diff options
Diffstat (limited to 'net')
-rw-r--r-- | net/ipv4/netfilter/ip_conntrack_netlink.c | 72 | ||||
-rw-r--r-- | net/netfilter/nf_conntrack_netlink.c | 72 |
2 files changed, 6 insertions, 138 deletions
diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c b/net/ipv4/netfilter/ip_conntrack_netlink.c index 53b6dffea6c2..262d0d44ec1b 100644 --- a/net/ipv4/netfilter/ip_conntrack_netlink.c +++ b/net/ipv4/netfilter/ip_conntrack_netlink.c | |||
@@ -44,13 +44,6 @@ MODULE_LICENSE("GPL"); | |||
44 | 44 | ||
45 | static char __initdata version[] = "0.90"; | 45 | static char __initdata version[] = "0.90"; |
46 | 46 | ||
47 | #if 0 | ||
48 | #define DEBUGP printk | ||
49 | #else | ||
50 | #define DEBUGP(format, args...) | ||
51 | #endif | ||
52 | |||
53 | |||
54 | static inline int | 47 | static inline int |
55 | ctnetlink_dump_tuples_proto(struct sk_buff *skb, | 48 | ctnetlink_dump_tuples_proto(struct sk_buff *skb, |
56 | const struct ip_conntrack_tuple *tuple, | 49 | const struct ip_conntrack_tuple *tuple, |
@@ -398,7 +391,6 @@ nfattr_failure: | |||
398 | 391 | ||
399 | static int ctnetlink_done(struct netlink_callback *cb) | 392 | static int ctnetlink_done(struct netlink_callback *cb) |
400 | { | 393 | { |
401 | DEBUGP("entered %s\n", __FUNCTION__); | ||
402 | if (cb->args[1]) | 394 | if (cb->args[1]) |
403 | ip_conntrack_put((struct ip_conntrack *)cb->args[1]); | 395 | ip_conntrack_put((struct ip_conntrack *)cb->args[1]); |
404 | return 0; | 396 | return 0; |
@@ -411,9 +403,6 @@ ctnetlink_dump_table(struct sk_buff *skb, struct netlink_callback *cb) | |||
411 | struct ip_conntrack_tuple_hash *h; | 403 | struct ip_conntrack_tuple_hash *h; |
412 | struct list_head *i; | 404 | struct list_head *i; |
413 | 405 | ||
414 | DEBUGP("entered %s, last bucket=%lu id=%u\n", __FUNCTION__, | ||
415 | cb->args[0], *id); | ||
416 | |||
417 | read_lock_bh(&ip_conntrack_lock); | 406 | read_lock_bh(&ip_conntrack_lock); |
418 | last = (struct ip_conntrack *)cb->args[1]; | 407 | last = (struct ip_conntrack *)cb->args[1]; |
419 | for (; cb->args[0] < ip_conntrack_htable_size; cb->args[0]++) { | 408 | for (; cb->args[0] < ip_conntrack_htable_size; cb->args[0]++) { |
@@ -452,7 +441,6 @@ out: | |||
452 | if (last) | 441 | if (last) |
453 | ip_conntrack_put(last); | 442 | ip_conntrack_put(last); |
454 | 443 | ||
455 | DEBUGP("leaving, last bucket=%lu id=%u\n", cb->args[0], *id); | ||
456 | return skb->len; | 444 | return skb->len; |
457 | } | 445 | } |
458 | 446 | ||
@@ -466,8 +454,6 @@ ctnetlink_parse_tuple_ip(struct nfattr *attr, struct ip_conntrack_tuple *tuple) | |||
466 | { | 454 | { |
467 | struct nfattr *tb[CTA_IP_MAX]; | 455 | struct nfattr *tb[CTA_IP_MAX]; |
468 | 456 | ||
469 | DEBUGP("entered %s\n", __FUNCTION__); | ||
470 | |||
471 | nfattr_parse_nested(tb, CTA_IP_MAX, attr); | 457 | nfattr_parse_nested(tb, CTA_IP_MAX, attr); |
472 | 458 | ||
473 | if (nfattr_bad_size(tb, CTA_IP_MAX, cta_min_ip)) | 459 | if (nfattr_bad_size(tb, CTA_IP_MAX, cta_min_ip)) |
@@ -481,8 +467,6 @@ ctnetlink_parse_tuple_ip(struct nfattr *attr, struct ip_conntrack_tuple *tuple) | |||
481 | return -EINVAL; | 467 | return -EINVAL; |
482 | tuple->dst.ip = *(__be32 *)NFA_DATA(tb[CTA_IP_V4_DST-1]); | 468 | tuple->dst.ip = *(__be32 *)NFA_DATA(tb[CTA_IP_V4_DST-1]); |
483 | 469 | ||
484 | DEBUGP("leaving\n"); | ||
485 | |||
486 | return 0; | 470 | return 0; |
487 | } | 471 | } |
488 | 472 | ||
@@ -503,8 +487,6 @@ ctnetlink_parse_tuple_proto(struct nfattr *attr, | |||
503 | struct ip_conntrack_protocol *proto; | 487 | struct ip_conntrack_protocol *proto; |
504 | int ret = 0; | 488 | int ret = 0; |
505 | 489 | ||
506 | DEBUGP("entered %s\n", __FUNCTION__); | ||
507 | |||
508 | nfattr_parse_nested(tb, CTA_PROTO_MAX, attr); | 490 | nfattr_parse_nested(tb, CTA_PROTO_MAX, attr); |
509 | 491 | ||
510 | if (nfattr_bad_size(tb, CTA_PROTO_MAX, cta_min_proto)) | 492 | if (nfattr_bad_size(tb, CTA_PROTO_MAX, cta_min_proto)) |
@@ -531,8 +513,6 @@ ctnetlink_parse_tuple(struct nfattr *cda[], struct ip_conntrack_tuple *tuple, | |||
