diff options
| author | David S. Miller <davem@davemloft.net> | 2012-05-08 14:40:21 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2012-05-08 14:40:21 -0400 |
| commit | 9bb862beb6e5839e92f709d33fda07678f062f20 (patch) | |
| tree | a2c396712c5a2cda380034173fd07a67bfa0489f /include | |
| parent | b44907e64cc1987153f6577306108379be1523b7 (diff) | |
| parent | d16cf20e2f2f13411eece7f7fb72c17d141c4a84 (diff) | |
Merge branch 'master' of git://1984.lsi.us.es/net-next
Diffstat (limited to 'include')
| -rw-r--r-- | include/linux/ip_vs.h | 5 | ||||
| -rw-r--r-- | include/linux/netfilter/nf_conntrack_common.h | 4 | ||||
| -rw-r--r-- | include/linux/netfilter_ipv4/Kbuild | 1 | ||||
| -rw-r--r-- | include/linux/netfilter_ipv4/ip_queue.h | 72 | ||||
| -rw-r--r-- | include/linux/netlink.h | 2 | ||||
| -rw-r--r-- | include/net/ip_vs.h | 87 | ||||
| -rw-r--r-- | include/net/netfilter/nf_conntrack.h | 10 | ||||
| -rw-r--r-- | include/net/netfilter/nf_conntrack_helper.h | 4 | ||||
| -rw-r--r-- | include/net/netns/conntrack.h | 3 |
9 files changed, 96 insertions, 92 deletions
diff --git a/include/linux/ip_vs.h b/include/linux/ip_vs.h index be0ef3df4acb..8a2d438dc499 100644 --- a/include/linux/ip_vs.h +++ b/include/linux/ip_vs.h | |||
| @@ -89,6 +89,7 @@ | |||
| 89 | #define IP_VS_CONN_F_TEMPLATE 0x1000 /* template, not connection */ | 89 | #define IP_VS_CONN_F_TEMPLATE 0x1000 /* template, not connection */ |
| 90 | #define IP_VS_CONN_F_ONE_PACKET 0x2000 /* forward only one packet */ | 90 | #define IP_VS_CONN_F_ONE_PACKET 0x2000 /* forward only one packet */ |
| 91 | 91 | ||
| 92 | /* Initial bits allowed in backup server */ | ||
| 92 | #define IP_VS_CONN_F_BACKUP_MASK (IP_VS_CONN_F_FWD_MASK | \ | 93 | #define IP_VS_CONN_F_BACKUP_MASK (IP_VS_CONN_F_FWD_MASK | \ |
| 93 | IP_VS_CONN_F_NOOUTPUT | \ | 94 | IP_VS_CONN_F_NOOUTPUT | \ |
| 94 | IP_VS_CONN_F_INACTIVE | \ | 95 | IP_VS_CONN_F_INACTIVE | \ |
| @@ -97,6 +98,10 @@ | |||
| 97 | IP_VS_CONN_F_TEMPLATE \ | 98 | IP_VS_CONN_F_TEMPLATE \ |
| 98 | ) | 99 | ) |
| 99 | 100 | ||
| 101 | /* Bits allowed to update in backup server */ | ||
| 102 | #define IP_VS_CONN_F_BACKUP_UPD_MASK (IP_VS_CONN_F_INACTIVE | \ | ||
| 103 | IP_VS_CONN_F_SEQ_MASK) | ||
| 104 | |||
| 100 | /* Flags that are not sent to backup server start from bit 16 */ | 105 | /* Flags that are not sent to backup server start from bit 16 */ |
| 101 | #define IP_VS_CONN_F_NFCT (1 << 16) /* use netfilter conntrack */ | 106 | #define IP_VS_CONN_F_NFCT (1 << 16) /* use netfilter conntrack */ |
| 102 | 107 | ||
diff --git a/include/linux/netfilter/nf_conntrack_common.h b/include/linux/netfilter/nf_conntrack_common.h index 0d3dd66322ec..d146872a0b91 100644 --- a/include/linux/netfilter/nf_conntrack_common.h +++ b/include/linux/netfilter/nf_conntrack_common.h | |||
| @@ -83,6 +83,10 @@ enum ip_conntrack_status { | |||
