aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv6
diff options
context:
space:
mode:
Diffstat (limited to 'net/ipv6')
-rw-r--r--net/ipv6/addrconf.c37
-rw-r--r--net/ipv6/anycast.c31
-rw-r--r--net/ipv6/ip6_fib.c2
-rw-r--r--net/ipv6/ip6_output.c4
-rw-r--r--net/ipv6/mcast.c14
-rw-r--r--net/ipv6/netfilter/Kconfig28
-rw-r--r--net/ipv6/netfilter/Makefile2
7 files changed, 84 insertions, 34 deletions
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index 0b239fc1816e..3342ee64f2e3 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -1690,14 +1690,12 @@ void addrconf_dad_failure(struct inet6_ifaddr *ifp)
1690 addrconf_mod_dad_work(ifp, 0); 1690 addrconf_mod_dad_work(ifp, 0);
1691} 1691}
1692 1692
1693/* Join to solicited addr multicast group. */ 1693/* Join to solicited addr multicast group.
1694 1694 * caller must hold RTNL */
1695void addrconf_join_solict(struct net_device *dev, const struct in6_addr *addr) 1695void addrconf_join_solict(struct net_device *dev, const struct in6_addr *addr)
1696{ 1696{
1697 struct in6_addr maddr; 1697 struct in6_addr maddr;
1698 1698
1699 ASSERT_RTNL();
1700
1701 if (dev->flags&(IFF_LOOPBACK|IFF_NOARP)) 1699 if (dev->flags&(IFF_LOOPBACK|IFF_NOARP))
1702 return; 1700 return;
1703 1701
@@ -1705,12 +1703,11 @@ void addrconf_join_solict(struct net_device *dev, const struct in6_addr *addr)
1705 ipv6_dev_mc_inc(dev, &maddr); 1703 ipv6_dev_mc_inc(dev, &maddr);
1706} 1704}
1707 1705
1706/* caller must hold RTNL */
1708void addrconf_leave_solict(struct inet6_dev *idev, const struct in6_addr *addr) 1707void addrconf_leave_solict(struct inet6_dev *idev, const struct in6_addr *addr)
1709{ 1708{
1710 struct in6_addr maddr; 1709 struct in6_addr maddr;
1711 1710
1712 ASSERT_RTNL();
1713
1714 if (idev->dev->flags&(IFF_LOOPBACK|IFF_NOARP)) 1711 if (idev->dev->flags&(IFF_LOOPBACK|IFF_NOARP))
1715 return; 1712 return;
1716 1713
@@ -1718,12 +1715,11 @@ void addrconf_leave_solict(struct inet6_dev *idev, const struct in6_addr *addr)
1718 __ipv6_dev_mc_dec(idev, &maddr); 1715 __ipv6_dev_mc_dec(idev, &maddr);
1719} 1716}
1720 1717
1718/* caller must hold RTNL */
1721static void addrconf_join_anycast(struct inet6_ifaddr *ifp) 1719static void addrconf_join_anycast(struct inet6_ifaddr *ifp)
1722{ 1720{
1723 struct in6_addr addr; 1721 struct in6_addr addr;
1724 1722
1725 ASSERT_RTNL();
1726
1727 if (ifp->prefix_len >= 127) /* RFC 6164 */ 1723 if (ifp->prefix_len >= 127) /* RFC 6164 */
1728 return; 1724 return;
1729 ipv6_addr_prefix(&addr, &ifp->addr, ifp->prefix_len); 1725 ipv6_addr_prefix(&addr, &ifp->addr, ifp->prefix_len);
@@ -1732,12 +1728,11 @@ static void addrconf_join_anycast(struct inet6_ifaddr *ifp)
1732 ipv6_dev_ac_inc(ifp->idev->dev, &addr); 1728 ipv6_dev_ac_inc(ifp->idev->dev, &addr);
1733} 1729}
1734 1730
1731/* caller must hold RTNL */
1735static void addrconf_leave_anycast(struct inet6_ifaddr *ifp) 1732static void addrconf_leave_anycast(struct inet6_ifaddr *ifp)
1736{ 1733{
1737 struct in6_addr addr; 1734 struct in6_addr addr;
1738 1735
1739 ASSERT_RTNL();
1740
