- 16 3月, 2009 9 次提交
-
-
由 Scott James Remnant 提交于
The ip6_queue module is missing the net-pf-16-proto-13 alias that would cause it to be auto-loaded when a socket of that type is opened. This patch adds the alias. Signed-off-by: NScott James Remnant <scott@canonical.com> Signed-off-by: NTim Gardner <tim.gardner@canonical.com> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Pablo Neira Ayuso 提交于
This patch moves the event reporting outside the lock section. With this patch, the creation and update of entries is homogeneous from the event reporting perspective. Moreover, as the event reporting is done outside the lock section, the netlink broadcast delivery can benefit of the yield() call under congestion. Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Pablo Neira Ayuso 提交于
This patch moves the preliminary checkings that must be fulfilled to update a conntrack, which are the following: * NAT manglings cannot be updated * Changing the master conntrack is not allowed. This patch is a cleanup. Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Pablo Neira Ayuso 提交于
This patch moves the assignation of the master conntrack to ctnetlink_create_conntrack(), which is where it really belongs. This patch is a cleanup. Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Pablo Neira Ayuso 提交于
This patch increases the statistics of packets drop if the sequence adjustment fails in ipv4_confirm(). Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Stephen Hemminger 提交于
Signed-off-by: NStephen Hemminger <sheminger@vyatta.com> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Christoph Paasch 提交于
Moving the structure definitions to the corresponding IPvX specific header files. Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Eric Leblond 提交于
This patch modifies the proc output to add display of registered loggers. The content of /proc/net/netfilter/nf_log is modified. Instead of displaying a protocol per line with format: proto:logger it now displays: proto:logger (comma_separated_list_of_loggers) NONE is used as keyword if no logger is used. Signed-off-by: NEric Leblond <eric@inl.fr> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Eric Leblond 提交于
This patch modifies nf_log to use a linked list of loggers for each protocol. This list of loggers is read and write protected with a mutex. This patch separates registration and binding. To be used as logging module, a module has to register calling nf_log_register() and to bind to a protocol it has to call nf_log_bind_pf(). This patch also converts the logging modules to the new API. For nfnetlink_log, it simply switchs call to register functions to call to bind function and adds a call to nf_log_register() during init. For other modules, it just remove a const flag from the logger structure and replace it with a __read_mostly. Signed-off-by: NEric Leblond <eric@inl.fr> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
- 24 2月, 2009 3 次提交
-
-
由 Eric Dumazet 提交于
Commit 78454473 (netfilter: iptables: lock free counters) broke xt_hashlimit netfilter module : This module was storing a pointer inside its xt_hashlimit_info, and this pointer is not relocated when we temporarly switch tables (iptables -L). This hack is not not needed at all (probably a leftover from ancient time), as each cpu should and can access to its own copy. Signed-off-by: NEric Dumazet <dada1@cosmosbay.com> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Jan Engelhardt 提交于
iptables imports headers from (the unifdefed headers of a) kernel tree, but some headers happened to not be installed. Signed-off-by: NJan Engelhardt <jengelh@medozas.de> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Pablo Neira Ayuso 提交于
Since tcp_packet() may return -NF_DROP in two situations, the packet-drop stats must be increased. Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
- 20 2月, 2009 5 次提交
-
-
由 Eric Dumazet 提交于
While doing oprofile tests I noticed two loops are not properly unrolled by gcc Using a hand coded unrolled loop provides nice speedup : ipt_do_table credited of 2.52 % of cpu instead of 3.29 % in tbench. Signed-off-by: NEric Dumazet <dada1@cosmosbay.com> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Adam Nielsen 提交于
Kernel module providing implementation of LED netfilter target. Each instance of the target appears as a led-trigger device, which can be associated with one or more LEDs in /sys/class/leds/ Signed-off-by: NAdam Nielsen <a.nielsen@shikadi.net> Acked-by: NRichard Purdie <rpurdie@linux.intel.com> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Hagen Paul Pfeifer 提交于
get_random_bytes() is sometimes called with a hard coded size assumption of an integer. This could not be true for next centuries. This patch replace it with a compile time statement. Signed-off-by: NHagen Paul Pfeifer <hagen@jauu.net> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Hagen Paul Pfeifer 提交于
Table size is defined as unsigned, wheres the table maximum size is defined as a signed integer. The calculation of max is 8 or 4, multiplied the table size. Therefore the max value is aligned to unsigned. Signed-off-by: NHagen Paul Pfeifer <hagen@jauu.net> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Stephen Hemminger 提交于
