a064721d8f7 (diff)
netfilter: netns nf_conntrack: add ->ct_net -- pointer from conntrack to netns
Conntrack (struct nf_conn) gets pointer to netns: ->ct_net -- netns in which it was created. It comes from netdevice. ->ct_net is write-once field. Every conntrack in system has ->ct_net initialized, no exceptions. ->ct_net doesn't pin netns: conntracks are recycled after timeouts and pinning background traffic will prevent netns from even starting shutdown sequence. Right now every conntrack is created in init_net. Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'include/net')
-rw-r--r--include/net/netfilter/nf_conntrack.h18
1 files changed, 16 insertions, 2 deletions
diff --git a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_conntrack.h
index 0741ad592da0..2b8d6efecf32 100644
--- a/include/net/netfilter/nf_conntrack.h
+++ b/include/net/netfilter/nf_conntrack.h
@@ -123,7 +123,9 @@ struct nf_conn
123 123
124 /* Extensions */ 124 /* Extensions */
125 struct nf_ct_ext *ext; 125 struct nf_ct_ext *ext;
126 126#ifdef CONFIG_NET_NS
127 struct net *ct_net;
128#endif
127 struct rcu_head rcu; 129 struct rcu_head rcu;
128}; 130};
129 131
@@ -147,6 +149,17 @@ static inline u_int8_t nf_ct_protonum(const struct nf_conn *ct)
147/* get master conntrack via master expectation */ 149/* get master conntrack via master expectation */
148#define master_ct(conntr) (conntr->master) 150#define master_ct(conntr) (conntr->master)
149 151
152extern struct net init_net;
153
154static inline struct net *nf_ct_net(const struct nf_conn *ct)
155{
156#ifdef CONFIG_NET_NS
157 return ct->ct_net;
158#else
159 return &init_net;
160#endif
161}
162
150/* Alter reply tuple (maybe alter helper). */ 163/* Alter reply tuple (maybe alter helper). */
151extern void 164extern void
152nf_conntrack_alter_reply(struct nf_conn *ct, 165nf_conntrack_alter_reply(struct nf_conn *ct,
@@ -251,7 +264,8 @@ extern void
251nf_ct_iterate_cleanup(int (*iter)(struct nf_conn *i, void *data), void *data); 264nf_ct_iterate_cleanup(int (*iter)(struct nf_conn *i, void *data), void *data);
252extern void nf_conntrack_free(struct nf_conn *ct); 265extern void nf_conntrack_free(struct nf_conn *ct);
253extern struct nf_conn * 266extern struct nf_conn *
254nf_conntrack_alloc(const struct nf_conntrack_tuple *orig, 267nf_conntrack_alloc(struct net *net,
268 const struct nf_conntrack_tuple *orig,
255 const struct nf_conntrack_tuple *repl, 269 const struct nf_conntrack_tuple *repl,
256 gfp_t gfp); 270 gfp_t gfp);
257 271