| 83 | /* Conntrack is a fake untracked entry */ | 83 | /* Conntrack is a fake untracked entry */ |
| 84 | IPS_UNTRACKED_BIT = 12, | 84 | IPS_UNTRACKED_BIT = 12, |
| 85 | IPS_UNTRACKED = (1 << IPS_UNTRACKED_BIT), | 85 | IPS_UNTRACKED = (1 << IPS_UNTRACKED_BIT), |
| 86 | |||
| 87 | /* Conntrack got a helper explicitly attached via CT target. */ | ||
| 88 | IPS_HELPER_BIT = 13, | ||
| 89 | IPS_HELPER = (1 << IPS_HELPER_BIT), | ||
| 86 | }; | 90 | }; |
| 87 | 91 | ||
| 88 | /* Connection tracking event types */ | 92 | /* Connection tracking event types */ |
diff --git a/include/linux/netfilter_ipv4/Kbuild b/include/linux/netfilter_ipv4/Kbuild index 31f8bec95650..c61b8fb1a9ef 100644 --- a/include/linux/netfilter_ipv4/Kbuild +++ b/include/linux/netfilter_ipv4/Kbuild | |||
| @@ -1,4 +1,3 @@ | |||
| 1 | header-y += ip_queue.h | ||
| 2 | header-y += ip_tables.h | 1 | header-y += ip_tables.h |
| 3 | header-y += ipt_CLUSTERIP.h | 2 | header-y += ipt_CLUSTERIP.h |
| 4 | header-y += ipt_ECN.h | 3 | header-y += ipt_ECN.h |
diff --git a/include/linux/netfilter_ipv4/ip_queue.h b/include/linux/netfilter_ipv4/ip_queue.h deleted file mode 100644 index a03507f465f8..000000000000 --- a/include/linux/netfilter_ipv4/ip_queue.h +++ /dev/null | |||
| @@ -1,72 +0,0 @@ | |||
| 1 | /* | ||
| 2 | * This is a module which is used for queueing IPv4 packets and | ||
| 3 | * communicating with userspace via netlink. | ||
| 4 | * | ||
| 5 | * (C) 2000 James Morris, this code is GPL. | ||
| 6 | */ | ||
| 7 | #ifndef _IP_QUEUE_H | ||
| 8 | #define _IP_QUEUE_H | ||
| 9 | |||
| 10 | #ifdef __KERNEL__ | ||
| 11 | #ifdef DEBUG_IPQ | ||
| 12 | #define QDEBUG(x...) printk(KERN_DEBUG ## x) | ||
| 13 | #else | ||
| 14 | #define QDEBUG(x...) | ||
| 15 | #endif /* DEBUG_IPQ */ | ||
| 16 | #else | ||
| 17 | #include <net/if.h> | ||
| 18 | #endif /* ! __KERNEL__ */ | ||
| 19 | |||
| 20 | /* Messages sent from kernel */ | ||
| 21 | typedef struct ipq_packet_msg { | ||
| 22 | unsigned long packet_id; /* ID of queued packet */ | ||
| 23 | unsigned long mark; /* Netfilter mark value */ | ||
| 24 | long timestamp_sec; /* Packet arrival time (seconds) */ | ||
| 25 | long timestamp_usec; /* Packet arrvial time (+useconds) */ | ||
| 26 | unsigned int hook; /* Netfilter hook we rode in on */ | ||
| 27 | char indev_name[IFNAMSIZ]; /* Name of incoming interface */ | ||
| 28 | char outdev_name[IFNAMSIZ]; /* Name of outgoing interface */ | ||
| 29 | __be16 hw_protocol; /* Hardware protocol (network order) */ | ||
| 30 | unsigned short hw_type; /* Hardware type */ | ||
| 31 | unsigned char hw_addrlen; /* Hardware address length */ | ||
| 32 | unsigned char hw_addr[8]; /* Hardware address */ | ||
| 33 | size_t data_len; /* Length of packet data */ | ||
| 34 | unsigned char payload[0]; /* Optional packet data */ | ||
| 35 | } ipq_packet_msg_t; | ||
| 36 | |||
| 37 | /* Messages sent from userspace */ | ||
| 38 | typedef struct ipq_mode_msg { | ||
