提交 58dc125a 编写于 作者: L Linus Torvalds

Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6

......@@ -669,11 +669,13 @@ printk("NONONONOO!!!!\n");
u32 *put;
int i;
dsc = (u32 *) kmalloc(uPD98401_TXPD_SIZE*2+
uPD98401_TXBD_SIZE*ATM_SKB(skb)->iovcnt,GFP_ATOMIC);
dsc = kmalloc(uPD98401_TXPD_SIZE * 2 +
uPD98401_TXBD_SIZE * ATM_SKB(skb)->iovcnt, GFP_ATOMIC);
if (!dsc) {
if (vcc->pop) vcc->pop(vcc,skb);
else dev_kfree_skb_irq(skb);
if (vcc->pop)
vcc->pop(vcc, skb);
else
dev_kfree_skb_irq(skb);
return -EAGAIN;
}
/* @@@ should check alignment */
......@@ -683,7 +685,7 @@ printk("NONONONOO!!!!\n");
(ATM_SKB(skb)->atm_options & ATM_ATMOPT_CLP ?
uPD98401_CLPM_1 : uPD98401_CLPM_0));
dsc[1] = 0;
dsc[2] = ATM_SKB(skb)->iovcnt*uPD98401_TXBD_SIZE;
dsc[2] = ATM_SKB(skb)->iovcnt * uPD98401_TXBD_SIZE;
dsc[3] = virt_to_bus(put);
for (i = 0; i < ATM_SKB(skb)->iovcnt; i++) {
*put++ = ((struct iovec *) skb->data)[i].iov_len;
......
menu "Infrared-port device drivers"
depends on IRDA!=n
......@@ -156,7 +155,7 @@ comment "Old Serial dongle support"
config DONGLE_OLD
bool "Old Serial dongle support"
depends on (IRTTY_OLD || IRPORT_SIR) && BROKEN_ON_SMP
depends on IRPORT_SIR && BROKEN_ON_SMP
help
Say Y here if you have an infrared device that connects to your
computer's serial port. These devices are called dongles. Then say Y
......
......@@ -45,4 +45,4 @@ obj-$(CONFIG_ACT200L_DONGLE) += act200l-sir.o
obj-$(CONFIG_MA600_DONGLE) += ma600-sir.o
# The SIR helper module
sir-dev-objs := sir_core.o sir_dev.o sir_dongle.o sir_kthread.o
sir-dev-objs := sir_dev.o sir_dongle.o sir_kthread.o
......@@ -133,8 +133,6 @@ extern int sirdev_put_dongle(struct sir_dev *self);
extern void sirdev_enable_rx(struct sir_dev *dev);
extern int sirdev_schedule_request(struct sir_dev *dev, int state, unsigned param);
extern int __init irda_thread_create(void);
extern void __exit irda_thread_join(void);
/* inline helpers */
......
/*********************************************************************
*
* sir_core.c: module core for irda-sir abstraction layer
*
* Copyright (c) 2002 Martin Diehl
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License as
* published by the Free Software Foundation; either version 2 of
* the License, or (at your option) any later version.
*
********************************************************************/
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/init.h>
#include <net/irda/irda.h>
#include "sir-dev.h"
/***************************************************************************/
MODULE_AUTHOR("Martin Diehl <info@mdiehl.de>");
MODULE_DESCRIPTION("IrDA SIR core");
MODULE_LICENSE("GPL");
/***************************************************************************/
EXPORT_SYMBOL(irda_register_dongle);
EXPORT_SYMBOL(irda_unregister_dongle);
EXPORT_SYMBOL(sirdev_get_instance);
EXPORT_SYMBOL(sirdev_put_instance);
EXPORT_SYMBOL(sirdev_set_dongle);
EXPORT_SYMBOL(sirdev_write_complete);
EXPORT_SYMBOL(sirdev_receive);
EXPORT_SYMBOL(sirdev_raw_write);
EXPORT_SYMBOL(sirdev_raw_read);
EXPORT_SYMBOL(sirdev_set_dtr_rts);
static int __init sir_core_init(void)
{
return irda_thread_create();
}
static void __exit sir_core_exit(void)
{
irda_thread_join();
}
module_init(sir_core_init);
module_exit(sir_core_exit);
......@@ -60,6 +60,7 @@ int sirdev_set_dongle(struct sir_dev *dev, IRDA_DONGLE type)
up(&dev->fsm.sem);
return err;
}
EXPORT_SYMBOL(sirdev_set_dongle);
/* used by dongle drivers for dongle programming */
......@@ -94,6 +95,7 @@ int sirdev_raw_write(struct sir_dev *dev, const char *buf, int len)
spin_unlock_irqrestore(&dev->tx_lock, flags);
return ret;
}
EXPORT_SYMBOL(sirdev_raw_write);
/* seems some dongle drivers may need this */
......@@ -116,6 +118,7 @@ int sirdev_raw_read(struct sir_dev *dev, char *buf, int len)
return count;
}
EXPORT_SYMBOL(sirdev_raw_read);
int sirdev_set_dtr_rts(struct sir_dev *dev, int dtr, int rts)
{
......@@ -124,7 +127,8 @@ int sirdev_set_dtr_rts(struct sir_dev *dev, int dtr, int rts)
ret = dev->drv->set_dtr_rts(dev, dtr, rts);
return ret;
}
EXPORT_SYMBOL(sirdev_set_dtr_rts);
/**********************************************************************/
/* called from client driver - likely with bh-context - to indicate
......@@ -227,6 +231,7 @@ void sirdev_write_complete(struct sir_dev *dev)
done:
spin_unlock_irqrestore(&dev->tx_lock, flags);
}
EXPORT_SYMBOL(sirdev_write_complete);
/* called from client driver - likely with bh-context - to give us
* some more received bytes. We put them into the rx-buffer,
......@@ -279,6 +284,7 @@ int sirdev_receive(struct sir_dev *dev, const unsigned char *cp, size_t count)
return 0;
}
EXPORT_SYMBOL(sirdev_receive);
/**********************************************************************/
......@@ -641,6 +647,7 @@ struct sir_dev * sirdev_get_instance(const struct sir_driver *drv, const char *n
out:
return NULL;
}
EXPORT_SYMBOL(sirdev_get_instance);
int sirdev_put_instance(struct sir_dev *dev)
{
......@@ -673,4 +680,5 @@ int sirdev_put_instance(struct sir_dev *dev)
return 0;
}
EXPORT_SYMBOL(sirdev_put_instance);
......@@ -50,6 +50,7 @@ int irda_register_dongle(struct dongle_driver *new)
up(&dongle_list_lock);
return 0;
}
EXPORT_SYMBOL(irda_register_dongle);
int irda_unregister_dongle(struct dongle_driver *drv)
{
......@@ -58,6 +59,7 @@ int irda_unregister_dongle(struct dongle_driver *drv)
up(&dongle_list_lock);
return 0;
}
EXPORT_SYMBOL(irda_unregister_dongle);
int sirdev_get_dongle(struct sir_dev *dev, IRDA_DONGLE type)
{
......
