aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--include/net/netfilter/ipv4/nf_conntrack_ipv4.h4
-rw-r--r--include/net/netfilter/ipv6/nf_conntrack_ipv6.h25
-rw-r--r--include/net/netfilter/nf_conntrack.h5
-rw-r--r--net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c6
-rw-r--r--net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c18
-rw-r--r--net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c3
-rw-r--r--net/netfilter/nf_conntrack_expect.c1
-rw-r--r--net/netfilter/nf_conntrack_l3proto_generic.c2
-rw-r--r--net/netfilter/nf_conntrack_standalone.c7
9 files changed, 34 insertions, 37 deletions
diff --git a/include/net/netfilter/ipv4/nf_conntrack_ipv4.h b/include/net/netfilter/ipv4/nf_conntrack_ipv4.h
index 91684436af8e..8c4f7e89ce55 100644
--- a/include/net/netfilter/ipv4/nf_conntrack_ipv4.h
+++ b/include/net/netfilter/ipv4/nf_conntrack_ipv4.h
@@ -37,4 +37,8 @@ struct nf_conntrack_ipv4 {
37struct sk_buff * 37struct sk_buff *
38nf_ct_ipv4_ct_gather_frags(struct sk_buff *skb); 38nf_ct_ipv4_ct_gather_frags(struct sk_buff *skb);
39 39
40extern struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp4;
41extern struct nf_conntrack_l4proto nf_conntrack_l4proto_udp4;
42extern struct nf_conntrack_l4proto nf_conntrack_l4proto_icmp;
43
40#endif /*_NF_CONNTRACK_IPV4_H*/ 44#endif /*_NF_CONNTRACK_IPV4_H*/
diff --git a/include/net/netfilter/ipv6/nf_conntrack_ipv6.h b/include/net/netfilter/ipv6/nf_conntrack_ipv6.h
new file mode 100644
index 000000000000..b4b6049e01fa
--- /dev/null
+++ b/include/net/netfilter/ipv6/nf_conntrack_ipv6.h
@@ -0,0 +1,25 @@
1#ifndef _NF_CONNTRACK_IPV6_H
2#define _NF_CONNTRACK_IPV6_H
3
4extern struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6;
5
6extern struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp6;
7extern struct nf_conntrack_l4proto nf_conntrack_l4proto_udp6;
8extern struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6;
9
10extern int nf_ct_ipv6_skip_exthdr(struct sk_buff *skb, int start,
11 u8 *nexthdrp, int len);
12
13extern int nf_ct_frag6_init(void);
14extern void nf_ct_frag6_cleanup(void);
15extern struct sk_buff *nf_ct_frag6_gather(struct sk_buff *skb);
16extern void nf_ct_frag6_output(unsigned int hooknum, struct sk_buff *skb,
17 struct net_device *in,
18 struct net_device *out,
19 int (*okfn)(struct sk_buff *));
20
21extern unsigned int nf_ct_frag6_timeout;
22extern unsigned int nf_ct_frag6_low_thresh;
23extern unsigned int nf_ct_frag6_high_thresh;
24
25#endif /* _NF_CONNTRACK_IPV6_H*/
diff --git a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_conntrack.h
index 9a2950551cd3..d0d0e6491448 100644
--- a/include/net/netfilter/nf_conntrack.h
+++ b/include/net/netfilter/nf_conntrack.h
@@ -79,6 +79,8 @@ struct nf_conn_help {
79 79
80 80
81#include <net/netfilter/ipv4/nf_conntrack_ipv4.h> 81#include <net/netfilter/ipv4/nf_conntrack_ipv4.h>
82#include <net/netfilter/ipv6/nf_conntrack_ipv6.h>
83
82struct nf_conn 84struct nf_conn
83{ 85{
84 /* Usage count in here is 1 for hash table/destruct timer, 1 per skb, 86 /* Usage count in here is 1 for hash table/destruct timer, 1 per skb,
@@ -241,7 +243,10 @@ static inline int nf_ct_is_dying(struct nf_conn *ct)
241 243
242extern unsigned int nf_conntrack_htable_size; 244extern unsigned int nf_conntrack_htable_size;
243extern int nf_conntrack_checksum; 245extern int nf_conntrack_checksum;
246extern atomic_t nf_conntrack_count;
247extern int nf_conntrack_max;
244 248
249DECLARE_PER_CPU(struct ip_conntrack_stat, nf_conntrack_stat);
245#define NF_CT_STAT_INC(count) (__get_cpu_var(nf_conntrack_stat).count++) 250#define NF_CT_STAT_INC(count) (__get_cpu_var(nf_conntrack_stat).count++)
246 251
247/* no helper, no nat */ 252/* no helper, no nat */
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
index 370df0fdb22b..d1907082d7d6 100644
--- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
+++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
@@ -38,8 +38,6 @@
38#define DEBUGP(format, args...) 38#define DEBUGP(format, args...)