531 | struct nfattr *tb[CTA_TUPLE_MAX]; | 513 | struct nfattr *tb[CTA_TUPLE_MAX]; |
532 | int err; | 514 | int err; |
533 | 515 | ||
534 | DEBUGP("entered %s\n", __FUNCTION__); | ||
535 | |||
536 | memset(tuple, 0, sizeof(*tuple)); | 516 | memset(tuple, 0, sizeof(*tuple)); |
537 | 517 | ||
538 | nfattr_parse_nested(tb, CTA_TUPLE_MAX, cda[type-1]); | 518 | nfattr_parse_nested(tb, CTA_TUPLE_MAX, cda[type-1]); |
@@ -557,10 +537,6 @@ ctnetlink_parse_tuple(struct nfattr *cda[], struct ip_conntrack_tuple *tuple, | |||
557 | else | 537 | else |
558 | tuple->dst.dir = IP_CT_DIR_ORIGINAL; | 538 | tuple->dst.dir = IP_CT_DIR_ORIGINAL; |
559 | 539 | ||
560 | DUMP_TUPLE(tuple); | ||
561 | |||
562 | DEBUGP("leaving\n"); | ||
563 | |||
564 | return 0; | 540 | return 0; |
565 | } | 541 | } |
566 | 542 | ||
@@ -577,8 +553,6 @@ static int ctnetlink_parse_nat_proto(struct nfattr *attr, | |||
577 | struct nfattr *tb[CTA_PROTONAT_MAX]; | 553 | struct nfattr *tb[CTA_PROTONAT_MAX]; |
578 | struct ip_nat_protocol *npt; | 554 | struct ip_nat_protocol *npt; |
579 | 555 | ||
580 | DEBUGP("entered %s\n", __FUNCTION__); | ||
581 | |||
582 | nfattr_parse_nested(tb, CTA_PROTONAT_MAX, attr); | 556 | nfattr_parse_nested(tb, CTA_PROTONAT_MAX, attr); |
583 | 557 | ||
584 | if (nfattr_bad_size(tb, CTA_PROTONAT_MAX, cta_min_protonat)) | 558 | if (nfattr_bad_size(tb, CTA_PROTONAT_MAX, cta_min_protonat)) |
@@ -597,7 +571,6 @@ static int ctnetlink_parse_nat_proto(struct nfattr *attr, | |||
597 | 571 | ||
598 | ip_nat_proto_put(npt); | 572 | ip_nat_proto_put(npt); |
599 | 573 | ||
600 | DEBUGP("leaving\n"); | ||
601 | return 0; | 574 | return 0; |
602 | } | 575 | } |
603 | 576 | ||
@@ -613,8 +586,6 @@ ctnetlink_parse_nat(struct nfattr *nat, | |||
613 | struct nfattr *tb[CTA_NAT_MAX]; | 586 | struct nfattr *tb[CTA_NAT_MAX]; |
614 | int err; | 587 | int err; |
615 | 588 | ||
616 | DEBUGP("entered %s\n", __FUNCTION__); | ||
617 | |||
618 | memset(range, 0, sizeof(*range)); | 589 | memset(range, 0, sizeof(*range)); |
619 | 590 | ||
620 | nfattr_parse_nested(tb, CTA_NAT_MAX, nat); | 591 | nfattr_parse_nested(tb, CTA_NAT_MAX, nat); |
@@ -640,7 +611,6 @@ ctnetlink_parse_nat(struct nfattr *nat, | |||
640 | if (err < 0) | 611 | if (err < 0) |
641 | return err; | 612 | return err; |
642 | 613 | ||
643 | DEBUGP("leaving\n"); | ||
644 | return 0; | 614 | return 0; |
645 | } | 615 | } |
646 | #endif | 616 | #endif |
@@ -650,8 +620,6 @@ ctnetlink_parse_help(struct nfattr *attr, char **helper_name) | |||
650 | { | 620 | { |
651 | struct nfattr *tb[CTA_HELP_MAX]; | 621 | struct nfattr *tb[CTA_HELP_MAX]; |
652 | 622 | ||
653 | DEBUGP("entered %s\n", __FUNCTION__); | ||
654 | |||
655 | nfattr_parse_nested(tb, CTA_HELP_MAX, attr); | 623 | nfattr_parse_nested(tb, CTA_HELP_MAX, attr); |
656 | 624 | ||
657 | if (!tb[CTA_HELP_NAME-1]) | 625 | if (!tb[CTA_HELP_NAME-1]) |
@@ -679,8 +647,6 @@ ctnetlink_del_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
679 | struct ip_conntrack *ct; | 647 | struct ip_conntrack *ct; |
680 | int err = 0; | 648 | int err = 0; |
681 | 649 | ||
682 | DEBUGP("entered %s\n", __FUNCTION__); | ||
683 | |||
684 | if (nfattr_bad_size(cda, CTA_MAX, cta_min)) | 650 | if (nfattr_bad_size(cda, CTA_MAX, cta_min)) |
685 | return -EINVAL; | 651 | return -EINVAL; |
686 | 652 | ||
@@ -698,10 +664,8 @@ ctnetlink_del_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
698 | return err; | 664 | return err; |
699 | 665 | ||
700 | h = ip_conntrack_find_get(&tuple, NULL); | 666 | h = ip_conntrack_find_get(&tuple, NULL); |
701 | if (!h) { | 667 | if (!h) |
702 | DEBUGP("tuple not found in conntrack hash\n"); | ||
703 | return -ENOENT; | 668 | return -ENOENT; |
704 | } | ||
705 | 669 | ||
706 | ct = tuplehash_to_ctrack(h); | 670 | ct = tuplehash_to_ctrack(h); |
707 | 671 | ||
@@ -716,7 +680,6 @@ ctnetlink_del_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
716 | ct->timeout.function((unsigned long)ct); | 680 | ct->timeout.function((unsigned long)ct); |
717 | 681 | ||
718 | ip_conntrack_put(ct); | 682 | ip_conntrack_put(ct); |
719 | DEBUGP("leaving\n"); | ||
