tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
[NETFILTER]: nf_conntrack: rename struct nf_conntrack_protocol
Rename 'struct nf_conntrack_protocol' to 'struct nf_conntrack_l4proto' in
order to help distinguish it from 'struct nf_conntrack_l3proto'. It gets
rather confusing with 'nf_conntrack_protocol'.
Signed-off-by: Martin Josefsson <gandalf@wlug.westbo.se>
Signed-off-by: Patrick McHardy <kaber@trash.net>
authored by
Martin Josefsson
and committed by
David S. Miller
605dcad6
e2b7606c
+200
-200
+5
-5
include/net/netfilter/nf_conntrack_core.h
+5
-5
include/net/netfilter/nf_conntrack_core.h
···
14
14
15
15
#include <linux/netfilter.h>
16
16
#include <net/netfilter/nf_conntrack_l3proto.h>
17
-
#include <net/netfilter/nf_conntrack_protocol.h>
17
+
#include <net/netfilter/nf_conntrack_l4proto.h>
18
18
#include <net/netfilter/nf_conntrack_ecache.h>
19
19
20
20
/* This header is used to share core functionality between the
···
32
32
/* Like above, but you already have conntrack read lock. */
33
33
extern struct nf_conntrack_l3proto *__nf_ct_find_l3proto(u_int16_t l3proto);
34
34
35
-
struct nf_conntrack_protocol;
35
+
struct nf_conntrack_l4proto;
36
36
37
37
extern int
38
38
nf_ct_get_tuple(const struct sk_buff *skb,
···
42
42
u_int8_t protonum,
43
43
struct nf_conntrack_tuple *tuple,
44
44
const struct nf_conntrack_l3proto *l3proto,
45
-
const struct nf_conntrack_protocol *protocol);
45
+
const struct nf_conntrack_l4proto *l4proto);
46
46
47
47
extern int
48
48
nf_ct_invert_tuple(struct nf_conntrack_tuple *inverse,
49
49
const struct nf_conntrack_tuple *orig,
50
50
const struct nf_conntrack_l3proto *l3proto,
51
-
const struct nf_conntrack_protocol *protocol);
51
+
const struct nf_conntrack_l4proto *l4proto);
52
52
53
53
/* Find a connection corresponding to a tuple. */
54
54
extern struct nf_conntrack_tuple_hash *
···
76
76
int
77
77
print_tuple(struct seq_file *s, const struct nf_conntrack_tuple *tuple,
78
78
struct nf_conntrack_l3proto *l3proto,
79
-
struct nf_conntrack_protocol *proto);
79
+
struct nf_conntrack_l4proto *proto);
80
80
81
81
extern struct list_head *nf_conntrack_hash;
82
82
extern struct list_head nf_conntrack_expect_list;
+2
-2
include/net/netfilter/nf_conntrack_l3proto.h
+2
-2
include/net/netfilter/nf_conntrack_l3proto.h
···
96
96
/* Existing built-in protocols */
97
97
extern struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv4;
98
98
extern struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6;
99
-
extern struct nf_conntrack_l3proto nf_conntrack_generic_l3proto;
99
+
extern struct nf_conntrack_l3proto nf_conntrack_l3proto_generic;
100
100
101
101
static inline struct nf_conntrack_l3proto *
102
102
__nf_ct_l3proto_find(u_int16_t l3proto)
103
103
{
104
104
if (unlikely(l3proto >= AF_MAX))
105
-
return &nf_conntrack_generic_l3proto;
105
+
return &nf_conntrack_l3proto_generic;
106
106
return nf_ct_l3protos[l3proto];
107
107
}
108
108
+18
-18
include/net/netfilter/nf_conntrack_protocol.h
include/net/netfilter/nf_conntrack_l4proto.h
+18
-18
include/net/netfilter/nf_conntrack_protocol.h
include/net/netfilter/nf_conntrack_l4proto.h
···
1
1
/*
2
-
* Header for use in defining a given protocol for connection tracking.
2
+
* Header for use in defining a given L4 protocol for connection tracking.
3
3
*
4
4
* 16 Dec 2003: Yasuyuki Kozakai @USAGI <yasuyuki.kozakai@toshiba.co.jp>
5
5
* - generalized L3 protocol dependent part.
···
7
7
* Derived from include/linux/netfiter_ipv4/ip_conntrack_protcol.h
8
8
*/
9
9
10
-
#ifndef _NF_CONNTRACK_PROTOCOL_H
11
-
#define _NF_CONNTRACK_PROTOCOL_H
10
+
#ifndef _NF_CONNTRACK_L4PROTO_H
11
+
#define _NF_CONNTRACK_L4PROTO_H
12
12
#include <net/netfilter/nf_conntrack.h>
13
13
14
14
struct seq_file;
15
15
struct nfattr;
16
16
17
-
struct nf_conntrack_protocol
17
+
struct nf_conntrack_l4proto
18
18
{
19
19
/* Next pointer. */
20
20
struct list_head list;
···
22
22
/* L3 Protocol number. */
23
23
u_int16_t l3proto;
24
24
25
-
/* Protocol number. */
26
-
u_int8_t proto;
25
+
/* L4 Protocol number. */
26
+
u_int8_t l4proto;
27
27
28
28
/* Protocol name */
29
29
const char *name;
···
84
84
};
85
85
86
86
/* Existing built-in protocols */
87
-
extern struct nf_conntrack_protocol nf_conntrack_protocol_tcp6;
88
-
extern struct nf_conntrack_protocol nf_conntrack_protocol_udp4;
89
-
extern struct nf_conntrack_protocol nf_conntrack_protocol_udp6;
90
-
extern struct nf_conntrack_protocol nf_conntrack_generic_protocol;
87
+
extern struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp6;
88
+
extern struct nf_conntrack_l4proto nf_conntrack_l4proto_udp4;
89
+
extern struct nf_conntrack_l4proto nf_conntrack_l4proto_udp6;
90
+
extern struct nf_conntrack_l4proto nf_conntrack_l4proto_generic;
91
91
92
92
#define MAX_NF_CT_PROTO 256
93
-
extern struct nf_conntrack_protocol **nf_ct_protos[PF_MAX];
93
+
extern struct nf_conntrack_l4proto **nf_ct_protos[PF_MAX];
94
94
95
-
extern struct nf_conntrack_protocol *
96
-
__nf_ct_proto_find(u_int16_t l3proto, u_int8_t protocol);
95
+
extern struct nf_conntrack_l4proto *
96
+
__nf_ct_l4proto_find(u_int16_t l3proto, u_int8_t l4proto);
97
97
98
-
extern struct nf_conntrack_protocol *
99
-
nf_ct_proto_find_get(u_int16_t l3proto, u_int8_t protocol);
98
+
extern struct nf_conntrack_l4proto *