1741 if (ifp->prefix_len >= 127) /* RFC 6164 */ 1736 if (ifp->prefix_len >= 127) /* RFC 6164 */
1742 return; 1737 return;
1743 ipv6_addr_prefix(&addr, &ifp->addr, ifp->prefix_len); 1738 ipv6_addr_prefix(&addr, &ifp->addr, ifp->prefix_len);
@@ -3099,11 +3094,13 @@ static int addrconf_ifdown(struct net_device *dev, int how)
3099 3094
3100 write_unlock_bh(&idev->lock); 3095 write_unlock_bh(&idev->lock);
3101 3096
3102 /* Step 5: Discard multicast list */ 3097 /* Step 5: Discard anycast and multicast list */
3103 if (how) 3098 if (how) {
3099 ipv6_ac_destroy_dev(idev);
3104 ipv6_mc_destroy_dev(idev); 3100 ipv6_mc_destroy_dev(idev);
3105 else 3101 } else {
3106 ipv6_mc_down(idev); 3102 ipv6_mc_down(idev);
3103 }
3107 3104
3108 idev->tstamp = jiffies; 3105 idev->tstamp = jiffies;
3109 3106
@@ -4773,15 +4770,11 @@ static void __ipv6_ifa_notify(int event, struct inet6_ifaddr *ifp)
4773 addrconf_leave_solict(ifp->idev, &ifp->addr); 4770 addrconf_leave_solict(ifp->idev, &ifp->addr);
4774 if (!ipv6_addr_any(&ifp->peer_addr)) { 4771 if (!ipv6_addr_any(&ifp->peer_addr)) {
4775 struct rt6_info *rt; 4772 struct rt6_info *rt;
4776 struct net_device *dev = ifp->idev->dev; 4773
4777 4774 rt = addrconf_get_prefix_route(&ifp->peer_addr, 128,
4778 rt = rt6_lookup(dev_net(dev), &ifp->peer_addr, NULL, 4775 ifp->idev->dev, 0, 0);
4779 dev->ifindex, 1); 4776 if (rt && ip6_del_rt(rt))
4780 if (rt) { 4777 dst_free(&rt->dst);
4781 dst_hold(&rt->dst);
4782 if (ip6_del_rt(rt))
4783 dst_free(&rt->dst);
4784 }
4785 } 4778 }
4786 dst_hold(&ifp->rt->dst); 4779 dst_hold(&ifp->rt->dst);
4787 4780
diff --git a/net/ipv6/anycast.c b/net/ipv6/anycast.c
index 210183244689..9a386842fd62 100644
--- a/net/ipv6/anycast.c
+++ b/net/ipv6/anycast.c
@@ -77,6 +77,7 @@ int ipv6_sock_ac_join(struct sock *sk, int ifindex, const struct in6_addr *addr)
77 pac->acl_next = NULL; 77 pac->acl_next = NULL;
78 pac->acl_addr = *addr; 78 pac->acl_addr = *addr;
79 79
80 rtnl_lock();
80 rcu_read_lock(); 81 rcu_read_lock();
81 if (ifindex == 0) { 82 if (ifindex == 0) {
82 struct rt6_info *rt; 83 struct rt6_info *rt;
@@ -137,6 +138,7 @@ int ipv6_sock_ac_join(struct sock *sk, int ifindex, const struct in6_addr *addr)
137 138
138error: 139error:
139 rcu_read_unlock(); 140 rcu_read_unlock();
141 rtnl_unlock();
140 if (pac) 142 if (pac)
141 sock_kfree_s(sk, pac, sizeof(*pac)); 143 sock_kfree_s(sk, pac, sizeof(*pac));
142 return err; 144 return err;
@@ -171,11 +173,13 @@ int ipv6_sock_ac_drop(struct sock *sk, int ifindex, const struct in6_addr *addr)
171 173
172 spin_unlock_bh(&ipv6_sk_ac_lock); 174 spin_unlock_bh(&ipv6_sk_ac_lock);
173 175
176 rtnl_lock();
174 rcu_read_lock(); 177 rcu_read_lock();
175 dev = dev_get_by_index_rcu(net, pac->acl_ifindex); 178 dev = dev_get_by_index_rcu(net, pac->acl_ifindex);
176 if (dev) 179 if (dev)
177 ipv6_dev_ac_dec(dev, &pac->acl_addr); 180 ipv6_dev_ac_dec(dev, &pac->acl_addr);
178 rcu_read_unlock(); 181 rcu_read_unlock();
182 rtnl_unlock();
179 183
180 sock_kfree_s(sk, pac, sizeof(*pac)); 184 sock_kfree_s(sk, pac, sizeof(*pac));