| 39 | unsigned char value; /* Requested mode */ | ||
| 40 | size_t range; /* Optional range of packet requested */ | ||
| 41 | } ipq_mode_msg_t; | ||
| 42 | |||
| 43 | typedef struct ipq_verdict_msg { | ||
| 44 | unsigned int value; /* Verdict to hand to netfilter */ | ||
| 45 | unsigned long id; /* Packet ID for this verdict */ | ||
| 46 | size_t data_len; /* Length of replacement data */ | ||
| 47 | unsigned char payload[0]; /* Optional replacement packet */ | ||
| 48 | } ipq_verdict_msg_t; | ||
| 49 | |||
| 50 | typedef struct ipq_peer_msg { | ||
| 51 | union { | ||
| 52 | ipq_verdict_msg_t verdict; | ||
| 53 | ipq_mode_msg_t mode; | ||
| 54 | } msg; | ||
| 55 | } ipq_peer_msg_t; | ||
| 56 | |||
| 57 | /* Packet delivery modes */ | ||
| 58 | enum { | ||
| 59 | IPQ_COPY_NONE, /* Initial mode, packets are dropped */ | ||
| 60 | IPQ_COPY_META, /* Copy metadata */ | ||
| 61 | IPQ_COPY_PACKET /* Copy metadata + packet (range) */ | ||
| 62 | }; | ||
| 63 | #define IPQ_COPY_MAX IPQ_COPY_PACKET | ||
| 64 | |||
| 65 | /* Types of messages */ | ||
| 66 | #define IPQM_BASE 0x10 /* standard netlink messages below this */ | ||
| 67 | #define IPQM_MODE (IPQM_BASE + 1) /* Mode request from peer */ | ||
| 68 | #define IPQM_VERDICT (IPQM_BASE + 2) /* Verdict from peer */ | ||
| 69 | #define IPQM_PACKET (IPQM_BASE + 3) /* Packet from kernel */ | ||
| 70 | #define IPQM_MAX (IPQM_BASE + 4) | ||
| 71 | |||
| 72 | #endif /*_IP_QUEUE_H*/ | ||
diff --git a/include/linux/netlink.h b/include/linux/netlink.h index a2092f582a78..0f628ffa420c 100644 --- a/include/linux/netlink.h +++ b/include/linux/netlink.h | |||
| @@ -7,7 +7,7 @@ | |||
| 7 | #define NETLINK_ROUTE 0 /* Routing/device hook */ | 7 | #define NETLINK_ROUTE 0 /* Routing/device hook */ |
| 8 | #define NETLINK_UNUSED 1 /* Unused number */ | 8 | #define NETLINK_UNUSED 1 /* Unused number */ |
| 9 | #define NETLINK_USERSOCK 2 /* Reserved for user mode socket protocols */ | 9 | #define NETLINK_USERSOCK 2 /* Reserved for user mode socket protocols */ |
| 10 | #define NETLINK_FIREWALL 3 /* Firewalling hook */ | 10 | #define NETLINK_FIREWALL 3 /* Unused number, formerly ip_queue */ |
| 11 | #define NETLINK_SOCK_DIAG 4 /* socket monitoring */ | 11 | #define NETLINK_SOCK_DIAG 4 /* socket monitoring */ |
| 12 | #define NETLINK_NFLOG 5 /* netfilter/iptables ULOG */ | 12 | #define NETLINK_NFLOG 5 /* netfilter/iptables ULOG */ |
| 13 | #define NETLINK_XFRM 6 /* ipsec */ | 13 | #define NETLINK_XFRM 6 /* ipsec */ |
diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 93b81aa73429..d6146b4811c2 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h | |||
| @@ -504,6 +504,7 @@ struct ip_vs_conn { | |||
| 504 | * state transition triggerd | 504 | * state transition triggerd |
| 505 | * synchronization | 505 | * synchronization |
| 506 | */ | 506 | */ |
| 507 | unsigned long sync_endtime; /* jiffies + sent_retries */ | ||
