diff options
Diffstat (limited to 'net/ipv6')
-rw-r--r-- | net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c | 55 | ||||
-rw-r--r-- | net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c | 23 |
2 files changed, 27 insertions, 51 deletions
diff --git a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c index 9108ecc22bea..a20615ffccff 100644 --- a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c +++ b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c | |||
@@ -324,21 +324,7 @@ static struct nf_hook_ops ipv6_conntrack_ops[] = { | |||
324 | }; | 324 | }; |
325 | 325 | ||
326 | #ifdef CONFIG_SYSCTL | 326 | #ifdef CONFIG_SYSCTL |
327 | 327 | static ctl_table nf_ct_ipv6_sysctl_table[] = { | |
328 | /* From nf_conntrack_proto_icmpv6.c */ | ||
329 | extern unsigned int nf_ct_icmpv6_timeout; | ||
330 | |||
331 | static struct ctl_table_header *nf_ct_ipv6_sysctl_header; | ||
332 | |||
333 | static ctl_table nf_ct_sysctl_table[] = { | ||
334 | { | ||
335 | .ctl_name = NET_NF_CONNTRACK_ICMPV6_TIMEOUT, | ||
336 | .procname = "nf_conntrack_icmpv6_timeout", | ||
337 | .data = &nf_ct_icmpv6_timeout, | ||
338 | .maxlen = sizeof(unsigned int), | ||
339 | .mode = 0644, | ||
340 | .proc_handler = &proc_dointvec_jiffies, | ||
341 | }, | ||
342 | { | 328 | { |
343 | .ctl_name = NET_NF_CONNTRACK_FRAG6_TIMEOUT, | 329 | .ctl_name = NET_NF_CONNTRACK_FRAG6_TIMEOUT, |
344 | .procname = "nf_conntrack_frag6_timeout", | 330 | .procname = "nf_conntrack_frag6_timeout", |
@@ -365,26 +351,6 @@ static ctl_table nf_ct_sysctl_table[] = { | |||
365 | }, | 351 | }, |
366 | { .ctl_name = 0 } | 352 | { .ctl_name = 0 } |
367 | }; | 353 | }; |
368 | |||
369 | static ctl_table nf_ct_netfilter_table[] = { | ||
370 | { | ||
371 | .ctl_name = NET_NETFILTER, | ||
372 | .procname = "netfilter", | ||
373 | .mode = 0555, | ||
374 | .child = nf_ct_sysctl_table, | ||
375 | }, | ||
376 | { .ctl_name = 0 } | ||
377 | }; | ||
378 | |||
379 | static ctl_table nf_ct_net_table[] = { | ||
380 | { | ||
381 | .ctl_name = CTL_NET, | ||
382 | .procname = "net", | ||
383 | .mode = 0555, | ||
384 | .child = nf_ct_netfilter_table, | ||
385 | }, | ||
386 | { .ctl_name = 0 } | ||
387 | }; | ||
388 | #endif | 354 | #endif |
389 | 355 | ||
390 | #if defined(CONFIG_NF_CT_NETLINK) || \ | 356 | #if defined(CONFIG_NF_CT_NETLINK) || \ |
@@ -442,6 +408,10 @@ struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6 = { | |||
442 | .tuple_to_nfattr = ipv6_tuple_to_nfattr, | 408 | .tuple_to_nfattr = ipv6_tuple_to_nfattr, |
443 | .nfattr_to_tuple = ipv6_nfattr_to_tuple, | 409 | .nfattr_to_tuple = ipv6_nfattr_to_tuple, |
444 | #endif | 410 | #endif |
411 | #ifdef CONFIG_SYSCTL | ||
412 | .ctl_table_path = nf_net_netfilter_sysctl_path, | ||
413 | .ctl_table = nf_ct_ipv6_sysctl_table, | ||
414 | #endif | ||
445 | .get_features = ipv6_get_features, | 415 | .get_features = ipv6_get_features, |
446 | .me = THIS_MODULE, | 416 | .me = THIS_MODULE, |
447 | }; | 417 | }; |
@@ -492,20 +462,8 @@ static int __init nf_conntrack_l3proto_ipv6_init(void) | |||
492 | "hook.\n"); | 462 | "hook.\n"); |
493 | goto cleanup_ipv6; | 463 | goto cleanup_ipv6; |
494 | } | 464 | } |
495 | #ifdef CONFIG_SYSCTL | ||
496 | nf_ct_ipv6_sysctl_header = register_sysctl_table(nf_ct_net_table, 0); | ||
497 | if (nf_ct_ipv6_sysctl_header == NULL) { | ||
498 | printk("nf_conntrack: can't register to sysctl.\n"); | ||
499 | ret = -ENOMEM; | ||
500 | goto cleanup_hooks; | ||
501 | } | ||
502 | #endif | ||
503 | return ret; | 465 | return ret; |
504 | 466 | ||
