提交 0b4a9e1a 编写于 作者: D David S. Miller

Merge branch 'master' of git://1984.lsi.us.es/nf-next

Pablo says:

====================
The following four patches provide Netfilter fixes for the cthelper
infrastructure that was recently merged mainstream, they are:

* two fixes for compilation breakage with two different configurations:

  - CONFIG_NF_NAT=m and CONFIG_NF_CT_NETLINK=y
  - NF_CONNTRACK_EVENTS=n and CONFIG_NETFILTER_NETLINK_QUEUE_CT=y

* two fixes for sparse warnings.
====================
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
...@@ -401,10 +401,14 @@ struct nfq_ct_hook { ...@@ -401,10 +401,14 @@ struct nfq_ct_hook {
size_t (*build_size)(const struct nf_conn *ct); size_t (*build_size)(const struct nf_conn *ct);
int (*build)(struct sk_buff *skb, struct nf_conn *ct); int (*build)(struct sk_buff *skb, struct nf_conn *ct);
int (*parse)(const struct nlattr *attr, struct nf_conn *ct); int (*parse)(const struct nlattr *attr, struct nf_conn *ct);
};
extern struct nfq_ct_hook __rcu *nfq_ct_hook;
struct nfq_ct_nat_hook {
void (*seq_adjust)(struct sk_buff *skb, struct nf_conn *ct, void (*seq_adjust)(struct sk_buff *skb, struct nf_conn *ct,
u32 ctinfo, int off); u32 ctinfo, int off);
}; };
extern struct nfq_ct_hook *nfq_ct_hook; extern struct nfq_ct_nat_hook __rcu *nfq_ct_nat_hook;
#else #else
static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {} static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {}
#endif #endif
......
...@@ -691,6 +691,10 @@ static struct nf_ct_helper_expectfn follow_master_nat = { ...@@ -691,6 +691,10 @@ static struct nf_ct_helper_expectfn follow_master_nat = {
.expectfn = nf_nat_follow_master, .expectfn = nf_nat_follow_master,
}; };
static struct nfq_ct_nat_hook nfq_ct_nat = {
.seq_adjust = nf_nat_tcp_seq_adjust,
};
static int __init nf_nat_init(void) static int __init nf_nat_init(void)
{ {
size_t i; size_t i;
...@@ -731,6 +735,7 @@ static int __init nf_nat_init(void) ...@@ -731,6 +735,7 @@ static int __init nf_nat_init(void)
nfnetlink_parse_nat_setup); nfnetlink_parse_nat_setup);
BUG_ON(nf_ct_nat_offset != NULL); BUG_ON(nf_ct_nat_offset != NULL);
RCU_INIT_POINTER(nf_ct_nat_offset, nf_nat_get_offset); RCU_INIT_POINTER(nf_ct_nat_offset, nf_nat_get_offset);
RCU_INIT_POINTER(nfq_ct_nat_hook, &nfq_ct_nat);
return 0; return 0;
cleanup_extend: cleanup_extend:
...@@ -747,6 +752,7 @@ static void __exit nf_nat_cleanup(void) ...@@ -747,6 +752,7 @@ static void __exit nf_nat_cleanup(void)
RCU_INIT_POINTER(nf_nat_seq_adjust_hook, NULL); RCU_INIT_POINTER(nf_nat_seq_adjust_hook, NULL);
RCU_INIT_POINTER(nfnetlink_parse_nat_setup_hook, NULL); RCU_INIT_POINTER(nfnetlink_parse_nat_setup_hook, NULL);
RCU_INIT_POINTER(nf_ct_nat_offset, NULL); RCU_INIT_POINTER(nf_ct_nat_offset, NULL);
RCU_INIT_POINTER(nfq_ct_nat_hook, NULL);
synchronize_net(); synchronize_net();
} }
......
...@@ -265,9 +265,12 @@ void nf_conntrack_destroy(struct nf_conntrack *nfct) ...@@ -265,9 +265,12 @@ void nf_conntrack_destroy(struct nf_conntrack *nfct)
} }
EXPORT_SYMBOL(nf_conntrack_destroy); EXPORT_SYMBOL(nf_conntrack_destroy);