99
+
nf_ct_l4proto_find_get(u_int16_t l3proto, u_int8_t protocol);
100
100
101
-
extern void nf_ct_proto_put(struct nf_conntrack_protocol *p);
101
+
extern void nf_ct_l4proto_put(struct nf_conntrack_l4proto *p);
102
102
103
103
/* Protocol registration. */
104
-
extern int nf_conntrack_protocol_register(struct nf_conntrack_protocol *proto);
105
-
extern void nf_conntrack_protocol_unregister(struct nf_conntrack_protocol *proto);
104
+
extern int nf_conntrack_l4proto_register(struct nf_conntrack_l4proto *proto);
105
+
extern void nf_conntrack_l4proto_unregister(struct nf_conntrack_l4proto *proto);
106
106
107
107
/* Generic netlink helpers */
108
108
extern int nf_ct_port_tuple_to_nfattr(struct sk_buff *skb,
+13
-13
net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
+13
-13
net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
···
27
27
#include <linux/netfilter_ipv4.h>
28
28
#include <net/netfilter/nf_conntrack.h>
29
29
#include <net/netfilter/nf_conntrack_helper.h>
30
-
#include <net/netfilter/nf_conntrack_protocol.h>
30
+
#include <net/netfilter/nf_conntrack_l4proto.h>
31
31
#include <net/netfilter/nf_conntrack_l3proto.h>
32
32
#include <net/netfilter/nf_conntrack_core.h>
33
33
#include <net/netfilter/ipv4/nf_conntrack_ipv4.h>
···
429
429
.me = THIS_MODULE,
430
430
};
431
431
432
-
extern struct nf_conntrack_protocol nf_conntrack_protocol_tcp4;
433
-
extern struct nf_conntrack_protocol nf_conntrack_protocol_udp4;
434
-
extern struct nf_conntrack_protocol nf_conntrack_protocol_icmp;
432
+
extern struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp4;
433
+
extern struct nf_conntrack_l4proto nf_conntrack_l4proto_udp4;
434
+
extern struct nf_conntrack_l4proto nf_conntrack_l4proto_icmp;
435
435
436
436
MODULE_ALIAS("nf_conntrack-" __stringify(AF_INET));
437
437
MODULE_LICENSE("GPL");
···
448
448
return ret;
449
449
}
450
450
451
-
ret = nf_conntrack_protocol_register(&nf_conntrack_protocol_tcp4);
451
+
ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_tcp4);
452
452
if (ret < 0) {
453
453
printk("nf_conntrack_ipv4: can't register tcp.\n");
454
454
goto cleanup_sockopt;
455
455
}
456
456
457
-
ret = nf_conntrack_protocol_register(&nf_conntrack_protocol_udp4);
457
+
ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_udp4);
458
458
if (ret < 0) {
459
459
printk("nf_conntrack_ipv4: can't register udp.\n");
460
460
goto cleanup_tcp;
461
461
}
462
462
463
-
ret = nf_conntrack_protocol_register(&nf_conntrack_protocol_icmp);
463
+
ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_icmp);
464
464
if (ret < 0) {
465
465
printk("nf_conntrack_ipv4: can't register icmp.\n");
466
466
goto cleanup_udp;
···
495
495
cleanup_ipv4:
496
496
nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv4);
497
497
cleanup_icmp:
498
-
nf_conntrack_protocol_unregister(&nf_conntrack_protocol_icmp);
498
+
nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_icmp);
499
499
cleanup_udp:
500
-
nf_conntrack_protocol_unregister(&nf_conntrack_protocol_udp4);
500
+
nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_udp4);
501
501
cleanup_tcp:
502
-
nf_conntrack_protocol_unregister(&nf_conntrack_protocol_tcp4);
502
+
nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_tcp4);
503
503
cleanup_sockopt:
504
504
nf_unregister_sockopt(&so_getorigdst);
505
505
return ret;
···
513
513
#endif
514
514
nf_unregister_hooks(ipv4_conntrack_ops, ARRAY_SIZE(ipv4_conntrack_ops));
515
515
nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv4);
516
-
nf_conntrack_protocol_unregister(&nf_conntrack_protocol_icmp);
517
-
nf_conntrack_protocol_unregister(&nf_conntrack_protocol_udp4);
518
-
nf_conntrack_protocol_unregister(&nf_conntrack_protocol_tcp4);
516
+
nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_icmp);
517
+
nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_udp4);
518
+
nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_tcp4);
519
519
nf_unregister_sockopt(&so_getorigdst);
520
520
}
521
521
+6
-6
net/ipv4/netfilter/nf_conntrack_proto_icmp.c
+6
-6
net/ipv4/netfilter/nf_conntrack_proto_icmp.c
···
22
22
#include <net/checksum.h>
23
23
#include <linux/netfilter_ipv4.h>
24
24
#include <net/netfilter/nf_conntrack_tuple.h>
25
-
#include <net/netfilter/nf_conntrack_protocol.h>
25
+
#include <net/netfilter/nf_conntrack_l4proto.h>
26
26
#include <net/netfilter/nf_conntrack_core.h>
27
27
28
28
unsigned long nf_ct_icmp_timeout __read_mostly = 30*HZ;
···
152
152
struct icmphdr icmp;
153
153
struct iphdr ip;
154
154
} _in, *inside;
155
-
struct nf_conntrack_protocol *innerproto;
155
+
struct nf_conntrack_l4proto *innerproto;
156
156
struct nf_conntrack_tuple_hash *h;
157
157
int dataoff;
158
158
···
170
170
return -NF_ACCEPT;
171
171
}
172
172
173
-
innerproto = __nf_ct_proto_find(PF_INET, inside->ip.protocol);
173
+
innerproto = __nf_ct_l4proto_find(PF_INET, inside->ip.protocol);
174
174
dataoff = skb->nh.iph->ihl*4 + sizeof(inside->icmp);
175
175
/* Are they talking about one of our connections? */
176
176
if (!nf_ct_get_tuple(skb, dataoff, dataoff + inside->ip.ihl*4, PF_INET,
···
321
321
}
322
322
#endif
323
323
324
-
struct nf_conntrack_protocol nf_conntrack_protocol_icmp =
324
+
struct nf_conntrack_l4proto nf_conntrack_l4proto_icmp =
325
325
{
326
326
.list = { NULL, NULL },
