aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
Diffstat (limited to 'net')
-rw-r--r--net/netfilter/nf_conntrack_proto_sctp.c57
1 files changed, 24 insertions, 33 deletions
diff --git a/net/netfilter/nf_conntrack_proto_sctp.c b/net/netfilter/nf_conntrack_proto_sctp.c
index 14b1c02c4775..21d29e782baf 100644
--- a/net/netfilter/nf_conntrack_proto_sctp.c
+++ b/net/netfilter/nf_conntrack_proto_sctp.c
@@ -49,24 +49,15 @@ static const char *sctp_conntrack_names[] = {
49#define HOURS * 60 MINS 49#define HOURS * 60 MINS
50#define DAYS * 24 HOURS 50#define DAYS * 24 HOURS
51 51
52static unsigned int nf_ct_sctp_timeout_closed __read_mostly = 10 SECS; 52static unsigned int sctp_timeouts[SCTP_CONNTRACK_MAX] __read_mostly = {
53static unsigned int nf_ct_sctp_timeout_cookie_wait __read_mostly = 3 SECS; 53 [SCTP_CONNTRACK_CLOSED] = 10 SECS,
54static unsigned int nf_ct_sctp_timeout_cookie_echoed __read_mostly = 3 SECS; 54 [SCTP_CONNTRACK_COOKIE_WAIT] = 3 SECS,
55static unsigned int nf_ct_sctp_timeout_established __read_mostly = 5 DAYS; 55 [SCTP_CONNTRACK_COOKIE_ECHOED] = 3 SECS,
56static unsigned int nf_ct_sctp_timeout_shutdown_sent __read_mostly = 300 SECS / 1000; 56 [SCTP_CONNTRACK_ESTABLISHED] = 5 DAYS,
57static unsigned int nf_ct_sctp_timeout_shutdown_recd __read_mostly = 300 SECS / 1000; 57 [SCTP_CONNTRACK_SHUTDOWN_SENT] = 300 SECS / 1000,
58static unsigned int nf_ct_sctp_timeout_shutdown_ack_sent __read_mostly = 3 SECS; 58 [SCTP_CONNTRACK_SHUTDOWN_RECD] = 300 SECS / 1000,
59 59 [SCTP_CONNTRACK_SHUTDOWN_ACK_SENT] = 3 SECS,
60static unsigned int * sctp_timeouts[] 60};
61= { NULL, /* SCTP_CONNTRACK_NONE */
62 &nf_ct_sctp_timeout_closed, /* SCTP_CONNTRACK_CLOSED */
63 &nf_ct_sctp_timeout_cookie_wait, /* SCTP_CONNTRACK_COOKIE_WAIT */
64 &nf_ct_sctp_timeout_cookie_echoed, /* SCTP_CONNTRACK_COOKIE_ECHOED */
65 &nf_ct_sctp_timeout_established, /* SCTP_CONNTRACK_ESTABLISHED */
66 &nf_ct_sctp_timeout_shutdown_sent, /* SCTP_CONNTRACK_SHUTDOWN_SENT */
67 &nf_ct_sctp_timeout_shutdown_recd, /* SCTP_CONNTRACK_SHUTDOWN_RECD */
68 &nf_ct_sctp_timeout_shutdown_ack_sent /* SCTP_CONNTRACK_SHUTDOWN_ACK_SENT */
69 };
70 61
71#define sNO SCTP_CONNTRACK_NONE 62#define sNO SCTP_CONNTRACK_NONE
72#define sCL SCTP_CONNTRACK_CLOSED 63#define sCL SCTP_CONNTRACK_CLOSED
@@ -380,7 +371,7 @@ static int sctp_packet(struct nf_conn *ct,
380 } 371 }
381 write_unlock_bh(&sctp_lock); 372 write_unlock_bh(&sctp_lock);
382 373
383 nf_ct_refresh_acct(ct, ctinfo, skb, *sctp_timeouts[new_state]); 374 nf_ct_refresh_acct(ct, ctinfo, skb, sctp_timeouts[new_state]);
384 375
385 if (old_state == SCTP_CONNTRACK_COOKIE_ECHOED && 376 if (old_state == SCTP_CONNTRACK_COOKIE_ECHOED &&
386 dir == IP_CT_DIR_REPLY && 377 dir == IP_CT_DIR_REPLY &&
@@ -474,49 +465,49 @@ static struct ctl_table_header *sctp_sysctl_header;
474static struct ctl_table sctp_sysctl_table[] = { 465static struct ctl_table sctp_sysctl_table[] = {
475 { 466 {
476 .procname = "nf_conntrack_sctp_timeout_closed", 467 .procname = "nf_conntrack_sctp_timeout_closed",
477 .data = &nf_ct_sctp_timeout_closed, 468 .data = &sctp_timeouts[SCTP_CONNTRACK_CLOSED],