The reader/writer lock in ip_tables is acquired in the critical path of processing packets and is one of the reasons just loading iptables can cause a 20% performance loss. The rwlock serves two functions: 1) it prevents changes to table state (xt_replace) while table is in use. This is now handled by doing rcu on the xt_table. When table is replaced, the new table(s) are put in and the old one table(s) are freed after RCU period. 2) it provides synchronization when accesing the counter values. This is now handled by swapping in new table_info entries for each cpu then summing the old values, and putting the result back onto one cpu. On a busy system it may cause sampling to occur at different times on each cpu, but no packet/byte counts are lost in the process. Signed-off-by: NStephen Hemminger <shemminger@vyatta.com> Sucessfully tested on my dual quad core machine too, but iptables only (no ipv6 here) BTW, my new "tbench 8" result is 2450 MB/s, (it was 2150 MB/s not so long ago) Acked-by: NEric Dumazet <dada1@cosmosbay.com> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
- 19 2月, 2009 7 次提交
-
-
由 Eric Dumazet 提交于
ip6_tables netfilter module can use an ifname_compare() helper so that two loops are unfolded. Signed-off-by: NEric Dumazet <dada1@cosmosbay.com> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Eric Dumazet 提交于
xt_physdev netfilter module can use an ifname_compare() helper so that two loops are unfolded. Signed-off-by: NEric Dumazet <dada1@cosmosbay.com> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Jan Engelhardt 提交于
Concern has been expressed about the changing Kconfig options. Provide the old options that forward-select. Signed-off-by: NJan Engelhardt <jengelh@medozas.de> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Eric Dumazet 提交于
1) physdev_mt() incorrectly assumes nulldevname[] is aligned on an int 2) It also uses word comparisons, while it could use long word ones. Signed-off-by: NEric Dumazet <dada1@cosmosbay.com> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Jan Engelhardt 提交于
Signed-off-by: NJan Engelhardt <jengelh@medozas.de> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Jan Engelhardt 提交于
Suggested by: James King <t.james.king@gmail.com> Similarly to commit c9fd4968, merge TTL and HL. Since HL does not depend on any IPv6-specific function, no new module dependencies would arise. With slight adjustments to the Kconfig help text. Signed-off-by: NJan Engelhardt <jengelh@medozas.de> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Eric Dumazet 提交于
x86 and powerpc can perform long word accesses in an efficient maner. We can use this to unroll two loops in arp_packet_match(), to perform arithmetic on long words instead of bytes. This is a win on x86_64 for example. Signed-off-by: NEric Dumazet <dada1@cosmosbay.com> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
- 18 2月, 2009 16 次提交
-
-
由 Eric Leblond 提交于
This patch adds a logging message for invalid new icmpv6 packet. Signed-off-by: NEric Leblond <eric@inl.fr> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Stephen Hemminger 提交于
The initialization of the lock element is not needed since the lock is always initialized in ebt_register_table. Signed-off-by: NStephen Hemminger <shemminger@vyatta.com> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Stephen Hemminger 提交于
Later patches change the locking on xt_table and the initialization of the lock element is not needed since the lock is always initialized in xt_table_register anyway. Signed-off-by: NStephen Hemminger <shemminger@vyatta.com> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Stephen Hemminger 提交于
Change to proper type on private pointer rather than anonymous void. Keep active elements on same cache line. Signed-off-by: NStephen Hemminger <shemminger@vyatta.com> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Jan Engelhardt 提交于
Signed-off-by: NJan Engelhardt <jengelh@medozas.de> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Christoph Paasch 提交于
0 is used by Hop-by-hop header and so this may cause confusion. 255 is stated as 'Reserved' by IANA. Signed-off-by: NChristoph Paasch <christoph.paasch@student.uclouvain.be> Signed-off-by: NPatrick McHardy <kaber@trash.net>
-
由 Hannes Eder 提交于
Impact: Remove the write-only field 'current_ring_status' completely. Fix this sparse warnings: drivers/net/tokenring/smctr.c:4410:52: warning: cast truncates bits from constant value (100 becomes 0) drivers/net/tokenring/smctr.c:4415:52: warning: cast truncates bits from constant value (400 becomes 0) drivers/net/tokenring/smctr.c:4420:52: warning: cast truncates bits from constant value (800 becomes 0) drivers/net/tokenring/smctr.c:4425:52: warning: cast truncates bits from constant value (1000 becomes 0) drivers/net/tokenring/smctr.c:4430:52: warning: cast truncates bits from constant value (2000 becomes 0) drivers/net/tokenring/smctr.c:4435:52: warning: cast truncates bits from constant value (4000 becomes 0) drivers/net/tokenring/smctr.c:4440:52: warning: cast truncates bits from constant value (8000 becomes 0) Signed-off-by: NHannes Eder <hannes@hanneseder.net> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Hannes Eder 提交于
