diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2012-01-15 10:57:12 -0500 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2012-01-16 08:01:23 -0500 |
commit | 9bf04646b0b41c5438ed8a27c5f8dbe0ff40d756 (patch) | |
tree | d06b83275667828112fc8e3d8ec9a6696a9f523c /include | |
parent | 412662d204eca981458156fd64d9d5f3b533d7b6 (diff) |
netfilter: revert user-space expectation helper support
This patch partially reverts:
3d058d7 netfilter: rework user-space expectation helper support
that was applied during the 3.2 development cycle.
After this patch, the tree remains just like before patch bc01bef,
that initially added the preliminary infrastructure.
I decided to partially revert this patch because the approach
that I proposed to resolve this problem is broken in NAT setups.
Moreover, a new infrastructure will be submitted for the 3.3.x
development cycle that resolve the existing issues while
providing a neat solution.
Since nobody has been seriously using this infrastructure in
user-space, the removal of this feature should affect any know
FOSS project (to my knowledge).
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/netfilter/nf_conntrack_common.h | 4 | ||||
-rw-r--r-- | include/linux/netfilter/xt_CT.h | 3 |
2 files changed, 1 insertions, 6 deletions
diff --git a/include/linux/netfilter/nf_conntrack_common.h b/include/linux/netfilter/nf_conntrack_common.h index 9e3a2838291b..0d3dd66322ec 100644 --- a/include/linux/netfilter/nf_conntrack_common.h +++ b/include/linux/netfilter/nf_conntrack_common.h | |||
@@ -83,10 +83,6 @@ enum ip_conntrack_status { | |||
83 | /* Conntrack is a fake untracked entry */ | 83 | /* Conntrack is a fake untracked entry */ |
84 | IPS_UNTRACKED_BIT = 12, | 84 | IPS_UNTRACKED_BIT = 12, |
85 | IPS_UNTRACKED = (1 << IPS_UNTRACKED_BIT), | 85 | IPS_UNTRACKED = (1 << IPS_UNTRACKED_BIT), |
86 | |||
87 | /* Conntrack has a userspace helper. */ | ||
88 | IPS_USERSPACE_HELPER_BIT = 13, | ||
89 | IPS_USERSPACE_HELPER = (1 << IPS_USERSPACE_HELPER_BIT), | ||
90 | }; | 86 | }; |
91 | 87 | ||
92 | /* Connection tracking event types */ | 88 | /* Connection tracking event types */ |
diff --git a/include/linux/netfilter/xt_CT.h b/include/linux/netfilter/xt_CT.h index 6390f0992f36..b56e76811c04 100644 --- a/include/linux/netfilter/xt_CT.h +++ b/include/linux/netfilter/xt_CT.h | |||
@@ -3,8 +3,7 @@ | |||
3 | 3 | ||
4 | #include <linux/types.h> | 4 | #include <linux/types.h> |
5 | 5 | ||
6 | #define XT_CT_NOTRACK 0x1 | 6 | #define XT_CT_NOTRACK 0x1 |
7 | #define XT_CT_USERSPACE_HELPER 0x2 | ||
8 | 7 | ||
9 | struct xt_ct_target_info { | 8 | struct xt_ct_target_info { |
10 | __u16 flags; | 9 | __u16 flags; |