| 507 | 508 | ||
| 508 | /* Control members */ | 509 | /* Control members */ |
| 509 | struct ip_vs_conn *control; /* Master control connection */ | 510 | struct ip_vs_conn *control; /* Master control connection */ |
| @@ -783,6 +784,16 @@ struct ip_vs_app { | |||
| 783 | void (*timeout_change)(struct ip_vs_app *app, int flags); | 784 | void (*timeout_change)(struct ip_vs_app *app, int flags); |
| 784 | }; | 785 | }; |
| 785 | 786 | ||
| 787 | struct ipvs_master_sync_state { | ||
| 788 | struct list_head sync_queue; | ||
| 789 | struct ip_vs_sync_buff *sync_buff; | ||
| 790 | int sync_queue_len; | ||
| 791 | unsigned int sync_queue_delay; | ||
| 792 | struct task_struct *master_thread; | ||
| 793 | struct delayed_work master_wakeup_work; | ||
| 794 | struct netns_ipvs *ipvs; | ||
| 795 | }; | ||
| 796 | |||
| 786 | /* IPVS in network namespace */ | 797 | /* IPVS in network namespace */ |
| 787 | struct netns_ipvs { | 798 | struct netns_ipvs { |
| 788 | int gen; /* Generation */ | 799 | int gen; /* Generation */ |
| @@ -869,10 +880,15 @@ struct netns_ipvs { | |||
| 869 | #endif | 880 | #endif |
| 870 | int sysctl_snat_reroute; | 881 | int sysctl_snat_reroute; |
| 871 | int sysctl_sync_ver; | 882 | int sysctl_sync_ver; |
| 883 | int sysctl_sync_ports; | ||
| 884 | int sysctl_sync_qlen_max; | ||
| 885 | int sysctl_sync_sock_size; | ||
| 872 | int sysctl_cache_bypass; | 886 | int sysctl_cache_bypass; |
| 873 | int sysctl_expire_nodest_conn; | 887 | int sysctl_expire_nodest_conn; |
| 874 | int sysctl_expire_quiescent_template; | 888 | int sysctl_expire_quiescent_template; |
| 875 | int sysctl_sync_threshold[2]; | 889 | int sysctl_sync_threshold[2]; |
| 890 | unsigned int sysctl_sync_refresh_period; | ||
| 891 | int sysctl_sync_retries; | ||
| 876 | int sysctl_nat_icmp_send; | 892 | int sysctl_nat_icmp_send; |
| 877 | 893 | ||
| 878 | /* ip_vs_lblc */ | 894 | /* ip_vs_lblc */ |
| @@ -888,13 +904,11 @@ struct netns_ipvs { | |||
| 888 | spinlock_t est_lock; | 904 | spinlock_t est_lock; |
| 889 | struct timer_list est_timer; /* Estimation timer */ | 905 | struct timer_list est_timer; /* Estimation timer */ |
| 890 | /* ip_vs_sync */ | 906 | /* ip_vs_sync */ |
| 891 | struct list_head sync_queue; | ||
| 892 | spinlock_t sync_lock; | 907 | spinlock_t sync_lock; |
| 893 | struct ip_vs_sync_buff *sync_buff; | 908 | struct ipvs_master_sync_state *ms; |
| 894 | spinlock_t sync_buff_lock; | 909 | spinlock_t sync_buff_lock; |
| 895 | struct sockaddr_in sync_mcast_addr; | 910 | struct task_struct **backup_threads; |
| 896 | struct task_struct *master_thread; | 911 | int threads_mask; |
| 897 | struct task_struct *backup_thread; | ||
| 898 | int send_mesg_maxlen; | 912 | int send_mesg_maxlen; |
| 899 | int recv_mesg_maxlen; | 913 | int recv_mesg_maxlen; |
| 900 | volatile int sync_state; | 914 | volatile int sync_state; |
| @@ -911,6 +925,14 @@ struct netns_ipvs { | |||
