diff options
Diffstat (limited to 'net')
-rw-r--r-- | net/ipv4/netfilter/ip_conntrack_netlink.c | 63 | ||||
-rw-r--r-- | net/netfilter/nf_conntrack_netlink.c | 67 |
2 files changed, 20 insertions, 110 deletions
diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c b/net/ipv4/netfilter/ip_conntrack_netlink.c index a20b0e385f1b..52eddea27e93 100644 --- a/net/ipv4/netfilter/ip_conntrack_netlink.c +++ b/net/ipv4/netfilter/ip_conntrack_netlink.c | |||
@@ -436,6 +436,11 @@ restart: | |||
436 | cb->args[1] = (unsigned long)ct; | 436 | cb->args[1] = (unsigned long)ct; |
437 | goto out; | 437 | goto out; |
438 | } | 438 | } |
439 | #ifdef CONFIG_NF_CT_ACCT | ||
440 | if (NFNL_MSG_TYPE(cb->nlh->nlmsg_type) == | ||
441 | IPCTNL_MSG_CT_GET_CTRZERO) | ||
442 | memset(&ct->counters, 0, sizeof(ct->counters)); | ||
443 | #endif | ||
439 | } | 444 | } |
440 | if (cb->args[1]) { | 445 | if (cb->args[1]) { |
441 | cb->args[1] = 0; | 446 | cb->args[1] = 0; |
@@ -451,46 +456,6 @@ out: | |||
451 | return skb->len; | 456 | return skb->len; |
452 | } | 457 | } |
453 | 458 | ||
454 | #ifdef CONFIG_IP_NF_CT_ACCT | ||
455 | static int | ||
456 | ctnetlink_dump_table_w(struct sk_buff *skb, struct netlink_callback *cb) | ||
457 | { | ||
458 | struct ip_conntrack *ct = NULL; | ||
459 | struct ip_conntrack_tuple_hash *h; | ||
460 | struct list_head *i; | ||
461 | u_int32_t *id = (u_int32_t *) &cb->args[1]; | ||
462 | |||
463 | DEBUGP("entered %s, last bucket=%u id=%u\n", __FUNCTION__, | ||
464 | cb->args[0], *id); | ||
465 | |||
466 | write_lock_bh(&ip_conntrack_lock); | ||
467 | for (; cb->args[0] < ip_conntrack_htable_size; cb->args[0]++, *id = 0) { | ||
468 | list_for_each_prev(i, &ip_conntrack_hash[cb->args[0]]) { | ||
469 | h = (struct ip_conntrack_tuple_hash *) i; | ||
470 | if (DIRECTION(h) != IP_CT_DIR_ORIGINAL) | ||
471 | continue; | ||
472 | ct = tuplehash_to_ctrack(h); | ||
473 | if (ct->id <= *id) | ||
474 | continue; | ||
475 | if (ctnetlink_fill_info(skb, NETLINK_CB(cb->skb).pid, | ||
476 | cb->nlh->nlmsg_seq, | ||
477 | IPCTNL_MSG_CT_NEW, | ||
478 | 1, ct) < 0) | ||
479 | goto out; | ||
480 | *id = ct->id; | ||
481 | |||
482 | memset(&ct->counters, 0, sizeof(ct->counters)); | ||
483 | } | ||
484 | } | ||
485 | out: | ||
486 | write_unlock_bh(&ip_conntrack_lock); | ||
487 | |||
488 | DEBUGP("leaving, last bucket=%lu id=%u\n", cb->args[0], *id); | ||
489 | |||
490 | return skb->len; | ||
491 | } | ||
492 | #endif | ||
493 | |||
494 | static const size_t cta_min_ip[CTA_IP_MAX] = { | 459 | static const size_t cta_min_ip[CTA_IP_MAX] = { |
495 | [CTA_IP_V4_SRC-1] = sizeof(u_int32_t), | 460 | [CTA_IP_V4_SRC-1] = sizeof(u_int32_t), |
496 | [CTA_IP_V4_DST-1] = sizeof(u_int32_t), | 461 | [CTA_IP_V4_DST-1] = sizeof(u_int32_t), |
@@ -775,22 +740,14 @@ ctnetlink_get_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
775 | if (msg->nfgen_family != AF_INET) | 740 | if (msg->nfgen_family != AF_INET) |
776 | return -EAFNOSUPPORT; | 741 | return -EAFNOSUPPORT; |
777 | 742 | ||
778 | if (NFNL_MSG_TYPE(nlh->nlmsg_type) == | 743 | #ifndef CONFIG_IP_NF_CT_ACCT |
779 | IPCTNL_MSG_CT_GET_CTRZERO) { | 744 | if (NFNL_MSG_TYPE(nlh->nlmsg_type) == IPCTNL_MSG_CT_GET_CTRZERO) |
780 | #ifdef CONFIG_IP_NF_CT_ACCT | ||
781 | if ((*errp = netlink_dump_start(ctnl, skb, nlh, | ||
782 | ctnetlink_dump_table_w, | ||
783 | ctnetlink_done)) != 0) | ||
784 | return -EINVAL; | ||
785 | #else | ||
786 | return -ENOTSUPP; | 745 | return -ENOTSUPP; |
787 | #endif | 746 | #endif |
788 | } else { | 747 | if ((*errp = netlink_dump_start(ctnl, skb, nlh, |
789 | if ((*errp = netlink_dump_start(ctnl, skb, nlh, | 748 | ctnetlink_dump_table, |
790 | ctnetlink_dump_table, | 749 | ctnetlink_done)) != 0) |
791 | ctnetlink_done)) != 0) | ||
792 | return -EINVAL; | 750 | return -EINVAL; |
793 | } | ||
794 | 751 | ||