327
327
.l3proto = PF_INET,
328
-
.proto = IPPROTO_ICMP,
328
+
.l4proto = IPPROTO_ICMP,
329
329
.name = "icmp",
330
330
.pkt_to_tuple = icmp_pkt_to_tuple,
331
331
.invert_tuple = icmp_invert_tuple,
···
343
343
#endif
344
344
};
345
345
346
-
EXPORT_SYMBOL(nf_conntrack_protocol_icmp);
346
+
EXPORT_SYMBOL(nf_conntrack_l4proto_icmp);
+13
-13
net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
+13
-13
net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
···
33
33
#include <linux/netfilter_ipv6.h>
34
34
#include <net/netfilter/nf_conntrack.h>
35
35
#include <net/netfilter/nf_conntrack_helper.h>
36
-
#include <net/netfilter/nf_conntrack_protocol.h>
36
+
#include <net/netfilter/nf_conntrack_l4proto.h>
37
37
#include <net/netfilter/nf_conntrack_l3proto.h>
38
38
#include <net/netfilter/nf_conntrack_core.h>
39
39
···
458
458
.me = THIS_MODULE,
459
459
};
460
460
461
-
extern struct nf_conntrack_protocol nf_conntrack_protocol_tcp6;
462
-
extern struct nf_conntrack_protocol nf_conntrack_protocol_udp6;
463
-
extern struct nf_conntrack_protocol nf_conntrack_protocol_icmpv6;
461
+
extern struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp6;
462
+
extern struct nf_conntrack_l4proto nf_conntrack_l4proto_udp6;
463
+
extern struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6;
464
464
extern int nf_ct_frag6_init(void);
465
465
extern void nf_ct_frag6_cleanup(void);
466
466
···
479
479
printk("nf_conntrack_ipv6: can't initialize frag6.\n");
480
480
return ret;
481
481
}
482
-
ret = nf_conntrack_protocol_register(&nf_conntrack_protocol_tcp6);
482
+
ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_tcp6);
483
483
if (ret < 0) {
484
484
printk("nf_conntrack_ipv6: can't register tcp.\n");
485
485
goto cleanup_frag6;
486
486
}
487
487
488
-
ret = nf_conntrack_protocol_register(&nf_conntrack_protocol_udp6);
488
+
ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_udp6);
489
489
if (ret < 0) {
490
490
printk("nf_conntrack_ipv6: can't register udp.\n");
491
491
goto cleanup_tcp;
492
492
}
493
493
494
-
ret = nf_conntrack_protocol_register(&nf_conntrack_protocol_icmpv6);
494
+
ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_icmpv6);
495
495
if (ret < 0) {
496
496
printk("nf_conntrack_ipv6: can't register icmpv6.\n");
497
497
goto cleanup_udp;
···
527
527
cleanup_ipv6:
528
528
nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv6);
529
529
cleanup_icmpv6:
530
-
nf_conntrack_protocol_unregister(&nf_conntrack_protocol_icmpv6);
530
+
nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_icmpv6);
531
531
cleanup_udp:
532
-
nf_conntrack_protocol_unregister(&nf_conntrack_protocol_udp6);
532
+
nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_udp6);
533
533
cleanup_tcp:
534
-
nf_conntrack_protocol_unregister(&nf_conntrack_protocol_tcp6);
534
+
nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_tcp6);
535
535
cleanup_frag6:
536
536
nf_ct_frag6_cleanup();
537
537
return ret;
···
545
545
#endif
546
546
nf_unregister_hooks(ipv6_conntrack_ops, ARRAY_SIZE(ipv6_conntrack_ops));
547
547
nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv6);
548
-
nf_conntrack_protocol_unregister(&nf_conntrack_protocol_icmpv6);
549
-
nf_conntrack_protocol_unregister(&nf_conntrack_protocol_udp6);
550
-
nf_conntrack_protocol_unregister(&nf_conntrack_protocol_tcp6);
548
+
nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_icmpv6);
549
+
nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_udp6);
550
+
nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_tcp6);
551
551
nf_ct_frag6_cleanup();
552
552
}
553
553
+6
-6
net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
+6
-6
net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
···
29
29
#include <linux/seq_file.h>
30
30
#include <linux/netfilter_ipv6.h>
31
31
#include <net/netfilter/nf_conntrack_tuple.h>
32
-
#include <net/netfilter/nf_conntrack_protocol.h>
32
+
#include <net/netfilter/nf_conntrack_l4proto.h>
33
33
#include <net/netfilter/nf_conntrack_core.h>
34
34
#include <net/netfilter/ipv6/nf_conntrack_icmpv6.h>
35
35
···
155
155
struct nf_conntrack_tuple_hash *h;
156
156
struct icmp6hdr _hdr, *hp;
157
157
unsigned int inip6off;
158
-
struct nf_conntrack_protocol *inproto;
158
+
struct nf_conntrack_l4proto *inproto;
159
159
u_int8_t inprotonum;
160
160
unsigned int inprotoff;
161
161
···
185
185
return -NF_ACCEPT;
186
186
}
187
187
188
-
inproto = __nf_ct_proto_find(PF_INET6, inprotonum);
188
+
inproto = __nf_ct_l4proto_find(PF_INET6, inprotonum);
189
189
190
190
/* Are they talking about one of our connections? */
191
191
if (!nf_ct_get_tuple(skb, inip6off, inprotoff, PF_INET6, inprotonum,
···
301
301
}
302
302
#endif
303
303
304
-
struct nf_conntrack_protocol nf_conntrack_protocol_icmpv6 =
304
+
struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6 =
305
305
{
306
306
.l3proto = PF_INET6,
307
-
.proto = IPPROTO_ICMPV6,
307
+
.l4proto = IPPROTO_ICMPV6,
308
308
.name = "icmpv6",
309
309
.pkt_to_tuple = icmpv6_pkt_to_tuple,
310
310
.invert_tuple = icmpv6_invert_tuple,
···
320
320
#endif
321
321
};
322
322
323
-
EXPORT_SYMBOL(nf_conntrack_protocol_icmpv6);
323
+
EXPORT_SYMBOL(nf_conntrack_l4proto_icmpv6);
+23
-23
net/netfilter/nf_conntrack_core.c
+23
-23
net/netfilter/nf_conntrack_core.c
···
54
54
55
55