| 911 | #define DEFAULT_SYNC_THRESHOLD 3 | 925 | #define DEFAULT_SYNC_THRESHOLD 3 |
| 912 | #define DEFAULT_SYNC_PERIOD 50 | 926 | #define DEFAULT_SYNC_PERIOD 50 |
| 913 | #define DEFAULT_SYNC_VER 1 | 927 | #define DEFAULT_SYNC_VER 1 |
| 928 | #define DEFAULT_SYNC_REFRESH_PERIOD (0U * HZ) | ||
| 929 | #define DEFAULT_SYNC_RETRIES 0 | ||
| 930 | #define IPVS_SYNC_WAKEUP_RATE 8 | ||
| 931 | #define IPVS_SYNC_QLEN_MAX (IPVS_SYNC_WAKEUP_RATE * 4) | ||
| 932 | #define IPVS_SYNC_SEND_DELAY (HZ / 50) | ||
| 933 | #define IPVS_SYNC_CHECK_PERIOD HZ | ||
| 934 | #define IPVS_SYNC_FLUSH_TIME (HZ * 2) | ||
| 935 | #define IPVS_SYNC_PORTS_MAX (1 << 6) | ||
| 914 | 936 | ||
| 915 | #ifdef CONFIG_SYSCTL | 937 | #ifdef CONFIG_SYSCTL |
| 916 | 938 | ||
| @@ -921,7 +943,17 @@ static inline int sysctl_sync_threshold(struct netns_ipvs *ipvs) | |||
| 921 | 943 | ||
| 922 | static inline int sysctl_sync_period(struct netns_ipvs *ipvs) | 944 | static inline int sysctl_sync_period(struct netns_ipvs *ipvs) |
| 923 | { | 945 | { |
| 924 | return ipvs->sysctl_sync_threshold[1]; | 946 | return ACCESS_ONCE(ipvs->sysctl_sync_threshold[1]); |
| 947 | } | ||
| 948 | |||
| 949 | static inline unsigned int sysctl_sync_refresh_period(struct netns_ipvs *ipvs) | ||
| 950 | { | ||
| 951 | return ACCESS_ONCE(ipvs->sysctl_sync_refresh_period); | ||
| 952 | } | ||
| 953 | |||
| 954 | static inline int sysctl_sync_retries(struct netns_ipvs *ipvs) | ||
| 955 | { | ||
| 956 | return ipvs->sysctl_sync_retries; | ||
| 925 | } | 957 | } |
| 926 | 958 | ||
| 927 | static inline int sysctl_sync_ver(struct netns_ipvs *ipvs) | 959 | static inline int sysctl_sync_ver(struct netns_ipvs *ipvs) |
| @@ -929,6 +961,21 @@ static inline int sysctl_sync_ver(struct netns_ipvs *ipvs) | |||
| 929 | return ipvs->sysctl_sync_ver; | 961 | return ipvs->sysctl_sync_ver; |
| 930 | } | 962 | } |
| 931 | 963 | ||
| 964 | static inline int sysctl_sync_ports(struct netns_ipvs *ipvs) | ||
| 965 | { | ||
| 966 | return ACCESS_ONCE(ipvs->sysctl_sync_ports); | ||
| 967 | } | ||
| 968 | |||
| 969 | static inline int sysctl_sync_qlen_max(struct netns_ipvs *ipvs) | ||
| 970 | { | ||
| 971 | return ipvs->sysctl_sync_qlen_max; | ||
| 972 | } | ||
| 973 | |||
| 974 | static inline int sysctl_sync_sock_size(struct netns_ipvs *ipvs) | ||
| 975 | { | ||
| 976 | return ipvs->sysctl_sync_sock_size; | ||
| 977 | } | ||
| 978 | |||
| 932 | #else | 979 | #else |
| 933 | 980 | ||
| 934 | static inline int sysctl_sync_threshold(struct netns_ipvs *ipvs) | 981 | static inline int sysctl_sync_threshold(struct netns_ipvs *ipvs) |
| @@ -941,11 +988,36 @@ static inline int sysctl_sync_period(struct netns_ipvs *ipvs) | |||
| 941 | return DEFAULT_SYNC_PERIOD; | 988 | return DEFAULT_SYNC_PERIOD; |
| 942 | } | 989 | } |
| 943 | 990 | ||
| 991 | static inline unsigned int sysctl_sync_refresh_period(struct netns_ipvs *ipvs) | ||
| 992 | { | ||
