aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv4
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2006-09-20 14:57:53 -0400
committerDavid S. Miller <davem@sunset.davemloft.net>2006-09-22 18:19:45 -0400
commitdf0933dcb027e156cb5253570ad694b81bd52b69 (patch)
tree48588f78dfda69f737b5ccfff02787ca0dad6036 /net/ipv4
parent1bf38a36b6a0e810dafae048fdbb999e587f0f2f (diff)
[NETFILTER]: kill listhelp.h
Kill listhelp.h and use the list.h functions instead. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4')
-rw-r--r--net/ipv4/netfilter/arp_tables.c2
-rw-r--r--net/ipv4/netfilter/ip_conntrack_core.c189
-rw-r--r--net/ipv4/netfilter/ip_conntrack_proto_gre.c24
-rw-r--r--net/ipv4/netfilter/ip_conntrack_standalone.c1
-rw-r--r--net/ipv4/netfilter/ip_nat_core.c4
-rw-r--r--net/ipv4/netfilter/ip_nat_helper.c4
-rw-r--r--net/ipv4/netfilter/ip_nat_rule.c4
-rw-r--r--net/ipv4/netfilter/ip_nat_standalone.c4
8 files changed, 96 insertions, 136 deletions
diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c
index 4f10b06413a1..aaeaa9ce0f28 100644
--- a/net/ipv4/netfilter/arp_tables.c
+++ b/net/ipv4/netfilter/arp_tables.c
@@ -56,8 +56,6 @@ do { \
56#define ARP_NF_ASSERT(x) 56#define ARP_NF_ASSERT(x)
57#endif 57#endif
58 58
59#include <linux/netfilter_ipv4/listhelp.h>
60
61static inline int arp_devaddr_compare(const struct arpt_devaddr_info *ap, 59static inline int arp_devaddr_compare(const struct arpt_devaddr_info *ap,
62 char *hdr_addr, int len) 60 char *hdr_addr, int len)
63{ 61{
diff --git a/net/ipv4/netfilter/ip_conntrack_core.c b/net/ipv4/netfilter/ip_conntrack_core.c
index 5da25ad50309..2568d480e9a9 100644
--- a/net/ipv4/netfilter/ip_conntrack_core.c
+++ b/net/ipv4/netfilter/ip_conntrack_core.c
@@ -47,7 +47,6 @@
47#include <linux/netfilter_ipv4/ip_conntrack_protocol.h> 47#include <linux/netfilter_ipv4/ip_conntrack_protocol.h>
48#include <linux/netfilter_ipv4/ip_conntrack_helper.h> 48#include <linux/netfilter_ipv4/ip_conntrack_helper.h>
49#include <linux/netfilter_ipv4/ip_conntrack_core.h> 49#include <linux/netfilter_ipv4/ip_conntrack_core.h>
50#include <linux/netfilter_ipv4/listhelp.h>
51 50
52#define IP_CONNTRACK_VERSION "2.4" 51#define IP_CONNTRACK_VERSION "2.4"
53 52
@@ -294,15 +293,10 @@ void ip_ct_remove_expectations(struct ip_conntrack *ct)
294static void 293static void
295clean_from_lists(struct ip_conntrack *ct) 294clean_from_lists(struct ip_conntrack *ct)
296{ 295{
297 unsigned int ho, hr;
298
299 DEBUGP("clean_from_lists(%p)\n", ct); 296 DEBUGP("clean_from_lists(%p)\n", ct);
300 ASSERT_WRITE_LOCK(&ip_conntrack_lock); 297 ASSERT_WRITE_LOCK(&ip_conntrack_lock);
301 298 list_del(&ct->tuplehash[IP_CT_DIR_ORIGINAL].list);
302 ho = hash_conntrack(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple); 299 list_del(&ct->tuplehash[IP_CT_DIR_REPLY].list);
303 hr = hash_conntrack(&ct->tuplehash[IP_CT_DIR_REPLY].tuple);
304 LIST_DELETE(&ip_conntrack_hash[ho], &ct->tuplehash[IP_CT_DIR_ORIGINAL]);
305 LIST_DELETE(&ip_conntrack_hash[hr], &ct->tuplehash[IP_CT_DIR_REPLY]);
306 300
307 /* Destroy all pending expectations */ 301 /* Destroy all pending expectations */