720 | 683 | ||
721 | return 0; | 684 | return 0; |
722 | } | 685 | } |
@@ -731,8 +694,6 @@ ctnetlink_get_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
731 | struct sk_buff *skb2 = NULL; | 694 | struct sk_buff *skb2 = NULL; |
732 | int err = 0; | 695 | int err = 0; |
733 | 696 | ||
734 | DEBUGP("entered %s\n", __FUNCTION__); | ||
735 | |||
736 | if (nlh->nlmsg_flags & NLM_F_DUMP) { | 697 | if (nlh->nlmsg_flags & NLM_F_DUMP) { |
737 | struct nfgenmsg *msg = NLMSG_DATA(nlh); | 698 | struct nfgenmsg *msg = NLMSG_DATA(nlh); |
738 | u32 rlen; | 699 | u32 rlen; |
@@ -770,11 +731,9 @@ ctnetlink_get_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
770 | return err; | 731 | return err; |
771 | 732 | ||
772 | h = ip_conntrack_find_get(&tuple, NULL); | 733 | h = ip_conntrack_find_get(&tuple, NULL); |
773 | if (!h) { | 734 | if (!h) |
774 | DEBUGP("tuple not found in conntrack hash"); | ||
775 | return -ENOENT; | 735 | return -ENOENT; |
776 | } | 736 | |
777 | DEBUGP("tuple found\n"); | ||
778 | ct = tuplehash_to_ctrack(h); | 737 | ct = tuplehash_to_ctrack(h); |
779 | 738 | ||
780 | err = -ENOMEM; | 739 | err = -ENOMEM; |
@@ -795,7 +754,6 @@ ctnetlink_get_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
795 | if (err < 0) | 754 | if (err < 0) |
796 | goto out; | 755 | goto out; |
797 | 756 | ||
798 | DEBUGP("leaving\n"); | ||
799 | return 0; | 757 | return 0; |
800 | 758 | ||
801 | free: | 759 | free: |
@@ -866,8 +824,6 @@ ctnetlink_change_helper(struct ip_conntrack *ct, struct nfattr *cda[]) | |||
866 | char *helpname; | 824 | char *helpname; |
867 | int err; | 825 | int err; |
868 | 826 | ||
869 | DEBUGP("entered %s\n", __FUNCTION__); | ||
870 | |||
871 | /* don't change helper of sibling connections */ | 827 | /* don't change helper of sibling connections */ |
872 | if (ct->master) | 828 | if (ct->master) |
873 | return -EINVAL; | 829 | return -EINVAL; |
@@ -938,8 +894,6 @@ ctnetlink_change_conntrack(struct ip_conntrack *ct, struct nfattr *cda[]) | |||
938 | { | 894 | { |
939 | int err; | 895 | int err; |
940 | 896 | ||
941 | DEBUGP("entered %s\n", __FUNCTION__); | ||
942 | |||
943 | if (cda[CTA_HELP-1]) { | 897 | if (cda[CTA_HELP-1]) { |
944 | err = ctnetlink_change_helper(ct, cda); | 898 | err = ctnetlink_change_helper(ct, cda); |
945 | if (err < 0) | 899 | if (err < 0) |
@@ -969,7 +923,6 @@ ctnetlink_change_conntrack(struct ip_conntrack *ct, struct nfattr *cda[]) | |||
969 | ct->mark = ntohl(*(__be32 *)NFA_DATA(cda[CTA_MARK-1])); | 923 | ct->mark = ntohl(*(__be32 *)NFA_DATA(cda[CTA_MARK-1])); |
970 | #endif | 924 | #endif |
971 | 925 | ||
972 | DEBUGP("all done\n"); | ||
973 | return 0; | 926 | return 0; |
974 | } | 927 | } |
975 | 928 | ||
@@ -981,8 +934,6 @@ ctnetlink_create_conntrack(struct nfattr *cda[], | |||
981 | struct ip_conntrack *ct; | 934 | struct ip_conntrack *ct; |
982 | int err = -EINVAL; | 935 | int err = -EINVAL; |
983 | 936 | ||
984 | DEBUGP("entered %s\n", __FUNCTION__); | ||
985 | |||
986 | ct = ip_conntrack_alloc(otuple, rtuple); | 937 | ct = ip_conntrack_alloc(otuple, rtuple); |
987 | if (ct == NULL || IS_ERR(ct)) | 938 | if (ct == NULL || IS_ERR(ct)) |
988 | return -ENOMEM; | 939 | return -ENOMEM; |
@@ -1017,7 +968,6 @@ ctnetlink_create_conntrack(struct nfattr *cda[], | |||
1017 | if (ct->helper) | 968 | if (ct->helper) |
1018 | ip_conntrack_helper_put(ct->helper); | 969 | ip_conntrack_helper_put(ct->helper); |
1019 | 970 | ||
1020 | DEBUGP("conntrack with id %u inserted\n", ct->id); | ||
1021 | return 0; | 971 | return 0; |
1022 | 972 | ||
1023 | err: | 973 | err: |
@@ -1033,8 +983,6 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
1033 | struct ip_conntrack_tuple_hash *h = NULL; | 983 | struct ip_conntrack_tuple_hash *h = NULL; |
1034 | int err = 0; | 984 | int err = 0; |
1035 | 985 | ||
1036 | DEBUGP("entered %s\n", __FUNCTION__); | ||
1037 | |||
1038 | if (nfattr_bad_size(cda, CTA_MAX, cta_min)) | 986 | if (nfattr_bad_size(cda, CTA_MAX, cta_min)) |
1039 | return -EINVAL; | 987 | return -EINVAL; |
1040 | 988 | ||
@@ -1058,7 +1006,6 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
