aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--drivers/infiniband/hw/amso1100/c2.c2
-rw-r--r--include/linux/inetdevice.h94
-rw-r--r--net/ipv4/arp.c11
-rw-r--r--net/ipv4/devinet.c264
-rw-r--r--net/ipv4/igmp.c18
-rw-r--r--net/ipv4/ipmr.c12
-rw-r--r--net/ipv4/proc.c2
-rw-r--r--net/ipv4/route.c14
-rw-r--r--net/ipv4/sysctl_net_ipv4.c6
9 files changed, 163 insertions, 260 deletions
diff --git a/drivers/infiniband/hw/amso1100/c2.c b/drivers/infiniband/hw/amso1100/c2.c
index 58bc272bd407..0aecea67f3e6 100644
--- a/drivers/infiniband/hw/amso1100/c2.c
+++ b/drivers/infiniband/hw/amso1100/c2.c
@@ -672,7 +672,7 @@ static int c2_up(struct net_device *netdev)
672 * rdma interface. 672 * rdma interface.
673 */ 673 */
674 in_dev = in_dev_get(netdev); 674 in_dev = in_dev_get(netdev);
675 in_dev->cnf.arp_ignore = 1; 675 IN_DEV_CONF_SET(in_dev, ARP_IGNORE, 1);
676 in_dev_put(in_dev); 676 in_dev_put(in_dev);
677 677
678 return 0; 678 return 0;
diff --git a/include/linux/inetdevice.h b/include/linux/inetdevice.h
index c0f7aec331c2..1ef174d83e09 100644
--- a/include/linux/inetdevice.h
+++ b/include/linux/inetdevice.h
@@ -10,28 +10,8 @@
10 10
11struct ipv4_devconf 11struct ipv4_devconf
12{ 12{
13 int accept_redirects;
14 int send_redirects;
15 int secure_redirects;
16 int shared_media;
17 int accept_source_route;
18 int rp_filter;
19 int proxy_arp;
20 int bootp_relay;
21 int log_martians;
22 int forwarding;
23 int mc_forwarding;
24 int tag;
25 int arp_filter;
26 int arp_announce;
27 int arp_ignore;
28 int arp_accept;
29 int medium_id;
30 int no_xfrm;
31 int no_policy;
32 int force_igmp_version;
33 int promote_secondaries;
34 void *sysctl; 13 void *sysctl;
14 int data[__NET_IPV4_CONF_MAX - 1];
35}; 15};
36 16
37extern struct ipv4_devconf ipv4_devconf; 17extern struct ipv4_devconf ipv4_devconf;
@@ -60,30 +40,64 @@ struct in_device
60 struct rcu_head rcu_head; 40 struct rcu_head rcu_head;
61}; 41};
62 42
63#define IN_DEV_FORWARD(in_dev) ((in_dev)->cnf.forwarding) 43#define IPV4_DEVCONF(cnf, attr) ((cnf).data[NET_IPV4_CONF_ ## attr - 1])
64#define IN_DEV_MFORWARD(in_dev) (ipv4_devconf.mc_forwarding && (in_dev)->cnf.mc_forwarding) 44#define IPV4_DEVCONF_ALL(attr) IPV4_DEVCONF(ipv4_devconf, attr)
65#define IN_DEV_RPFILTER(in_dev) (ipv4_devconf.rp_filter && (in_dev)->cnf.rp_filter) 45
66#define IN_DEV_SOURCE_ROUTE(in_dev) (ipv4_devconf.accept_source_route && (in_dev)->cnf.accept_source_route) 46static inline int ipv4_devconf_get(struct in_device *in_dev, int index)
67#define IN_DEV_BOOTP_RELAY(in_dev) (ipv4_devconf.bootp_relay && (in_dev)->cnf.bootp_relay) 47{
68 48 index--;
69#define IN_DEV_LOG_MARTIANS(in_dev) (ipv4_devconf.log_martians || (in_dev)->cnf.log_martians) 49 return in_dev->cnf.data[index];
70#define IN_DEV_PROXY_ARP(in_dev) (ipv4_devconf.proxy_arp || (in_dev)->cnf.proxy_arp) 50}
71#define IN_DEV_SHARED_MEDIA(in_dev) (ipv4_devconf.shared_media || (in_dev)->cnf.shared_media) 51
72#define IN_DEV_TX_REDIRECTS(in_dev) (ipv4_devconf.send_redirects || (in_dev)->cnf.send_redirects) 52static inline void ipv4_devconf_set(struct in_device *in_dev, int index,
73#define IN_DEV_SEC_REDIRECTS(in_dev) (ipv4_devconf.secure_redirects || (in_dev)->cnf.secure_redirects) 53 int val)
74#define IN_DEV_IDTAG(in_dev) ((in_dev)->cnf.tag) 54{