308 ip_ct_remove_expectations(ct); 302 ip_ct_remove_expectations(ct);
@@ -367,16 +361,6 @@ static void death_by_timeout(unsigned long ul_conntrack)
367 ip_conntrack_put(ct); 361 ip_conntrack_put(ct);
368} 362}
369 363
370static inline int
371conntrack_tuple_cmp(const struct ip_conntrack_tuple_hash *i,
372 const struct ip_conntrack_tuple *tuple,
373 const struct ip_conntrack *ignored_conntrack)
374{
375 ASSERT_READ_LOCK(&ip_conntrack_lock);
376 return tuplehash_to_ctrack(i) != ignored_conntrack
377 && ip_ct_tuple_equal(tuple, &i->tuple);
378}
379
380struct ip_conntrack_tuple_hash * 364struct ip_conntrack_tuple_hash *
381__ip_conntrack_find(const struct ip_conntrack_tuple *tuple, 365__ip_conntrack_find(const struct ip_conntrack_tuple *tuple,
382 const struct ip_conntrack *ignored_conntrack) 366 const struct ip_conntrack *ignored_conntrack)
@@ -386,7 +370,8 @@ __ip_conntrack_find(const struct ip_conntrack_tuple *tuple,
386 370
387 ASSERT_READ_LOCK(&ip_conntrack_lock); 371 ASSERT_READ_LOCK(&ip_conntrack_lock);
388 list_for_each_entry(h, &ip_conntrack_hash[hash], list) { 372 list_for_each_entry(h, &ip_conntrack_hash[hash], list) {
389 if (conntrack_tuple_cmp(h, tuple, ignored_conntrack)) { 373 if (tuplehash_to_ctrack(h) != ignored_conntrack &&
374 ip_ct_tuple_equal(tuple, &h->tuple)) {
390 CONNTRACK_STAT_INC(found); 375 CONNTRACK_STAT_INC(found);
391 return h; 376 return h;
392 } 377 }
@@ -417,10 +402,10 @@ static void __ip_conntrack_hash_insert(struct ip_conntrack *ct,
417 unsigned int repl_hash) 402 unsigned int repl_hash)
418{ 403{
419 ct->id = ++ip_conntrack_next_id; 404 ct->id = ++ip_conntrack_next_id;
420 list_prepend(&ip_conntrack_hash[hash], 405 list_add(&ct->tuplehash[IP_CT_DIR_ORIGINAL].list,
421 &ct->tuplehash[IP_CT_DIR_ORIGINAL].list); 406 &ip_conntrack_hash[hash]);
422 list_prepend(&ip_conntrack_hash[repl_hash], 407 list_add(&ct->tuplehash[IP_CT_DIR_REPLY].list,
423 &ct->tuplehash[IP_CT_DIR_REPLY].list); 408 &ip_conntrack_hash[repl_hash]);
424} 409}
425 410
426void ip_conntrack_hash_insert(struct ip_conntrack *ct) 411void ip_conntrack_hash_insert(struct ip_conntrack *ct)
@@ -440,6 +425,7 @@ int
440__ip_conntrack_confirm(struct sk_buff **pskb) 425__ip_conntrack_confirm(struct sk_buff **pskb)
441{ 426{
442 unsigned int hash, repl_hash; 427 unsigned int hash, repl_hash;
428 struct ip_conntrack_tuple_hash *h;
443 struct ip_conntrack *ct; 429 struct ip_conntrack *ct;
444 enum ip_conntrack_info ctinfo; 430 enum ip_conntrack_info ctinfo;
445 431
@@ -470,43 +456,43 @@ __ip_conntrack_confirm(struct sk_buff **pskb)
470 /* See if there's one in the list already, including reverse: 456 /* See if there's one in the list already, including reverse:
471 NAT could have grabbed it without realizing, since we're 457 NAT could have grabbed it without realizing, since we're
472 not in the hash. If there is, we lost race. */ 458 not in the hash. If there is, we lost race. */
473 if (!LIST_FIND(&ip_conntrack_hash[hash], 459 list_for_each_entry(h, &ip_conntrack_hash[hash], list)
474 conntrack_tuple_cmp, 460 if (ip_ct_tuple_equal(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple,