......@@ -466,7 +466,7 @@ int sirdev_schedule_request(struct sir_dev *dev, int initial_state, unsigned par
return 0;
}
int __init irda_thread_create(void)
static int __init irda_thread_create(void)
{
struct completion startup;
int pid;
......@@ -488,7 +488,7 @@ int __init irda_thread_create(void)
return 0;
}
void __exit irda_thread_join(void)
static void __exit irda_thread_join(void)
{
if (irda_rq_queue.thread) {
flush_irda_queue();
......@@ -499,3 +499,10 @@ void __exit irda_thread_join(void)
}
}
module_init(irda_thread_create);
module_exit(irda_thread_join);
MODULE_AUTHOR("Martin Diehl <info@mdiehl.de>");
MODULE_DESCRIPTION("IrDA SIR core");
MODULE_LICENSE("GPL");
......@@ -42,13 +42,6 @@ struct ip_nat_protocol
enum ip_nat_manip_type maniptype,
const struct ip_conntrack *conntrack);
unsigned int (*print)(char *buffer,
const struct ip_conntrack_tuple *match,
const struct ip_conntrack_tuple *mask);
unsigned int (*print_range)(char *buffer,
const struct ip_nat_range *range);
int (*range_to_nfattr)(struct sk_buff *skb,
const struct ip_nat_range *range);
......
......@@ -72,7 +72,12 @@ enum nf_ip6_hook_priorities {
NF_IP6_PRI_LAST = INT_MAX,
};
#ifdef CONFIG_NETFILTER
extern int ipv6_netfilter_init(void);
extern void ipv6_netfilter_fini(void);
#else /* CONFIG_NETFILTER */
static inline int ipv6_netfilter_init(void) { return 0; }
static inline void ipv6_netfilter_fini(void) { return; }
#endif /* CONFIG_NETFILTER */
#endif /*__LINUX_IP6_NETFILTER_H*/
......@@ -83,8 +83,8 @@ struct inet_connection_sock {
struct timer_list icsk_delack_timer;
__u32 icsk_rto;
__u32 icsk_pmtu_cookie;
struct tcp_congestion_ops *icsk_ca_ops;
struct inet_connection_sock_af_ops *icsk_af_ops;
const struct tcp_congestion_ops *icsk_ca_ops;
const struct inet_connection_sock_af_ops *icsk_af_ops;
unsigned int (*icsk_sync_mss)(struct sock *sk, u32 pmtu);
__u8 icsk_ca_state;
__u8 icsk_retransmits;
......
......@@ -214,7 +214,7 @@ int vlan_skb_recv(struct sk_buff *skb, struct net_device *dev,
* This allows the VLAN to have a different MAC than the underlying
* device, and still route correctly.
*/
if (memcmp(eth_hdr(skb)->h_dest, skb->dev->dev_addr, ETH_ALEN) == 0) {
if (!compare_ether_addr(eth_hdr(skb)->h_dest, skb->dev->dev_addr)) {
/* It is for our (changed) MAC-address! */
skb->pkt_type = PACKET_HOST;
}
......
......@@ -296,13 +296,13 @@ static inline __be16 br_type_trans(struct sk_buff *skb, struct net_device *dev)
eth = eth_hdr(skb);
if (is_multicast_ether_addr(eth->h_dest)) {
if (memcmp(eth->h_dest, dev->broadcast, ETH_ALEN) == 0)
if (!compare_ether_addr(eth->h_dest, dev->broadcast))
skb->pkt_type = PACKET_BROADCAST;
else
skb->pkt_type = PACKET_MULTICAST;
}
else if (memcmp(eth->h_dest, dev->dev_addr, ETH_ALEN))
else if (compare_ether_addr(eth->h_dest, dev->dev_addr))
skb->pkt_type = PACKET_OTHERHOST;
if (ntohs(eth->h_proto) >= 1536)
......
......@@ -1321,7 +1321,7 @@ static int lane2_associate_req (struct net_device *dev, u8 *lan_dst,
struct sk_buff *skb;
struct lec_priv *priv = (struct lec_priv*)dev->priv;
if ( memcmp(lan_dst, dev->dev_addr, ETH_ALEN) != 0 )
if (compare_ether_addr(lan_dst, dev->dev_addr))
return (0); /* not our mac address */
kfree(priv->tlvs); /* NULL if there was no previous association */
......@@ -1798,7 +1798,7 @@ lec_arp_find(struct lec_priv *priv,
to_return = priv->lec_arp_tables[place];
while(to_return) {
if (memcmp(mac_addr, to_return->mac_addr, ETH_ALEN) == 0) {
if (!compare_ether_addr(mac_addr, to_return->mac_addr)) {
return to_return;
}
to_return = to_return->next;
......@@ -2002,7 +2002,7 @@ lec_arp_resolve(struct lec_priv *priv, unsigned char *mac_to_find,
return priv->mcast_vcc;
break;
case 2: /* LANE2 wants arp for multicast addresses */
if ( memcmp(mac_to_find, bus_mac, ETH_ALEN) == 0)
if (!compare_ether_addr(mac_to_find, bus_mac))
return priv->mcast_vcc;
break;
default:
......
......@@ -552,7 +552,7 @@ static int mpc_send_packet(struct sk_buff *skb, struct net_device *dev)
goto non_ip; /* Multi-Protocol Over ATM :-) */
while (i < mpc->number_of_mps_macs) {
if (memcmp(eth->h_dest, (mpc->mps_macs + i*ETH_ALEN), ETH_ALEN) == 0)
if (!compare_ether_addr(eth->h_dest, (mpc->mps_macs + i*ETH_ALEN)))
if ( send_via_shortcut(skb, mpc) == 0 ) /* try shortcut */
return 0; /* success! */
i++;
......
......@@ -75,7 +75,7 @@ static struct bnep_session *__bnep_get_session(u8 *dst)
list_for_each(p, &bnep_session_list) {
s = list_entry(p, struct bnep_session, list);
if (!memcmp(dst, s->eh.h_source, ETH_ALEN))
if (!compare_ether_addr(dst, s->eh.h_source))
return s;
}
return NULL;
......@@ -420,10 +420,10 @@ static inline int bnep_tx_frame(struct bnep_session *s, struct sk_buff *skb)
iv[il++] = (struct kvec) { &type, 1 };
len++;
if (!memcmp(eh->h_dest, s->eh.h_source, ETH_ALEN))
if (!compare_ether_addr(eh->h_dest, s->eh.h_source))
type |= 0x01;
if (!memcmp(eh->h_source, s->eh.h_dest, ETH_ALEN))
if (!compare_ether_addr(eh->h_source, s->eh.h_dest))
type |= 0x02;
if (type)
......
......@@ -403,7 +403,7 @@ int hci_get_conn_list(void __user *arg)
size = sizeof(req) + req.conn_num * sizeof(*ci);
if (!(cl = (void *) kmalloc(size, GFP_KERNEL)))
if (!(cl = kmalloc(size, GFP_KERNEL)))
return -ENOMEM;
if (!(hdev = hci_dev_get(req.dev_id))) {
......
