netfilter: nf_conntrack: prepare namespace support for l4 protocol trackers

This patch prepares the namespace support for layer 4 protocol trackers. Basically, this modifies the following interfaces: * nf_ct_[un]register_sysctl * nf_conntrack_l4proto_[un]register to include the namespace parameter. We still use init_net in this patch to prepare the ground for follow-up patches for each layer 4 protocol tracker. We add a new net_id field to struct nf_conntrack_l4proto that is used to store the pernet_operations id for each layer 4 protocol tracker. Note that AF_INET6's protocols do not need to do sysctl compat. Thus, we only register compat sysctl when l4proto.l3proto != AF_INET6. Acked-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Gao feng <gaofeng@cn.fujitus.com> 2012-05-28 17:04:09 -0400
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2012-06-07 08:58:39 -0400
commit: 2c352f444ccfa966a1aa4fd8e9ee29381c467448 (patch)
tree: befcba86ddf2cdbd73d15e1e2620439158c8e2f4 /net/ipv6
parent: fdb694a01f1fcd30fd16d8aa290c34699fe98a17 (diff)
1 files changed, 9 insertions, 9 deletions
diff --git a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
index 3224ef90a21a..51ad9f104421 100644
--- a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
+++ b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
@@ -340,19 +340,19 @@ static int __init nf_conntrack_l3proto_ipv6_init(void)
        need_conntrack();
        nf_defrag_ipv6_enable();
-        ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_tcp6);
+        ret = nf_conntrack_l4proto_register(&init_net, &nf_conntrack_l4proto_tcp6);
        if (ret < 0) {
                pr_err("nf_conntrack_ipv6: can't register tcp.\n");
                return ret;
        }
-        ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_udp6);
+        ret = nf_conntrack_l4proto_register(&init_net, &nf_conntrack_l4proto_udp6);
        if (ret < 0) {
                pr_err("nf_conntrack_ipv6: can't register udp.\n");
                goto cleanup_tcp;
        }
-        ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_icmpv6);
+        ret = nf_conntrack_l4proto_register(&init_net, &nf_conntrack_l4proto_icmpv6);
        if (ret < 0) {
                pr_err("nf_conntrack_ipv6: can't register icmpv6.\n");
                goto cleanup_udp;
@@ -376,11 +376,11 @@ static int __init nf_conntrack_l3proto_ipv6_init(void)
 cleanup_ipv6:
        nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv6);
 cleanup_icmpv6:
-        nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_icmpv6);
+        nf_conntrack_l4proto_unregister(&init_net, &nf_conntrack_l4proto_icmpv6);
 cleanup_udp:
-        nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_udp6);
+        nf_conntrack_l4proto_unregister(&init_net, &nf_conntrack_l4proto_udp6);
 cleanup_tcp:
-        nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_tcp6);
+        nf_conntrack_l4proto_unregister(&init_net, &nf_conntrack_l4proto_tcp6);
        return ret;
 }
@@ -389,9 +389,9 @@ static void __exit nf_conntrack_l3proto_ipv6_fini(void)
        synchronize_net();
        nf_unregister_hooks(ipv6_conntrack_ops, ARRAY_SIZE(ipv6_conntrack_ops));
        nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv6);
-        nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_icmpv6);
+        nf_conntrack_l4proto_unregister(&init_net, &nf_conntrack_l4proto_icmpv6);
-        nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_udp6);
+        nf_conntrack_l4proto_unregister(&init_net, &nf_conntrack_l4proto_udp6);
-        nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_tcp6);
+        nf_conntrack_l4proto_unregister(&init_net, &nf_conntrack_l4proto_tcp6);
 }
 module_init(nf_conntrack_l3proto_ipv6_init);
author	Gao feng <gaofeng@cn.fujitus.com>	2012-05-28 17:04:09 -0400
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2012-06-07 08:58:39 -0400
commit	2c352f444ccfa966a1aa4fd8e9ee29381c467448 (patch)
tree	befcba86ddf2cdbd73d15e1e2620439158c8e2f4 /net/ipv6
parent	fdb694a01f1fcd30fd16d8aa290c34699fe98a17 (diff)

diff --git a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c index 3224ef90a21a..51ad9f104421 100644 --- a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c +++ b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
@@ -340,19 +340,19 @@ static int __init nf_conntrack_l3proto_ipv6_init(void)
340	need_conntrack();	340	need_conntrack();
341	nf_defrag_ipv6_enable();	341	nf_defrag_ipv6_enable();
342		342
343	ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_tcp6);	343	ret = nf_conntrack_l4proto_register(&init_net, &nf_conntrack_l4proto_tcp6);
344	if (ret < 0) {	344	if (ret < 0) {
345	pr_err("nf_conntrack_ipv6: can't register tcp.\n");	345	pr_err("nf_conntrack_ipv6: can't register tcp.\n");
346	return ret;	346	return ret;
347	}	347	}
348		348
349	ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_udp6);	349	ret = nf_conntrack_l4proto_register(&init_net, &nf_conntrack_l4proto_udp6);
350	if (ret < 0) {	350	if (ret < 0) {
351	pr_err("nf_conntrack_ipv6: can't register udp.\n");	351	pr_err("nf_conntrack_ipv6: can't register udp.\n");
352	goto cleanup_tcp;	352	goto cleanup_tcp;
353	}	353	}
354		354
355	ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_icmpv6);	355	ret = nf_conntrack_l4proto_register(&init_net, &nf_conntrack_l4proto_icmpv6);
356	if (ret < 0) {	356	if (ret < 0) {
357	pr_err("nf_conntrack_ipv6: can't register icmpv6.\n");	357	pr_err("nf_conntrack_ipv6: can't register icmpv6.\n");
358	goto cleanup_udp;	358	goto cleanup_udp;
@@ -376,11 +376,11 @@ static int __init nf_conntrack_l3proto_ipv6_init(void)
376	cleanup_ipv6:	376	cleanup_ipv6:
377	nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv6);	377	nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv6);
378	cleanup_icmpv6:	378	cleanup_icmpv6:
379	nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_icmpv6);	379	nf_conntrack_l4proto_unregister(&init_net, &nf_conntrack_l4proto_icmpv6);
380	cleanup_udp:	380	cleanup_udp:
381	nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_udp6);	381	nf_conntrack_l4proto_unregister(&init_net, &nf_conntrack_l4proto_udp6);
382	cleanup_tcp:	382	cleanup_tcp:
383	nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_tcp6);	383	nf_conntrack_l4proto_unregister(&init_net, &nf_conntrack_l4proto_tcp6);
384	return ret;	384	return ret;
385	}	385	}
386		386
@@ -389,9 +389,9 @@ static void __exit nf_conntrack_l3proto_ipv6_fini(void)
389	synchronize_net();	389	synchronize_net();
390	nf_unregister_hooks(ipv6_conntrack_ops, ARRAY_SIZE(ipv6_conntrack_ops));	390	nf_unregister_hooks(ipv6_conntrack_ops, ARRAY_SIZE(ipv6_conntrack_ops));
391	nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv6);	391	nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv6);
392	nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_icmpv6);	392	nf_conntrack_l4proto_unregister(&init_net, &nf_conntrack_l4proto_icmpv6);
393	nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_udp6);	393	nf_conntrack_l4proto_unregister(&init_net, &nf_conntrack_l4proto_udp6);
394	nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_tcp6);	394	nf_conntrack_l4proto_unregister(&init_net, &nf_conntrack_l4proto_tcp6);
395	}	395	}
396		396
397	module_init(nf_conntrack_l3proto_ipv6_init);	397	module_init(nf_conntrack_l3proto_ipv6_init);