475 struct ip_conntrack_tuple_hash *, 461 &h->tuple))
476 &ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple, NULL) 462 goto out;
477 && !LIST_FIND(&ip_conntrack_hash[repl_hash], 463 list_for_each_entry(h, &ip_conntrack_hash[repl_hash], list)
478 conntrack_tuple_cmp, 464 if (ip_ct_tuple_equal(&ct->tuplehash[IP_CT_DIR_REPLY].tuple,
479 struct ip_conntrack_tuple_hash *, 465 &h->tuple))
480 &ct->tuplehash[IP_CT_DIR_REPLY].tuple, NULL)) { 466 goto out;
481 /* Remove from unconfirmed list */
482 list_del(&ct->tuplehash[IP_CT_DIR_ORIGINAL].list);
483 467
484 __ip_conntrack_hash_insert(ct, hash, repl_hash); 468 /* Remove from unconfirmed list */
485 /* Timer relative to confirmation time, not original 469 list_del(&ct->tuplehash[IP_CT_DIR_ORIGINAL].list);
486 setting time, otherwise we'd get timer wrap in 470
487 weird delay cases. */ 471 __ip_conntrack_hash_insert(ct, hash, repl_hash);
488 ct->timeout.expires += jiffies; 472 /* Timer relative to confirmation time, not original
489 add_timer(&ct->timeout); 473 setting time, otherwise we'd get timer wrap in
490 atomic_inc(&ct->ct_general.use); 474 weird delay cases. */
491 set_bit(IPS_CONFIRMED_BIT, &ct->status); 475 ct->timeout.expires += jiffies;
492 CONNTRACK_STAT_INC(insert); 476 add_timer(&ct->timeout);
493 write_unlock_bh(&ip_conntrack_lock); 477 atomic_inc(&ct->ct_general.use);
494 if (ct->helper) 478 set_bit(IPS_CONFIRMED_BIT, &ct->status);
495 ip_conntrack_event_cache(IPCT_HELPER, *pskb); 479 CONNTRACK_STAT_INC(insert);
480 write_unlock_bh(&ip_conntrack_lock);
481 if (ct->helper)
482 ip_conntrack_event_cache(IPCT_HELPER, *pskb);
496#ifdef CONFIG_IP_NF_NAT_NEEDED 483#ifdef CONFIG_IP_NF_NAT_NEEDED
497 if (test_bit(IPS_SRC_NAT_DONE_BIT, &ct->status) || 484 if (test_bit(IPS_SRC_NAT_DONE_BIT, &ct->status) ||
498 test_bit(IPS_DST_NAT_DONE_BIT, &ct->status)) 485 test_bit(IPS_DST_NAT_DONE_BIT, &ct->status))
499 ip_conntrack_event_cache(IPCT_NATINFO, *pskb); 486 ip_conntrack_event_cache(IPCT_NATINFO, *pskb);
500#endif 487#endif
501 ip_conntrack_event_cache(master_ct(ct) ? 488 ip_conntrack_event_cache(master_ct(ct) ?
502 IPCT_RELATED : IPCT_NEW, *pskb); 489 IPCT_RELATED : IPCT_NEW, *pskb);
503 490
504 return NF_ACCEPT; 491 return NF_ACCEPT;
505 }
506 492
493out:
507 CONNTRACK_STAT_INC(insert_failed); 494 CONNTRACK_STAT_INC(insert_failed);
508 write_unlock_bh(&ip_conntrack_lock); 495 write_unlock_bh(&ip_conntrack_lock);
509
510 return NF_DROP; 496 return NF_DROP;
511} 497}
512 498
@@ -527,23 +513,21 @@ ip_conntrack_tuple_taken(const struct ip_conntrack_tuple *tuple,
527 513
528/* There's a small race here where we may free a just-assured 514/* There's a small race here where we may free a just-assured
529 connection. Too bad: we're in trouble anyway. */ 515 connection. Too bad: we're in trouble anyway. */
530static inline int unreplied(const struct ip_conntrack_tuple_hash *i)
531{
532 return !(test_bit(IPS_ASSURED_BIT, &tuplehash_to_ctrack(i)->status));
533}
534
535static int early_drop(struct list_head *chain) 516static int early_drop(struct list_head *chain)
536{ 517{