......@@ -15,6 +15,7 @@
#include <linux/netfilter_bridge/ebtables.h>
#include <linux/netfilter_bridge/ebt_ip.h>
#include <linux/ip.h>
#include <net/ip.h>
#include <linux/in.h>
#include <linux/module.h>
......@@ -51,6 +52,8 @@ static int ebt_filter_ip(const struct sk_buff *skb, const struct net_device *in,
if (!(info->bitmask & EBT_IP_DPORT) &&
!(info->bitmask & EBT_IP_SPORT))
return EBT_MATCH;
if (ntohs(ih->frag_off) & IP_OFFSET)
return EBT_NOMATCH;
pptr = skb_header_pointer(skb, ih->ihl*4,
sizeof(_ports), &_ports);
if (pptr == NULL)
......
......@@ -164,8 +164,8 @@ static int ebt_stp_check(const char *tablename, unsigned int hookmask,
if (datalen != len)
return -EINVAL;
/* Make sure the match only receives stp frames */
if (memcmp(e->destmac, bridge_ula, ETH_ALEN) ||
memcmp(e->destmsk, msk, ETH_ALEN) || !(e->bitmask & EBT_DESTMAC))
if (compare_ether_addr(e->destmac, bridge_ula) ||
compare_ether_addr(e->destmsk, msk) || !(e->bitmask & EBT_DESTMAC))
return -EINVAL;
return 0;
......
......@@ -457,7 +457,7 @@ void divert_frame(struct sk_buff *skb)
unsigned char *skb_data_end = skb->data + skb->len;
/* Packet is already aimed at us, return */
if (!memcmp(eth, skb->dev->dev_addr, ETH_ALEN))
if (!compare_ether_addr(eth, skb->dev->dev_addr))
return;
/* proto is not IP, do nothing */
......
......@@ -1506,7 +1506,7 @@ void wireless_spy_update(struct net_device * dev,
/* Update all records that match */
for(i = 0; i < spydata->spy_number; i++)
if(!memcmp(address, spydata->spy_address[i], ETH_ALEN)) {
if(!compare_ether_addr(address, spydata->spy_address[i])) {
memcpy(&(spydata->spy_stat[i]), wstats,
sizeof(struct iw_quality));
match = i;
......
......@@ -76,8 +76,8 @@ static struct ieee80211_frag_entry *ieee80211_frag_cache_find(struct
if (entry->skb != NULL && entry->seq == seq &&
(entry->last_frag + 1 == frag || frag == -1) &&
memcmp(entry->src_addr, src, ETH_ALEN) == 0 &&
memcmp(entry->dst_addr, dst, ETH_ALEN) == 0)
!compare_ether_addr(entry->src_addr, src) &&
!compare_ether_addr(entry->dst_addr, dst))
return entry;
}
......@@ -243,12 +243,12 @@ static int ieee80211_is_eapol_frame(struct ieee80211_device *ieee,
/* check that the frame is unicast frame to us */
if ((fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) ==
IEEE80211_FCTL_TODS &&
memcmp(hdr->addr1, dev->dev_addr, ETH_ALEN) == 0 &&
memcmp(hdr->addr3, dev->dev_addr, ETH_ALEN) == 0) {
!compare_ether_addr(hdr->addr1, dev->dev_addr) &&
!compare_ether_addr(hdr->addr3, dev->dev_addr)) {
/* ToDS frame with own addr BSSID and DA */
} else if ((fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) ==
IEEE80211_FCTL_FROMDS &&
memcmp(hdr->addr1, dev->dev_addr, ETH_ALEN) == 0) {
!compare_ether_addr(hdr->addr1, dev->dev_addr)) {
/* FromDS frame with own addr as DA */
} else
return 0;
......@@ -505,7 +505,7 @@ int ieee80211_rx(struct ieee80211_device *ieee, struct sk_buff *skb,
if (ieee->iw_mode == IW_MODE_MASTER && !wds &&
(fc & (IEEE80211_FCTL_TODS | IEEE80211_FCTL_FROMDS)) ==
IEEE80211_FCTL_FROMDS && ieee->stadev
&& memcmp(hdr->addr2, ieee->assoc_ap_addr, ETH_ALEN) == 0) {
&& !compare_ether_addr(hdr->addr2, ieee->assoc_ap_addr)) {
/* Frame from BSSID of the AP for which we are a client */
skb->dev = dev = ieee->stadev;
stats = hostap_get_stats(dev);
......@@ -1231,7 +1231,7 @@ static inline int is_same_network(struct ieee80211_network *src,
* as one network */
return ((src->ssid_len == dst->ssid_len) &&
(src->channel == dst->channel) &&
!memcmp(src->bssid, dst->bssid, ETH_ALEN) &&
!compare_ether_addr(src->bssid, dst->bssid) &&
!memcmp(src->ssid, dst->ssid, src->ssid_len));
}
......
......@@ -9,7 +9,7 @@ obj-y := route.o inetpeer.o protocol.o \
tcp.o tcp_input.o tcp_output.o tcp_timer.o tcp_ipv4.o \
tcp_minisocks.o tcp_cong.o \
datagram.o raw.o udp.o arp.o icmp.o devinet.o af_inet.o igmp.o \
sysctl_net_ipv4.o fib_frontend.o fib_semantics.o netfilter.o
sysctl_net_ipv4.o fib_frontend.o fib_semantics.o
obj-$(CONFIG_IP_FIB_HASH) += fib_hash.o
obj-$(CONFIG_IP_FIB_TRIE) += fib_trie.o
......@@ -28,7 +28,7 @@ obj-$(CONFIG_IP_ROUTE_MULTIPATH_RR) += multipath_rr.o
obj-$(CONFIG_IP_ROUTE_MULTIPATH_RANDOM) += multipath_random.o
obj-$(CONFIG_IP_ROUTE_MULTIPATH_WRANDOM) += multipath_wrandom.o
obj-$(CONFIG_IP_ROUTE_MULTIPATH_DRR) += multipath_drr.o
obj-$(CONFIG_NETFILTER) += netfilter/
obj-$(CONFIG_NETFILTER) += netfilter.o netfilter/
obj-$(CONFIG_IP_VS) += ipvs/
obj-$(CONFIG_INET_DIAG) += inet_diag.o
obj-$(CONFIG_IP_ROUTE_MULTIPATH_CACHED) += multipath.o
......
/* IPv4 specific functions of netfilter core */
#include <linux/config.h>
#ifdef CONFIG_NETFILTER
#include <linux/kernel.h>
#include <linux/netfilter.h>
#include <linux/netfilter_ipv4.h>
#include <linux/ip.h>
#include <linux/tcp.h>
#include <linux/udp.h>
#include <linux/icmp.h>
#include <net/route.h>
#include <net/xfrm.h>
#include <net/ip.h>
......@@ -146,5 +138,3 @@ static void fini(void)
module_init(init);
module_exit(fini);
#endif /* CONFIG_NETFILTER */
......@@ -12,7 +12,7 @@
#include <linux/netfilter.h>
#include <linux/netfilter_ipv4/ip_conntrack_protocol.h>
unsigned long ip_ct_generic_timeout = 600*HZ;
unsigned int ip_ct_generic_timeout = 600*HZ;
static int generic_pkt_to_tuple(const struct sk_buff *skb,
unsigned int dataoff,
......