1058 | 1006 | ||
1059 | if (h == NULL) { | 1007 | if (h == NULL) { |
1060 | write_unlock_bh(&ip_conntrack_lock); | 1008 | write_unlock_bh(&ip_conntrack_lock); |
1061 | DEBUGP("no such conntrack, create new\n"); | ||
1062 | err = -ENOENT; | 1009 | err = -ENOENT; |
1063 | if (nlh->nlmsg_flags & NLM_F_CREATE) | 1010 | if (nlh->nlmsg_flags & NLM_F_CREATE) |
1064 | err = ctnetlink_create_conntrack(cda, &otuple, &rtuple); | 1011 | err = ctnetlink_create_conntrack(cda, &otuple, &rtuple); |
@@ -1074,7 +1021,6 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
1074 | 1021 | ||
1075 | /* We manipulate the conntrack inside the global conntrack table lock, | 1022 | /* We manipulate the conntrack inside the global conntrack table lock, |
1076 | * so there's no need to increase the refcount */ | 1023 | * so there's no need to increase the refcount */ |
1077 | DEBUGP("conntrack found\n"); | ||
1078 | err = -EEXIST; | 1024 | err = -EEXIST; |
1079 | if (!(nlh->nlmsg_flags & NLM_F_EXCL)) | 1025 | if (!(nlh->nlmsg_flags & NLM_F_EXCL)) |
1080 | err = ctnetlink_change_conntrack(tuplehash_to_ctrack(h), cda); | 1026 | err = ctnetlink_change_conntrack(tuplehash_to_ctrack(h), cda); |
@@ -1249,8 +1195,6 @@ ctnetlink_exp_dump_table(struct sk_buff *skb, struct netlink_callback *cb) | |||
1249 | struct list_head *i; | 1195 | struct list_head *i; |
1250 | u_int32_t *id = (u_int32_t *) &cb->args[0]; | 1196 | u_int32_t *id = (u_int32_t *) &cb->args[0]; |
1251 | 1197 | ||
1252 | DEBUGP("entered %s, last id=%llu\n", __FUNCTION__, *id); | ||
1253 | |||
1254 | read_lock_bh(&ip_conntrack_lock); | 1198 | read_lock_bh(&ip_conntrack_lock); |
1255 | list_for_each_prev(i, &ip_conntrack_expect_list) { | 1199 | list_for_each_prev(i, &ip_conntrack_expect_list) { |
1256 | exp = (struct ip_conntrack_expect *) i; | 1200 | exp = (struct ip_conntrack_expect *) i; |
@@ -1266,8 +1210,6 @@ ctnetlink_exp_dump_table(struct sk_buff *skb, struct netlink_callback *cb) | |||
1266 | out: | 1210 | out: |
1267 | read_unlock_bh(&ip_conntrack_lock); | 1211 | read_unlock_bh(&ip_conntrack_lock); |
1268 | 1212 | ||
1269 | DEBUGP("leaving, last id=%llu\n", *id); | ||
1270 | |||
1271 | return skb->len; | 1213 | return skb->len; |
1272 | } | 1214 | } |
1273 | 1215 | ||
@@ -1285,8 +1227,6 @@ ctnetlink_get_expect(struct sock *ctnl, struct sk_buff *skb, | |||
1285 | struct sk_buff *skb2; | 1227 | struct sk_buff *skb2; |
1286 | int err = 0; | 1228 | int err = 0; |
1287 | 1229 | ||
1288 | DEBUGP("entered %s\n", __FUNCTION__); | ||
1289 | |||
1290 | if (nfattr_bad_size(cda, CTA_EXPECT_MAX, cta_min_exp)) | 1230 | if (nfattr_bad_size(cda, CTA_EXPECT_MAX, cta_min_exp)) |
1291 | return -EINVAL; | 1231 | return -EINVAL; |
1292 | 1232 | ||
@@ -1437,8 +1377,6 @@ ctnetlink_create_expect(struct nfattr *cda[]) | |||
1437 | struct ip_conntrack *ct; | 1377 | struct ip_conntrack *ct; |
1438 | int err = 0; | 1378 | int err = 0; |
1439 | 1379 | ||
1440 | DEBUGP("entered %s\n", __FUNCTION__); | ||
1441 | |||
1442 | /* caller guarantees that those three CTA_EXPECT_* exist */ | 1380 | /* caller guarantees that those three CTA_EXPECT_* exist */ |
1443 | err = ctnetlink_parse_tuple(cda, &tuple, CTA_EXPECT_TUPLE); | 1381 | err = ctnetlink_parse_tuple(cda, &tuple, CTA_EXPECT_TUPLE); |
1444 | if (err < 0) | 1382 | if (err < 0) |
@@ -1490,8 +1428,6 @@ ctnetlink_new_expect(struct sock *ctnl, struct sk_buff *skb, | |||
1490 | struct ip_conntrack_expect *exp; | 1428 | struct ip_conntrack_expect *exp; |
1491 | int err = 0; | 1429 | int err = 0; |
1492 | 1430 | ||
1493 | DEBUGP("entered %s\n", __FUNCTION__); | ||
1494 | |||
1495 | if (nfattr_bad_size(cda, CTA_EXPECT_MAX, cta_min_exp)) | 1431 | if (nfattr_bad_size(cda, CTA_EXPECT_MAX, cta_min_exp)) |
1496 | return -EINVAL; | 1432 | return -EINVAL; |
1497 | 1433 | ||
@@ -1520,8 +1456,6 @@ ctnetlink_new_expect(struct sock *ctnl, struct sk_buff *skb, | |||
1520 | err = ctnetlink_change_expect(exp, cda); | 1456 | err = ctnetlink_change_expect(exp, cda); |
1521 | write_unlock_bh(&ip_conntrack_lock); | 1457 | write_unlock_bh(&ip_conntrack_lock); |