struct nfq_ct_hook *nfq_ct_hook; struct nfq_ct_hook __rcu *nfq_ct_hook __read_mostly;
EXPORT_SYMBOL_GPL(nfq_ct_hook); EXPORT_SYMBOL_GPL(nfq_ct_hook);
struct nfq_ct_nat_hook __rcu *nfq_ct_nat_hook __read_mostly;
EXPORT_SYMBOL_GPL(nfq_ct_nat_hook);
#endif /* CONFIG_NF_CONNTRACK */ #endif /* CONFIG_NF_CONNTRACK */
#ifdef CONFIG_PROC_FS #ifdef CONFIG_PROC_FS
......
...@@ -478,7 +478,6 @@ ctnetlink_fill_info(struct sk_buff *skb, u32 pid, u32 seq, u32 type, ...@@ -478,7 +478,6 @@ ctnetlink_fill_info(struct sk_buff *skb, u32 pid, u32 seq, u32 type,
return -1; return -1;
} }
#ifdef CONFIG_NF_CONNTRACK_EVENTS
static inline size_t static inline size_t
ctnetlink_proto_size(const struct nf_conn *ct) ctnetlink_proto_size(const struct nf_conn *ct)
{ {
...@@ -565,6 +564,7 @@ ctnetlink_nlmsg_size(const struct nf_conn *ct) ...@@ -565,6 +564,7 @@ ctnetlink_nlmsg_size(const struct nf_conn *ct)
; ;
} }
#ifdef CONFIG_NF_CONNTRACK_EVENTS
static int static int
ctnetlink_conntrack_event(unsigned int events, struct nf_ct_event *item) ctnetlink_conntrack_event(unsigned int events, struct nf_ct_event *item)
{ {
...@@ -1757,9 +1757,6 @@ static struct nfq_ct_hook ctnetlink_nfqueue_hook = { ...@@ -1757,9 +1757,6 @@ static struct nfq_ct_hook ctnetlink_nfqueue_hook = {
.build_size = ctnetlink_nfqueue_build_size, .build_size = ctnetlink_nfqueue_build_size,
.build = ctnetlink_nfqueue_build, .build = ctnetlink_nfqueue_build,
.parse = ctnetlink_nfqueue_parse, .parse = ctnetlink_nfqueue_parse,
#ifdef CONFIG_NF_NAT_NEEDED
.seq_adjust = nf_nat_tcp_seq_adjust,
#endif
}; };
#endif /* CONFIG_NETFILTER_NETLINK_QUEUE_CT */ #endif /* CONFIG_NETFILTER_NETLINK_QUEUE_CT */
......
...@@ -12,6 +12,7 @@ ...@@ -12,6 +12,7 @@
#include <linux/netfilter/nfnetlink.h> #include <linux/netfilter/nfnetlink.h>
#include <linux/netfilter/nfnetlink_queue.h> #include <linux/netfilter/nfnetlink_queue.h>
#include <net/netfilter/nf_conntrack.h> #include <net/netfilter/nf_conntrack.h>
#include <net/netfilter/nfnetlink_queue.h>
struct nf_conn *nfqnl_ct_get(struct sk_buff *entskb, size_t *size, struct nf_conn *nfqnl_ct_get(struct sk_buff *entskb, size_t *size,
enum ip_conntrack_info *ctinfo) enum ip_conntrack_info *ctinfo)
...@@ -86,12 +87,12 @@ int nfqnl_ct_put(struct sk_buff *skb, struct nf_conn *ct, ...@@ -86,12 +87,12 @@ int nfqnl_ct_put(struct sk_buff *skb, struct nf_conn *ct,
void nfqnl_ct_seq_adjust(struct sk_buff *skb, struct nf_conn *ct, void nfqnl_ct_seq_adjust(struct sk_buff *skb, struct nf_conn *ct,
enum ip_conntrack_info ctinfo, int diff) enum ip_conntrack_info ctinfo, int diff)
{ {
struct nfq_ct_hook *nfq_ct; struct nfq_ct_nat_hook *nfq_nat_ct;
nfq_ct = rcu_dereference(nfq_ct_hook); nfq_nat_ct = rcu_dereference(nfq_ct_nat_hook);
if (nfq_ct == NULL) if (nfq_nat_ct == NULL)
return; return;
if ((ct->status & IPS_NAT_MASK) && diff) if ((ct->status & IPS_NAT_MASK) && diff)
nfq_ct->seq_adjust(skb, ct, ctinfo, diff); nfq_nat_ct->seq_adjust(skb, ct, ctinfo, diff);
} }
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册