......@@ -22,7 +22,7 @@
#include <linux/netfilter_ipv4/ip_conntrack_core.h>
#include <linux/netfilter_ipv4/ip_conntrack_protocol.h>
unsigned long ip_ct_icmp_timeout = 30*HZ;
unsigned int ip_ct_icmp_timeout = 30*HZ;
#if 0
#define DEBUGP printk
......
......@@ -58,15 +58,15 @@ static const char *sctp_conntrack_names[] = {
#define HOURS * 60 MINS
#define DAYS * 24 HOURS
static unsigned long ip_ct_sctp_timeout_closed = 10 SECS;
static unsigned long ip_ct_sctp_timeout_cookie_wait = 3 SECS;
static unsigned long ip_ct_sctp_timeout_cookie_echoed = 3 SECS;
static unsigned long ip_ct_sctp_timeout_established = 5 DAYS;
static unsigned long ip_ct_sctp_timeout_shutdown_sent = 300 SECS / 1000;
static unsigned long ip_ct_sctp_timeout_shutdown_recd = 300 SECS / 1000;
static unsigned long ip_ct_sctp_timeout_shutdown_ack_sent = 3 SECS;
static const unsigned long * sctp_timeouts[]
static unsigned int ip_ct_sctp_timeout_closed = 10 SECS;
static unsigned int ip_ct_sctp_timeout_cookie_wait = 3 SECS;
static unsigned int ip_ct_sctp_timeout_cookie_echoed = 3 SECS;
static unsigned int ip_ct_sctp_timeout_established = 5 DAYS;
static unsigned int ip_ct_sctp_timeout_shutdown_sent = 300 SECS / 1000;
static unsigned int ip_ct_sctp_timeout_shutdown_recd = 300 SECS / 1000;
static unsigned int ip_ct_sctp_timeout_shutdown_ack_sent = 3 SECS;
static const unsigned int * sctp_timeouts[]
= { NULL, /* SCTP_CONNTRACK_NONE */
&ip_ct_sctp_timeout_closed, /* SCTP_CONNTRACK_CLOSED */
&ip_ct_sctp_timeout_cookie_wait, /* SCTP_CONNTRACK_COOKIE_WAIT */
......
......@@ -85,21 +85,21 @@ static const char *tcp_conntrack_names[] = {
#define HOURS * 60 MINS
#define DAYS * 24 HOURS
unsigned long ip_ct_tcp_timeout_syn_sent = 2 MINS;
unsigned long ip_ct_tcp_timeout_syn_recv = 60 SECS;
unsigned long ip_ct_tcp_timeout_established = 5 DAYS;
unsigned long ip_ct_tcp_timeout_fin_wait = 2 MINS;
unsigned long ip_ct_tcp_timeout_close_wait = 60 SECS;
unsigned long ip_ct_tcp_timeout_last_ack = 30 SECS;
unsigned long ip_ct_tcp_timeout_time_wait = 2 MINS;
unsigned long ip_ct_tcp_timeout_close = 10 SECS;
unsigned int ip_ct_tcp_timeout_syn_sent = 2 MINS;
unsigned int ip_ct_tcp_timeout_syn_recv = 60 SECS;
unsigned int ip_ct_tcp_timeout_established = 5 DAYS;
unsigned int ip_ct_tcp_timeout_fin_wait = 2 MINS;
unsigned int ip_ct_tcp_timeout_close_wait = 60 SECS;
unsigned int ip_ct_tcp_timeout_last_ack = 30 SECS;
unsigned int ip_ct_tcp_timeout_time_wait = 2 MINS;
unsigned int ip_ct_tcp_timeout_close = 10 SECS;
/* RFC1122 says the R2 limit should be at least 100 seconds.
Linux uses 15 packets as limit, which corresponds
to ~13-30min depending on RTO. */
unsigned long ip_ct_tcp_timeout_max_retrans = 5 MINS;
unsigned int ip_ct_tcp_timeout_max_retrans = 5 MINS;
static const unsigned long * tcp_timeouts[]
static const unsigned int * tcp_timeouts[]
= { NULL, /* TCP_CONNTRACK_NONE */
&ip_ct_tcp_timeout_syn_sent, /* TCP_CONNTRACK_SYN_SENT, */
&ip_ct_tcp_timeout_syn_recv, /* TCP_CONNTRACK_SYN_RECV, */
......
......@@ -19,8 +19,8 @@
#include <linux/netfilter_ipv4.h>
#include <linux/netfilter_ipv4/ip_conntrack_protocol.h>
unsigned long ip_ct_udp_timeout = 30*HZ;
unsigned long ip_ct_udp_timeout_stream = 180*HZ;
unsigned int ip_ct_udp_timeout = 30*HZ;
unsigned int ip_ct_udp_timeout_stream = 180*HZ;
static int udp_pkt_to_tuple(const struct sk_buff *skb,
unsigned int dataoff,
......
......@@ -544,28 +544,28 @@ extern int ip_conntrack_max;
extern unsigned int ip_conntrack_htable_size;
/* From ip_conntrack_proto_tcp.c */
extern unsigned long ip_ct_tcp_timeout_syn_sent;
extern unsigned long ip_ct_tcp_timeout_syn_recv;
extern unsigned long ip_ct_tcp_timeout_established;
extern unsigned long ip_ct_tcp_timeout_fin_wait;
extern unsigned long ip_ct_tcp_timeout_close_wait;
extern unsigned long ip_ct_tcp_timeout_last_ack;
extern unsigned long ip_ct_tcp_timeout_time_wait;
extern unsigned long ip_ct_tcp_timeout_close;
extern unsigned long ip_ct_tcp_timeout_max_retrans;
extern unsigned int ip_ct_tcp_timeout_syn_sent;
extern unsigned int ip_ct_tcp_timeout_syn_recv;
extern unsigned int ip_ct_tcp_timeout_established;
extern unsigned int ip_ct_tcp_timeout_fin_wait;
extern unsigned int ip_ct_tcp_timeout_close_wait;
extern unsigned int ip_ct_tcp_timeout_last_ack;
extern unsigned int ip_ct_tcp_timeout_time_wait;
extern unsigned int ip_ct_tcp_timeout_close;
extern unsigned int ip_ct_tcp_timeout_max_retrans;
extern int ip_ct_tcp_loose;
extern int ip_ct_tcp_be_liberal;
extern int ip_ct_tcp_max_retrans;
/* From ip_conntrack_proto_udp.c */
extern unsigned long ip_ct_udp_timeout;
extern unsigned long ip_ct_udp_timeout_stream;
extern unsigned int ip_ct_udp_timeout;
extern unsigned int ip_ct_udp_timeout_stream;
/* From ip_conntrack_proto_icmp.c */
extern unsigned long ip_ct_icmp_timeout;
extern unsigned int ip_ct_icmp_timeout;
/* From ip_conntrack_proto_icmp.c */
extern unsigned long ip_ct_generic_timeout;
extern unsigned int ip_ct_generic_timeout;
/* Log invalid packets of a given protocol */
static int log_invalid_proto_min = 0;
......