1522 | 1458 | ||
1523 | DEBUGP("leaving\n"); | ||
1524 | |||
1525 | return err; | 1459 | return err; |
1526 | } | 1460 | } |
1527 | 1461 | ||
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index 1721f7c78c77..bd0156a28ecd 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c | |||
@@ -47,13 +47,6 @@ MODULE_LICENSE("GPL"); | |||
47 | 47 | ||
48 | static char __initdata version[] = "0.93"; | 48 | static char __initdata version[] = "0.93"; |
49 | 49 | ||
50 | #if 0 | ||
51 | #define DEBUGP printk | ||
52 | #else | ||
53 | #define DEBUGP(format, args...) | ||
54 | #endif | ||
55 | |||
56 | |||
57 | static inline int | 50 | static inline int |
58 | ctnetlink_dump_tuples_proto(struct sk_buff *skb, | 51 | ctnetlink_dump_tuples_proto(struct sk_buff *skb, |
59 | const struct nf_conntrack_tuple *tuple, | 52 | const struct nf_conntrack_tuple *tuple, |
@@ -410,7 +403,6 @@ static int ctnetlink_done(struct netlink_callback *cb) | |||
410 | { | 403 | { |
411 | if (cb->args[1]) | 404 | if (cb->args[1]) |
412 | nf_ct_put((struct nf_conn *)cb->args[1]); | 405 | nf_ct_put((struct nf_conn *)cb->args[1]); |
413 | DEBUGP("entered %s\n", __FUNCTION__); | ||
414 | return 0; | 406 | return 0; |
415 | } | 407 | } |
416 | 408 | ||
@@ -425,9 +417,6 @@ ctnetlink_dump_table(struct sk_buff *skb, struct netlink_callback *cb) | |||
425 | struct nfgenmsg *nfmsg = NLMSG_DATA(cb->nlh); | 417 | struct nfgenmsg *nfmsg = NLMSG_DATA(cb->nlh); |
426 | u_int8_t l3proto = nfmsg->nfgen_family; | 418 | u_int8_t l3proto = nfmsg->nfgen_family; |
427 | 419 | ||
428 | DEBUGP("entered %s, last bucket=%lu id=%u\n", __FUNCTION__, | ||
429 | cb->args[0], *id); | ||
430 | |||
431 | read_lock_bh(&nf_conntrack_lock); | 420 | read_lock_bh(&nf_conntrack_lock); |
432 | last = (struct nf_conn *)cb->args[1]; | 421 | last = (struct nf_conn *)cb->args[1]; |
433 | for (; cb->args[0] < nf_conntrack_htable_size; cb->args[0]++) { | 422 | for (; cb->args[0] < nf_conntrack_htable_size; cb->args[0]++) { |
@@ -471,7 +460,6 @@ out: | |||
471 | if (last) | 460 | if (last) |
472 | nf_ct_put(last); | 461 | nf_ct_put(last); |
473 | 462 | ||
474 | DEBUGP("leaving, last bucket=%lu id=%u\n", cb->args[0], *id); | ||
475 | return skb->len; | 463 | return skb->len; |
476 | } | 464 | } |
477 | 465 | ||
@@ -482,8 +470,6 @@ ctnetlink_parse_tuple_ip(struct nfattr *attr, struct nf_conntrack_tuple *tuple) | |||
482 | struct nf_conntrack_l3proto *l3proto; | 470 | struct nf_conntrack_l3proto *l3proto; |
483 | int ret = 0; | 471 | int ret = 0; |
484 | 472 | ||
485 | DEBUGP("entered %s\n", __FUNCTION__); | ||
486 | |||
487 | nfattr_parse_nested(tb, CTA_IP_MAX, attr); | 473 | nfattr_parse_nested(tb, CTA_IP_MAX, attr); |
488 | 474 | ||
489 | l3proto = nf_ct_l3proto_find_get(tuple->src.l3num); | 475 | l3proto = nf_ct_l3proto_find_get(tuple->src.l3num); |
@@ -493,8 +479,6 @@ ctnetlink_parse_tuple_ip(struct nfattr *attr, struct nf_conntrack_tuple *tuple) | |||
493 | 479 | ||
494 | nf_ct_l3proto_put(l3proto); | 480 | nf_ct_l3proto_put(l3proto); |
495 | 481 | ||
496 | DEBUGP("leaving\n"); | ||
497 | |||
498 | return ret; | 482 | return ret; |
499 | } | 483 | } |
500 | 484 | ||
@@ -510,8 +494,6 @@ ctnetlink_parse_tuple_proto(struct nfattr *attr, | |||
510 | struct nf_conntrack_protocol *proto; | 494 | struct nf_conntrack_protocol *proto; |
511 | int ret = 0; | 495 | int ret = 0; |
512 | 496 | ||
513 | DEBUGP("entered %s\n", __FUNCTION__); | ||
514 | |||
515 | nfattr_parse_nested(tb, CTA_PROTO_MAX, attr); | 497 | nfattr_parse_nested(tb, CTA_PROTO_MAX, attr); |
516 | 498 | ||
517 | if (nfattr_bad_size(tb, CTA_PROTO_MAX, cta_min_proto)) | 499 | if (nfattr_bad_size(tb, CTA_PROTO_MAX, cta_min_proto)) |
@@ -538,8 +520,6 @@ ctnetlink_parse_tuple(struct nfattr *cda[], struct nf_conntrack_tuple *tuple, | |||
538 | struct nfattr *tb[CTA_TUPLE_MAX]; | 520 | struct nfattr *tb[CTA_TUPLE_MAX]; |
539 | int err; | 521 | int err; |
540 | 522 | ||
541 | DEBUGP("entered %s\n", __FUNCTION__); | ||
542 | |||
543 | memset(tuple, 0, sizeof(*tuple)); | 523 | memset(tuple, 0, sizeof(*tuple)); |