| 993 | return DEFAULT_SYNC_REFRESH_PERIOD; | ||
| 994 | } | ||
| 995 | |||
| 996 | static inline int sysctl_sync_retries(struct netns_ipvs *ipvs) | ||
| 997 | { | ||
| 998 | return DEFAULT_SYNC_RETRIES & 3; | ||
| 999 | } | ||
| 1000 | |||
| 944 | static inline int sysctl_sync_ver(struct netns_ipvs *ipvs) | 1001 | static inline int sysctl_sync_ver(struct netns_ipvs *ipvs) |
| 945 | { | 1002 | { |
| 946 | return DEFAULT_SYNC_VER; | 1003 | return DEFAULT_SYNC_VER; |
| 947 | } | 1004 | } |
| 948 | 1005 | ||
| 1006 | static inline int sysctl_sync_ports(struct netns_ipvs *ipvs) | ||
| 1007 | { | ||
| 1008 | return 1; | ||
| 1009 | } | ||
| 1010 | |||
| 1011 | static inline int sysctl_sync_qlen_max(struct netns_ipvs *ipvs) | ||
| 1012 | { | ||
| 1013 | return IPVS_SYNC_QLEN_MAX; | ||
| 1014 | } | ||
| 1015 | |||
| 1016 | static inline int sysctl_sync_sock_size(struct netns_ipvs *ipvs) | ||
| 1017 | { | ||
| 1018 | return 0; | ||
| 1019 | } | ||
| 1020 | |||
| 949 | #endif | 1021 | #endif |
| 950 | 1022 | ||
| 951 | /* | 1023 | /* |
| @@ -1185,7 +1257,6 @@ extern void ip_vs_scheduler_err(struct ip_vs_service *svc, const char *msg); | |||
| 1185 | extern struct ip_vs_stats ip_vs_stats; | 1257 | extern struct ip_vs_stats ip_vs_stats; |
| 1186 | extern int sysctl_ip_vs_sync_ver; | 1258 | extern int sysctl_ip_vs_sync_ver; |
| 1187 | 1259 | ||
| 1188 | extern void ip_vs_sync_switch_mode(struct net *net, int mode); | ||
| 1189 | extern struct ip_vs_service * | 1260 | extern struct ip_vs_service * |
| 1190 | ip_vs_service_get(struct net *net, int af, __u32 fwmark, __u16 protocol, | 1261 | ip_vs_service_get(struct net *net, int af, __u32 fwmark, __u16 protocol, |
| 1191 | const union nf_inet_addr *vaddr, __be16 vport); | 1262 | const union nf_inet_addr *vaddr, __be16 vport); |
| @@ -1219,7 +1290,7 @@ extern struct ip_vs_dest *ip_vs_try_bind_dest(struct ip_vs_conn *cp); | |||
| 1219 | extern int start_sync_thread(struct net *net, int state, char *mcast_ifn, | 1290 | extern int start_sync_thread(struct net *net, int state, char *mcast_ifn, |
| 1220 | __u8 syncid); | 1291 | __u8 syncid); |
| 1221 | extern int stop_sync_thread(struct net *net, int state); | 1292 | extern int stop_sync_thread(struct net *net, int state); |
| 1222 | extern void ip_vs_sync_conn(struct net *net, struct ip_vs_conn *cp); | 1293 | extern void ip_vs_sync_conn(struct net *net, struct ip_vs_conn *cp, int pkts); |
| 1223 | 1294 | ||
| 1224 | 1295 | ||
| 1225 | /* | 1296 | /* |
diff --git a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_conntrack.h index ab86036bbf0c..cce7f6a798bf 100644 --- a/include/net/netfilter/nf_conntrack.h +++ b/include/net/netfilter/nf_conntrack.h | |||
| @@ -321,14 +321,8 @@ extern unsigned int nf_conntrack_max; | |||
| 321 | extern unsigned int nf_conntrack_hash_rnd; | 321 | extern unsigned int nf_conntrack_hash_rnd; |