......@@ -148,14 +148,14 @@ pptp_outbound_pkt(struct sk_buff **pskb,
{
struct ip_ct_pptp_master *ct_pptp_info = &ct->help.ct_pptp_info;
struct ip_nat_pptp *nat_pptp_info = &ct->nat.help.nat_pptp_info;
u_int16_t msg, *cid = NULL, new_callid;
u_int16_t msg, new_callid;
unsigned int cid_off;
new_callid = htons(ct_pptp_info->pns_call_id);
switch (msg = ntohs(ctlh->messageType)) {
case PPTP_OUT_CALL_REQUEST:
cid = &pptpReq->ocreq.callID;
cid_off = offsetof(union pptp_ctrl_union, ocreq.callID);
/* FIXME: ideally we would want to reserve a call ID
* here. current netfilter NAT core is not able to do
* this :( For now we use TCP source port. This breaks
......@@ -172,10 +172,10 @@ pptp_outbound_pkt(struct sk_buff **pskb,
ct_pptp_info->pns_call_id = ntohs(new_callid);
break;
case PPTP_IN_CALL_REPLY:
cid = &pptpReq->icreq.callID;
cid_off = offsetof(union pptp_ctrl_union, icreq.callID);
break;
case PPTP_CALL_CLEAR_REQUEST:
cid = &pptpReq->clrreq.callID;
cid_off = offsetof(union pptp_ctrl_union, clrreq.callID);
break;
default:
DEBUGP("unknown outbound packet 0x%04x:%s\n", msg,
......@@ -197,18 +197,15 @@ pptp_outbound_pkt(struct sk_buff **pskb,
/* only OUT_CALL_REQUEST, IN_CALL_REPLY, CALL_CLEAR_REQUEST pass
* down to here */
IP_NF_ASSERT(cid);
DEBUGP("altering call id from 0x%04x to 0x%04x\n",
ntohs(*cid), ntohs(new_callid));
ntohs(*(u_int16_t *)pptpReq + cid_off), ntohs(new_callid));
/* mangle packet */
if (ip_nat_mangle_tcp_packet(pskb, ct, ctinfo,
(void *)cid - ((void *)ctlh - sizeof(struct pptp_pkt_hdr)),
sizeof(new_callid),
(char *)&new_callid,
sizeof(new_callid)) == 0)
cid_off + sizeof(struct pptp_pkt_hdr) +
sizeof(struct PptpControlHeader),
sizeof(new_callid), (char *)&new_callid,
sizeof(new_callid)) == 0)
return NF_DROP;
return NF_ACCEPT;
......@@ -299,31 +296,30 @@ pptp_inbound_pkt(struct sk_buff **pskb,
union pptp_ctrl_union *pptpReq)
{
struct ip_nat_pptp *nat_pptp_info = &ct->nat.help.nat_pptp_info;
u_int16_t msg, new_cid = 0, new_pcid, *pcid = NULL, *cid = NULL;
int ret = NF_ACCEPT, rv;
u_int16_t msg, new_cid = 0, new_pcid;
unsigned int pcid_off, cid_off = 0;
new_pcid = htons(nat_pptp_info->pns_call_id);
switch (msg = ntohs(ctlh->messageType)) {
case PPTP_OUT_CALL_REPLY:
pcid = &pptpReq->ocack.peersCallID;
cid = &pptpReq->ocack.callID;
pcid_off = offsetof(union pptp_ctrl_union, ocack.peersCallID);
cid_off = offsetof(union pptp_ctrl_union, ocack.callID);
break;
case PPTP_IN_CALL_CONNECT:
pcid = &pptpReq->iccon.peersCallID;
pcid_off = offsetof(union pptp_ctrl_union, iccon.peersCallID);
break;
case PPTP_IN_CALL_REQUEST:
/* only need to nat in case PAC is behind NAT box */
break;
return NF_ACCEPT;
case PPTP_WAN_ERROR_NOTIFY:
pcid = &pptpReq->wanerr.peersCallID;
pcid_off = offsetof(union pptp_ctrl_union, wanerr.peersCallID);
break;
case PPTP_CALL_DISCONNECT_NOTIFY:
pcid = &pptpReq->disc.callID;
pcid_off = offsetof(union pptp_ctrl_union, disc.callID);
break;
case PPTP_SET_LINK_INFO:
pcid = &pptpReq->setlink.peersCallID;
pcid_off = offsetof(union pptp_ctrl_union, setlink.peersCallID);
break;
default:
......@@ -345,35 +341,26 @@ pptp_inbound_pkt(struct sk_buff **pskb,
* WAN_ERROR_NOTIFY, CALL_DISCONNECT_NOTIFY pass down here */
/* mangle packet */
IP_NF_ASSERT(pcid);
DEBUGP("altering peer call id from 0x%04x to 0x%04x\n",
ntohs(*pcid), ntohs(new_pcid));
rv = ip_nat_mangle_tcp_packet(pskb, ct, ctinfo,
(void *)pcid - ((void *)ctlh - sizeof(struct pptp_pkt_hdr)),
sizeof(new_pcid), (char *)&new_pcid,
sizeof(new_pcid));
if (rv != NF_ACCEPT)
return rv;
ntohs(*(u_int16_t *)pptpReq + pcid_off), ntohs(new_pcid));
if (ip_nat_mangle_tcp_packet(pskb, ct, ctinfo,
pcid_off + sizeof(struct pptp_pkt_hdr) +
sizeof(struct PptpControlHeader),
sizeof(new_pcid), (char *)&new_pcid,
sizeof(new_pcid)) == 0)
return NF_DROP;
if (new_cid) {
IP_NF_ASSERT(cid);
DEBUGP("altering call id from 0x%04x to 0x%04x\n",
ntohs(*cid), ntohs(new_cid));
rv = ip_nat_mangle_tcp_packet(pskb, ct, ctinfo,
(void *)cid - ((void *)ctlh - sizeof(struct pptp_pkt_hdr)),
sizeof(new_cid),
(char *)&new_cid,
sizeof(new_cid));
if (rv != NF_ACCEPT)
return rv;
ntohs(*(u_int16_t *)pptpReq + cid_off), ntohs(new_cid));
if (ip_nat_mangle_tcp_packet(pskb, ct, ctinfo,
cid_off + sizeof(struct pptp_pkt_hdr) +
sizeof(struct PptpControlHeader),
sizeof(new_cid), (char *)&new_cid,
sizeof(new_cid)) == 0)
return NF_DROP;
}
/* check for earlier return value of 'switch' above */
if (ret != NF_ACCEPT)
return ret;
/* great, at least we don't need to resize packets */
return NF_ACCEPT;
}
......