544 | 524 | ||
545 | nfattr_parse_nested(tb, CTA_TUPLE_MAX, cda[type-1]); | 525 | nfattr_parse_nested(tb, CTA_TUPLE_MAX, cda[type-1]); |
@@ -566,10 +546,6 @@ ctnetlink_parse_tuple(struct nfattr *cda[], struct nf_conntrack_tuple *tuple, | |||
566 | else | 546 | else |
567 | tuple->dst.dir = IP_CT_DIR_ORIGINAL; | 547 | tuple->dst.dir = IP_CT_DIR_ORIGINAL; |
568 | 548 | ||
569 | NF_CT_DUMP_TUPLE(tuple); | ||
570 | |||
571 | DEBUGP("leaving\n"); | ||
572 | |||
573 | return 0; | 549 | return 0; |
574 | } | 550 | } |
575 | 551 | ||
@@ -586,8 +562,6 @@ static int ctnetlink_parse_nat_proto(struct nfattr *attr, | |||
586 | struct nfattr *tb[CTA_PROTONAT_MAX]; | 562 | struct nfattr *tb[CTA_PROTONAT_MAX]; |
587 | struct ip_nat_protocol *npt; | 563 | struct ip_nat_protocol *npt; |
588 | 564 | ||
589 | DEBUGP("entered %s\n", __FUNCTION__); | ||
590 | |||
591 | nfattr_parse_nested(tb, CTA_PROTONAT_MAX, attr); | 565 | nfattr_parse_nested(tb, CTA_PROTONAT_MAX, attr); |
592 | 566 | ||
593 | if (nfattr_bad_size(tb, CTA_PROTONAT_MAX, cta_min_protonat)) | 567 | if (nfattr_bad_size(tb, CTA_PROTONAT_MAX, cta_min_protonat)) |
@@ -606,7 +580,6 @@ static int ctnetlink_parse_nat_proto(struct nfattr *attr, | |||
606 | 580 | ||
607 | ip_nat_proto_put(npt); | 581 | ip_nat_proto_put(npt); |
608 | 582 | ||
609 | DEBUGP("leaving\n"); | ||
610 | return 0; | 583 | return 0; |
611 | } | 584 | } |
612 | 585 | ||
@@ -622,8 +595,6 @@ ctnetlink_parse_nat(struct nfattr *nat, | |||
622 | struct nfattr *tb[CTA_NAT_MAX]; | 595 | struct nfattr *tb[CTA_NAT_MAX]; |
623 | int err; | 596 | int err; |
624 | 597 | ||
625 | DEBUGP("entered %s\n", __FUNCTION__); | ||
626 | |||
627 | memset(range, 0, sizeof(*range)); | 598 | memset(range, 0, sizeof(*range)); |
628 | 599 | ||
629 | nfattr_parse_nested(tb, CTA_NAT_MAX, nat); | 600 | nfattr_parse_nested(tb, CTA_NAT_MAX, nat); |
@@ -649,7 +620,6 @@ ctnetlink_parse_nat(struct nfattr *nat, | |||
649 | if (err < 0) | 620 | if (err < 0) |
650 | return err; | 621 | return err; |
651 | 622 | ||
652 | DEBUGP("leaving\n"); | ||
653 | return 0; | 623 | return 0; |
654 | } | 624 | } |
655 | #endif | 625 | #endif |
@@ -659,8 +629,6 @@ ctnetlink_parse_help(struct nfattr *attr, char **helper_name) | |||
659 | { | 629 | { |
660 | struct nfattr *tb[CTA_HELP_MAX]; | 630 | struct nfattr *tb[CTA_HELP_MAX]; |
661 | 631 | ||
662 | DEBUGP("entered %s\n", __FUNCTION__); | ||
663 | |||
664 | nfattr_parse_nested(tb, CTA_HELP_MAX, attr); | 632 | nfattr_parse_nested(tb, CTA_HELP_MAX, attr); |
665 | 633 | ||
666 | if (!tb[CTA_HELP_NAME-1]) | 634 | if (!tb[CTA_HELP_NAME-1]) |
@@ -690,8 +658,6 @@ ctnetlink_del_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
690 | u_int8_t u3 = nfmsg->nfgen_family; | 658 | u_int8_t u3 = nfmsg->nfgen_family; |
691 | int err = 0; | 659 | int err = 0; |
692 | 660 | ||
693 | DEBUGP("entered %s\n", __FUNCTION__); | ||
694 | |||
695 | if (nfattr_bad_size(cda, CTA_MAX, cta_min)) | 661 | if (nfattr_bad_size(cda, CTA_MAX, cta_min)) |
696 | return -EINVAL; | 662 | return -EINVAL; |
697 | 663 | ||
@@ -709,10 +675,8 @@ ctnetlink_del_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
709 | return err; | 675 | return err; |
710 | 676 | ||
711 | h = nf_conntrack_find_get(&tuple, NULL); | 677 | h = nf_conntrack_find_get(&tuple, NULL); |
712 | if (!h) { | 678 | if (!h) |
713 | DEBUGP("tuple not found in conntrack hash\n"); | ||
714 | return -ENOENT; | 679 | return -ENOENT; |
715 | } | ||
716 | 680 | ||
717 | ct = nf_ct_tuplehash_to_ctrack(h); | 681 | ct = nf_ct_tuplehash_to_ctrack(h); |
718 | 682 | ||
@@ -727,7 +691,6 @@ ctnetlink_del_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
727 | ct->timeout.function((unsigned long)ct); | 691 | ct->timeout.function((unsigned long)ct); |
728 | 692 | ||
729 | nf_ct_put(ct); | 693 | nf_ct_put(ct); |
730 | DEBUGP("leaving\n"); | ||
731 | 694 | ||
732 | return 0; | 695 | return 0; |
733 | } | 696 | } |
@@ -744,8 +707,6 @@ ctnetlink_get_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
744 | u_int8_t u3 = nfmsg->nfgen_family; | 707 | u_int8_t u3 = nfmsg->nfgen_family; |