181 return 0; 185 return 0;
@@ -198,6 +202,7 @@ void ipv6_sock_ac_close(struct sock *sk)
198 spin_unlock_bh(&ipv6_sk_ac_lock); 202 spin_unlock_bh(&ipv6_sk_ac_lock);
199 203
200 prev_index = 0; 204 prev_index = 0;
205 rtnl_lock();
201 rcu_read_lock(); 206 rcu_read_lock();
202 while (pac) { 207 while (pac) {
203 struct ipv6_ac_socklist *next = pac->acl_next; 208 struct ipv6_ac_socklist *next = pac->acl_next;
@@ -212,6 +217,7 @@ void ipv6_sock_ac_close(struct sock *sk)
212 pac = next; 217 pac = next;
213 } 218 }
214 rcu_read_unlock(); 219 rcu_read_unlock();
220 rtnl_unlock();
215} 221}
216 222
217static void aca_put(struct ifacaddr6 *ac) 223static void aca_put(struct ifacaddr6 *ac)
@@ -233,6 +239,8 @@ int ipv6_dev_ac_inc(struct net_device *dev, const struct in6_addr *addr)
233 struct rt6_info *rt; 239 struct rt6_info *rt;
234 int err; 240 int err;
235 241
242 ASSERT_RTNL();
243
236 idev = in6_dev_get(dev); 244 idev = in6_dev_get(dev);
237 245
238 if (idev == NULL) 246 if (idev == NULL)
@@ -302,6 +310,8 @@ int __ipv6_dev_ac_dec(struct inet6_dev *idev, const struct in6_addr *addr)
302{ 310{
303 struct ifacaddr6 *aca, *prev_aca; 311 struct ifacaddr6 *aca, *prev_aca;
304 312
313 ASSERT_RTNL();
314
305 write_lock_bh(&idev->lock); 315 write_lock_bh(&idev->lock);
306 prev_aca = NULL; 316 prev_aca = NULL;
307 for (aca = idev->ac_list; aca; aca = aca->aca_next) { 317 for (aca = idev->ac_list; aca; aca = aca->aca_next) {
@@ -341,6 +351,27 @@ static int ipv6_dev_ac_dec(struct net_device *dev, const struct in6_addr *addr)
341 return __ipv6_dev_ac_dec(idev, addr); 351 return __ipv6_dev_ac_dec(idev, addr);
342} 352}
343 353
354void ipv6_ac_destroy_dev(struct inet6_dev *idev)
355{
356 struct ifacaddr6 *aca;
357
358 write_lock_bh(&idev->lock);
359 while ((aca = idev->ac_list) != NULL) {
360 idev->ac_list = aca->aca_next;
361 write_unlock_bh(&idev->lock);
362
363 addrconf_leave_solict(idev, &aca->aca_addr);
364
365 dst_hold(&aca->aca_rt->dst);
366 ip6_del_rt(aca->aca_rt);
367
368 aca_put(aca);
369
370 write_lock_bh(&idev->lock);
371 }
372 write_unlock_bh(&idev->lock);
373}
374
344/* 375/*
345 * check if the interface has this anycast address 376 * check if the interface has this anycast address
346 * called with rcu_read_lock() 377 * called with rcu_read_lock()
diff --git a/net/ipv6/ip6_fib.c b/net/ipv6/ip6_fib.c
index cb4459bd1d29..76b7f5ee8f4c 100644
--- a/net/ipv6/ip6_fib.c
+++ b/net/ipv6/ip6_fib.c
@@ -643,7 +643,7 @@ static int fib6_commit_metrics(struct dst_entry *dst,
643 if (dst->flags & DST_HOST) { 643 if (dst->flags & DST_HOST) {
644 mp = dst_metrics_write_ptr(dst); 644 mp = dst_metrics_write_ptr(dst);
645 } else { 645 } else {
646 mp = kzalloc(sizeof(u32) * RTAX_MAX, GFP_KERNEL); 646 mp = kzalloc(sizeof(u32) * RTAX_MAX, GFP_ATOMIC);
647 if (!mp) 647 if (!mp)
648 return -ENOMEM; 648 return -ENOMEM;
649 dst_init_metrics(dst, mp, 0); 649 dst_init_metrics(dst, mp, 0);
diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c
index 315a55d66079..0a3448b2888f 100644
--- a/net/ipv6/ip6_output.c
+++ b/net/ipv6/ip6_output.c
