aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv4
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2008-03-25 23:09:15 -0400
committerDavid S. Miller <davem@davemloft.net>2008-03-25 23:09:15 -0400
commit6002f266b3e7f0acc2d5158cddbed41730b02e82 (patch)
treef776f47618eef4da0d6c43b6f34fe6634d426a8d /net/ipv4
parent359b9ab614aba71c2c3bc047efbd6d12dd4a2b9e (diff)
[NETFILTER]: nf_conntrack: introduce expectation classes and policies
Introduce expectation classes and policies. An expectation class is used to distinguish different types of expectations by the same helper (for example audio/video/t.120). The expectation policy is used to hold the maximum number of expectations and the initial timeout for each class. The individual classes are isolated from each other, which means that for example an audio expectation will only evict other audio expectations. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4')
-rw-r--r--net/ipv4/netfilter/nf_nat_snmp_basic.c12
1 files changed, 8 insertions, 4 deletions
diff --git a/net/ipv4/netfilter/nf_nat_snmp_basic.c b/net/ipv4/netfilter/nf_nat_snmp_basic.c
index 540ce6ae887c..000e080bac5c 100644
--- a/net/ipv4/netfilter/nf_nat_snmp_basic.c
+++ b/net/ipv4/netfilter/nf_nat_snmp_basic.c
@@ -50,6 +50,7 @@
50#include <net/udp.h> 50#include <net/udp.h>
51 51
52#include <net/netfilter/nf_nat.h> 52#include <net/netfilter/nf_nat.h>
53#include <net/netfilter/nf_conntrack_expect.h>
53#include <net/netfilter/nf_conntrack_helper.h> 54#include <net/netfilter/nf_conntrack_helper.h>
54#include <net/netfilter/nf_nat_helper.h> 55#include <net/netfilter/nf_nat_helper.h>
55 56
@@ -1267,11 +1268,15 @@ static int help(struct sk_buff *skb, unsigned int protoff,
1267 return ret; 1268 return ret;
1268} 1269}
1269 1270
1271static const struct nf_conntrack_expect_policy snmp_exp_policy = {
1272 .max_expected = 0,
1273 .timeout = 180,
1274};
1275
1270static struct nf_conntrack_helper snmp_helper __read_mostly = { 1276static struct nf_conntrack_helper snmp_helper __read_mostly = {
1271 .max_expected = 0,
1272 .timeout = 180,
1273 .me = THIS_MODULE, 1277 .me = THIS_MODULE,
1274 .help = help, 1278 .help = help,
1279 .expect_policy = &snmp_exp_policy,
1275 .name = "snmp", 1280 .name = "snmp",
1276 .tuple.src.l3num = AF_INET, 1281 .tuple.src.l3num = AF_INET,
1277 .tuple.src.u.udp.port = __constant_htons(SNMP_PORT), 1282 .tuple.src.u.udp.port = __constant_htons(SNMP_PORT),
@@ -1279,10 +1284,9 @@ static struct nf_conntrack_helper snmp_helper __read_mostly = {
1279}; 1284};
1280 1285
1281static struct nf_conntrack_helper snmp_trap_helper __read_mostly = { 1286static struct nf_conntrack_helper snmp_trap_helper __read_mostly = {
1282 .max_expected = 0,
1283 .timeout = 180,
1284 .me = THIS_MODULE, 1287 .me = THIS_MODULE,
1285 .help = help, 1288 .help = help,
1289 .expect_policy = &snmp_exp_policy,
1286 .name = "snmp_trap", 1290 .name = "snmp_trap",
1287 .tuple.src.l3num = AF_INET, 1291 .tuple.src.l3num = AF_INET,
1288 .tuple.src.u.udp.port = __constant_htons(SNMP_TRAP_PORT), 1292 .tuple.src.u.udp.port = __constant_htons(SNMP_TRAP_PORT),