#include <net/netfilter/nf_conntrack.h>
56
56
#include <net/netfilter/nf_conntrack_l3proto.h>
57
-
#include <net/netfilter/nf_conntrack_protocol.h>
57
+
#include <net/netfilter/nf_conntrack_l4proto.h>
58
58
#include <net/netfilter/nf_conntrack_expect.h>
59
59
#include <net/netfilter/nf_conntrack_helper.h>
60
60
#include <net/netfilter/nf_conntrack_core.h>
···
256
256
u_int8_t protonum,
257
257
struct nf_conntrack_tuple *tuple,
258
258
const struct nf_conntrack_l3proto *l3proto,
259
-
const struct nf_conntrack_protocol *protocol)
259
+
const struct nf_conntrack_l4proto *l4proto)
260
260
{
261
261
NF_CT_TUPLE_U_BLANK(tuple);
262
262
···
267
267
tuple->dst.protonum = protonum;
268
268
tuple->dst.dir = IP_CT_DIR_ORIGINAL;
269
269
270
-
return protocol->pkt_to_tuple(skb, dataoff, tuple);
270
+
return l4proto->pkt_to_tuple(skb, dataoff, tuple);
271
271
}
272
272
273
273
int
274
274
nf_ct_invert_tuple(struct nf_conntrack_tuple *inverse,
275
275
const struct nf_conntrack_tuple *orig,
276
276
const struct nf_conntrack_l3proto *l3proto,
277
-
const struct nf_conntrack_protocol *protocol)
277
+
const struct nf_conntrack_l4proto *l4proto)
278
278
{
279
279
NF_CT_TUPLE_U_BLANK(inverse);
280
280
···
285
285
inverse->dst.dir = !orig->dst.dir;
286
286
287
287
inverse->dst.protonum = orig->dst.protonum;
288
-
return protocol->invert_tuple(inverse, orig);
288
+
return l4proto->invert_tuple(inverse, orig);
289
289
}
290
290
291
291
static void
···
305
305
{
306
306
struct nf_conn *ct = (struct nf_conn *)nfct;
307
307
struct nf_conntrack_l3proto *l3proto;
308
-
struct nf_conntrack_protocol *proto;
308
+
struct nf_conntrack_l4proto *l4proto;
309
309
310
310
DEBUGP("destroy_conntrack(%p)\n", ct);
311
311
NF_CT_ASSERT(atomic_read(&nfct->use) == 0);
···
321
321
if (l3proto && l3proto->destroy)
322
322
l3proto->destroy(ct);
323
323
324
-
proto = __nf_ct_proto_find(ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.l3num, ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.protonum);
325
-
if (proto && proto->destroy)
326
-
proto->destroy(ct);
324
+
l4proto = __nf_ct_l4proto_find(ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.l3num, ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.protonum);
325
+
if (l4proto && l4proto->destroy)
326
+
l4proto->destroy(ct);
327
327
328
328
if (nf_conntrack_destroyed)
329
329
nf_conntrack_destroyed(ct);
···
647
647
static struct nf_conntrack_tuple_hash *
648
648
init_conntrack(const struct nf_conntrack_tuple *tuple,
649
649
struct nf_conntrack_l3proto *l3proto,
650
-
struct nf_conntrack_protocol *protocol,
650
+
struct nf_conntrack_l4proto *l4proto,
651
651
struct sk_buff *skb,
652
652
unsigned int dataoff)
653
653
{
···
655
655
struct nf_conntrack_tuple repl_tuple;
656
656
struct nf_conntrack_expect *exp;
657
657
658
-
if (!nf_ct_invert_tuple(&repl_tuple, tuple, l3proto, protocol)) {
658
+
if (!nf_ct_invert_tuple(&repl_tuple, tuple, l3proto, l4proto)) {
659
659
DEBUGP("Can't invert tuple.\n");
660
660
return NULL;
661
661
}
···
666
666
return (struct nf_conntrack_tuple_hash *)conntrack;
667
667
}
668
668
669
-
if (!protocol->new(conntrack, skb, dataoff)) {
669
+
if (!l4proto->new(conntrack, skb, dataoff)) {
670
670
nf_conntrack_free(conntrack);
671
671
DEBUGP("init conntrack: can't track with proto module\n");
672
672
return NULL;
···
718
718
u_int16_t l3num,
719
719
u_int8_t protonum,
720
720
struct nf_conntrack_l3proto *l3proto,
721
-
struct nf_conntrack_protocol *proto,
721
+
struct nf_conntrack_l4proto *l4proto,
722
722
int *set_reply,
723
723
enum ip_conntrack_info *ctinfo)
724
724
{
···
728
728
729
729
if (!nf_ct_get_tuple(skb, (unsigned int)(skb->nh.raw - skb->data),
730
730
dataoff, l3num, protonum, &tuple, l3proto,
731
-
proto)) {
731
+
l4proto)) {
732
732
DEBUGP("resolve_normal_ct: Can't get tuple\n");
733
733
return NULL;
734
734
}
···
736
736
/* look for tuple match */
737
737
h = nf_conntrack_find_get(&tuple, NULL);
738
738
if (!h) {
739
-
h = init_conntrack(&tuple, l3proto, proto, skb, dataoff);
739
+
h = init_conntrack(&tuple, l3proto, l4proto, skb, dataoff);
740
740
if (!h)
741
741
return NULL;
742
742
if (IS_ERR(h))
···
774
774
struct nf_conn *ct;
775
775
enum ip_conntrack_info ctinfo;
776
776
struct nf_conntrack_l3proto *l3proto;
777
-
struct nf_conntrack_protocol *proto;
777
+
struct nf_conntrack_l4proto *l4proto;
778
778
unsigned int dataoff;
779
779
u_int8_t protonum;
780
780
int set_reply = 0;
···
792
792
return -ret;
793
793
}
794
794
795
-
proto = __nf_ct_proto_find((u_int16_t)pf, protonum);
795
+
l4proto = __nf_ct_l4proto_find((u_int16_t)pf, protonum);
796
796
797
797
/* It may be an special packet, error, unclean...
798
798
* inverse of the return code tells to the netfilter
799
799
* core what to do with the packet. */
800
-
if (proto->error != NULL &&
801
-
(ret = proto->error(*pskb, dataoff, &ctinfo, pf, hooknum)) <= 0) {
800
+
if (l4proto->error != NULL &&
801
+
(ret = l4proto->error(*pskb, dataoff, &ctinfo, pf, hooknum)) <= 0) {
802
802
NF_CT_STAT_INC(error);
803
803
NF_CT_STAT_INC(invalid);
804
804
return -ret;
805
805
}
806
806
807
-
ct = resolve_normal_ct(*pskb, dataoff, pf, protonum, l3proto, proto,
807
+
ct = resolve_normal_ct(*pskb, dataoff, pf, protonum, l3proto, l4proto,
808
808
&set_reply, &ctinfo);
809