75#define IN_DEV_MEDIUM_ID(in_dev) ((in_dev)->cnf.medium_id) 55 index--;
76#define IN_DEV_PROMOTE_SECONDARIES(in_dev) (ipv4_devconf.promote_secondaries || (in_dev)->cnf.promote_secondaries) 56 in_dev->cnf.data[index] = val;
57}
58
59#define IN_DEV_CONF_GET(in_dev, attr) \
60 ipv4_devconf_get((in_dev), NET_IPV4_CONF_ ## attr)
61#define IN_DEV_CONF_SET(in_dev, attr, val) \
62 ipv4_devconf_set((in_dev), NET_IPV4_CONF_ ## attr, (val))
63
64#define IN_DEV_ANDCONF(in_dev, attr) \
65 (IPV4_DEVCONF_ALL(attr) && IN_DEV_CONF_GET((in_dev), attr))
66#define IN_DEV_ORCONF(in_dev, attr) \
67 (IPV4_DEVCONF_ALL(attr) || IN_DEV_CONF_GET((in_dev), attr))
68#define IN_DEV_MAXCONF(in_dev, attr) \
69 (max(IPV4_DEVCONF_ALL(attr), IN_DEV_CONF_GET((in_dev), attr)))
70
71#define IN_DEV_FORWARD(in_dev) IN_DEV_CONF_GET((in_dev), FORWARDING)
72#define IN_DEV_MFORWARD(in_dev) (IPV4_DEVCONF_ALL(MC_FORWARDING) && \
73 IPV4_DEVCONF((in_dev)->cnf, \
74 MC_FORWARDING))
75#define IN_DEV_RPFILTER(in_dev) IN_DEV_ANDCONF((in_dev), RP_FILTER)
76#define IN_DEV_SOURCE_ROUTE(in_dev) IN_DEV_ANDCONF((in_dev), \
77 ACCEPT_SOURCE_ROUTE)
78#define IN_DEV_BOOTP_RELAY(in_dev) IN_DEV_ANDCONF((in_dev), BOOTP_RELAY)
79
80#define IN_DEV_LOG_MARTIANS(in_dev) IN_DEV_ORCONF((in_dev), LOG_MARTIANS)
81#define IN_DEV_PROXY_ARP(in_dev) IN_DEV_ORCONF((in_dev), PROXY_ARP)
82#define IN_DEV_SHARED_MEDIA(in_dev) IN_DEV_ORCONF((in_dev), SHARED_MEDIA)
83#define IN_DEV_TX_REDIRECTS(in_dev) IN_DEV_ORCONF((in_dev), SEND_REDIRECTS)
84#define IN_DEV_SEC_REDIRECTS(in_dev) IN_DEV_ORCONF((in_dev), \
85 SECURE_REDIRECTS)
86#define IN_DEV_IDTAG(in_dev) IN_DEV_CONF_GET(in_dev, TAG)
87#define IN_DEV_MEDIUM_ID(in_dev) IN_DEV_CONF_GET(in_dev, MEDIUM_ID)
88#define IN_DEV_PROMOTE_SECONDARIES(in_dev) \
89 IN_DEV_ORCONF((in_dev), \
90 PROMOTE_SECONDARIES)
77 91
78#define IN_DEV_RX_REDIRECTS(in_dev) \ 92#define IN_DEV_RX_REDIRECTS(in_dev) \
79 ((IN_DEV_FORWARD(in_dev) && \ 93 ((IN_DEV_FORWARD(in_dev) && \
80 (ipv4_devconf.accept_redirects && (in_dev)->cnf.accept_redirects)) \ 94 IN_DEV_ANDCONF((in_dev), ACCEPT_REDIRECTS)) \
81 || (!IN_DEV_FORWARD(in_dev) && \ 95 || (!IN_DEV_FORWARD(in_dev) && \
82 (ipv4_devconf.accept_redirects || (in_dev)->cnf.accept_redirects))) 96 IN_DEV_ORCONF((in_dev), ACCEPT_REDIRECTS)))
83 97
84#define IN_DEV_ARPFILTER(in_dev) (ipv4_devconf.arp_filter || (in_dev)->cnf.arp_filter) 98#define IN_DEV_ARPFILTER(in_dev) IN_DEV_ORCONF((in_dev), ARPFILTER)
85#define IN_DEV_ARP_ANNOUNCE(in_dev) (max(ipv4_devconf.arp_announce, (in_dev)->cnf.arp_announce)) 99#define IN_DEV_ARP_ANNOUNCE(in_dev) IN_DEV_MAXCONF((in_dev), ARP_ANNOUNCE)
86#define IN_DEV_ARP_IGNORE(in_dev) (max(ipv4_devconf.arp_ignore, (in_dev)->cnf.arp_ignore)) 100#define IN_DEV_ARP_IGNORE(in_dev) IN_DEV_MAXCONF((in_dev), ARP_IGNORE)
87 101
88struct in_ifaddr 102struct in_ifaddr
89{ 103{
diff --git a/net/ipv4/arp.c b/net/ipv4/arp.c
index 7110779a0244..e00767e8ebd9 100644
--- a/net/ipv4/arp.c
+++ b/net/ipv4/arp.c
@@ -877,7 +877,7 @@ static int arp_process(struct sk_buff *skb)
877 877
878 n = __neigh_lookup(&arp_tbl, &sip, dev, 0); 878 n = __neigh_lookup(&arp_tbl, &sip, dev, 0);
879 879
880 if (ipv4_devconf.arp_accept) { 880 if (IPV4_DEVCONF_ALL(ARP_ACCEPT)) {
881 /* Unsolicited ARP is not accepted by default. 881 /* Unsolicited ARP is not accepted by default.