505 | #ifdef CONFIG_SYSCTL | ||
506 | cleanup_hooks: | ||
507 | nf_unregister_hooks(ipv6_conntrack_ops, ARRAY_SIZE(ipv6_conntrack_ops)); | ||
508 | #endif | ||
509 | cleanup_ipv6: | 467 | cleanup_ipv6: |
510 | nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv6); | 468 | nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv6); |
511 | cleanup_icmpv6: | 469 | cleanup_icmpv6: |
@@ -522,9 +480,6 @@ static int __init nf_conntrack_l3proto_ipv6_init(void) | |||
522 | static void __exit nf_conntrack_l3proto_ipv6_fini(void) | 480 | static void __exit nf_conntrack_l3proto_ipv6_fini(void) |
523 | { | 481 | { |
524 | synchronize_net(); | 482 | synchronize_net(); |
525 | #ifdef CONFIG_SYSCTL | ||
526 | unregister_sysctl_table(nf_ct_ipv6_sysctl_header); | ||
527 | #endif | ||
528 | nf_unregister_hooks(ipv6_conntrack_ops, ARRAY_SIZE(ipv6_conntrack_ops)); | 483 | nf_unregister_hooks(ipv6_conntrack_ops, ARRAY_SIZE(ipv6_conntrack_ops)); |
529 | nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv6); | 484 | nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv6); |
530 | nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_icmpv6); | 485 | nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_icmpv6); |
diff --git a/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c b/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c index b3b468c0ef7a..1e8e700f6135 100644 --- a/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c +++ b/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c | |||
@@ -33,7 +33,7 @@ | |||
33 | #include <net/netfilter/nf_conntrack_core.h> | 33 | #include <net/netfilter/nf_conntrack_core.h> |
34 | #include <net/netfilter/ipv6/nf_conntrack_icmpv6.h> | 34 | #include <net/netfilter/ipv6/nf_conntrack_icmpv6.h> |
35 | 35 | ||
36 | unsigned long nf_ct_icmpv6_timeout __read_mostly = 30*HZ; | 36 | static unsigned long nf_ct_icmpv6_timeout __read_mostly = 30*HZ; |
37 | 37 | ||
38 | #if 0 | 38 | #if 0 |
39 | #define DEBUGP printk | 39 | #define DEBUGP printk |
@@ -298,6 +298,23 @@ static int icmpv6_nfattr_to_tuple(struct nfattr *tb[], | |||
298 | } | 298 | } |
299 | #endif | 299 | #endif |
300 | 300 | ||
301 | #ifdef CONFIG_SYSCTL | ||
302 | static struct ctl_table_header *icmpv6_sysctl_header; | ||
303 | static struct ctl_table icmpv6_sysctl_table[] = { | ||
304 | { | ||
305 | .ctl_name = NET_NF_CONNTRACK_ICMPV6_TIMEOUT, | ||
306 | .procname = "nf_conntrack_icmpv6_timeout", | ||
307 | .data = &nf_ct_icmpv6_timeout, | ||
308 | .maxlen = sizeof(unsigned int), | ||
309 | .mode = 0644, | ||
310 | .proc_handler = &proc_dointvec_jiffies, | ||
311 | }, | ||
312 | { | ||
313 | .ctl_name = 0 | ||
314 | } | ||
315 | }; | ||
316 | #endif /* CONFIG_SYSCTL */ | ||
317 | |||
301 | struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6 = | 318 | struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6 = |
302 | { | 319 | { |
303 | .l3proto = PF_INET6, | 320 | .l3proto = PF_INET6, |
@@ -315,6 +332,10 @@ struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6 = | |||
315 | .tuple_to_nfattr = icmpv6_tuple_to_nfattr, | 332 | .tuple_to_nfattr = icmpv6_tuple_to_nfattr, |
316 | .nfattr_to_tuple = icmpv6_nfattr_to_tuple, | 333 | .nfattr_to_tuple = icmpv6_nfattr_to_tuple, |
317 | #endif | 334 | #endif |
335 | #ifdef CONFIG_SYSCTL | ||
336 | .ctl_table_header = &icmpv6_sysctl_header, | ||
337 | .ctl_table = icmpv6_sysctl_table, | ||
338 | #endif | ||
318 | }; | 339 | }; |
319 | 340 | ||
320 | EXPORT_SYMBOL(nf_conntrack_l4proto_icmpv6); | 341 | EXPORT_SYMBOL(nf_conntrack_l4proto_icmpv6); |