809
if (!ct) {
810
810
/* Not valid part of a connection */
···
820
820
821
821
NF_CT_ASSERT((*pskb)->nfct);
822
822
823
-
ret = proto->packet(ct, *pskb, dataoff, ctinfo, pf, hooknum);
823
+
ret = l4proto->packet(ct, *pskb, dataoff, ctinfo, pf, hooknum);
824
824
if (ret < 0) {
825
825
/* Invalid: inverse of the return code tells
826
826
* the netfilter core what to do */
···
842
842
{
843
843
return nf_ct_invert_tuple(inverse, orig,
844
844
__nf_ct_l3proto_find(orig->src.l3num),
845
-
__nf_ct_proto_find(orig->src.l3num,
845
+
__nf_ct_l4proto_find(orig->src.l3num,
846
846
orig->dst.protonum));
847
847
}
848
848
···
1199
1199
/* Don't NEED lock here, but good form anyway. */
1200
1200
write_lock_bh(&nf_conntrack_lock);
1201
1201
for (i = 0; i < PF_MAX; i++)
1202
-
nf_ct_l3protos[i] = &nf_conntrack_generic_l3proto;
1202
+
nf_ct_l3protos[i] = &nf_conntrack_l3proto_generic;
1203
1203
write_unlock_bh(&nf_conntrack_lock);
1204
1204
1205
1205
/* For use by REJECT target */
+1
-1
net/netfilter/nf_conntrack_ecache.c
+1
-1
net/netfilter/nf_conntrack_ecache.c
···
22
22
23
23
#include <net/netfilter/nf_conntrack.h>
24
24
#include <net/netfilter/nf_conntrack_l3proto.h>
25
-
#include <net/netfilter/nf_conntrack_protocol.h>
25
+
#include <net/netfilter/nf_conntrack_l4proto.h>
26
26
#include <net/netfilter/nf_conntrack_expect.h>
27
27
#include <net/netfilter/nf_conntrack_helper.h>
28
28
#include <net/netfilter/nf_conntrack_core.h>
+1
-1
net/netfilter/nf_conntrack_expect.c
+1
-1
net/netfilter/nf_conntrack_expect.c
···
338
338
expect->tuple.dst.protonum);
339
339
print_tuple(s, &expect->tuple,
340
340
__nf_ct_l3proto_find(expect->tuple.src.l3num),
341
-
__nf_ct_proto_find(expect->tuple.src.l3num,
341
+
__nf_ct_l4proto_find(expect->tuple.src.l3num,
342
342
expect->tuple.dst.protonum));
343
343
return seq_putc(s, '\n');
344
344
}
+1
-1
net/netfilter/nf_conntrack_helper.c
+1
-1
net/netfilter/nf_conntrack_helper.c
···
26
26
27
27
#include <net/netfilter/nf_conntrack.h>
28
28
#include <net/netfilter/nf_conntrack_l3proto.h>
29
-
#include <net/netfilter/nf_conntrack_protocol.h>
29
+
#include <net/netfilter/nf_conntrack_l4proto.h>
30
30
#include <net/netfilter/nf_conntrack_helper.h>
31
31
#include <net/netfilter/nf_conntrack_core.h>
32
32
+2
-2
net/netfilter/nf_conntrack_l3proto_generic.c
+2
-2
net/netfilter/nf_conntrack_l3proto_generic.c
···
26
26
27
27
#include <linux/netfilter_ipv4.h>
28
28
#include <net/netfilter/nf_conntrack.h>
29
-
#include <net/netfilter/nf_conntrack_protocol.h>
29
+
#include <net/netfilter/nf_conntrack_l4proto.h>
30
30
#include <net/netfilter/nf_conntrack_l3proto.h>
31
31
#include <net/netfilter/nf_conntrack_core.h>
32
32
#include <net/netfilter/ipv4/nf_conntrack_ipv4.h>
···
84
84
return NF_CT_F_BASIC;
85
85
}
86
86
87
-
struct nf_conntrack_l3proto nf_conntrack_generic_l3proto = {
87
+
struct nf_conntrack_l3proto nf_conntrack_l3proto_generic = {
88
88
.l3proto = PF_UNSPEC,
89
89
.name = "unknown",
90
90
.pkt_to_tuple = generic_pkt_to_tuple,
+28
-28
net/netfilter/nf_conntrack_netlink.c
+28
-28
net/netfilter/nf_conntrack_netlink.c
···
38
38
#include <net/netfilter/nf_conntrack_expect.h>
39
39
#include <net/netfilter/nf_conntrack_helper.h>
40
40
#include <net/netfilter/nf_conntrack_l3proto.h>
41
-
#include <net/netfilter/nf_conntrack_protocol.h>
41
+
#include <net/netfilter/nf_conntrack_l4proto.h>
42
42
#include <linux/netfilter_ipv4/ip_nat_protocol.h>
43
43
44
44
#include <linux/netfilter/nfnetlink.h>
···
51
51
static inline int
52
52
ctnetlink_dump_tuples_proto(struct sk_buff *skb,
53
53
const struct nf_conntrack_tuple *tuple,
54
-
struct nf_conntrack_protocol *proto)
54
+
struct nf_conntrack_l4proto *l4proto)
55
55
{
56
56
int ret = 0;
57
57
struct nfattr *nest_parms = NFA_NEST(skb, CTA_TUPLE_PROTO);
58
58
59
59
NFA_PUT(skb, CTA_PROTO_NUM, sizeof(u_int8_t), &tuple->dst.protonum);
60
60
61
-
if (likely(proto->tuple_to_nfattr))
62
-
ret = proto->tuple_to_nfattr(skb, tuple);
61
+
if (likely(l4proto->tuple_to_nfattr))
62
+
ret = l4proto->tuple_to_nfattr(skb, tuple);
63
63
64
64
NFA_NEST_END(skb, nest_parms);
65
65
···
94
94
{
95
95
int ret;
96
96
struct nf_conntrack_l3proto *l3proto;
97
-
struct nf_conntrack_protocol *proto;
97
+
struct nf_conntrack_l4proto *l4proto;
98
98
99
99
l3proto = nf_ct_l3proto_find_get(tuple->src.l3num);
100
100
ret = ctnetlink_dump_tuples_ip(skb, tuple, l3proto);
···
103
103
if (unlikely(ret < 0))
104
104
return ret;
105
105
106
-
proto = nf_ct_proto_find_get(tuple->src.l3num, tuple->dst.protonum);
107
-
ret = ctnetlink_dump_tuples_proto(skb, tuple, proto);
108
-
nf_ct_proto_put(proto);
106
+
l4proto = nf_ct_l4proto_find_get(tuple->src.l3num, tuple->dst.protonum);
107
+
ret = ctnetlink_dump_tuples_proto(skb, tuple, l4proto);
108
+
nf_ct_l4proto_put(l4proto);
109
109
110
110
return ret;
111
111
}
···
142
142
static inline int
143
143
ctnetlink_dump_protoinfo(struct sk_buff *skb, const struct nf_conn *ct)
144
144
{
145
-
struct nf_conntrack_protocol *proto = nf_ct_proto_find_get(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num, ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum);
145
+
struct nf_conntrack_l4proto *l4proto = nf_ct_l4proto_find_get(ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num, ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum);