882 It is possible, that this option should be enabled for some 882 It is possible, that this option should be enabled for some
883 devices (strip is candidate) 883 devices (strip is candidate)
@@ -987,11 +987,11 @@ static int arp_req_set(struct arpreq *r, struct net_device * dev)
987 return 0; 987 return 0;
988 } 988 }
989 if (dev == NULL) { 989 if (dev == NULL) {
990 ipv4_devconf.proxy_arp = 1; 990 IPV4_DEVCONF_ALL(PROXY_ARP) = 1;
991 return 0; 991 return 0;
992 } 992 }
993 if (__in_dev_get_rtnl(dev)) { 993 if (__in_dev_get_rtnl(dev)) {
994 __in_dev_get_rtnl(dev)->cnf.proxy_arp = 1; 994 IN_DEV_CONF_SET(__in_dev_get_rtnl(dev), PROXY_ARP, 1);
995 return 0; 995 return 0;
996 } 996 }
997 return -ENXIO; 997 return -ENXIO;
@@ -1093,11 +1093,12 @@ static int arp_req_delete(struct arpreq *r, struct net_device * dev)
1093 return pneigh_delete(&arp_tbl, &ip, dev); 1093 return pneigh_delete(&arp_tbl, &ip, dev);
1094 if (mask == 0) { 1094 if (mask == 0) {
1095 if (dev == NULL) { 1095 if (dev == NULL) {
1096 ipv4_devconf.proxy_arp = 0; 1096 IPV4_DEVCONF_ALL(PROXY_ARP) = 0;
1097 return 0; 1097 return 0;
1098 } 1098 }
1099 if (__in_dev_get_rtnl(dev)) { 1099 if (__in_dev_get_rtnl(dev)) {
1100 __in_dev_get_rtnl(dev)->cnf.proxy_arp = 0; 1100 IN_DEV_CONF_SET(__in_dev_get_rtnl(dev),
1101 PROXY_ARP, 0);
1101 return 0; 1102 return 0;
1102 } 1103 }
1103 return -ENXIO; 1104 return -ENXIO;
diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c
index 88a22d20bf73..00940660739f 100644
--- a/net/ipv4/devinet.c
+++ b/net/ipv4/devinet.c
@@ -64,20 +64,26 @@
64#include <net/rtnetlink.h> 64#include <net/rtnetlink.h>
65 65
66struct ipv4_devconf ipv4_devconf = { 66struct ipv4_devconf ipv4_devconf = {
67 .accept_redirects = 1, 67 .data = {
68 .send_redirects = 1, 68 [NET_IPV4_CONF_ACCEPT_REDIRECTS - 1] = 1,
69 .secure_redirects = 1, 69 [NET_IPV4_CONF_SEND_REDIRECTS - 1] = 1,
70 .shared_media = 1, 70 [NET_IPV4_CONF_SECURE_REDIRECTS - 1] = 1,
71 [NET_IPV4_CONF_SHARED_MEDIA - 1] = 1,
72 },
71}; 73};
72 74
73static struct ipv4_devconf ipv4_devconf_dflt = { 75static struct ipv4_devconf ipv4_devconf_dflt = {
74 .accept_redirects = 1, 76 .data = {
75 .send_redirects = 1, 77 [NET_IPV4_CONF_ACCEPT_REDIRECTS - 1] = 1,
76 .secure_redirects = 1, 78 [NET_IPV4_CONF_SEND_REDIRECTS - 1] = 1,
77 .shared_media = 1, 79 [NET_IPV4_CONF_SECURE_REDIRECTS - 1] = 1,
78 .accept_source_route = 1, 80 [NET_IPV4_CONF_SHARED_MEDIA - 1] = 1,
81 [NET_IPV4_CONF_ACCEPT_SOURCE_ROUTE - 1] = 1,
82 },
79}; 83};
80 84
85#define IPV4_DEVCONF_DFLT(attr) IPV4_DEVCONF(ipv4_devconf_dflt, attr)
86
81static struct nla_policy ifa_ipv4_policy[IFA_MAX+1] __read_mostly = { 87static struct nla_policy ifa_ipv4_policy[IFA_MAX+1] __read_mostly = {
82 [IFA_LOCAL] = { .type = NLA_U32 }, 88 [IFA_LOCAL] = { .type = NLA_U32 },
83 [IFA_ADDRESS] = { .type = NLA_U32 }, 89 [IFA_ADDRESS] = { .type = NLA_U32 },
@@ -1061,8 +1067,8 @@ static int inetdev_event(struct notifier_block *this, unsigned long event,
1061 if (!in_dev) 1067 if (!in_dev)
1062 panic("devinet: " 1068 panic("devinet: "
1063 "Failed to create loopback\n"); 1069 "Failed to create loopback\n");
1064 in_dev->cnf.no_xfrm = 1; 1070 IN_DEV_CONF_SET(in_dev, NOXFRM, 1);
1065 in_dev->cnf.no_policy = 1; 1071 IN_DEV_CONF_SET(in_dev, NOPOLICY, 1);
1066 } 1072 }
1067 } 1073 }
1068 goto out; 1074 goto out;
@@ -1241,10 +1247,10 @@ errout:
1241void inet_forward_change(void) 1247void inet_forward_change(void)
1242{ 1248{
1243 struct net_device *dev; 1249 struct net_device *dev;
1244 int on = ipv4_devconf.forwarding; 1250 int on = IPV4_DEVCONF_ALL(FORWARDING);
1245 1251