537 /* Traverse backwards: gives us oldest, which is roughly LRU */ 518 /* Traverse backwards: gives us oldest, which is roughly LRU */
538 struct ip_conntrack_tuple_hash *h; 519 struct ip_conntrack_tuple_hash *h;
539 struct ip_conntrack *ct = NULL; 520 struct ip_conntrack *ct = NULL, *tmp;
540 int dropped = 0; 521 int dropped = 0;
541 522
542 read_lock_bh(&ip_conntrack_lock); 523 read_lock_bh(&ip_conntrack_lock);
543 h = LIST_FIND_B(chain, unreplied, struct ip_conntrack_tuple_hash *); 524 list_for_each_entry_reverse(h, chain, list) {
544 if (h) { 525 tmp = tuplehash_to_ctrack(h);
545 ct = tuplehash_to_ctrack(h); 526 if (!test_bit(IPS_ASSURED_BIT, &tmp->status)) {
546 atomic_inc(&ct->ct_general.use); 527 ct = tmp;
528 atomic_inc(&ct->ct_general.use);
529 break;
530 }
547 } 531 }
548 read_unlock_bh(&ip_conntrack_lock); 532 read_unlock_bh(&ip_conntrack_lock);
549 533
@@ -559,18 +543,16 @@ static int early_drop(struct list_head *chain)
559 return dropped; 543 return dropped;
560} 544}
561 545
562static inline int helper_cmp(const struct ip_conntrack_helper *i,
563 const struct ip_conntrack_tuple *rtuple)
564{
565 return ip_ct_tuple_mask_cmp(rtuple, &i->tuple, &i->mask);
566}
567
568static struct ip_conntrack_helper * 546static struct ip_conntrack_helper *
569__ip_conntrack_helper_find( const struct ip_conntrack_tuple *tuple) 547__ip_conntrack_helper_find( const struct ip_conntrack_tuple *tuple)
570{ 548{
571 return LIST_FIND(&helpers, helper_cmp, 549 struct ip_conntrack_helper *h;
572 struct ip_conntrack_helper *, 550
573 tuple); 551 list_for_each_entry(h, &helpers, list) {
552 if (ip_ct_tuple_mask_cmp(tuple, &h->tuple, &h->mask))
553 return h;
554 }
555 return NULL;
574} 556}
575 557
576struct ip_conntrack_helper * 558struct ip_conntrack_helper *
@@ -1062,7 +1044,7 @@ int ip_conntrack_helper_register(struct ip_conntrack_helper *me)
1062{ 1044{
1063 BUG_ON(me->timeout == 0); 1045 BUG_ON(me->timeout == 0);
1064 write_lock_bh(&ip_conntrack_lock); 1046 write_lock_bh(&ip_conntrack_lock);
1065 list_prepend(&helpers, me); 1047 list_add(&me->list, &helpers);
1066 write_unlock_bh(&ip_conntrack_lock); 1048 write_unlock_bh(&ip_conntrack_lock);
1067 1049
1068 return 0; 1050 return 0;
@@ -1081,24 +1063,24 @@ __ip_conntrack_helper_find_byname(const char *name)
1081 return NULL; 1063 return NULL;
1082} 1064}
1083 1065
1084static inline int unhelp(struct ip_conntrack_tuple_hash *i, 1066static inline void unhelp(struct ip_conntrack_tuple_hash *i,
1085 const struct ip_conntrack_helper *me) 1067 const struct ip_conntrack_helper *me)
1086{ 1068{
1087 if (tuplehash_to_ctrack(i)->helper == me) { 1069 if (tuplehash_to_ctrack(i)->helper == me) {
1088 ip_conntrack_event(IPCT_HELPER, tuplehash_to_ctrack(i)); 1070 ip_conntrack_event(IPCT_HELPER, tuplehash_to_ctrack(i));
1089 tuplehash_to_ctrack(i)->helper = NULL; 1071 tuplehash_to_ctrack(i)->helper = NULL;
1090 } 1072 }
1091 return 0;
1092} 1073}
1093 1074
1094void ip_conntrack_helper_unregister(struct ip_conntrack_helper *me) 1075void ip_conntrack_helper_unregister(struct ip_conntrack_helper *me)
1095{ 1076{
1096 unsigned int i; 1077 unsigned int i;