39#endif 39#endif
40 40
41DECLARE_PER_CPU(struct nf_conntrack_stat, nf_conntrack_stat);
42
43static int ipv4_pkt_to_tuple(const struct sk_buff *skb, unsigned int nhoff, 41static int ipv4_pkt_to_tuple(const struct sk_buff *skb, unsigned int nhoff,
44 struct nf_conntrack_tuple *tuple) 42 struct nf_conntrack_tuple *tuple)
45{ 43{
@@ -429,10 +427,6 @@ struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv4 = {
429 .me = THIS_MODULE, 427 .me = THIS_MODULE,
430}; 428};
431 429
432extern struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp4;
433extern struct nf_conntrack_l4proto nf_conntrack_l4proto_udp4;
434extern struct nf_conntrack_l4proto nf_conntrack_l4proto_icmp;
435
436MODULE_ALIAS("nf_conntrack-" __stringify(AF_INET)); 430MODULE_ALIAS("nf_conntrack-" __stringify(AF_INET));
437MODULE_LICENSE("GPL"); 431MODULE_LICENSE("GPL");
438 432
diff --git a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
index cdbba44017df..9108ecc22bea 100644
--- a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
+++ b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
@@ -43,8 +43,6 @@
43#define DEBUGP(format, args...) 43#define DEBUGP(format, args...)
44#endif 44#endif
45 45
46DECLARE_PER_CPU(struct ip_conntrack_stat, nf_conntrack_stat);
47
48static int ipv6_pkt_to_tuple(const struct sk_buff *skb, unsigned int nhoff, 46static int ipv6_pkt_to_tuple(const struct sk_buff *skb, unsigned int nhoff,
49 struct nf_conntrack_tuple *tuple) 47 struct nf_conntrack_tuple *tuple)
50{ 48{
@@ -211,11 +209,6 @@ out:
211 return nf_conntrack_confirm(pskb); 209 return nf_conntrack_confirm(pskb);
212} 210}
213 211
214extern struct sk_buff *nf_ct_frag6_gather(struct sk_buff *skb);
215extern void nf_ct_frag6_output(unsigned int hooknum, struct sk_buff *skb,
216 struct net_device *in,
217 struct net_device *out,
218 int (*okfn)(struct sk_buff *));
219static unsigned int ipv6_defrag(unsigned int hooknum, 212static unsigned int ipv6_defrag(unsigned int hooknum,
220 struct sk_buff **pskb, 213 struct sk_buff **pskb,
221 const struct net_device *in, 214 const struct net_device *in,
@@ -335,11 +328,6 @@ static struct nf_hook_ops ipv6_conntrack_ops[] = {
335/* From nf_conntrack_proto_icmpv6.c */ 328/* From nf_conntrack_proto_icmpv6.c */
336extern unsigned int nf_ct_icmpv6_timeout; 329extern unsigned int nf_ct_icmpv6_timeout;
337 330
338/* From nf_conntrack_reasm.c */
339extern unsigned int nf_ct_frag6_timeout;
340extern unsigned int nf_ct_frag6_low_thresh;
341extern unsigned int nf_ct_frag6_high_thresh;
342
343static struct ctl_table_header *nf_ct_ipv6_sysctl_header; 331static struct ctl_table_header *nf_ct_ipv6_sysctl_header;
344 332
345static ctl_table nf_ct_sysctl_table[] = { 333static ctl_table nf_ct_sysctl_table[] = {
@@ -458,12 +446,6 @@ struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6 = {
458 .me = THIS_MODULE, 446 .me = THIS_MODULE,
459}; 447};
460 448
461extern struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp6;
462extern struct nf_conntrack_l4proto nf_conntrack_l4proto_udp6;
463extern struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6;
464extern int nf_ct_frag6_init(void);
465extern void nf_ct_frag6_cleanup(void);
466
467MODULE_ALIAS("nf_conntrack-" __stringify(AF_INET6)); 449MODULE_ALIAS("nf_conntrack-" __stringify(AF_INET6));
468MODULE_LICENSE("GPL"); 450MODULE_LICENSE("GPL");