1246 ipv4_devconf.accept_redirects = !on; 1252 IPV4_DEVCONF_ALL(ACCEPT_REDIRECTS) = !on;
1247 ipv4_devconf_dflt.forwarding = on; 1253 IPV4_DEVCONF_DFLT(FORWARDING) = on;
1248 1254
1249 read_lock(&dev_base_lock); 1255 read_lock(&dev_base_lock);
1250 for_each_netdev(dev) { 1256 for_each_netdev(dev) {
@@ -1252,7 +1258,7 @@ void inet_forward_change(void)
1252 rcu_read_lock(); 1258 rcu_read_lock();
1253 in_dev = __in_dev_get_rcu(dev); 1259 in_dev = __in_dev_get_rcu(dev);
1254 if (in_dev) 1260 if (in_dev)
1255 in_dev->cnf.forwarding = on; 1261 IN_DEV_CONF_SET(in_dev, FORWARDING, on);
1256 rcu_read_unlock(); 1262 rcu_read_unlock();
1257 } 1263 }
1258 read_unlock(&dev_base_lock); 1264 read_unlock(&dev_base_lock);
@@ -1269,9 +1275,9 @@ static int devinet_sysctl_forward(ctl_table *ctl, int write,
1269 int ret = proc_dointvec(ctl, write, filp, buffer, lenp, ppos); 1275 int ret = proc_dointvec(ctl, write, filp, buffer, lenp, ppos);
1270 1276
1271 if (write && *valp != val) { 1277 if (write && *valp != val) {
1272 if (valp == &ipv4_devconf.forwarding) 1278 if (valp == &IPV4_DEVCONF_ALL(FORWARDING))
1273 inet_forward_change(); 1279 inet_forward_change();
1274 else if (valp != &ipv4_devconf_dflt.forwarding) 1280 else if (valp != &IPV4_DEVCONF_DFLT(FORWARDING))
1275 rt_cache_flush(0); 1281 rt_cache_flush(0);
1276 } 1282 }
1277 1283
@@ -1333,6 +1339,31 @@ int ipv4_doint_and_flush_strategy(ctl_table *table, int __user *name, int nlen,
1333} 1339}
1334 1340
1335 1341
1342#define DEVINET_SYSCTL_ENTRY(attr, name, mval, proc, sysctl) \
1343 { \
1344 .ctl_name = NET_IPV4_CONF_ ## attr, \
1345 .procname = name, \
1346 .data = ipv4_devconf.data + \
1347 NET_IPV4_CONF_ ## attr - 1, \
1348 .maxlen = sizeof(int), \
1349 .mode = mval, \
1350 .proc_handler = proc, \
1351 .strategy = sysctl, \
1352 }
1353
1354#define DEVINET_SYSCTL_RW_ENTRY(attr, name) \
1355 DEVINET_SYSCTL_ENTRY(attr, name, 0644, &proc_dointvec, NULL)
1356
1357#define DEVINET_SYSCTL_RO_ENTRY(attr, name) \
1358 DEVINET_SYSCTL_ENTRY(attr, name, 0444, &proc_dointvec, NULL)
1359
1360#define DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, proc, sysctl) \
1361 DEVINET_SYSCTL_ENTRY(attr, name, 0644, proc, sysctl)
1362
1363#define DEVINET_SYSCTL_FLUSHING_ENTRY(attr, name) \
1364 DEVINET_SYSCTL_COMPLEX_ENTRY(attr, name, ipv4_doint_and_flush, \
1365 ipv4_doint_and_flush_strategy)
1366
1336static struct devinet_sysctl_table { 1367static struct devinet_sysctl_table {
1337 struct ctl_table_header *sysctl_header; 1368 struct ctl_table_header *sysctl_header;
1338 ctl_table devinet_vars[__NET_IPV4_CONF_MAX]; 1369 ctl_table devinet_vars[__NET_IPV4_CONF_MAX];
@@ -1342,178 +1373,33 @@ static struct devinet_sysctl_table {
1342 ctl_table devinet_root_dir[2]; 1373 ctl_table devinet_root_dir[2];
1343} devinet_sysctl = { 1374} devinet_sysctl = {
1344 .devinet_vars = { 1375 .devinet_vars = {
1345 { 1376 DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding",
1346 .ctl_name = NET_IPV4_CONF_FORWARDING, 1377 devinet_sysctl_forward, NULL),
1347 .procname = "forwarding", 1378 DEVINET_SYSCTL_RO_ENTRY(MC_FORWARDING, "mc_forwarding"),
1348 .data = &ipv4_devconf.forwarding, 1379
1349 .maxlen = sizeof(int), 1380 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_REDIRECTS, "accept_redirects"),
1350 .mode = 0644, 1381 DEVINET_SYSCTL_RW_ENTRY(SECURE_REDIRECTS, "secure_redirects"),
1351 .proc_handler = &devinet_sysctl_forward, 1382 DEVINET_SYSCTL_RW_ENTRY(SHARED_MEDIA, "shared_media"),
1352 }, 1383 DEVINET_SYSCTL_RW_ENTRY(RP_FILTER, "rp_filter"),
1353 { 1384 DEVINET_SYSCTL_RW_ENTRY(SEND_REDIRECTS, "send_redirects"),