......@@ -151,42 +151,6 @@ gre_manip_pkt(struct sk_buff **pskb,
return 1;
}
/* print out a nat tuple */
static unsigned int
gre_print(char *buffer,
const struct ip_conntrack_tuple *match,
const struct ip_conntrack_tuple *mask)
{
unsigned int len = 0;
if (mask->src.u.gre.key)
len += sprintf(buffer + len, "srckey=0x%x ",
ntohl(match->src.u.gre.key));
if (mask->dst.u.gre.key)
len += sprintf(buffer + len, "dstkey=0x%x ",
ntohl(match->src.u.gre.key));
return len;
}
/* print a range of keys */
static unsigned int
gre_print_range(char *buffer, const struct ip_nat_range *range)
{
if (range->min.gre.key != 0
|| range->max.gre.key != 0xFFFF) {
if (range->min.gre.key == range->max.gre.key)
return sprintf(buffer, "key 0x%x ",
ntohl(range->min.gre.key));
else
return sprintf(buffer, "keys 0x%u-0x%u ",
ntohl(range->min.gre.key),
ntohl(range->max.gre.key));
} else
return 0;
}
/* nat helper struct */
static struct ip_nat_protocol gre = {
.name = "GRE",
......@@ -194,8 +158,6 @@ static struct ip_nat_protocol gre = {
.manip_pkt = gre_manip_pkt,
.in_range = gre_in_range,
.unique_tuple = gre_unique_tuple,
.print = gre_print,
.print_range = gre_print_range,
#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \
defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
.range_to_nfattr = ip_nat_port_range_to_nfattr,
......
......@@ -74,38 +74,6 @@ icmp_manip_pkt(struct sk_buff **pskb,
return 1;
}
static unsigned int
icmp_print(char *buffer,
const struct ip_conntrack_tuple *match,
const struct ip_conntrack_tuple *mask)
{
unsigned int len = 0;
if (mask->src.u.icmp.id)
len += sprintf(buffer + len, "id=%u ",
ntohs(match->src.u.icmp.id));
if (mask->dst.u.icmp.type)
len += sprintf(buffer + len, "type=%u ",
ntohs(match->dst.u.icmp.type));
if (mask->dst.u.icmp.code)
len += sprintf(buffer + len, "code=%u ",
ntohs(match->dst.u.icmp.code));
return len;
}
static unsigned int
icmp_print_range(char *buffer, const struct ip_nat_range *range)
{
if (range->min.icmp.id != 0 || range->max.icmp.id != 0xFFFF)
return sprintf(buffer, "id %u-%u ",
ntohs(range->min.icmp.id),
ntohs(range->max.icmp.id));
else return 0;
}
struct ip_nat_protocol ip_nat_protocol_icmp = {
.name = "ICMP",
.protonum = IPPROTO_ICMP,
......@@ -113,8 +81,6 @@ struct ip_nat_protocol ip_nat_protocol_icmp = {
.manip_pkt = icmp_manip_pkt,
.in_range = icmp_in_range,
.unique_tuple = icmp_unique_tuple,
.print = icmp_print,
.print_range = icmp_print_range,
#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \
defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
.range_to_nfattr = ip_nat_port_range_to_nfattr,
......
......@@ -136,40 +136,6 @@ tcp_manip_pkt(struct sk_buff **pskb,
return 1;
}
static unsigned int
tcp_print(char *buffer,
const struct ip_conntrack_tuple *match,
const struct ip_conntrack_tuple *mask)
{
unsigned int len = 0;
if (mask->src.u.tcp.port)
len += sprintf(buffer + len, "srcpt=%u ",
ntohs(match->src.u.tcp.port));
if (mask->dst.u.tcp.port)
len += sprintf(buffer + len, "dstpt=%u ",
ntohs(match->dst.u.tcp.port));
return len;
}
static unsigned int
tcp_print_range(char *buffer, const struct ip_nat_range *range)
{
if (range->min.tcp.port != 0 || range->max.tcp.port != 0xFFFF) {
if (range->min.tcp.port == range->max.tcp.port)
return sprintf(buffer, "port %u ",
ntohs(range->min.tcp.port));
else
return sprintf(buffer, "ports %u-%u ",
ntohs(range->min.tcp.port),
ntohs(range->max.tcp.port));
}
else return 0;
}
struct ip_nat_protocol ip_nat_protocol_tcp = {
.name = "TCP",
.protonum = IPPROTO_TCP,
......@@ -177,8 +143,6 @@ struct ip_nat_protocol ip_nat_protocol_tcp = {
.manip_pkt = tcp_manip_pkt,
.in_range = tcp_in_range,
.unique_tuple = tcp_unique_tuple,
.print = tcp_print,
.print_range = tcp_print_range,
#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \
defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
.range_to_nfattr = ip_nat_port_range_to_nfattr,
......
......@@ -122,40 +122,6 @@ udp_manip_pkt(struct sk_buff **pskb,
return 1;
}
static unsigned int
udp_print(char *buffer,
const struct ip_conntrack_tuple *match,
const struct ip_conntrack_tuple *mask)
{
unsigned int len = 0;
if (mask->src.u.udp.port)
len += sprintf(buffer + len, "srcpt=%u ",
ntohs(match->src.u.udp.port));
if (mask->dst.u.udp.port)
len += sprintf(buffer + len, "dstpt=%u ",
ntohs(match->dst.u.udp.port));
return len;
}
static unsigned int
udp_print_range(char *buffer, const struct ip_nat_range *range)
{
if (range->min.udp.port != 0 || range->max.udp.port != 0xFFFF) {
if (range->min.udp.port == range->max.udp.port)
return sprintf(buffer, "port %u ",
ntohs(range->min.udp.port));
else
return sprintf(buffer, "ports %u-%u ",
ntohs(range->min.udp.port),
ntohs(range->max.udp.port));
}
else return 0;
}
struct ip_nat_protocol ip_nat_protocol_udp = {
.name = "UDP",
.protonum = IPPROTO_UDP,
......@@ -163,8 +129,6 @@ struct ip_nat_protocol ip_nat_protocol_udp = {
.manip_pkt = udp_manip_pkt,
.in_range = udp_in_range,
.unique_tuple = udp_unique_tuple,
.print = udp_print,
.print_range = udp_print_range,
#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \
defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
.range_to_nfattr = ip_nat_port_range_to_nfattr,
......
......@@ -46,26 +46,10 @@ unknown_manip_pkt(struct sk_buff **pskb,
return 1;
}
static unsigned int
unknown_print(char *buffer,
const struct ip_conntrack_tuple *match,
const struct ip_conntrack_tuple *mask)
{
return 0;
}
static unsigned int
unknown_print_range(char *buffer, const struct ip_nat_range *range)
{
return 0;
}
struct ip_nat_protocol ip_nat_unknown_protocol = {
.name = "unknown",
/* .me isn't set: getting a ref to this cannot fail. */
.manip_pkt = unknown_manip_pkt,
.in_range = unknown_in_range,
.unique_tuple = unknown_unique_tuple,
.print = unknown_print,
.print_range = unknown_print_range
};
......@@ -11,6 +11,7 @@
#include <linux/module.h>
#include <linux/skbuff.h>
#include <linux/if_ether.h>
#include <linux/etherdevice.h>
#include <linux/netfilter_ipv4/ipt_mac.h>
#include <linux/netfilter_ipv4/ip_tables.h>
......@@ -33,8 +34,8 @@ match(const struct sk_buff *skb,
return (skb->mac.raw >= skb->head
&& (skb->mac.raw + ETH_HLEN) <= skb->data
/* If so, compare... */
&& ((memcmp(eth_hdr(skb)->h_source, info->srcaddr, ETH_ALEN)
== 0) ^ info->invert));
&& ((!compare_ether_addr(eth_hdr(skb)->h_source, info->srcaddr))
^ info->invert));
}
static int
......