@@ -1009,7 +1009,7 @@ struct dst_entry *ip6_dst_lookup_flow(struct sock *sk, struct flowi6 *fl6,
1009 if (final_dst) 1009 if (final_dst)
1010 fl6->daddr = *final_dst; 1010 fl6->daddr = *final_dst;
1011 1011
1012 return xfrm_lookup(sock_net(sk), dst, flowi6_to_flowi(fl6), sk, 0); 1012 return xfrm_lookup_route(sock_net(sk), dst, flowi6_to_flowi(fl6), sk, 0);
1013} 1013}
1014EXPORT_SYMBOL_GPL(ip6_dst_lookup_flow); 1014EXPORT_SYMBOL_GPL(ip6_dst_lookup_flow);
1015 1015
@@ -1041,7 +1041,7 @@ struct dst_entry *ip6_sk_dst_lookup_flow(struct sock *sk, struct flowi6 *fl6,
1041 if (final_dst) 1041 if (final_dst)
1042 fl6->daddr = *final_dst; 1042 fl6->daddr = *final_dst;
1043 1043
1044 return xfrm_lookup(sock_net(sk), dst, flowi6_to_flowi(fl6), sk, 0); 1044 return xfrm_lookup_route(sock_net(sk), dst, flowi6_to_flowi(fl6), sk, 0);
1045} 1045}
1046EXPORT_SYMBOL_GPL(ip6_sk_dst_lookup_flow); 1046EXPORT_SYMBOL_GPL(ip6_sk_dst_lookup_flow);
1047 1047
diff --git a/net/ipv6/mcast.c b/net/ipv6/mcast.c
index 617f0958e164..a23b655a7627 100644
--- a/net/ipv6/mcast.c
+++ b/net/ipv6/mcast.c
@@ -172,6 +172,7 @@ int ipv6_sock_mc_join(struct sock *sk, int ifindex, const struct in6_addr *addr)
172 mc_lst->next = NULL; 172 mc_lst->next = NULL;
173 mc_lst->addr = *addr; 173 mc_lst->addr = *addr;
174 174
175 rtnl_lock();
175 rcu_read_lock(); 176 rcu_read_lock();
176 if (ifindex == 0) { 177 if (ifindex == 0) {
177 struct rt6_info *rt; 178 struct rt6_info *rt;
@@ -185,6 +186,7 @@ int ipv6_sock_mc_join(struct sock *sk, int ifindex, const struct in6_addr *addr)
185 186
186 if (dev == NULL) { 187 if (dev == NULL) {
187 rcu_read_unlock(); 188 rcu_read_unlock();
189 rtnl_unlock();
188 sock_kfree_s(sk, mc_lst, sizeof(*mc_lst)); 190 sock_kfree_s(sk, mc_lst, sizeof(*mc_lst));
189 return -ENODEV; 191 return -ENODEV;
190 } 192 }
@@ -202,6 +204,7 @@ int ipv6_sock_mc_join(struct sock *sk, int ifindex, const struct in6_addr *addr)
202 204
203 if (err) { 205 if (err) {
204 rcu_read_unlock(); 206 rcu_read_unlock();
207 rtnl_unlock();
205 sock_kfree_s(sk, mc_lst, sizeof(*mc_lst)); 208 sock_kfree_s(sk, mc_lst, sizeof(*mc_lst));
206 return err; 209 return err;
207 } 210 }
@@ -212,6 +215,7 @@ int ipv6_sock_mc_join(struct sock *sk, int ifindex, const struct in6_addr *addr)
212 spin_unlock(&ipv6_sk_mc_lock); 215 spin_unlock(&ipv6_sk_mc_lock);
213 216
214 rcu_read_unlock(); 217 rcu_read_unlock();
218 rtnl_unlock();
215 219
216 return 0; 220 return 0;
217} 221}
@@ -229,6 +233,7 @@ int ipv6_sock_mc_drop(struct sock *sk, int ifindex, const struct in6_addr *addr)
229 if (!ipv6_addr_is_multicast(addr)) 233 if (!ipv6_addr_is_multicast(addr))
230 return -EINVAL; 234 return -EINVAL;
231 235
236 rtnl_lock();
232 spin_lock(&ipv6_sk_mc_lock); 237 spin_lock(&ipv6_sk_mc_lock);
233 for (lnk = &np->ipv6_mc_list; 238 for (lnk = &np->ipv6_mc_list;
234 (mc_lst = rcu_dereference_protected(*lnk, 239 (mc_lst = rcu_dereference_protected(*lnk,
@@ -252,12 +257,15 @@ int ipv6_sock_mc_drop(struct sock *sk, int ifindex, const struct in6_addr *addr)
252 } else 257 } else