745 | int err = 0; | 708 | int err = 0; |
746 | 709 | ||
747 | DEBUGP("entered %s\n", __FUNCTION__); | ||
748 | |||
749 | if (nlh->nlmsg_flags & NLM_F_DUMP) { | 710 | if (nlh->nlmsg_flags & NLM_F_DUMP) { |
750 | u32 rlen; | 711 | u32 rlen; |
751 | 712 | ||
@@ -779,11 +740,9 @@ ctnetlink_get_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
779 | return err; | 740 | return err; |
780 | 741 | ||
781 | h = nf_conntrack_find_get(&tuple, NULL); | 742 | h = nf_conntrack_find_get(&tuple, NULL); |
782 | if (!h) { | 743 | if (!h) |
783 | DEBUGP("tuple not found in conntrack hash"); | ||
784 | return -ENOENT; | 744 | return -ENOENT; |
785 | } | 745 | |
786 | DEBUGP("tuple found\n"); | ||
787 | ct = nf_ct_tuplehash_to_ctrack(h); | 746 | ct = nf_ct_tuplehash_to_ctrack(h); |
788 | 747 | ||
789 | err = -ENOMEM; | 748 | err = -ENOMEM; |
@@ -804,7 +763,6 @@ ctnetlink_get_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
804 | if (err < 0) | 763 | if (err < 0) |
805 | goto out; | 764 | goto out; |
806 | 765 | ||
807 | DEBUGP("leaving\n"); | ||
808 | return 0; | 766 | return 0; |
809 | 767 | ||
810 | free: | 768 | free: |
@@ -876,8 +834,6 @@ ctnetlink_change_helper(struct nf_conn *ct, struct nfattr *cda[]) | |||
876 | char *helpname; | 834 | char *helpname; |
877 | int err; | 835 | int err; |
878 | 836 | ||
879 | DEBUGP("entered %s\n", __FUNCTION__); | ||
880 | |||
881 | if (!help) { | 837 | if (!help) { |
882 | /* FIXME: we need to reallocate and rehash */ | 838 | /* FIXME: we need to reallocate and rehash */ |
883 | return -EBUSY; | 839 | return -EBUSY; |
@@ -954,8 +910,6 @@ ctnetlink_change_conntrack(struct nf_conn *ct, struct nfattr *cda[]) | |||
954 | { | 910 | { |
955 | int err; | 911 | int err; |
956 | 912 | ||
957 | DEBUGP("entered %s\n", __FUNCTION__); | ||
958 | |||
959 | if (cda[CTA_HELP-1]) { | 913 | if (cda[CTA_HELP-1]) { |
960 | err = ctnetlink_change_helper(ct, cda); | 914 | err = ctnetlink_change_helper(ct, cda); |
961 | if (err < 0) | 915 | if (err < 0) |
@@ -985,7 +939,6 @@ ctnetlink_change_conntrack(struct nf_conn *ct, struct nfattr *cda[]) | |||
985 | ct->mark = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_MARK-1])); | 939 | ct->mark = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_MARK-1])); |
986 | #endif | 940 | #endif |
987 | 941 | ||
988 | DEBUGP("all done\n"); | ||
989 | return 0; | 942 | return 0; |
990 | } | 943 | } |
991 | 944 | ||
@@ -997,8 +950,6 @@ ctnetlink_create_conntrack(struct nfattr *cda[], | |||
997 | struct nf_conn *ct; | 950 | struct nf_conn *ct; |
998 | int err = -EINVAL; | 951 | int err = -EINVAL; |
999 | 952 | ||
1000 | DEBUGP("entered %s\n", __FUNCTION__); | ||
1001 | |||
1002 | ct = nf_conntrack_alloc(otuple, rtuple); | 953 | ct = nf_conntrack_alloc(otuple, rtuple); |
1003 | if (ct == NULL || IS_ERR(ct)) | 954 | if (ct == NULL || IS_ERR(ct)) |
1004 | return -ENOMEM; | 955 | return -ENOMEM; |
@@ -1028,7 +979,6 @@ ctnetlink_create_conntrack(struct nfattr *cda[], | |||
1028 | add_timer(&ct->timeout); | 979 | add_timer(&ct->timeout); |
1029 | nf_conntrack_hash_insert(ct); | 980 | nf_conntrack_hash_insert(ct); |
1030 | 981 | ||
1031 | DEBUGP("conntrack with id %u inserted\n", ct->id); | ||
1032 | return 0; | 982 | return 0; |
1033 | 983 | ||
1034 | err: | 984 | err: |
@@ -1046,8 +996,6 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
1046 | u_int8_t u3 = nfmsg->nfgen_family; | 996 | u_int8_t u3 = nfmsg->nfgen_family; |
1047 | int err = 0; | 997 | int err = 0; |
1048 | 998 | ||
1049 | DEBUGP("entered %s\n", __FUNCTION__); | ||
1050 | |||
1051 | if (nfattr_bad_size(cda, CTA_MAX, cta_min)) | 999 | if (nfattr_bad_size(cda, CTA_MAX, cta_min)) |
1052 | return -EINVAL; | 1000 | return -EINVAL; |
1053 | 1001 | ||
@@ -1071,7 +1019,6 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
1071 | 1019 | ||
1072 | if (h == NULL) { | 1020 | if (h == NULL) { |
1073 | write_unlock_bh(&nf_conntrack_lock); | 1021 | write_unlock_bh(&nf_conntrack_lock); |
1074 | DEBUGP("no such conntrack, create new\n"); | ||
1075 | err = -ENOENT; | 1022 | err = -ENOENT; |