......@@ -277,7 +277,7 @@ static struct nf_hook_ops ipv4_conntrack_local_in_ops = {
#ifdef CONFIG_SYSCTL
/* From nf_conntrack_proto_icmp.c */
extern unsigned long nf_ct_icmp_timeout;
extern unsigned int nf_ct_icmp_timeout;
static struct ctl_table_header *nf_ct_ipv4_sysctl_header;
static ctl_table nf_ct_sysctl_table[] = {
......
......@@ -8,8 +8,7 @@ ipv6-objs := af_inet6.o anycast.o ip6_output.o ip6_input.o addrconf.o sit.o \
route.o ip6_fib.o ipv6_sockglue.o ndisc.o udp.o raw.o \
protocol.o icmp.o mcast.o reassembly.o tcp_ipv6.o \
exthdrs.o sysctl_net_ipv6.o datagram.o proc.o \
ip6_flowlabel.o ipv6_syms.o netfilter.o \
inet6_connection_sock.o
ip6_flowlabel.o ipv6_syms.o inet6_connection_sock.o
ipv6-$(CONFIG_XFRM) += xfrm6_policy.o xfrm6_state.o xfrm6_input.o \
xfrm6_output.o
......@@ -19,7 +18,7 @@ obj-$(CONFIG_INET6_AH) += ah6.o
obj-$(CONFIG_INET6_ESP) += esp6.o
obj-$(CONFIG_INET6_IPCOMP) += ipcomp6.o
obj-$(CONFIG_INET6_TUNNEL) += xfrm6_tunnel.o
obj-$(CONFIG_NETFILTER) += netfilter/
obj-$(CONFIG_NETFILTER) += netfilter.o netfilter/
obj-$(CONFIG_IPV6_TUNNEL) += ip6_tunnel.o
......
#include <linux/config.h>
#include <linux/init.h>
#ifdef CONFIG_NETFILTER
#include <linux/kernel.h>
#include <linux/init.h>
#include <linux/ipv6.h>
#include <linux/netfilter.h>
#include <linux/netfilter_ipv6.h>
......@@ -94,18 +90,7 @@ int __init ipv6_netfilter_init(void)
return nf_register_queue_rerouter(PF_INET6, &ip6_reroute);
}
void ipv6_netfilter_fini(void)
void __exit ipv6_netfilter_fini(void)
{
nf_unregister_queue_rerouter(PF_INET6);
}
#else /* CONFIG_NETFILTER */
int __init ipv6_netfilter_init(void)
{
return 0;
}
void ipv6_netfilter_fini(void)
{
}
#endif /* CONFIG_NETFILTER */
......@@ -34,8 +34,8 @@ match(const struct sk_buff *skb,
return (skb->mac.raw >= skb->head
&& (skb->mac.raw + ETH_HLEN) <= skb->data
/* If so, compare... */
&& ((memcmp(eth_hdr(skb)->h_source, info->srcaddr, ETH_ALEN)
== 0) ^ info->invert));
&& ((!compare_ether_addr(eth_hdr(skb)->h_source, info->srcaddr))
^ info->invert));
}
static int
......
......@@ -335,10 +335,10 @@ static struct nf_hook_ops ipv6_conntrack_local_in_ops = {
#ifdef CONFIG_SYSCTL
/* From nf_conntrack_proto_icmpv6.c */
extern unsigned long nf_ct_icmpv6_timeout;
extern unsigned int nf_ct_icmpv6_timeout;
/* From nf_conntrack_frag6.c */
extern unsigned long nf_ct_frag6_timeout;
extern unsigned int nf_ct_frag6_timeout;
extern unsigned int nf_ct_frag6_low_thresh;
extern unsigned int nf_ct_frag6_high_thresh;
......
......@@ -17,7 +17,7 @@
#include <linux/netfilter.h>
#include <net/netfilter/nf_conntrack_protocol.h>
unsigned long nf_ct_generic_timeout = 600*HZ;
unsigned int nf_ct_generic_timeout = 600*HZ;
static int generic_pkt_to_tuple(const struct sk_buff *skb,
unsigned int dataoff,
......
......@@ -62,15 +62,15 @@ static const char *sctp_conntrack_names[] = {
#define HOURS * 60 MINS
#define DAYS * 24 HOURS
static unsigned long nf_ct_sctp_timeout_closed = 10 SECS;
static unsigned long nf_ct_sctp_timeout_cookie_wait = 3 SECS;
static unsigned long nf_ct_sctp_timeout_cookie_echoed = 3 SECS;
static unsigned long nf_ct_sctp_timeout_established = 5 DAYS;
static unsigned long nf_ct_sctp_timeout_shutdown_sent = 300 SECS / 1000;
static unsigned long nf_ct_sctp_timeout_shutdown_recd = 300 SECS / 1000;
static unsigned long nf_ct_sctp_timeout_shutdown_ack_sent = 3 SECS;
static unsigned long * sctp_timeouts[]
static unsigned int nf_ct_sctp_timeout_closed = 10 SECS;
static unsigned int nf_ct_sctp_timeout_cookie_wait = 3 SECS;
static unsigned int nf_ct_sctp_timeout_cookie_echoed = 3 SECS;
static unsigned int nf_ct_sctp_timeout_established = 5 DAYS;
static unsigned int nf_ct_sctp_timeout_shutdown_sent = 300 SECS / 1000;
static unsigned int nf_ct_sctp_timeout_shutdown_recd = 300 SECS / 1000;
static unsigned int nf_ct_sctp_timeout_shutdown_ack_sent = 3 SECS;
static unsigned int * sctp_timeouts[]
= { NULL, /* SCTP_CONNTRACK_NONE */
&nf_ct_sctp_timeout_closed, /* SCTP_CONNTRACK_CLOSED */
&nf_ct_sctp_timeout_cookie_wait, /* SCTP_CONNTRACK_COOKIE_WAIT */
......
......@@ -93,21 +93,21 @@ static const char *tcp_conntrack_names[] = {
#define HOURS * 60 MINS
#define DAYS * 24 HOURS
unsigned long nf_ct_tcp_timeout_syn_sent = 2 MINS;
unsigned long nf_ct_tcp_timeout_syn_recv = 60 SECS;
unsigned long nf_ct_tcp_timeout_established = 5 DAYS;
unsigned long nf_ct_tcp_timeout_fin_wait = 2 MINS;
unsigned long nf_ct_tcp_timeout_close_wait = 60 SECS;
unsigned long nf_ct_tcp_timeout_last_ack = 30 SECS;
unsigned long nf_ct_tcp_timeout_time_wait = 2 MINS;
unsigned long nf_ct_tcp_timeout_close = 10 SECS;
unsigned int nf_ct_tcp_timeout_syn_sent = 2 MINS;
unsigned int nf_ct_tcp_timeout_syn_recv = 60 SECS;
unsigned int nf_ct_tcp_timeout_established = 5 DAYS;
unsigned int nf_ct_tcp_timeout_fin_wait = 2 MINS;
unsigned int nf_ct_tcp_timeout_close_wait = 60 SECS;
unsigned int nf_ct_tcp_timeout_last_ack = 30 SECS;
unsigned int nf_ct_tcp_timeout_time_wait = 2 MINS;
unsigned int nf_ct_tcp_timeout_close = 10 SECS;
/* RFC1122 says the R2 limit should be at least 100 seconds.