253 (void) ip6_mc_leave_src(sk, mc_lst, NULL); 258 (void) ip6_mc_leave_src(sk, mc_lst, NULL);
254 rcu_read_unlock(); 259 rcu_read_unlock();
260 rtnl_unlock();
261
255 atomic_sub(sizeof(*mc_lst), &sk->sk_omem_alloc); 262 atomic_sub(sizeof(*mc_lst), &sk->sk_omem_alloc);
256 kfree_rcu(mc_lst, rcu); 263 kfree_rcu(mc_lst, rcu);
257 return 0; 264 return 0;
258 } 265 }
259 } 266 }
260 spin_unlock(&ipv6_sk_mc_lock); 267 spin_unlock(&ipv6_sk_mc_lock);
268 rtnl_unlock();
261 269
262 return -EADDRNOTAVAIL; 270 return -EADDRNOTAVAIL;
263} 271}
@@ -302,6 +310,7 @@ void ipv6_sock_mc_close(struct sock *sk)
302 if (!rcu_access_pointer(np->ipv6_mc_list)) 310 if (!rcu_access_pointer(np->ipv6_mc_list))
303 return; 311 return;
304 312
313 rtnl_lock();
305 spin_lock(&ipv6_sk_mc_lock); 314 spin_lock(&ipv6_sk_mc_lock);
306 while ((mc_lst = rcu_dereference_protected(np->ipv6_mc_list, 315 while ((mc_lst = rcu_dereference_protected(np->ipv6_mc_list,
307 lockdep_is_held(&ipv6_sk_mc_lock))) != NULL) { 316 lockdep_is_held(&ipv6_sk_mc_lock))) != NULL) {
@@ -328,6 +337,7 @@ void ipv6_sock_mc_close(struct sock *sk)
328 spin_lock(&ipv6_sk_mc_lock); 337 spin_lock(&ipv6_sk_mc_lock);
329 } 338 }
330 spin_unlock(&ipv6_sk_mc_lock); 339 spin_unlock(&ipv6_sk_mc_lock);
340 rtnl_unlock();
331} 341}
332 342
333int ip6_mc_source(int add, int omode, struct sock *sk, 343int ip6_mc_source(int add, int omode, struct sock *sk,
@@ -845,6 +855,8 @@ int ipv6_dev_mc_inc(struct net_device *dev, const struct in6_addr *addr)
845 struct ifmcaddr6 *mc; 855 struct ifmcaddr6 *mc;
846 struct inet6_dev *idev; 856 struct inet6_dev *idev;
847 857
858 ASSERT_RTNL();
859
848 /* we need to take a reference on idev */ 860 /* we need to take a reference on idev */
849 idev = in6_dev_get(dev); 861 idev = in6_dev_get(dev);
850 862
@@ -916,6 +928,8 @@ int __ipv6_dev_mc_dec(struct inet6_dev *idev, const struct in6_addr *addr)
916{ 928{
917 struct ifmcaddr6 *ma, **map; 929 struct ifmcaddr6 *ma, **map;
918 930
931 ASSERT_RTNL();
932
919 write_lock_bh(&idev->lock); 933 write_lock_bh(&idev->lock);
920 for (map = &idev->mc_list; (ma=*map) != NULL; map = &ma->next) { 934 for (map = &idev->mc_list; (ma=*map) != NULL; map = &ma->next) {
921 if (ipv6_addr_equal(&ma->mca_addr, addr)) { 935 if (ipv6_addr_equal(&ma->mca_addr, addr)) {
diff --git a/net/ipv6/netfilter/Kconfig b/net/ipv6/netfilter/Kconfig
index ac93df16f5af..2812816aabdc 100644
--- a/net/ipv6/netfilter/Kconfig
+++ b/net/ipv6/netfilter/Kconfig
@@ -57,9 +57,19 @@ config NFT_REJECT_IPV6
57 57
58config NF_LOG_IPV6 58config NF_LOG_IPV6
59 tristate "IPv6 packet logging" 59 tristate "IPv6 packet logging"
60 depends on NETFILTER_ADVANCED 60 default m if NETFILTER_ADVANCED=n
61 select NF_LOG_COMMON 61 select NF_LOG_COMMON
62 62
63config NF_NAT_IPV6
64 tristate "IPv6 NAT"
65 depends on NF_CONNTRACK_IPV6
66 depends on NETFILTER_ADVANCED
67 select NF_NAT
68 help
69 The IPv6 NAT option allows masquerading, port forwarding and other
70 forms of full Network Address Port Translation. This can be
71 controlled by iptables or nft.