469MODULE_AUTHOR("Yasuyuki KOZAKAI @USAGI <yasuyuki.kozakai@toshiba.co.jp>"); 451MODULE_AUTHOR("Yasuyuki KOZAKAI @USAGI <yasuyuki.kozakai@toshiba.co.jp>");
diff --git a/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c b/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
index 2cdf225f162d..b3b468c0ef7a 100644
--- a/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
+++ b/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
@@ -142,9 +142,6 @@ static int icmpv6_new(struct nf_conn *conntrack,
142 return 1; 142 return 1;
143} 143}
144 144
145extern int
146nf_ct_ipv6_skip_exthdr(struct sk_buff *skb, int start, u8 *nexthdrp, int len);
147extern struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6;
148static int 145static int
149icmpv6_error_message(struct sk_buff *skb, 146icmpv6_error_message(struct sk_buff *skb,
150 unsigned int icmp6off, 147 unsigned int icmp6off,
diff --git a/net/netfilter/nf_conntrack_expect.c b/net/netfilter/nf_conntrack_expect.c
index 7269bffd8e49..79cfd79a42f0 100644
--- a/net/netfilter/nf_conntrack_expect.c
+++ b/net/netfilter/nf_conntrack_expect.c
@@ -28,7 +28,6 @@
28 28
29LIST_HEAD(nf_conntrack_expect_list); 29LIST_HEAD(nf_conntrack_expect_list);
30kmem_cache_t *nf_conntrack_expect_cachep __read_mostly; 30kmem_cache_t *nf_conntrack_expect_cachep __read_mostly;
31DECLARE_PER_CPU(struct ip_conntrack_stat, nf_conntrack_stat);
32static unsigned int nf_conntrack_expect_next_id; 31static unsigned int nf_conntrack_expect_next_id;
33 32
34/* nf_conntrack_expect helper functions */ 33/* nf_conntrack_expect helper functions */
diff --git a/net/netfilter/nf_conntrack_l3proto_generic.c b/net/netfilter/nf_conntrack_l3proto_generic.c
index 1852c9d927d8..3124b3a30102 100644
--- a/net/netfilter/nf_conntrack_l3proto_generic.c
+++ b/net/netfilter/nf_conntrack_l3proto_generic.c
@@ -37,8 +37,6 @@
37#define DEBUGP(format, args...) 37#define DEBUGP(format, args...)
38#endif 38#endif
39 39
40DECLARE_PER_CPU(struct nf_conntrack_stat, nf_conntrack_stat);
41
42static int generic_pkt_to_tuple(const struct sk_buff *skb, unsigned int nhoff, 40static int generic_pkt_to_tuple(const struct sk_buff *skb, unsigned int nhoff,
43 struct nf_conntrack_tuple *tuple) 41 struct nf_conntrack_tuple *tuple)
44{ 42{
diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c
index f87d333b0c0c..2283a2686949 100644
--- a/net/netfilter/nf_conntrack_standalone.c
+++ b/net/netfilter/nf_conntrack_standalone.c
@@ -44,9 +44,6 @@
44 44
45MODULE_LICENSE("GPL"); 45MODULE_LICENSE("GPL");
46 46
47extern atomic_t nf_conntrack_count;
48DECLARE_PER_CPU(struct ip_conntrack_stat, nf_conntrack_stat);
49
50#ifdef CONFIG_PROC_FS 47#ifdef CONFIG_PROC_FS
51int 48int
52print_tuple(struct seq_file *s, const struct nf_conntrack_tuple *tuple, 49print_tuple(struct seq_file *s, const struct nf_conntrack_tuple *tuple,
@@ -334,10 +331,6 @@ int nf_conntrack_checksum __read_mostly = 1;
334 331
335#ifdef CONFIG_SYSCTL 332#ifdef CONFIG_SYSCTL
336 333
337/* From nf_conntrack_core.c */
338extern int nf_conntrack_max;
339extern unsigned int nf_conntrack_htable_size;
340
341/* From nf_conntrack_proto_tcp.c */ 334/* From nf_conntrack_proto_tcp.c */
342extern unsigned int nf_ct_tcp_timeout_syn_sent; 335extern unsigned int nf_ct_tcp_timeout_syn_sent;
343extern unsigned int nf_ct_tcp_timeout_syn_recv; 336extern unsigned int nf_ct_tcp_timeout_syn_recv;