diff options
-rw-r--r-- | net/ipv4/netfilter/Kconfig | 2 | ||||
-rw-r--r-- | net/netfilter/Kconfig | 10 | ||||
-rw-r--r-- | net/netfilter/nf_conntrack_expect.c | 12 | ||||
-rw-r--r-- | net/netfilter/nf_conntrack_standalone.c | 4 |
4 files changed, 19 insertions, 9 deletions
diff --git a/net/ipv4/netfilter/Kconfig b/net/ipv4/netfilter/Kconfig index 53b9c79c8025..74dfc9e5211f 100644 --- a/net/ipv4/netfilter/Kconfig +++ b/net/ipv4/netfilter/Kconfig | |||
@@ -27,7 +27,7 @@ config NF_CONNTRACK_IPV4 | |||
27 | 27 | ||
28 | config NF_CONNTRACK_PROC_COMPAT | 28 | config NF_CONNTRACK_PROC_COMPAT |
29 | bool "proc/sysctl compatibility with old connection tracking" | 29 | bool "proc/sysctl compatibility with old connection tracking" |
30 | depends on NF_CONNTRACK_IPV4 | 30 | depends on NF_CONNTRACK_PROCFS && NF_CONNTRACK_IPV4 |
31 | default y | 31 | default y |
32 | help | 32 | help |
33 | This option enables /proc and sysctl compatibility with the old | 33 | This option enables /proc and sysctl compatibility with the old |
diff --git a/net/netfilter/Kconfig b/net/netfilter/Kconfig index 20388a97df66..f6275a0f1ea7 100644 --- a/net/netfilter/Kconfig +++ b/net/netfilter/Kconfig | |||
@@ -83,6 +83,16 @@ config NF_CONNTRACK_ZONES | |||
83 | 83 | ||
84 | If unsure, say `N'. | 84 | If unsure, say `N'. |
85 | 85 | ||
86 | config NF_CONNTRACK_PROCFS | ||
87 | bool "Supply CT list in procfs (OBSOLETE)" | ||
88 | default y | ||
89 | depends on PROC_FS | ||
90 | ---help--- | ||
91 | This option enables for the list of known conntrack entries | ||
92 | to be shown in procfs under net/netfilter/nf_conntrack. This | ||
93 | is considered obsolete in favor of using the conntrack(8) | ||
94 | tool which uses Netlink. | ||
95 | |||
86 | config NF_CONNTRACK_EVENTS | 96 | config NF_CONNTRACK_EVENTS |
87 | bool "Connection tracking events" | 97 | bool "Connection tracking events" |
88 | depends on NETFILTER_ADVANCED | 98 | depends on NETFILTER_ADVANCED |
diff --git a/net/netfilter/nf_conntrack_expect.c b/net/netfilter/nf_conntrack_expect.c index bebb1675e6ff..4147ba3f653c 100644 --- a/net/netfilter/nf_conntrack_expect.c +++ b/net/netfilter/nf_conntrack_expect.c | |||
@@ -455,7 +455,7 @@ out: | |||
455 | } | 455 | } |
456 | EXPORT_SYMBOL_GPL(nf_ct_expect_related_report); | 456 | EXPORT_SYMBOL_GPL(nf_ct_expect_related_report); |
457 | 457 | ||
458 | #ifdef CONFIG_PROC_FS | 458 | #ifdef CONFIG_NF_CONNTRACK_PROCFS |
459 | struct ct_expect_iter_state { | 459 | struct ct_expect_iter_state { |
460 | struct seq_net_private p; | 460 | struct seq_net_private p; |
461 | unsigned int bucket; | 461 | unsigned int bucket; |
@@ -583,25 +583,25 @@ static const struct file_operations exp_file_ops = { | |||
583 | .llseek = seq_lseek, | 583 | .llseek = seq_lseek, |
584 | .release = seq_release_net, | 584 | .release = seq_release_net, |
585 | }; | 585 | }; |
586 | #endif /* CONFIG_PROC_FS */ | 586 | #endif /* CONFIG_NF_CONNTRACK_PROCFS */ |
587 | 587 | ||
588 | static int exp_proc_init(struct net *net) | 588 | static int exp_proc_init(struct net *net) |
589 | { | 589 | { |
590 | #ifdef CONFIG_PROC_FS | 590 | #ifdef CONFIG_NF_CONNTRACK_PROCFS |
591 | struct proc_dir_entry *proc; | 591 | struct proc_dir_entry *proc; |
592 | 592 | ||
593 | proc = proc_net_fops_create(net, "nf_conntrack_expect", 0440, &exp_file_ops); | 593 | proc = proc_net_fops_create(net, "nf_conntrack_expect", 0440, &exp_file_ops); |
594 | if (!proc) | 594 | if (!proc) |
595 | return -ENOMEM; | 595 | return -ENOMEM; |
596 | #endif /* CONFIG_PROC_FS */ | 596 | #endif /* CONFIG_NF_CONNTRACK_PROCFS */ |
597 | return 0; | 597 | return 0; |
598 | } | 598 | } |
599 | 599 | ||
600 | static void exp_proc_remove(struct net *net) | 600 | static void exp_proc_remove(struct net *net) |
601 | { | 601 | { |
602 | #ifdef CONFIG_PROC_FS | 602 | #ifdef CONFIG_NF_CONNTRACK_PROCFS |
603 | proc_net_remove(net, "nf_conntrack_expect"); | 603 | proc_net_remove(net, "nf_conntrack_expect"); |
604 | #endif /* CONFIG_PROC_FS */ | 604 | #endif /* CONFIG_NF_CONNTRACK_PROCFS */ |
605 | } | 605 | } |
606 | 606 | ||
607 | module_param_named(expect_hashsize, nf_ct_expect_hsize, uint, 0400); | 607 | module_param_named(expect_hashsize, nf_ct_expect_hsize, uint, 0400); |
diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c index 05e9feb101c3..885f5ab9bc28 100644 --- a/net/netfilter/nf_conntrack_standalone.c +++ b/net/netfilter/nf_conntrack_standalone.c | |||
@@ -34,7 +34,7 @@ | |||
34 | 34 | ||
35 | MODULE_LICENSE("GPL"); | 35 | MODULE_LICENSE("GPL"); |
36 | 36 | ||
37 | #ifdef CONFIG_PROC_FS | 37 | #ifdef CONFIG_NF_CONNTRACK_PROCFS |
38 | int | 38 | int |
39 | print_tuple(struct seq_file *s, const struct nf_conntrack_tuple *tuple, | 39 | print_tuple(struct seq_file *s, const struct nf_conntrack_tuple *tuple, |
40 | const struct nf_conntrack_l3proto *l3proto, | 40 | const struct nf_conntrack_l3proto *l3proto, |
@@ -396,7 +396,7 @@ static int nf_conntrack_standalone_init_proc(struct net *net) | |||
396 | static void nf_conntrack_standalone_fini_proc(struct net *net) | 396 | static void nf_conntrack_standalone_fini_proc(struct net *net) |
397 | { | 397 | { |
398 | } | 398 | } |
399 | #endif /* CONFIG_PROC_FS */ | 399 | #endif /* CONFIG_NF_CONNTRACK_PROCFS */ |
400 | 400 | ||
401 | /* Sysctl support */ | 401 | /* Sysctl support */ |
402 | 402 | ||