478 .maxlen = sizeof(unsigned int), 469 .maxlen = sizeof(unsigned int),
479 .mode = 0644, 470 .mode = 0644,
480 .proc_handler = &proc_dointvec_jiffies, 471 .proc_handler = &proc_dointvec_jiffies,
481 }, 472 },
482 { 473 {
483 .procname = "nf_conntrack_sctp_timeout_cookie_wait", 474 .procname = "nf_conntrack_sctp_timeout_cookie_wait",
484 .data = &nf_ct_sctp_timeout_cookie_wait, 475 .data = &sctp_timeouts[SCTP_CONNTRACK_COOKIE_WAIT],
485 .maxlen = sizeof(unsigned int), 476 .maxlen = sizeof(unsigned int),
486 .mode = 0644, 477 .mode = 0644,
487 .proc_handler = &proc_dointvec_jiffies, 478 .proc_handler = &proc_dointvec_jiffies,
488 }, 479 },
489 { 480 {
490 .procname = "nf_conntrack_sctp_timeout_cookie_echoed", 481 .procname = "nf_conntrack_sctp_timeout_cookie_echoed",
491 .data = &nf_ct_sctp_timeout_cookie_echoed, 482 .data = &sctp_timeouts[SCTP_CONNTRACK_COOKIE_ECHOED],
492 .maxlen = sizeof(unsigned int), 483 .maxlen = sizeof(unsigned int),
493 .mode = 0644, 484 .mode = 0644,
494 .proc_handler = &proc_dointvec_jiffies, 485 .proc_handler = &proc_dointvec_jiffies,
495 }, 486 },
496 { 487 {
497 .procname = "nf_conntrack_sctp_timeout_established", 488 .procname = "nf_conntrack_sctp_timeout_established",
498 .data = &nf_ct_sctp_timeout_established, 489 .data = &sctp_timeouts[SCTP_CONNTRACK_ESTABLISHED],
499 .maxlen = sizeof(unsigned int), 490 .maxlen = sizeof(unsigned int),
500 .mode = 0644, 491 .mode = 0644,
501 .proc_handler = &proc_dointvec_jiffies, 492 .proc_handler = &proc_dointvec_jiffies,
502 }, 493 },
503 { 494 {
504 .procname = "nf_conntrack_sctp_timeout_shutdown_sent", 495 .procname = "nf_conntrack_sctp_timeout_shutdown_sent",
505 .data = &nf_ct_sctp_timeout_shutdown_sent, 496 .data = &sctp_timeouts[SCTP_CONNTRACK_SHUTDOWN_SENT],
506 .maxlen = sizeof(unsigned int), 497 .maxlen = sizeof(unsigned int),
507 .mode = 0644, 498 .mode = 0644,
508 .proc_handler = &proc_dointvec_jiffies, 499 .proc_handler = &proc_dointvec_jiffies,
509 }, 500 },
510 { 501 {
511 .procname = "nf_conntrack_sctp_timeout_shutdown_recd", 502 .procname = "nf_conntrack_sctp_timeout_shutdown_recd",
512 .data = &nf_ct_sctp_timeout_shutdown_recd, 503 .data = &sctp_timeouts[SCTP_CONNTRACK_SHUTDOWN_RECD],
513 .maxlen = sizeof(unsigned int), 504 .maxlen = sizeof(unsigned int),
514 .mode = 0644, 505 .mode = 0644,
515 .proc_handler = &proc_dointvec_jiffies, 506 .proc_handler = &proc_dointvec_jiffies,
516 }, 507 },
517 { 508 {
518 .procname = "nf_conntrack_sctp_timeout_shutdown_ack_sent", 509 .procname = "nf_conntrack_sctp_timeout_shutdown_ack_sent",
519 .data = &nf_ct_sctp_timeout_shutdown_ack_sent, 510 .data = &sctp_timeouts[SCTP_CONNTRACK_SHUTDOWN_ACK_SENT],
520 .maxlen = sizeof(unsigned int), 511 .maxlen = sizeof(unsigned int),
521 .mode = 0644, 512 .mode = 0644,
522 .proc_handler = &proc_dointvec_jiffies, 513 .proc_handler = &proc_dointvec_jiffies,
@@ -530,49 +521,49 @@ static struct ctl_table sctp_sysctl_table[] = {
530static struct ctl_table sctp_compat_sysctl_table[] = { 521static struct ctl_table sctp_compat_sysctl_table[] = {