72
63config IP6_NF_IPTABLES 73config IP6_NF_IPTABLES
64 tristate "IP6 tables support (required for filtering)" 74 tristate "IP6 tables support (required for filtering)"
65 depends on INET && IPV6 75 depends on INET && IPV6
@@ -232,19 +242,21 @@ config IP6_NF_SECURITY
232 242
233 If unsure, say N. 243 If unsure, say N.
234 244
235config NF_NAT_IPV6 245config IP6_NF_NAT
236 tristate "IPv6 NAT" 246 tristate "ip6tables NAT support"
237 depends on NF_CONNTRACK_IPV6 247 depends on NF_CONNTRACK_IPV6
238 depends on NETFILTER_ADVANCED 248 depends on NETFILTER_ADVANCED
239 select NF_NAT 249 select NF_NAT
250 select NF_NAT_IPV6
251 select NETFILTER_XT_NAT
240 help 252 help
241 The IPv6 NAT option allows masquerading, port forwarding and other 253 This enables the `nat' table in ip6tables. This allows masquerading,
242 forms of full Network Address Port Translation. It is controlled by 254 port forwarding and other forms of full Network Address Port
243 the `nat' table in ip6tables, see the man page for ip6tables(8). 255 Translation.
244 256
245 To compile it as a module, choose M here. If unsure, say N. 257 To compile it as a module, choose M here. If unsure, say N.
246 258
247if NF_NAT_IPV6 259if IP6_NF_NAT
248 260
249config IP6_NF_TARGET_MASQUERADE 261config IP6_NF_TARGET_MASQUERADE
250 tristate "MASQUERADE target support" 262 tristate "MASQUERADE target support"
@@ -265,7 +277,7 @@ config IP6_NF_TARGET_NPT
265 277
266 To compile it as a module, choose M here. If unsure, say N. 278 To compile it as a module, choose M here. If unsure, say N.
267 279
268endif # NF_NAT_IPV6 280endif # IP6_NF_NAT
269 281
270endif # IP6_NF_IPTABLES 282endif # IP6_NF_IPTABLES
271 283
diff --git a/net/ipv6/netfilter/Makefile b/net/ipv6/netfilter/Makefile
index c0b263104ed2..c3d3286db4bb 100644
--- a/net/ipv6/netfilter/Makefile
+++ b/net/ipv6/netfilter/Makefile
@@ -8,7 +8,7 @@ obj-$(CONFIG_IP6_NF_FILTER) += ip6table_filter.o
8obj-$(CONFIG_IP6_NF_MANGLE) += ip6table_mangle.o 8obj-$(CONFIG_IP6_NF_MANGLE) += ip6table_mangle.o
9obj-$(CONFIG_IP6_NF_RAW) += ip6table_raw.o 9obj-$(CONFIG_IP6_NF_RAW) += ip6table_raw.o
10obj-$(CONFIG_IP6_NF_SECURITY) += ip6table_security.o 10obj-$(CONFIG_IP6_NF_SECURITY) += ip6table_security.o
11obj-$(CONFIG_NF_NAT_IPV6) += ip6table_nat.o 11obj-$(CONFIG_IP6_NF_NAT) += ip6table_nat.o
12 12
13# objects for l3 independent conntrack 13# objects for l3 independent conntrack
14nf_conntrack_ipv6-y := nf_conntrack_l3proto_ipv6.o nf_conntrack_proto_icmpv6.o 14nf_conntrack_ipv6-y := nf_conntrack_l3proto_ipv6.o nf_conntrack_proto_icmpv6.o
generated by cgit v1.2.2 (git 2.25.0) at 2025-05-31 14:00:16 -0400