1078 struct ip_conntrack_tuple_hash *h;
1097 struct ip_conntrack_expect *exp, *tmp; 1079 struct ip_conntrack_expect *exp, *tmp;
1098 1080
1099 /* Need write lock here, to delete helper. */ 1081 /* Need write lock here, to delete helper. */
1100 write_lock_bh(&ip_conntrack_lock); 1082 write_lock_bh(&ip_conntrack_lock);
1101 LIST_DELETE(&helpers, me); 1083 list_del(&me->list);
1102 1084
1103 /* Get rid of expectations */ 1085 /* Get rid of expectations */
1104 list_for_each_entry_safe(exp, tmp, &ip_conntrack_expect_list, list) { 1086 list_for_each_entry_safe(exp, tmp, &ip_conntrack_expect_list, list) {
@@ -1108,10 +1090,12 @@ void ip_conntrack_helper_unregister(struct ip_conntrack_helper *me)
1108 } 1090 }
1109 } 1091 }
1110 /* Get rid of expecteds, set helpers to NULL. */ 1092 /* Get rid of expecteds, set helpers to NULL. */
1111 LIST_FIND_W(&unconfirmed, unhelp, struct ip_conntrack_tuple_hash*, me); 1093 list_for_each_entry(h, &unconfirmed, list)
1112 for (i = 0; i < ip_conntrack_htable_size; i++) 1094 unhelp(h, me);
1113 LIST_FIND_W(&ip_conntrack_hash[i], unhelp, 1095 for (i = 0; i < ip_conntrack_htable_size; i++) {
1114 struct ip_conntrack_tuple_hash *, me); 1096 list_for_each_entry(h, &ip_conntrack_hash[i], list)
1097 unhelp(h, me);
1098 }
1115 write_unlock_bh(&ip_conntrack_lock); 1099 write_unlock_bh(&ip_conntrack_lock);
1116 1100
1117 /* Someone could be still looking at the helper in a bh. */ 1101 /* Someone could be still looking at the helper in a bh. */
@@ -1237,46 +1221,43 @@ static void ip_conntrack_attach(struct sk_buff *nskb, struct sk_buff *skb)
1237 nf_conntrack_get(nskb->nfct); 1221 nf_conntrack_get(nskb->nfct);
1238} 1222}
1239 1223
1240static inline int
1241do_iter(const struct ip_conntrack_tuple_hash *i,
1242 int (*iter)(struct ip_conntrack *i, void *data),
1243 void *data)
1244{
1245 return iter(tuplehash_to_ctrack(i), data);
1246}
1247
1248/* Bring out ya dead! */ 1224/* Bring out ya dead! */
1249static struct ip_conntrack_tuple_hash * 1225static struct ip_conntrack *
1250get_next_corpse(int (*iter)(struct ip_conntrack *i, void *data), 1226get_next_corpse(int (*iter)(struct ip_conntrack *i, void *data),
1251 void *data, unsigned int *bucket) 1227 void *data, unsigned int *bucket)
1252{ 1228{
1253 struct ip_conntrack_tuple_hash *h = NULL; 1229 struct ip_conntrack_tuple_hash *h;
1230 struct ip_conntrack *ct;
1254 1231
1255 write_lock_bh(&ip_conntrack_lock); 1232 write_lock_bh(&ip_conntrack_lock);
1256 for (; *bucket < ip_conntrack_htable_size; (*bucket)++) { 1233 for (; *bucket < ip_conntrack_htable_size; (*bucket)++) {
1257 h = LIST_FIND_W(&ip_conntrack_hash[*bucket], do_iter, 1234 list_for_each_entry(h, &ip_conntrack_hash[*bucket], list) {
1258 struct ip_conntrack_tuple_hash *, iter, data); 1235 ct = tuplehash_to_ctrack(h);
1259 if (h) 1236 if (iter(ct, data))
1260 break; 1237 goto found;
1238 }
1239 }
1240 list_for_each_entry(h, &unconfirmed, list) {
1241 ct = tuplehash_to_ctrack(h);
1242 if (iter(ct, data))
1243 goto found;
1261 } 1244 }
1262 if (!h)
1263 h = LIST_FIND_W(&unconfirmed, do_iter,