146
146
struct nfattr *nest_proto;
147
147
int ret;
148
148
149
-
if (!proto->to_nfattr) {
150
-
nf_ct_proto_put(proto);
149
+
if (!l4proto->to_nfattr) {
150
+
nf_ct_l4proto_put(l4proto);
151
151
return 0;
152
152
}
153
153
154
154
nest_proto = NFA_NEST(skb, CTA_PROTOINFO);
155
155
156
-
ret = proto->to_nfattr(skb, nest_proto, ct);
156
+
ret = l4proto->to_nfattr(skb, nest_proto, ct);
157
157
158
-
nf_ct_proto_put(proto);
158
+
nf_ct_l4proto_put(l4proto);
159
159
160
160
NFA_NEST_END(skb, nest_proto);
161
161
162
162
return ret;
163
163
164
164
nfattr_failure:
165
-
nf_ct_proto_put(proto);
165
+
nf_ct_l4proto_put(l4proto);
166
166
return -1;
167
167
}
168
168
···
493
493
struct nf_conntrack_tuple *tuple)
494
494
{
495
495
struct nfattr *tb[CTA_PROTO_MAX];
496
-
struct nf_conntrack_protocol *proto;
496
+
struct nf_conntrack_l4proto *l4proto;
497
497
int ret = 0;
498
498
499
499
nfattr_parse_nested(tb, CTA_PROTO_MAX, attr);
···
505
505
return -EINVAL;
506
506
tuple->dst.protonum = *(u_int8_t *)NFA_DATA(tb[CTA_PROTO_NUM-1]);
507
507
508
-
proto = nf_ct_proto_find_get(tuple->src.l3num, tuple->dst.protonum);
508
+
l4proto = nf_ct_l4proto_find_get(tuple->src.l3num, tuple->dst.protonum);
509
509
510
-
if (likely(proto->nfattr_to_tuple))
511
-
ret = proto->nfattr_to_tuple(tb, tuple);
510
+
if (likely(l4proto->nfattr_to_tuple))
511
+
ret = l4proto->nfattr_to_tuple(tb, tuple);
512
512
513
-
nf_ct_proto_put(proto);
513
+
nf_ct_l4proto_put(l4proto);
514
514
515
515
return ret;
516
516
}
···
890
890
ctnetlink_change_protoinfo(struct nf_conn *ct, struct nfattr *cda[])
891
891
{
892
892
struct nfattr *tb[CTA_PROTOINFO_MAX], *attr = cda[CTA_PROTOINFO-1];
893
-
struct nf_conntrack_protocol *proto;
893
+
struct nf_conntrack_l4proto *l4proto;
894
894
u_int16_t npt = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum;
895
895
u_int16_t l3num = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num;
896
896
int err = 0;
897
897
898
898
nfattr_parse_nested(tb, CTA_PROTOINFO_MAX, attr);
899
899
900
-
proto = nf_ct_proto_find_get(l3num, npt);
900
+
l4proto = nf_ct_l4proto_find_get(l3num, npt);
901
901
902
-
if (proto->from_nfattr)
903
-
err = proto->from_nfattr(tb, ct);
904
-
nf_ct_proto_put(proto);
902
+
if (l4proto->from_nfattr)
903
+
err = l4proto->from_nfattr(tb, ct);
904
+
nf_ct_l4proto_put(l4proto);
905
905
906
906
return err;
907
907
}
···
1081
1081
{
1082
1082
int ret;
1083
1083
struct nf_conntrack_l3proto *l3proto;
1084
-
struct nf_conntrack_protocol *proto;
1084
+
struct nf_conntrack_l4proto *l4proto;
1085
1085
struct nfattr *nest_parms = NFA_NEST(skb, CTA_EXPECT_MASK);
1086
1086
1087
1087
l3proto = nf_ct_l3proto_find_get(tuple->src.l3num);
···
1091
1091
if (unlikely(ret < 0))
1092
1092
goto nfattr_failure;
1093
1093
1094
-
proto = nf_ct_proto_find_get(tuple->src.l3num, tuple->dst.protonum);
1095
-
ret = ctnetlink_dump_tuples_proto(skb, mask, proto);
1096
-
nf_ct_proto_put(proto);
1094
+
l4proto = nf_ct_l4proto_find_get(tuple->src.l3num, tuple->dst.protonum);
1095
+
ret = ctnetlink_dump_tuples_proto(skb, mask, l4proto);
1096
+
nf_ct_l4proto_put(l4proto);
1097
1097
if (unlikely(ret < 0))
1098
1098
goto nfattr_failure;
1099
1099
+36
-36
net/netfilter/nf_conntrack_proto.c
+36
-36
net/netfilter/nf_conntrack_proto.c
···
24
24
25
25
#include <net/netfilter/nf_conntrack.h>
26
26
#include <net/netfilter/nf_conntrack_l3proto.h>
27
-
#include <net/netfilter/nf_conntrack_protocol.h>
27
+
#include <net/netfilter/nf_conntrack_l4proto.h>
28
28
#include <net/netfilter/nf_conntrack_core.h>
29
29
30
-
struct nf_conntrack_protocol **nf_ct_protos[PF_MAX] __read_mostly;
30
+
struct nf_conntrack_l4proto **nf_ct_protos[PF_MAX] __read_mostly;
31
31
struct nf_conntrack_l3proto *nf_ct_l3protos[PF_MAX] __read_mostly;
32
32
33
-
struct nf_conntrack_protocol *
34
-
__nf_ct_proto_find(u_int16_t l3proto, u_int8_t protocol)
33
+
struct nf_conntrack_l4proto *
34
+
__nf_ct_l4proto_find(u_int16_t l3proto, u_int8_t l4proto)
35
35
{
36
36
if (unlikely(l3proto >= AF_MAX || nf_ct_protos[l3proto] == NULL))
37
-
return &nf_conntrack_generic_protocol;
37
+
return &nf_conntrack_l4proto_generic;
38
38
39
-
return nf_ct_protos[l3proto][protocol];
39
+
return nf_ct_protos[l3proto][l4proto];
40
40
}
41
41
42
42
/* this is guaranteed to always return a valid protocol helper, since
43
43
* it falls back to generic_protocol */
44
-
struct nf_conntrack_protocol *
45
-
nf_ct_proto_find_get(u_int16_t l3proto, u_int8_t protocol)
44
+
struct nf_conntrack_l4proto *
45
+
nf_ct_l4proto_find_get(u_int16_t l3proto, u_int8_t l4proto)
46
46
{
47
-
struct nf_conntrack_protocol *p;
47
+
struct nf_conntrack_l4proto *p;
48
48
49
49
preempt_disable();
50
-
p = __nf_ct_proto_find(l3proto, protocol);
50
+
p = __nf_ct_l4proto_find(l3proto, l4proto);
51
51
if (!try_module_get(p->me))
52
-
p = &nf_conntrack_generic_protocol;
52
+
p = &nf_conntrack_l4proto_generic;
53
53
preempt_enable();
54
54
55
55
return p;
56
56
}
57
57
58
-
void nf_ct_proto_put(struct nf_conntrack_protocol *p)
58
+
void nf_ct_l4proto_put(struct nf_conntrack_l4proto *p)
59
59
{
60
60
module_put(p->me);
61
61
}
···
68
68
preempt_disable();
69
69
p = __nf_ct_l3proto_find(l3proto);
70
70
if (!try_module_get(p->me))
71
-
p = &nf_conntrack_generic_l3proto;