1076 | if (nlh->nlmsg_flags & NLM_F_CREATE) | 1023 | if (nlh->nlmsg_flags & NLM_F_CREATE) |
1077 | err = ctnetlink_create_conntrack(cda, &otuple, &rtuple); | 1024 | err = ctnetlink_create_conntrack(cda, &otuple, &rtuple); |
@@ -1087,7 +1034,6 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
1087 | 1034 | ||
1088 | /* We manipulate the conntrack inside the global conntrack table lock, | 1035 | /* We manipulate the conntrack inside the global conntrack table lock, |
1089 | * so there's no need to increase the refcount */ | 1036 | * so there's no need to increase the refcount */ |
1090 | DEBUGP("conntrack found\n"); | ||
1091 | err = -EEXIST; | 1037 | err = -EEXIST; |
1092 | if (!(nlh->nlmsg_flags & NLM_F_EXCL)) | 1038 | if (!(nlh->nlmsg_flags & NLM_F_EXCL)) |
1093 | err = ctnetlink_change_conntrack(nf_ct_tuplehash_to_ctrack(h), cda); | 1039 | err = ctnetlink_change_conntrack(nf_ct_tuplehash_to_ctrack(h), cda); |
@@ -1268,8 +1214,6 @@ ctnetlink_exp_dump_table(struct sk_buff *skb, struct netlink_callback *cb) | |||
1268 | struct nfgenmsg *nfmsg = NLMSG_DATA(cb->nlh); | 1214 | struct nfgenmsg *nfmsg = NLMSG_DATA(cb->nlh); |
1269 | u_int8_t l3proto = nfmsg->nfgen_family; | 1215 | u_int8_t l3proto = nfmsg->nfgen_family; |
1270 | 1216 | ||
1271 | DEBUGP("entered %s, last id=%llu\n", __FUNCTION__, *id); | ||
1272 | |||
1273 | read_lock_bh(&nf_conntrack_lock); | 1217 | read_lock_bh(&nf_conntrack_lock); |
1274 | list_for_each_prev(i, &nf_conntrack_expect_list) { | 1218 | list_for_each_prev(i, &nf_conntrack_expect_list) { |
1275 | exp = (struct nf_conntrack_expect *) i; | 1219 | exp = (struct nf_conntrack_expect *) i; |
@@ -1287,8 +1231,6 @@ ctnetlink_exp_dump_table(struct sk_buff *skb, struct netlink_callback *cb) | |||
1287 | out: | 1231 | out: |
1288 | read_unlock_bh(&nf_conntrack_lock); | 1232 | read_unlock_bh(&nf_conntrack_lock); |
1289 | 1233 | ||
1290 | DEBUGP("leaving, last id=%llu\n", *id); | ||
1291 | |||
1292 | return skb->len; | 1234 | return skb->len; |
1293 | } | 1235 | } |
1294 | 1236 | ||
@@ -1308,8 +1250,6 @@ ctnetlink_get_expect(struct sock *ctnl, struct sk_buff *skb, | |||
1308 | u_int8_t u3 = nfmsg->nfgen_family; | 1250 | u_int8_t u3 = nfmsg->nfgen_family; |
1309 | int err = 0; | 1251 | int err = 0; |
1310 | 1252 | ||
1311 | DEBUGP("entered %s\n", __FUNCTION__); | ||
1312 | |||
1313 | if (nfattr_bad_size(cda, CTA_EXPECT_MAX, cta_min_exp)) | 1253 | if (nfattr_bad_size(cda, CTA_EXPECT_MAX, cta_min_exp)) |
1314 | return -EINVAL; | 1254 | return -EINVAL; |
1315 | 1255 | ||
@@ -1460,8 +1400,6 @@ ctnetlink_create_expect(struct nfattr *cda[], u_int8_t u3) | |||
1460 | struct nf_conn_help *help; | 1400 | struct nf_conn_help *help; |
1461 | int err = 0; | 1401 | int err = 0; |
1462 | 1402 | ||
1463 | DEBUGP("entered %s\n", __FUNCTION__); | ||
1464 | |||
1465 | /* caller guarantees that those three CTA_EXPECT_* exist */ | 1403 | /* caller guarantees that those three CTA_EXPECT_* exist */ |
1466 | err = ctnetlink_parse_tuple(cda, &tuple, CTA_EXPECT_TUPLE, u3); | 1404 | err = ctnetlink_parse_tuple(cda, &tuple, CTA_EXPECT_TUPLE, u3); |
1467 | if (err < 0) | 1405 | if (err < 0) |
@@ -1516,8 +1454,6 @@ ctnetlink_new_expect(struct sock *ctnl, struct sk_buff *skb, | |||
1516 | u_int8_t u3 = nfmsg->nfgen_family; | 1454 | u_int8_t u3 = nfmsg->nfgen_family; |
1517 | int err = 0; | 1455 | int err = 0; |
1518 | 1456 | ||
1519 | DEBUGP("entered %s\n", __FUNCTION__); | ||
1520 | |||
1521 | if (nfattr_bad_size(cda, CTA_EXPECT_MAX, cta_min_exp)) | 1457 | if (nfattr_bad_size(cda, CTA_EXPECT_MAX, cta_min_exp)) |
1522 | return -EINVAL; | 1458 | return -EINVAL; |
1523 | 1459 | ||
@@ -1546,8 +1482,6 @@ ctnetlink_new_expect(struct sock *ctnl, struct sk_buff *skb, | |||
1546 | err = ctnetlink_change_expect(exp, cda); | 1482 | err = ctnetlink_change_expect(exp, cda); |
1547 | write_unlock_bh(&nf_conntrack_lock); | 1483 | write_unlock_bh(&nf_conntrack_lock); |
1548 | 1484 | ||
1549 | DEBUGP("leaving\n"); | ||
1550 | |||
1551 | return err; | 1485 | return err; |
1552 | } | 1486 | } |
1553 | 1487 | ||