Linux uses 15 packets as limit, which corresponds
to ~13-30min depending on RTO. */
unsigned long nf_ct_tcp_timeout_max_retrans = 5 MINS;
unsigned int nf_ct_tcp_timeout_max_retrans = 5 MINS;
static unsigned long * tcp_timeouts[]
static unsigned int * tcp_timeouts[]
= { NULL, /* TCP_CONNTRACK_NONE */
&nf_ct_tcp_timeout_syn_sent, /* TCP_CONNTRACK_SYN_SENT, */
&nf_ct_tcp_timeout_syn_recv, /* TCP_CONNTRACK_SYN_RECV, */
......
......@@ -27,8 +27,8 @@
#include <linux/netfilter_ipv6.h>
#include <net/netfilter/nf_conntrack_protocol.h>
unsigned long nf_ct_udp_timeout = 30*HZ;
unsigned long nf_ct_udp_timeout_stream = 180*HZ;
unsigned int nf_ct_udp_timeout = 30*HZ;
unsigned int nf_ct_udp_timeout_stream = 180*HZ;
static int udp_pkt_to_tuple(const struct sk_buff *skb,
unsigned int dataoff,
......
......@@ -431,25 +431,25 @@ extern int nf_conntrack_max;
extern unsigned int nf_conntrack_htable_size;
/* From nf_conntrack_proto_tcp.c */
extern unsigned long nf_ct_tcp_timeout_syn_sent;
extern unsigned long nf_ct_tcp_timeout_syn_recv;
extern unsigned long nf_ct_tcp_timeout_established;
extern unsigned long nf_ct_tcp_timeout_fin_wait;
extern unsigned long nf_ct_tcp_timeout_close_wait;
extern unsigned long nf_ct_tcp_timeout_last_ack;
extern unsigned long nf_ct_tcp_timeout_time_wait;
extern unsigned long nf_ct_tcp_timeout_close;
extern unsigned long nf_ct_tcp_timeout_max_retrans;
extern unsigned int nf_ct_tcp_timeout_syn_sent;
extern unsigned int nf_ct_tcp_timeout_syn_recv;
extern unsigned int nf_ct_tcp_timeout_established;
extern unsigned int nf_ct_tcp_timeout_fin_wait;
extern unsigned int nf_ct_tcp_timeout_close_wait;
extern unsigned int nf_ct_tcp_timeout_last_ack;
extern unsigned int nf_ct_tcp_timeout_time_wait;
extern unsigned int nf_ct_tcp_timeout_close;
extern unsigned int nf_ct_tcp_timeout_max_retrans;
extern int nf_ct_tcp_loose;
extern int nf_ct_tcp_be_liberal;
extern int nf_ct_tcp_max_retrans;
/* From nf_conntrack_proto_udp.c */
extern unsigned long nf_ct_udp_timeout;
extern unsigned long nf_ct_udp_timeout_stream;
extern unsigned int nf_ct_udp_timeout;
extern unsigned int nf_ct_udp_timeout_stream;
/* From nf_conntrack_proto_generic.c */
extern unsigned long nf_ct_generic_timeout;
extern unsigned int nf_ct_generic_timeout;
/* Log invalid packets of a given protocol */
static int log_invalid_proto_min = 0;
......
......@@ -1422,7 +1422,7 @@ static int netlink_rcv_skb(struct sk_buff *skb, int (*cb)(struct sk_buff *,
while (skb->len >= nlmsg_total_size(0)) {
nlh = (struct nlmsghdr *) skb->data;
if (skb->len < nlh->nlmsg_len)
if (nlh->nlmsg_len < NLMSG_HDRLEN || skb->len < nlh->nlmsg_len)
return 0;
total_len = min(NLMSG_ALIGN(nlh->nlmsg_len), skb->len);
......
......@@ -220,6 +220,7 @@ int rxrpc_connection_lookup(struct rxrpc_peer *peer,
{
struct rxrpc_connection *conn, *candidate = NULL;
struct list_head *_p;
struct sk_buff *pkt = msg->pkt;
int ret, fresh = 0;
__be32 x_epoch, x_connid;
__be16 x_port, x_servid;
......@@ -229,10 +230,10 @@ int rxrpc_connection_lookup(struct rxrpc_peer *peer,
_enter("%p{{%hu}},%u,%hu",
peer,
peer->trans->port,
ntohs(msg->pkt->h.uh->source),
ntohs(pkt->h.uh->source),
ntohs(msg->hdr.serviceId));
x_port = msg->pkt->h.uh->source;
x_port = pkt->h.uh->source;
x_epoch = msg->hdr.epoch;
x_clflag = msg->hdr.flags & RXRPC_CLIENT_INITIATED;
x_connid = htonl(ntohl(msg->hdr.cid) & RXRPC_CIDMASK);
......@@ -267,7 +268,7 @@ int rxrpc_connection_lookup(struct rxrpc_peer *peer,
/* fill in the specifics */
candidate->addr.sin_family = AF_INET;
candidate->addr.sin_port = x_port;
candidate->addr.sin_addr.s_addr = msg->pkt->nh.iph->saddr;
candidate->addr.sin_addr.s_addr = pkt->nh.iph->saddr;
candidate->in_epoch = x_epoch;
candidate->out_epoch = x_epoch;
candidate->in_clientflag = RXRPC_CLIENT_INITIATED;
......@@ -675,6 +676,7 @@ int rxrpc_conn_receive_call_packet(struct rxrpc_connection *conn,
struct rxrpc_message *msg)
{
struct rxrpc_message *pmsg;
struct dst_entry *dst;
struct list_head *_p;
unsigned cix, seq;
int ret = 0;
......@@ -710,10 +712,10 @@ int rxrpc_conn_receive_call_packet(struct rxrpc_connection *conn,
call->pkt_rcv_count++;
if (msg->pkt->dst && msg->pkt->dst->dev)
dst = msg->pkt->dst;
if (dst && dst->dev)
conn->peer->if_mtu =
msg->pkt->dst->dev->mtu -
msg->pkt->dst->dev->hard_header_len;
dst->dev->mtu - dst->dev->hard_header_len;
/* queue on the call in seq order */
rxrpc_get_message(msg);
......
......@@ -166,8 +166,8 @@ svc_create_thread(svc_thread_fn func, struct svc_serv *serv)
memset(rqstp, 0, sizeof(*rqstp));
init_waitqueue_head(&rqstp->rq_wait);
if (!(rqstp->rq_argp = (u32 *) kmalloc(serv->sv_xdrsize, GFP_KERNEL))
|| !(rqstp->rq_resp = (u32 *) kmalloc(serv->sv_xdrsize, GFP_KERNEL))
if (!(rqstp->rq_argp = kmalloc(serv->sv_xdrsize, GFP_KERNEL))
|| !(rqstp->rq_resp = kmalloc(serv->sv_xdrsize, GFP_KERNEL))
|| !svc_init_buffer(rqstp, serv->sv_bufsz))
goto out_thread;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册