795 | rlen = NLMSG_ALIGN(nlh->nlmsg_len); | 752 | rlen = NLMSG_ALIGN(nlh->nlmsg_len); |
796 | if (rlen > skb->len) | 753 | if (rlen > skb->len) |
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index 8cd85cfd9a02..1721f7c78c77 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c | |||
@@ -455,6 +455,11 @@ restart: | |||
455 | cb->args[1] = (unsigned long)ct; | 455 | cb->args[1] = (unsigned long)ct; |
456 | goto out; | 456 | goto out; |
457 | } | 457 | } |
458 | #ifdef CONFIG_NF_CT_ACCT | ||
459 | if (NFNL_MSG_TYPE(cb->nlh->nlmsg_type) == | ||
460 | IPCTNL_MSG_CT_GET_CTRZERO) | ||
461 | memset(&ct->counters, 0, sizeof(ct->counters)); | ||
462 | #endif | ||
458 | } | 463 | } |
459 | if (cb->args[1]) { | 464 | if (cb->args[1]) { |
460 | cb->args[1] = 0; | 465 | cb->args[1] = 0; |
@@ -470,50 +475,6 @@ out: | |||
470 | return skb->len; | 475 | return skb->len; |
471 | } | 476 | } |
472 | 477 | ||
473 | #ifdef CONFIG_NF_CT_ACCT | ||
474 | static int | ||
475 | ctnetlink_dump_table_w(struct sk_buff *skb, struct netlink_callback *cb) | ||
476 | { | ||
477 | struct nf_conn *ct = NULL; | ||
478 | struct nf_conntrack_tuple_hash *h; | ||
479 | struct list_head *i; | ||
480 | u_int32_t *id = (u_int32_t *) &cb->args[1]; | ||
481 | struct nfgenmsg *nfmsg = NLMSG_DATA(cb->nlh); | ||
482 | u_int8_t l3proto = nfmsg->nfgen_family; | ||
483 | |||
484 | DEBUGP("entered %s, last bucket=%u id=%u\n", __FUNCTION__, | ||
485 | cb->args[0], *id); | ||
486 | |||
487 | write_lock_bh(&nf_conntrack_lock); | ||
488 | for (; cb->args[0] < nf_conntrack_htable_size; cb->args[0]++, *id = 0) { | ||
489 | list_for_each_prev(i, &nf_conntrack_hash[cb->args[0]]) { | ||
490 | h = (struct nf_conntrack_tuple_hash *) i; | ||
491 | if (DIRECTION(h) != IP_CT_DIR_ORIGINAL) | ||
492 | continue; | ||
493 | ct = nf_ct_tuplehash_to_ctrack(h); | ||
494 | if (l3proto && L3PROTO(ct) != l3proto) | ||
495 | continue; | ||
496 | if (ct->id <= *id) | ||
497 | continue; | ||
498 | if (ctnetlink_fill_info(skb, NETLINK_CB(cb->skb).pid, | ||
499 | cb->nlh->nlmsg_seq, | ||
500 | IPCTNL_MSG_CT_NEW, | ||
501 | 1, ct) < 0) | ||
502 | goto out; | ||
503 | *id = ct->id; | ||
504 | |||
505 | memset(&ct->counters, 0, sizeof(ct->counters)); | ||
506 | } | ||
507 | } | ||
508 | out: | ||
509 | write_unlock_bh(&nf_conntrack_lock); | ||
510 | |||
511 | DEBUGP("leaving, last bucket=%lu id=%u\n", cb->args[0], *id); | ||
512 | |||
513 | return skb->len; | ||
514 | } | ||
515 | #endif | ||
516 | |||
517 | static inline int | 478 | static inline int |
518 | ctnetlink_parse_tuple_ip(struct nfattr *attr, struct nf_conntrack_tuple *tuple) | 479 | ctnetlink_parse_tuple_ip(struct nfattr *attr, struct nf_conntrack_tuple *tuple) |
519 | { | 480 | { |
@@ -788,22 +749,14 @@ ctnetlink_get_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
788 | if (nlh->nlmsg_flags & NLM_F_DUMP) { | 749 | if (nlh->nlmsg_flags & NLM_F_DUMP) { |
789 | u32 rlen; | 750 | u32 rlen; |
790 | 751 | ||
791 | if (NFNL_MSG_TYPE(nlh->nlmsg_type) == | 752 | #ifndef CONFIG_NF_CT_ACCT |
792 | IPCTNL_MSG_CT_GET_CTRZERO) { | 753 | if (NFNL_MSG_TYPE(nlh->nlmsg_type) == IPCTNL_MSG_CT_GET_CTRZERO) |
793 | #ifdef CONFIG_NF_CT_ACCT | ||
794 | if ((*errp = netlink_dump_start(ctnl, skb, nlh, | ||
795 | ctnetlink_dump_table_w, | ||
796 | ctnetlink_done)) != 0) | ||
797 | return -EINVAL; | ||
798 | #else | ||
799 | return -ENOTSUPP; | 754 | return -ENOTSUPP; |
800 | #endif | 755 | #endif |
801 | } else { | 756 | if ((*errp = netlink_dump_start(ctnl, skb, nlh, |
802 | if ((*errp = netlink_dump_start(ctnl, skb, nlh, | 757 | ctnetlink_dump_table, |
803 | ctnetlink_dump_table, | 758 | ctnetlink_done)) != 0) |
804 | ctnetlink_done)) != 0) | ||
805 | return -EINVAL; | 759 | return -EINVAL; |
806 | } | ||
807 | 760 | ||
808 | rlen = NLMSG_ALIGN(nlh->nlmsg_len); | 761 | rlen = NLMSG_ALIGN(nlh->nlmsg_len); |
809 | if (rlen > skb->len) | 762 | if (rlen > skb->len) |