1264 struct ip_conntrack_tuple_hash *, iter, data);
1265 if (h)
1266 atomic_inc(&tuplehash_to_ctrack(h)->ct_general.use);
1267 write_unlock_bh(&ip_conntrack_lock); 1245 write_unlock_bh(&ip_conntrack_lock);
1246 return NULL;
1268 1247
1269 return h; 1248found:
1249 atomic_inc(&ct->ct_general.use);
1250 write_unlock_bh(&ip_conntrack_lock);
1251 return ct;
1270} 1252}
1271 1253
1272void 1254void
1273ip_ct_iterate_cleanup(int (*iter)(struct ip_conntrack *i, void *), void *data) 1255ip_ct_iterate_cleanup(int (*iter)(struct ip_conntrack *i, void *), void *data)
1274{ 1256{
1275 struct ip_conntrack_tuple_hash *h; 1257 struct ip_conntrack *ct;
1276 unsigned int bucket = 0; 1258 unsigned int bucket = 0;
1277 1259
1278 while ((h = get_next_corpse(iter, data, &bucket)) != NULL) { 1260 while ((ct = get_next_corpse(iter, data, &bucket)) != NULL) {
1279 struct ip_conntrack *ct = tuplehash_to_ctrack(h);
1280 /* Time to push up daises... */ 1261 /* Time to push up daises... */
1281 if (del_timer(&ct->timeout)) 1262 if (del_timer(&ct->timeout))
1282 death_by_timeout((unsigned long)ct); 1263 death_by_timeout((unsigned long)ct);
diff --git a/net/ipv4/netfilter/ip_conntrack_proto_gre.c b/net/ipv4/netfilter/ip_conntrack_proto_gre.c
index 4ee016c427b4..92c6d8b178c9 100644
--- a/net/ipv4/netfilter/ip_conntrack_proto_gre.c
+++ b/net/ipv4/netfilter/ip_conntrack_proto_gre.c
@@ -37,7 +37,6 @@ static DEFINE_RWLOCK(ip_ct_gre_lock);
37#define ASSERT_READ_LOCK(x) 37#define ASSERT_READ_LOCK(x)
38#define ASSERT_WRITE_LOCK(x) 38#define ASSERT_WRITE_LOCK(x)
39 39
40#include <linux/netfilter_ipv4/listhelp.h>
41#include <linux/netfilter_ipv4/ip_conntrack_protocol.h> 40#include <linux/netfilter_ipv4/ip_conntrack_protocol.h>
42#include <linux/netfilter_ipv4/ip_conntrack_helper.h> 41#include <linux/netfilter_ipv4/ip_conntrack_helper.h>
43#include <linux/netfilter_ipv4/ip_conntrack_core.h> 42#include <linux/netfilter_ipv4/ip_conntrack_core.h>
@@ -82,10 +81,12 @@ static __be16 gre_keymap_lookup(struct ip_conntrack_tuple *t)
82 __be16 key = 0; 81 __be16 key = 0;
83 82
84 read_lock_bh(&ip_ct_gre_lock); 83 read_lock_bh(&ip_ct_gre_lock);
85 km = LIST_FIND(&gre_keymap_list, gre_key_cmpfn, 84 list_for_each_entry(km, &gre_keymap_list, list) {
86 struct ip_ct_gre_keymap *, t); 85 if (gre_key_cmpfn(km, t)) {
87 if (km) 86 key = km->tuple.src.u.gre.key;
88 key = km->tuple.src.u.gre.key; 87 break;
88 }
89 }
89 read_unlock_bh(&ip_ct_gre_lock); 90 read_unlock_bh(&ip_ct_gre_lock);
90 91
91 DEBUGP("lookup src key 0x%x up key for ", key); 92 DEBUGP("lookup src key 0x%x up key for ", key);
@@ -99,7 +100,7 @@ int
99ip_ct_gre_keymap_add(struct ip_conntrack *ct, 100ip_ct_gre_keymap_add(struct ip_conntrack *ct,
100 struct ip_conntrack_tuple *t, int reply) 101 struct ip_conntrack_tuple *t, int reply)
101{ 102{
102 struct ip_ct_gre_keymap **exist_km, *km, *old; 103 struct ip_ct_gre_keymap **exist_km, *km;
103 104
104 if (!ct->helper || strcmp(ct->helper->name, "pptp")) { 105 if (!ct->helper || strcmp(ct->helper->name, "pptp")) {
105 DEBUGP("refusing to add GRE keymap to non-pptp session\n"); 106 DEBUGP("refusing to add GRE keymap to non-pptp session\n");