1354 .ctl_name = NET_IPV4_CONF_MC_FORWARDING, 1385 DEVINET_SYSCTL_RW_ENTRY(ACCEPT_SOURCE_ROUTE,
1355 .procname = "mc_forwarding", 1386 "accept_source_route"),
1356 .data = &ipv4_devconf.mc_forwarding, 1387 DEVINET_SYSCTL_RW_ENTRY(PROXY_ARP, "proxy_arp"),
1357 .maxlen = sizeof(int), 1388 DEVINET_SYSCTL_RW_ENTRY(MEDIUM_ID, "medium_id"),
1358 .mode = 0444, 1389 DEVINET_SYSCTL_RW_ENTRY(BOOTP_RELAY, "bootp_relay"),
1359 .proc_handler = &proc_dointvec, 1390 DEVINET_SYSCTL_RW_ENTRY(LOG_MARTIANS, "log_martians"),
1360 }, 1391 DEVINET_SYSCTL_RW_ENTRY(TAG, "tag"),
1361 { 1392 DEVINET_SYSCTL_RW_ENTRY(ARPFILTER, "arp_filter"),
1362 .ctl_name = NET_IPV4_CONF_ACCEPT_REDIRECTS, 1393 DEVINET_SYSCTL_RW_ENTRY(ARP_ANNOUNCE, "arp_announce"),
1363 .procname = "accept_redirects", 1394 DEVINET_SYSCTL_RW_ENTRY(ARP_IGNORE, "arp_ignore"),
1364 .data = &ipv4_devconf.accept_redirects, 1395 DEVINET_SYSCTL_RW_ENTRY(ARP_ACCEPT, "arp_accept"),
1365 .maxlen = sizeof(int), 1396
1366 .mode = 0644, 1397 DEVINET_SYSCTL_FLUSHING_ENTRY(NOXFRM, "disable_xfrm"),
1367 .proc_handler = &proc_dointvec, 1398 DEVINET_SYSCTL_FLUSHING_ENTRY(NOPOLICY, "disable_policy"),
1368 }, 1399 DEVINET_SYSCTL_FLUSHING_ENTRY(FORCE_IGMP_VERSION,
1369 { 1400 "force_igmp_version"),
1370 .ctl_name = NET_IPV4_CONF_SECURE_REDIRECTS, 1401 DEVINET_SYSCTL_FLUSHING_ENTRY(PROMOTE_SECONDARIES,
1371 .procname = "secure_redirects", 1402 "promote_secondaries"),
1372 .data = &ipv4_devconf.secure_redirects,
1373 .maxlen = sizeof(int),
1374 .mode = 0644,
1375 .proc_handler = &proc_dointvec,
1376 },
1377 {
1378 .ctl_name = NET_IPV4_CONF_SHARED_MEDIA,
1379 .procname = "shared_media",
1380 .data = &ipv4_devconf.shared_media,
1381 .maxlen = sizeof(int),
1382 .mode = 0644,
1383 .proc_handler = &proc_dointvec,
1384 },
1385 {
1386 .ctl_name = NET_IPV4_CONF_RP_FILTER,
1387 .procname = "rp_filter",
1388 .data = &ipv4_devconf.rp_filter,
1389 .maxlen = sizeof(int),
1390 .mode = 0644,
1391 .proc_handler = &proc_dointvec,
1392 },
1393 {
1394 .ctl_name = NET_IPV4_CONF_SEND_REDIRECTS,
1395 .procname = "send_redirects",
1396 .data = &ipv4_devconf.send_redirects,
1397 .maxlen = sizeof(int),
1398 .mode = 0644,
1399 .proc_handler = &proc_dointvec,
1400 },
1401 {
1402 .ctl_name = NET_IPV4_CONF_ACCEPT_SOURCE_ROUTE,
1403 .procname = "accept_source_route",
1404 .data = &ipv4_devconf.accept_source_route,
1405 .maxlen = sizeof(int),
1406 .mode = 0644,
1407 .proc_handler = &proc_dointvec,
1408 },
1409 {
1410 .ctl_name = NET_IPV4_CONF_PROXY_ARP,
1411 .procname = "proxy_arp",
1412 .data = &ipv4_devconf.proxy_arp,
1413 .maxlen = sizeof(int),
1414 .mode = 0644,
1415 .proc_handler = &proc_dointvec,
1416 },
1417 {
1418 .ctl_name = NET_IPV4_CONF_MEDIUM_ID,
1419 .procname = "medium_id",
1420 .data = &ipv4_devconf.medium_id,
1421 .maxlen = sizeof(int),
1422 .mode = 0644,
1423 .proc_handler = &proc_dointvec,
1424 },
1425 {
1426 .ctl_name = NET_IPV4_CONF_BOOTP_RELAY,
1427 .procname = "bootp_relay",
1428 .data = &ipv4_devconf.bootp_relay,
1429 .maxlen = sizeof(int),
1430 .mode = 0644,
1431 .proc_handler = &proc_dointvec,
1432 },
1433 {
1434 .ctl_name = NET_IPV4_CONF_LOG_MARTIANS,
1435 .procname = "log_martians",
1436 .data = &ipv4_devconf.log_martians,
1437 .maxlen = sizeof(int),
1438 .mode = 0644,
1439 .proc_handler = &proc_dointvec,
1440 },
1441 {
1442 .ctl_name = NET_IPV4_CONF_TAG,
1443 .procname = "tag",
1444 .data = &ipv4_devconf.tag,
1445 .maxlen = sizeof(int),
1446 .mode = 0644,
1447 .proc_handler = &proc_dointvec,
1448 },
1449 {
1450 .ctl_name = NET_IPV4_CONF_ARPFILTER,
1451 .procname = "arp_filter",
1452 .data = &ipv4_devconf.arp_filter,
1453 .maxlen = sizeof(int),
1454 .mode = 0644,