71
+
p = &nf_conntrack_l3proto_generic;
72
72
preempt_enable();
73
73
74
74
return p;
···
86
86
struct nf_conntrack_l3proto *p;
87
87
88
88
retry: p = nf_ct_l3proto_find_get(l3proto);
89
-
if (p == &nf_conntrack_generic_l3proto) {
89
+
if (p == &nf_conntrack_l3proto_generic) {
90
90
ret = request_module("nf_conntrack-%d", l3proto);
91
91
if (!ret)
92
92
goto retry;
···
114
114
((struct nf_conntrack_l3proto *)data)->l3proto);
115
115
}
116
116
117
-
static int kill_proto(struct nf_conn *i, void *data)
117
+
static int kill_l4proto(struct nf_conn *i, void *data)
118
118
{
119
-
struct nf_conntrack_protocol *proto;
120
-
proto = (struct nf_conntrack_protocol *)data;
119
+
struct nf_conntrack_l4proto *l4proto;
120
+
l4proto = (struct nf_conntrack_l4proto *)data;
121
121
return (i->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum ==
122
-
proto->proto) &&
122
+
l4proto->l4proto) &&
123
123
(i->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num ==
124
-
proto->l3proto);
124
+
l4proto->l3proto);
125
125
}
126
126
127
127
int nf_conntrack_l3proto_register(struct nf_conntrack_l3proto *proto)
···
129
129
int ret = 0;
130
130
131
131
write_lock_bh(&nf_conntrack_lock);
132
-
if (nf_ct_l3protos[proto->l3proto] != &nf_conntrack_generic_l3proto) {
132
+
if (nf_ct_l3protos[proto->l3proto] != &nf_conntrack_l3proto_generic) {
133
133
ret = -EBUSY;
134
134
goto out;
135
135
}
···
143
143
void nf_conntrack_l3proto_unregister(struct nf_conntrack_l3proto *proto)
144
144
{
145
145
write_lock_bh(&nf_conntrack_lock);
146
-
nf_ct_l3protos[proto->l3proto] = &nf_conntrack_generic_l3proto;
146
+
nf_ct_l3protos[proto->l3proto] = &nf_conntrack_l3proto_generic;
147
147
write_unlock_bh(&nf_conntrack_lock);
148
148
149
149
/* Somebody could be still looking at the proto in bh. */
···
155
155
156
156
/* FIXME: Allow NULL functions and sub in pointers to generic for
157
157
them. --RR */
158
-
int nf_conntrack_protocol_register(struct nf_conntrack_protocol *proto)
158
+
int nf_conntrack_l4proto_register(struct nf_conntrack_l4proto *l4proto)
159
159
{
160
160
int ret = 0;
161
161
162
162
retry:
163
163
write_lock_bh(&nf_conntrack_lock);
164
-
if (nf_ct_protos[proto->l3proto]) {
165
-
if (nf_ct_protos[proto->l3proto][proto->proto]
166
-
!= &nf_conntrack_generic_protocol) {
164
+
if (nf_ct_protos[l4proto->l3proto]) {
165
+
if (nf_ct_protos[l4proto->l3proto][l4proto->l4proto]
166
+
!= &nf_conntrack_l4proto_generic) {
167
167
ret = -EBUSY;
168
168
goto out_unlock;
169
169
}
170
170
} else {
171
171
/* l3proto may be loaded latter. */
172
-
struct nf_conntrack_protocol **proto_array;
172
+
struct nf_conntrack_l4proto **proto_array;
173
173
int i;
174
174
175
175
write_unlock_bh(&nf_conntrack_lock);
176
176
177
-
proto_array = (struct nf_conntrack_protocol **)
177
+
proto_array = (struct nf_conntrack_l4proto **)
178
178
kmalloc(MAX_NF_CT_PROTO *
179
-
sizeof(struct nf_conntrack_protocol *),
179
+
sizeof(struct nf_conntrack_l4proto *),
180
180
GFP_KERNEL);
181
181
if (proto_array == NULL) {
182
182
ret = -ENOMEM;
183
183
goto out;
184
184
}
185
185
for (i = 0; i < MAX_NF_CT_PROTO; i++)
186
-
proto_array[i] = &nf_conntrack_generic_protocol;
186
+
proto_array[i] = &nf_conntrack_l4proto_generic;
187
187
188
188
write_lock_bh(&nf_conntrack_lock);
189
-
if (nf_ct_protos[proto->l3proto]) {
189
+
if (nf_ct_protos[l4proto->l3proto]) {
190
190
/* bad timing, but no problem */
191
191
write_unlock_bh(&nf_conntrack_lock);
192
192
kfree(proto_array);
193
193
} else {
194
-
nf_ct_protos[proto->l3proto] = proto_array;
194
+
nf_ct_protos[l4proto->l3proto] = proto_array;
195
195
write_unlock_bh(&nf_conntrack_lock);
196
196
}
197
197
···
202
202
goto retry;
203
203
}
204
204
205
-
nf_ct_protos[proto->l3proto][proto->proto] = proto;
205
+
nf_ct_protos[l4proto->l3proto][l4proto->l4proto] = l4proto;
206
206
207
207
out_unlock:
208
208
write_unlock_bh(&nf_conntrack_lock);
···
210
210
return ret;
211
211
}
212
212
213
-
void nf_conntrack_protocol_unregister(struct nf_conntrack_protocol *proto)
213
+
void nf_conntrack_l4proto_unregister(struct nf_conntrack_l4proto *l4proto)
214
214
{
215
215
write_lock_bh(&nf_conntrack_lock);
216
-
nf_ct_protos[proto->l3proto][proto->proto]
217
-
= &nf_conntrack_generic_protocol;
216
+
nf_ct_protos[l4proto->l3proto][l4proto->l4proto]
217
+
= &nf_conntrack_l4proto_generic;
218
218
write_unlock_bh(&nf_conntrack_lock);
219
219
220
220
/* Somebody could be still looking at the proto in bh. */
221
221
synchronize_net();
222
222
223
223
/* Remove all contrack entries for this protocol */
224
-
nf_ct_iterate_cleanup(kill_proto, proto);
224
+
nf_ct_iterate_cleanup(kill_l4proto, l4proto);
225
225
}
+3
-3
net/netfilter/nf_conntrack_proto_generic.c
+3
-3
net/netfilter/nf_conntrack_proto_generic.c
···
15
15
#include <linux/sched.h>
16
16
#include <linux/timer.h>
17
17
#include <linux/netfilter.h>
18
-
#include <net/netfilter/nf_conntrack_protocol.h>
18
+
#include <net/netfilter/nf_conntrack_l4proto.h>
19
19
20
20
unsigned int nf_ct_generic_timeout __read_mostly = 600*HZ;
21
21
···
71
71
return 1;
72
72
}
73
73
74
-
struct nf_conntrack_protocol nf_conntrack_generic_protocol =
74
+
struct nf_conntrack_l4proto nf_conntrack_l4proto_generic =
75
75
{
76
76
.l3proto = PF_UNSPEC,
77
-
.proto = 0,