@@ -113,13 +114,10 @@ ip_ct_gre_keymap_add(struct ip_conntrack *ct,
113 114
114 if (*exist_km) { 115 if (*exist_km) {
115 /* check whether it's a retransmission */ 116 /* check whether it's a retransmission */
116 old = LIST_FIND(&gre_keymap_list, gre_key_cmpfn, 117 list_for_each_entry(km, &gre_keymap_list, list) {
117 struct ip_ct_gre_keymap *, t); 118 if (gre_key_cmpfn(km, t) && km == *exist_km)
118 if (old == *exist_km) { 119 return 0;
119 DEBUGP("retransmission\n");
120 return 0;
121 } 120 }
122
123 DEBUGP("trying to override keymap_%s for ct %p\n", 121 DEBUGP("trying to override keymap_%s for ct %p\n",
124 reply? "reply":"orig", ct); 122 reply? "reply":"orig", ct);
125 return -EEXIST; 123 return -EEXIST;
@@ -136,7 +134,7 @@ ip_ct_gre_keymap_add(struct ip_conntrack *ct,
136 DUMP_TUPLE_GRE(&km->tuple); 134 DUMP_TUPLE_GRE(&km->tuple);
137 135
138 write_lock_bh(&ip_ct_gre_lock); 136 write_lock_bh(&ip_ct_gre_lock);
139 list_append(&gre_keymap_list, km); 137 list_add_tail(&km->list, &gre_keymap_list);
140 write_unlock_bh(&ip_ct_gre_lock); 138 write_unlock_bh(&ip_ct_gre_lock);
141 139
142 return 0; 140 return 0;
diff --git a/net/ipv4/netfilter/ip_conntrack_standalone.c b/net/ipv4/netfilter/ip_conntrack_standalone.c
index 3f5d495b853b..02135756562e 100644
--- a/net/ipv4/netfilter/ip_conntrack_standalone.c
+++ b/net/ipv4/netfilter/ip_conntrack_standalone.c
@@ -35,7 +35,6 @@
35#include <linux/netfilter_ipv4/ip_conntrack_protocol.h> 35#include <linux/netfilter_ipv4/ip_conntrack_protocol.h>
36#include <linux/netfilter_ipv4/ip_conntrack_core.h> 36#include <linux/netfilter_ipv4/ip_conntrack_core.h>
37#include <linux/netfilter_ipv4/ip_conntrack_helper.h> 37#include <linux/netfilter_ipv4/ip_conntrack_helper.h>
38#include <linux/netfilter_ipv4/listhelp.h>
39 38
40#if 0 39#if 0
41#define DEBUGP printk 40#define DEBUGP printk
diff --git a/net/ipv4/netfilter/ip_nat_core.c b/net/ipv4/netfilter/ip_nat_core.c
index 4c540d03d48e..71f3e09cbc84 100644
--- a/net/ipv4/netfilter/ip_nat_core.c
+++ b/net/ipv4/netfilter/ip_nat_core.c
@@ -22,9 +22,6 @@
22#include <linux/udp.h> 22#include <linux/udp.h>
23#include <linux/jhash.h> 23#include <linux/jhash.h>
24 24
25#define ASSERT_READ_LOCK(x)
26#define ASSERT_WRITE_LOCK(x)
27
28#include <linux/netfilter_ipv4/ip_conntrack.h> 25#include <linux/netfilter_ipv4/ip_conntrack.h>
29#include <linux/netfilter_ipv4/ip_conntrack_core.h> 26#include <linux/netfilter_ipv4/ip_conntrack_core.h>
30#include <linux/netfilter_ipv4/ip_conntrack_protocol.h> 27#include <linux/netfilter_ipv4/ip_conntrack_protocol.h>
@@ -33,7 +30,6 @@
33#include <linux/netfilter_ipv4/ip_nat_core.h> 30#include <linux/netfilter_ipv4/ip_nat_core.h>
34#include <linux/netfilter_ipv4/ip_nat_helper.h> 31#include <linux/netfilter_ipv4/ip_nat_helper.h>
35#include <linux/netfilter_ipv4/ip_conntrack_helper.h> 32#include <linux/netfilter_ipv4/ip_conntrack_helper.h>
36#include <linux/netfilter_ipv4/listhelp.h>
37 33
38#if 0 34#if 0
39#define DEBUGP printk 35#define DEBUGP printk
diff --git a/net/ipv4/netfilter/ip_nat_helper.c b/net/ipv4/netfilter/ip_nat_helper.c