1455 .proc_handler = &proc_dointvec,
1456 },
1457 {
1458 .ctl_name = NET_IPV4_CONF_ARP_ANNOUNCE,
1459 .procname = "arp_announce",
1460 .data = &ipv4_devconf.arp_announce,
1461 .maxlen = sizeof(int),
1462 .mode = 0644,
1463 .proc_handler = &proc_dointvec,
1464 },
1465 {
1466 .ctl_name = NET_IPV4_CONF_ARP_IGNORE,
1467 .procname = "arp_ignore",
1468 .data = &ipv4_devconf.arp_ignore,
1469 .maxlen = sizeof(int),
1470 .mode = 0644,
1471 .proc_handler = &proc_dointvec,
1472 },
1473 {
1474 .ctl_name = NET_IPV4_CONF_ARP_ACCEPT,
1475 .procname = "arp_accept",
1476 .data = &ipv4_devconf.arp_accept,
1477 .maxlen = sizeof(int),
1478 .mode = 0644,
1479 .proc_handler = &proc_dointvec,
1480 },
1481 {
1482 .ctl_name = NET_IPV4_CONF_NOXFRM,
1483 .procname = "disable_xfrm",
1484 .data = &ipv4_devconf.no_xfrm,
1485 .maxlen = sizeof(int),
1486 .mode = 0644,
1487 .proc_handler = &ipv4_doint_and_flush,
1488 .strategy = &ipv4_doint_and_flush_strategy,
1489 },
1490 {
1491 .ctl_name = NET_IPV4_CONF_NOPOLICY,
1492 .procname = "disable_policy",
1493 .data = &ipv4_devconf.no_policy,
1494 .maxlen = sizeof(int),
1495 .mode = 0644,
1496 .proc_handler = &ipv4_doint_and_flush,
1497 .strategy = &ipv4_doint_and_flush_strategy,
1498 },
1499 {
1500 .ctl_name = NET_IPV4_CONF_FORCE_IGMP_VERSION,
1501 .procname = "force_igmp_version",
1502 .data = &ipv4_devconf.force_igmp_version,
1503 .maxlen = sizeof(int),
1504 .mode = 0644,
1505 .proc_handler = &ipv4_doint_and_flush,
1506 .strategy = &ipv4_doint_and_flush_strategy,
1507 },
1508 {
1509 .ctl_name = NET_IPV4_CONF_PROMOTE_SECONDARIES,
1510 .procname = "promote_secondaries",
1511 .data = &ipv4_devconf.promote_secondaries,
1512 .maxlen = sizeof(int),
1513 .mode = 0644,
1514 .proc_handler = &ipv4_doint_and_flush,
1515 .strategy = &ipv4_doint_and_flush_strategy,
1516 },
1517 }, 1403 },
1518 .devinet_dev = { 1404 .devinet_dev = {
1519 { 1405 {
diff --git a/net/ipv4/igmp.c b/net/ipv4/igmp.c
index f4dd47453108..a646409c2d06 100644
--- a/net/ipv4/igmp.c
+++ b/net/ipv4/igmp.c
@@ -128,14 +128,16 @@
128 * contradict to specs provided this delay is small enough. 128 * contradict to specs provided this delay is small enough.
129 */ 129 */
130 130
131#define IGMP_V1_SEEN(in_dev) (ipv4_devconf.force_igmp_version == 1 || \ 131#define IGMP_V1_SEEN(in_dev) \
132 (in_dev)->cnf.force_igmp_version == 1 || \ 132 (IPV4_DEVCONF_ALL(FORCE_IGMP_VERSION) == 1 || \
133 ((in_dev)->mr_v1_seen && \ 133 IN_DEV_CONF_GET((in_dev), FORCE_IGMP_VERSION) == 1 || \
134 time_before(jiffies, (in_dev)->mr_v1_seen))) 134 ((in_dev)->mr_v1_seen && \
135#define IGMP_V2_SEEN(in_dev) (ipv4_devconf.force_igmp_version == 2 || \ 135 time_before(jiffies, (in_dev)->mr_v1_seen)))
136 (in_dev)->cnf.force_igmp_version == 2 || \ 136#define IGMP_V2_SEEN(in_dev) \
137 ((in_dev)->mr_v2_seen && \ 137 (IPV4_DEVCONF_ALL(FORCE_IGMP_VERSION) == 2 || \
138 time_before(jiffies, (in_dev)->mr_v2_seen))) 138 IN_DEV_CONF_GET((in_dev), FORCE_IGMP_VERSION) == 2 || \
139 ((in_dev)->mr_v2_seen && \
140 time_before(jiffies, (in_dev)->mr_v2_seen)))
139 141
140static void igmpv3_add_delrec(struct in_device *in_dev, struct ip_mc_list *im); 142static void igmpv3_add_delrec(struct in_device *in_dev, struct ip_mc_list *im);
141static void igmpv3_del_delrec(struct in_device *in_dev, __be32 multiaddr); 143static void igmpv3_del_delrec(struct in_device *in_dev, __be32 multiaddr);
diff --git a/net/ipv4/ipmr.c b/net/ipv4/ipmr.c
index 0ebae413ae87..d570d3ad40a9 100644
--- a/net/ipv4/ipmr.c
+++ b/net/ipv4/ipmr.c
@@ -154,7 +154,7 @@ struct net_device *ipmr_new_tunnel(struct vifctl *v)
154 in_dev = __in_dev_get_rtnl(dev); 154 in_dev = __in_dev_get_rtnl(dev);