Fix sparse warning: drivers/net/wireless/prism54/isl_ioctl.c:2997:32: warning: incorrect type in argument 2 (different signedness) drivers/net/wireless/prism54/oid_mgt.c:712:42: warning: incorrect type in argument 2 (different signedness) Signed-off-by: NHannes Eder <hannes@hanneseder.net> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Hannes Eder 提交于
Fix this sparse warnings: drivers/net/wireless/ipw2x00/ipw2100.c:1930:43: warning: incorrect type in argument 4 (different signedness) drivers/net/wireless/ipw2x00/ipw2100.c:1938:76: warning: incorrect type in argument 4 (different signedness) drivers/net/wireless/ipw2x00/ipw2100.c:1946:67: warning: incorrect type in argument 4 (different signedness) drivers/net/wireless/ipw2x00/ipw2100.c:1953:72: warning: incorrect type in argument 4 (different signedness) drivers/net/wireless/ipw2x00/ipw2100.c:4071:73: warning: incorrect type in argument 4 (different signedness) drivers/net/wireless/ipw2x00/ipw2100.c:4078:43: warning: incorrect type in argument 4 (different signedness) drivers/net/wireless/ipw2x00/ipw2100.c:4084:67: warning: incorrect type in argument 4 (different signedness) drivers/net/wireless/ipw2x00/ipw2100.c:7141:73: warning: incorrect type in argument 4 (different signedness) drivers/net/wireless/ipw2x00/ipw2100.c:8317:48: warning: incorrect type in argument 4 (different signedness) Signed-off-by: NHannes Eder <hannes@hanneseder.net> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Hannes Eder 提交于
Fix this compilation warning: drivers/net/wireless/b43/main.c: In function 'b43_print_fw_helptext': drivers/net/wireless/b43/main.c:1971: warning: format not a string literal and no format arguments drivers/net/wireless/b43/main.c:1973: warning: format not a string literal and no format arguments Signed-off-by: NHannes Eder <hannes@hanneseder.net> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Hannes Eder 提交于
Impact: Make symbols static. Fix this sparse warnings: drivers/net/wireless/ath9k/eeprom.c:1343:5: warning: symbol 'ath9k_hw_4k_get_spur_channel' was not declared. Should it be static? drivers/net/wireless/ath9k/eeprom.c:1372:19: warning: symbol 'eep_4k_ops' was not declared. Should it be static? drivers/net/wireless/ath9k/eeprom.c:2649:5: warning: symbol 'ath9k_hw_def_get_spur_channel' was not declared. Should it be static? drivers/net/wireless/ath9k/eeprom.c:2678:19: warning: symbol 'eep_def_ops' was not declared. Should it be static? Signed-off-by: NHannes Eder <hannes@hanneseder.net> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Hannes Eder 提交于
Fix this sparse warnings: drivers/net/wireless/airo.c:2102:21: warning: incorrect type in initializer (different signedness) drivers/net/wireless/airo.c:2126:21: warning: incorrect type in initializer (different signedness) drivers/net/wireless/airo.c:2167:21: warning: incorrect type in initializer (different signedness) drivers/net/wireless/airo.c:2191:21: warning: incorrect type in initializer (different signedness) Signed-off-by: NHannes Eder <hannes@hanneseder.net> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Hannes Eder 提交于
Impact: Move variable closer to usage resp. remove redundant variables resp. rename function scope variable. Fix this sparse warnings: drivers/net/wireless/airo.c:3840:29: warning: symbol 'i' shadows an earlier one drivers/net/wireless/airo.c:3751:13: originally declared here drivers/net/wireless/airo.c:3847:29: warning: symbol 'i' shadows an earlier one drivers/net/wireless/airo.c:3751:13: originally declared here drivers/net/wireless/airo.c:3861:21: warning: symbol 'i' shadows an earlier one drivers/net/wireless/airo.c:3751:13: originally declared here drivers/net/wireless/wavelan.c:43:13: warning: symbol 'irq' shadows an earlier one drivers/net/wireless/wavelan.p.h:692:17: originally declared here Signed-off-by: NHannes Eder <hannes@hanneseder.net> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Hannes Eder 提交于
Impact: Attribute function with __acquires(...) resp. __releases(...). Fix this sparse warnings: drivers/net/wireless/strip.c:955:21: warning: context imbalance in 'strip_seq_start' - wrong count at exit drivers/net/wireless/strip.c:975:13: warning: context imbalance in 'strip_seq_stop' - unexpected unlock Signed-off-by: NHannes Eder <hannes@hanneseder.net> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Hannes Eder 提交于
Impact: Rename function scope variable and while being at it fix some coding style issues. Fix this sparse warning: drivers/net/wan/sbni.c:1526:14: warning: symbol 'num' shadows an earlier one drivers/net/wan/sbni.c:160:13: originally declared here Signed-off-by: NHannes Eder <hannes@hanneseder.net> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-
由 Hannes Eder 提交于
Impact: Use 'static const char[]' instead of 'static char[]'. Fix this compilation warnings: drivers/net/wan/lapbether.c: In function 'lapbeth_init_driver': drivers/net/wan/lapbether.c:441: warning: format not a string literal and no format arguments drivers/net/wan/z85230.c: In function 'z85230_init_driver': drivers/net/wan/z85230.c:1782: warning: format not a string literal and no format arguments Signed-off-by: NHannes Eder <hannes@hanneseder.net> Signed-off-by: NDavid S. Miller <davem@davemloft.net>
-