| 322 | void init_nf_conntrack_hash_rnd(void); | 322 | void init_nf_conntrack_hash_rnd(void); |
| 323 | 323 | ||
| 324 | #define NF_CT_STAT_INC(net, count) \ | 324 | #define NF_CT_STAT_INC(net, count) __this_cpu_inc((net)->ct.stat->count) |
| 325 | __this_cpu_inc((net)->ct.stat->count) | 325 | #define NF_CT_STAT_INC_ATOMIC(net, count) this_cpu_inc((net)->ct.stat->count) |
| 326 | #define NF_CT_STAT_INC_ATOMIC(net, count) \ | ||
| 327 | do { \ | ||
| 328 | local_bh_disable(); \ | ||
| 329 | __this_cpu_inc((net)->ct.stat->count); \ | ||
| 330 | local_bh_enable(); \ | ||
| 331 | } while (0) | ||
| 332 | 326 | ||
| 333 | #define MODULE_ALIAS_NFCT_HELPER(helper) \ | 327 | #define MODULE_ALIAS_NFCT_HELPER(helper) \ |
| 334 | MODULE_ALIAS("nfct-helper-" helper) | 328 | MODULE_ALIAS("nfct-helper-" helper) |
diff --git a/include/net/netfilter/nf_conntrack_helper.h b/include/net/netfilter/nf_conntrack_helper.h index 5767dc242dee..1d1889409b9e 100644 --- a/include/net/netfilter/nf_conntrack_helper.h +++ b/include/net/netfilter/nf_conntrack_helper.h | |||
| @@ -60,8 +60,8 @@ static inline struct nf_conn_help *nfct_help(const struct nf_conn *ct) | |||
| 60 | return nf_ct_ext_find(ct, NF_CT_EXT_HELPER); | 60 | return nf_ct_ext_find(ct, NF_CT_EXT_HELPER); |
| 61 | } | 61 | } |
| 62 | 62 | ||
| 63 | extern int nf_conntrack_helper_init(void); | 63 | extern int nf_conntrack_helper_init(struct net *net); |
| 64 | extern void nf_conntrack_helper_fini(void); | 64 | extern void nf_conntrack_helper_fini(struct net *net); |
| 65 | 65 | ||
| 66 | extern int nf_conntrack_broadcast_help(struct sk_buff *skb, | 66 | extern int nf_conntrack_broadcast_help(struct sk_buff *skb, |
| 67 | unsigned int protoff, | 67 | unsigned int protoff, |
diff --git a/include/net/netns/conntrack.h b/include/net/netns/conntrack.h index 7a911eca0f18..a053a19870cf 100644 --- a/include/net/netns/conntrack.h +++ b/include/net/netns/conntrack.h | |||
| @@ -26,11 +26,14 @@ struct netns_ct { | |||
| 26 | int sysctl_tstamp; | 26 | int sysctl_tstamp; |
| 27 | int sysctl_checksum; | 27 | int sysctl_checksum; |
| 28 | unsigned int sysctl_log_invalid; /* Log invalid packets */ | 28 | unsigned int sysctl_log_invalid; /* Log invalid packets */ |
| 29 | int sysctl_auto_assign_helper; | ||
| 30 | bool auto_assign_helper_warned; | ||
| 29 | #ifdef CONFIG_SYSCTL | 31 | #ifdef CONFIG_SYSCTL |
| 30 | struct ctl_table_header *sysctl_header; | 32 | struct ctl_table_header *sysctl_header; |
| 31 | struct ctl_table_header *acct_sysctl_header; | 33 | struct ctl_table_header *acct_sysctl_header; |
| 32 | struct ctl_table_header *tstamp_sysctl_header; | 34 | struct ctl_table_header *tstamp_sysctl_header; |
| 33 | struct ctl_table_header *event_sysctl_header; | 35 | struct ctl_table_header *event_sysctl_header; |
| 36 | struct ctl_table_header *helper_sysctl_header; | ||
| 34 | #endif | 37 | #endif |
| 35 | char *slabname; | 38 | char *slabname; |
| 36 | }; | 39 | }; |