155 if (in_dev == NULL && (in_dev = inetdev_init(dev)) == NULL) 155 if (in_dev == NULL && (in_dev = inetdev_init(dev)) == NULL)
156 goto failure; 156 goto failure;
157 in_dev->cnf.rp_filter = 0; 157 IN_DEV_CONF_SET(in_dev, RP_FILTER, 0);
158 158
159 if (dev_open(dev)) 159 if (dev_open(dev))
160 goto failure; 160 goto failure;
@@ -221,7 +221,7 @@ static struct net_device *ipmr_reg_vif(void)
221 if ((in_dev = inetdev_init(dev)) == NULL) 221 if ((in_dev = inetdev_init(dev)) == NULL)
222 goto failure; 222 goto failure;
223 223
224 in_dev->cnf.rp_filter = 0; 224 IN_DEV_CONF_SET(in_dev, RP_FILTER, 0);
225 225
226 if (dev_open(dev)) 226 if (dev_open(dev))
227 goto failure; 227 goto failure;
@@ -281,7 +281,7 @@ static int vif_delete(int vifi)
281 dev_set_allmulti(dev, -1); 281 dev_set_allmulti(dev, -1);
282 282
283 if ((in_dev = __in_dev_get_rtnl(dev)) != NULL) { 283 if ((in_dev = __in_dev_get_rtnl(dev)) != NULL) {
284 in_dev->cnf.mc_forwarding--; 284 IPV4_DEVCONF(in_dev->cnf, MC_FORWARDING)--;
285 ip_rt_multicast_event(in_dev); 285 ip_rt_multicast_event(in_dev);
286 } 286 }
287 287
@@ -426,7 +426,7 @@ static int vif_add(struct vifctl *vifc, int mrtsock)
426 426
427 if ((in_dev = __in_dev_get_rtnl(dev)) == NULL) 427 if ((in_dev = __in_dev_get_rtnl(dev)) == NULL)
428 return -EADDRNOTAVAIL; 428 return -EADDRNOTAVAIL;
429 in_dev->cnf.mc_forwarding++; 429 IPV4_DEVCONF(in_dev->cnf, MC_FORWARDING)++;
430 dev_set_allmulti(dev, +1); 430 dev_set_allmulti(dev, +1);
431 ip_rt_multicast_event(in_dev); 431 ip_rt_multicast_event(in_dev);
432 432
@@ -841,7 +841,7 @@ static void mrtsock_destruct(struct sock *sk)
841{ 841{
842 rtnl_lock(); 842 rtnl_lock();
843 if (sk == mroute_socket) { 843 if (sk == mroute_socket) {
844 ipv4_devconf.mc_forwarding--; 844 IPV4_DEVCONF_ALL(MC_FORWARDING)--;
845 845
846 write_lock_bh(&mrt_lock); 846 write_lock_bh(&mrt_lock);
847 mroute_socket=NULL; 847 mroute_socket=NULL;
@@ -890,7 +890,7 @@ int ip_mroute_setsockopt(struct sock *sk,int optname,char __user *optval,int opt
890 mroute_socket=sk; 890 mroute_socket=sk;
891 write_unlock_bh(&mrt_lock); 891 write_unlock_bh(&mrt_lock);
892 892
893 ipv4_devconf.mc_forwarding++; 893 IPV4_DEVCONF_ALL(MC_FORWARDING)++;
894 } 894 }
895 rtnl_unlock(); 895 rtnl_unlock();
896 return ret; 896 return ret;
diff --git a/net/ipv4/proc.c b/net/ipv4/proc.c
index cdbc6c135849..3b690cf2a4ee 100644
--- a/net/ipv4/proc.c
+++ b/net/ipv4/proc.c
@@ -260,7 +260,7 @@ static int snmp_seq_show(struct seq_file *seq, void *v)
260 seq_printf(seq, " %s", snmp4_ipstats_list[i].name); 260 seq_printf(seq, " %s", snmp4_ipstats_list[i].name);
261 261
262 seq_printf(seq, "\nIp: %d %d", 262 seq_printf(seq, "\nIp: %d %d",
263 ipv4_devconf.forwarding ? 1 : 2, sysctl_ip_default_ttl); 263 IPV4_DEVCONF_ALL(FORWARDING) ? 1 : 2, sysctl_ip_default_ttl);
264 264
265 for (i = 0; snmp4_ipstats_list[i].name != NULL; i++) 265 for (i = 0; snmp4_ipstats_list[i].name != NULL; i++)
266 seq_printf(seq, " %lu", 266 seq_printf(seq, " %lu",
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index 8603cfb271f2..29ca63e81ced 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -1636,7 +1636,7 @@ static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1636 1636
1637 atomic_set(&rth->u.dst.__refcnt, 1); 1637 atomic_set(&rth->u.dst.__refcnt, 1);
1638 rth->u.dst.flags= DST_HOST; 1638 rth->u.dst.flags= DST_HOST;
1639 if (in_dev->cnf.no_policy) 1639 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
1640 rth->u.dst.flags |= DST_NOPOLICY; 1640 rth->u.dst.flags |= DST_NOPOLICY;
1641 rth->fl.fl4_dst = daddr; 1641 rth->fl.fl4_dst = daddr;