531 { 522 {
532 .procname = "ip_conntrack_sctp_timeout_closed", 523 .procname = "ip_conntrack_sctp_timeout_closed",
533 .data = &nf_ct_sctp_timeout_closed, 524 .data = &sctp_timeouts[SCTP_CONNTRACK_CLOSED],
534 .maxlen = sizeof(unsigned int), 525 .maxlen = sizeof(unsigned int),
535 .mode = 0644, 526 .mode = 0644,
536 .proc_handler = &proc_dointvec_jiffies, 527 .proc_handler = &proc_dointvec_jiffies,
537 }, 528 },
538 { 529 {
539 .procname = "ip_conntrack_sctp_timeout_cookie_wait", 530 .procname = "ip_conntrack_sctp_timeout_cookie_wait",
540 .data = &nf_ct_sctp_timeout_cookie_wait, 531 .data = &sctp_timeouts[SCTP_CONNTRACK_COOKIE_WAIT],
541 .maxlen = sizeof(unsigned int), 532 .maxlen = sizeof(unsigned int),
542 .mode = 0644, 533 .mode = 0644,
543 .proc_handler = &proc_dointvec_jiffies, 534 .proc_handler = &proc_dointvec_jiffies,
544 }, 535 },
545 { 536 {
546 .procname = "ip_conntrack_sctp_timeout_cookie_echoed", 537 .procname = "ip_conntrack_sctp_timeout_cookie_echoed",
547 .data = &nf_ct_sctp_timeout_cookie_echoed, 538 .data = &sctp_timeouts[SCTP_CONNTRACK_COOKIE_ECHOED],
548 .maxlen = sizeof(unsigned int), 539 .maxlen = sizeof(unsigned int),
549 .mode = 0644, 540 .mode = 0644,
550 .proc_handler = &proc_dointvec_jiffies, 541 .proc_handler = &proc_dointvec_jiffies,
551 }, 542 },
552 { 543 {
553 .procname = "ip_conntrack_sctp_timeout_established", 544 .procname = "ip_conntrack_sctp_timeout_established",
554 .data = &nf_ct_sctp_timeout_established, 545 .data = &sctp_timeouts[SCTP_CONNTRACK_ESTABLISHED],
555 .maxlen = sizeof(unsigned int), 546 .maxlen = sizeof(unsigned int),
556 .mode = 0644, 547 .mode = 0644,
557 .proc_handler = &proc_dointvec_jiffies, 548 .proc_handler = &proc_dointvec_jiffies,
558 }, 549 },
559 { 550 {
560 .procname = "ip_conntrack_sctp_timeout_shutdown_sent", 551 .procname = "ip_conntrack_sctp_timeout_shutdown_sent",
561 .data = &nf_ct_sctp_timeout_shutdown_sent, 552 .data = &sctp_timeouts[SCTP_CONNTRACK_SHUTDOWN_SENT],
562 .maxlen = sizeof(unsigned int), 553 .maxlen = sizeof(unsigned int),
563 .mode = 0644, 554 .mode = 0644,
564 .proc_handler = &proc_dointvec_jiffies, 555 .proc_handler = &proc_dointvec_jiffies,
565 }, 556 },
566 { 557 {
567 .procname = "ip_conntrack_sctp_timeout_shutdown_recd", 558 .procname = "ip_conntrack_sctp_timeout_shutdown_recd",
568 .data = &nf_ct_sctp_timeout_shutdown_recd, 559 .data = &sctp_timeouts[SCTP_CONNTRACK_SHUTDOWN_RECD],
569 .maxlen = sizeof(unsigned int), 560 .maxlen = sizeof(unsigned int),
570 .mode = 0644, 561 .mode = 0644,
571 .proc_handler = &proc_dointvec_jiffies, 562 .proc_handler = &proc_dointvec_jiffies,
572 }, 563 },
573 { 564 {
574 .procname = "ip_conntrack_sctp_timeout_shutdown_ack_sent", 565 .procname = "ip_conntrack_sctp_timeout_shutdown_ack_sent",
575 .data = &nf_ct_sctp_timeout_shutdown_ack_sent, 566 .data = &sctp_timeouts[SCTP_CONNTRACK_SHUTDOWN_ACK_SENT],
576 .maxlen = sizeof(unsigned int), 567 .maxlen = sizeof(unsigned int),
577 .mode = 0644, 568 .mode = 0644,
578 .proc_handler = &proc_dointvec_jiffies, 569 .proc_handler = &proc_dointvec_jiffies,