index 021c3daae3ed..7f6a75984f6c 100644
--- a/net/ipv4/netfilter/ip_nat_helper.c
+++ b/net/ipv4/netfilter/ip_nat_helper.c
@@ -27,16 +27,12 @@
27#include <net/tcp.h> 27#include <net/tcp.h>
28#include <net/udp.h> 28#include <net/udp.h>
29 29
30#define ASSERT_READ_LOCK(x)
31#define ASSERT_WRITE_LOCK(x)
32
33#include <linux/netfilter_ipv4/ip_conntrack.h> 30#include <linux/netfilter_ipv4/ip_conntrack.h>
34#include <linux/netfilter_ipv4/ip_conntrack_helper.h> 31#include <linux/netfilter_ipv4/ip_conntrack_helper.h>
35#include <linux/netfilter_ipv4/ip_nat.h> 32#include <linux/netfilter_ipv4/ip_nat.h>
36#include <linux/netfilter_ipv4/ip_nat_protocol.h> 33#include <linux/netfilter_ipv4/ip_nat_protocol.h>
37#include <linux/netfilter_ipv4/ip_nat_core.h> 34#include <linux/netfilter_ipv4/ip_nat_core.h>
38#include <linux/netfilter_ipv4/ip_nat_helper.h> 35#include <linux/netfilter_ipv4/ip_nat_helper.h>
39#include <linux/netfilter_ipv4/listhelp.h>
40 36
41#if 0 37#if 0
42#define DEBUGP printk 38#define DEBUGP printk
diff --git a/net/ipv4/netfilter/ip_nat_rule.c b/net/ipv4/netfilter/ip_nat_rule.c
index e59f5a8ecb6b..7b703839aa58 100644
--- a/net/ipv4/netfilter/ip_nat_rule.c
+++ b/net/ipv4/netfilter/ip_nat_rule.c
@@ -19,14 +19,10 @@
19#include <net/route.h> 19#include <net/route.h>
20#include <linux/bitops.h> 20#include <linux/bitops.h>
21 21
22#define ASSERT_READ_LOCK(x)
23#define ASSERT_WRITE_LOCK(x)
24
25#include <linux/netfilter_ipv4/ip_tables.h> 22#include <linux/netfilter_ipv4/ip_tables.h>
26#include <linux/netfilter_ipv4/ip_nat.h> 23#include <linux/netfilter_ipv4/ip_nat.h>
27#include <linux/netfilter_ipv4/ip_nat_core.h> 24#include <linux/netfilter_ipv4/ip_nat_core.h>
28#include <linux/netfilter_ipv4/ip_nat_rule.h> 25#include <linux/netfilter_ipv4/ip_nat_rule.h>
29#include <linux/netfilter_ipv4/listhelp.h>
30 26
31#if 0 27#if 0
32#define DEBUGP printk 28#define DEBUGP printk
diff --git a/net/ipv4/netfilter/ip_nat_standalone.c b/net/ipv4/netfilter/ip_nat_standalone.c
index f3b778355432..9c577db62047 100644
--- a/net/ipv4/netfilter/ip_nat_standalone.c
+++ b/net/ipv4/netfilter/ip_nat_standalone.c
@@ -30,9 +30,6 @@
30#include <net/checksum.h> 30#include <net/checksum.h>
31#include <linux/spinlock.h> 31#include <linux/spinlock.h>
32 32
33#define ASSERT_READ_LOCK(x)
34#define ASSERT_WRITE_LOCK(x)
35
36#include <linux/netfilter_ipv4/ip_nat.h> 33#include <linux/netfilter_ipv4/ip_nat.h>
37#include <linux/netfilter_ipv4/ip_nat_rule.h> 34#include <linux/netfilter_ipv4/ip_nat_rule.h>
38#include <linux/netfilter_ipv4/ip_nat_protocol.h> 35#include <linux/netfilter_ipv4/ip_nat_protocol.h>
@@ -40,7 +37,6 @@
40#include <linux/netfilter_ipv4/ip_nat_helper.h> 37#include <linux/netfilter_ipv4/ip_nat_helper.h>
41#include <linux/netfilter_ipv4/ip_tables.h> 38#include <linux/netfilter_ipv4/ip_tables.h>
42#include <linux/netfilter_ipv4/ip_conntrack_core.h> 39#include <linux/netfilter_ipv4/ip_conntrack_core.h>
43#include <linux/netfilter_ipv4/listhelp.h>
44 40
45#if 0 41#if 0
46#define DEBUGP printk 42#define DEBUGP printk
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-16 14:19:25 -0500