1642 rth->rt_dst = daddr; 1642 rth->rt_dst = daddr;
@@ -1778,9 +1778,9 @@ static inline int __mkroute_input(struct sk_buff *skb,
1778 if (res->fi->fib_nhs > 1) 1778 if (res->fi->fib_nhs > 1)
1779 rth->u.dst.flags |= DST_BALANCED; 1779 rth->u.dst.flags |= DST_BALANCED;
1780#endif 1780#endif
1781 if (in_dev->cnf.no_policy) 1781 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
1782 rth->u.dst.flags |= DST_NOPOLICY; 1782 rth->u.dst.flags |= DST_NOPOLICY;
1783 if (out_dev->cnf.no_xfrm) 1783 if (IN_DEV_CONF_GET(out_dev, NOXFRM))
1784 rth->u.dst.flags |= DST_NOXFRM; 1784 rth->u.dst.flags |= DST_NOXFRM;
1785 rth->fl.fl4_dst = daddr; 1785 rth->fl.fl4_dst = daddr;
1786 rth->rt_dst = daddr; 1786 rth->rt_dst = daddr;
@@ -2021,7 +2021,7 @@ local_input:
2021 2021
2022 atomic_set(&rth->u.dst.__refcnt, 1); 2022 atomic_set(&rth->u.dst.__refcnt, 1);
2023 rth->u.dst.flags= DST_HOST; 2023 rth->u.dst.flags= DST_HOST;
2024 if (in_dev->cnf.no_policy) 2024 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
2025 rth->u.dst.flags |= DST_NOPOLICY; 2025 rth->u.dst.flags |= DST_NOPOLICY;
2026 rth->fl.fl4_dst = daddr; 2026 rth->fl.fl4_dst = daddr;
2027 rth->rt_dst = daddr; 2027 rth->rt_dst = daddr;
@@ -2218,9 +2218,9 @@ static inline int __mkroute_output(struct rtable **result,
2218 rth->u.dst.flags |= DST_BALANCED; 2218 rth->u.dst.flags |= DST_BALANCED;
2219 } 2219 }
2220#endif 2220#endif
2221 if (in_dev->cnf.no_xfrm) 2221 if (IN_DEV_CONF_GET(in_dev, NOXFRM))
2222 rth->u.dst.flags |= DST_NOXFRM; 2222 rth->u.dst.flags |= DST_NOXFRM;
2223 if (in_dev->cnf.no_policy) 2223 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
2224 rth->u.dst.flags |= DST_NOPOLICY; 2224 rth->u.dst.flags |= DST_NOPOLICY;
2225 2225
2226 rth->fl.fl4_dst = oldflp->fl4_dst; 2226 rth->fl.fl4_dst = oldflp->fl4_dst;
@@ -2759,7 +2759,7 @@ static int rt_fill_info(struct sk_buff *skb, u32 pid, u32 seq, int event,
2759 __be32 dst = rt->rt_dst; 2759 __be32 dst = rt->rt_dst;
2760 2760
2761 if (MULTICAST(dst) && !LOCAL_MCAST(dst) && 2761 if (MULTICAST(dst) && !LOCAL_MCAST(dst) &&
2762 ipv4_devconf.mc_forwarding) { 2762 IPV4_DEVCONF_ALL(MC_FORWARDING)) {
2763 int err = ipmr_get_route(skb, r, nowait); 2763 int err = ipmr_get_route(skb, r, nowait);
2764 if (err <= 0) { 2764 if (err <= 0) {
2765 if (!nowait) { 2765 if (!nowait) {
diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c
index 6817d6485df5..53ef0f4bbdaa 100644
--- a/net/ipv4/sysctl_net_ipv4.c
+++ b/net/ipv4/sysctl_net_ipv4.c
@@ -37,12 +37,12 @@ static
37int ipv4_sysctl_forward(ctl_table *ctl, int write, struct file * filp, 37int ipv4_sysctl_forward(ctl_table *ctl, int write, struct file * filp,
38 void __user *buffer, size_t *lenp, loff_t *ppos) 38 void __user *buffer, size_t *lenp, loff_t *ppos)
39{ 39{
40 int val = ipv4_devconf.forwarding; 40 int val = IPV4_DEVCONF_ALL(FORWARDING);
41 int ret; 41 int ret;
42 42
43 ret = proc_dointvec(ctl, write, filp, buffer, lenp, ppos); 43 ret = proc_dointvec(ctl, write, filp, buffer, lenp, ppos);
44 44
45 if (write && ipv4_devconf.forwarding != val) 45 if (write && IPV4_DEVCONF_ALL(FORWARDING) != val)
46 inet_forward_change(); 46 inet_forward_change();
47 47
48 return ret; 48 return ret;
@@ -222,7 +222,7 @@ ctl_table ipv4_table[] = {
222 { 222 {
223 .ctl_name = NET_IPV4_FORWARD, 223 .ctl_name = NET_IPV4_FORWARD,
224 .procname = "ip_forward", 224 .procname = "ip_forward",
225 .data = &ipv4_devconf.forwarding, 225 .data = &IPV4_DEVCONF_ALL(FORWARDING),
226 .maxlen = sizeof(int), 226 .maxlen = sizeof(int),
227 .mode = 0644, 227 .mode = 0644,
228 .proc_handler = &ipv4_sysctl_forward, 228 .proc_handler = &ipv4_sysctl_forward,