77
+
.l4proto = 0,
78
78
.name = "unknown",
79
79
.pkt_to_tuple = generic_pkt_to_tuple,
80
80
.invert_tuple = generic_invert_tuple,
+13
-13
net/netfilter/nf_conntrack_proto_sctp.c
+13
-13
net/netfilter/nf_conntrack_proto_sctp.c
···
32
32
#include <linux/interrupt.h>
33
33
34
34
#include <net/netfilter/nf_conntrack.h>
35
-
#include <net/netfilter/nf_conntrack_protocol.h>
35
+
#include <net/netfilter/nf_conntrack_l4proto.h>
36
36
#include <net/netfilter/nf_conntrack_ecache.h>
37
37
38
38
#if 0
···
509
509
return 1;
510
510
}
511
511
512
-
struct nf_conntrack_protocol nf_conntrack_protocol_sctp4 = {
512
+
struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp4 = {
513
513
.l3proto = PF_INET,
514
-
.proto = IPPROTO_SCTP,
514
+
.l4proto = IPPROTO_SCTP,
515
515
.name = "sctp",
516
516
.pkt_to_tuple = sctp_pkt_to_tuple,
517
517
.invert_tuple = sctp_invert_tuple,
···
523
523
.me = THIS_MODULE
524
524
};
525
525
526
-
struct nf_conntrack_protocol nf_conntrack_protocol_sctp6 = {
526
+
struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp6 = {
527
527
.l3proto = PF_INET6,
528
-
.proto = IPPROTO_SCTP,
528
+
.l4proto = IPPROTO_SCTP,
529
529
.name = "sctp",
530
530
.pkt_to_tuple = sctp_pkt_to_tuple,
531
531
.invert_tuple = sctp_invert_tuple,
···
625
625
{
626
626
int ret;
627
627
628
-
ret = nf_conntrack_protocol_register(&nf_conntrack_protocol_sctp4);
628
+
ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_sctp4);
629
629
if (ret) {
630
-
printk("nf_conntrack_proto_sctp4: protocol register failed\n");
630
+
printk("nf_conntrack_l4proto_sctp4: protocol register failed\n");
631
631
goto out;
632
632
}
633
-
ret = nf_conntrack_protocol_register(&nf_conntrack_protocol_sctp6);
633
+
ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_sctp6);
634
634
if (ret) {
635
-
printk("nf_conntrack_proto_sctp6: protocol register failed\n");
635
+
printk("nf_conntrack_l4proto_sctp6: protocol register failed\n");
636
636
goto cleanup_sctp4;
637
637
}
638
638
···
648
648
649
649
#ifdef CONFIG_SYSCTL
650
650
cleanup:
651
-
nf_conntrack_protocol_unregister(&nf_conntrack_protocol_sctp6);
651
+
nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_sctp6);
652
652
#endif
653
653
cleanup_sctp4:
654
-
nf_conntrack_protocol_unregister(&nf_conntrack_protocol_sctp4);
654
+
nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_sctp4);
655
655
out:
656
656
DEBUGP("SCTP conntrack module loading %s\n",
657
657
ret ? "failed": "succeeded");
···
660
660
661
661
void __exit nf_conntrack_proto_sctp_fini(void)
662
662
{
663
-
nf_conntrack_protocol_unregister(&nf_conntrack_protocol_sctp6);
664
-
nf_conntrack_protocol_unregister(&nf_conntrack_protocol_sctp4);
663
+
nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_sctp6);
664
+
nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_sctp4);
665
665
#ifdef CONFIG_SYSCTL
666
666
unregister_sysctl_table(nf_ct_sysctl_header);
667
667
#endif
+7
-7
net/netfilter/nf_conntrack_proto_tcp.c
+7
-7
net/netfilter/nf_conntrack_proto_tcp.c
···
42
42
#include <linux/netfilter_ipv4.h>
43
43
#include <linux/netfilter_ipv6.h>
44
44
#include <net/netfilter/nf_conntrack.h>
45
-
#include <net/netfilter/nf_conntrack_protocol.h>
45
+
#include <net/netfilter/nf_conntrack_l4proto.h>
46
46
#include <net/netfilter/nf_conntrack_ecache.h>
47
47
48
48
#if 0
···
1169
1169
}
1170
1170
#endif
1171
1171
1172
-
struct nf_conntrack_protocol nf_conntrack_protocol_tcp4 =
1172
+
struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp4 =
1173
1173
{
1174
1174
.l3proto = PF_INET,
1175
-
.proto = IPPROTO_TCP,
1175
+
.l4proto = IPPROTO_TCP,
1176
1176
.name = "tcp",
1177
1177
.pkt_to_tuple = tcp_pkt_to_tuple,
1178
1178
.invert_tuple = tcp_invert_tuple,
···
1190
1190
#endif
1191
1191
};
1192
1192
1193
-
struct nf_conntrack_protocol nf_conntrack_protocol_tcp6 =
1193
+
struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp6 =
1194
1194
{
1195
1195
.l3proto = PF_INET6,
1196
-
.proto = IPPROTO_TCP,
1196
+
.l4proto = IPPROTO_TCP,
1197
1197
.name = "tcp",
1198
1198
.pkt_to_tuple = tcp_pkt_to_tuple,
1199
1199
.invert_tuple = tcp_invert_tuple,
···
1211
1211
#endif
1212
1212
};
1213
1213
1214
-
EXPORT_SYMBOL(nf_conntrack_protocol_tcp4);
1215
-
EXPORT_SYMBOL(nf_conntrack_protocol_tcp6);
1214
+
EXPORT_SYMBOL(nf_conntrack_l4proto_tcp4);
1215
+
EXPORT_SYMBOL(nf_conntrack_l4proto_tcp6);
+7
-7
net/netfilter/nf_conntrack_proto_udp.c
+7
-7
net/netfilter/nf_conntrack_proto_udp.c
···
26
26
#include <linux/netfilter.h>
27
27
#include <linux/netfilter_ipv4.h>
28
28
#include <linux/netfilter_ipv6.h>
29
-
#include <net/netfilter/nf_conntrack_protocol.h>
29
+
#include <net/netfilter/nf_conntrack_l4proto.h>
30
30
#include <net/netfilter/nf_conntrack_ecache.h>
31
31
32
32
unsigned int nf_ct_udp_timeout __read_mostly = 30*HZ;
···
148
148
return NF_ACCEPT;
149
149
}
150
150
151
-
struct nf_conntrack_protocol nf_conntrack_protocol_udp4 =
151
+
struct nf_conntrack_l4proto nf_conntrack_l4proto_udp4 =
152
152
{
153
153
.l3proto = PF_INET,
154
-
.proto = IPPROTO_UDP,
154
+
.l4proto = IPPROTO_UDP,
155
155
.name = "udp",
156
156
.pkt_to_tuple = udp_pkt_to_tuple,
157
157
.invert_tuple = udp_invert_tuple,
···
167
167
#endif
168
168
};
169
169
170
-
struct nf_conntrack_protocol nf_conntrack_protocol_udp6 =
170
+
struct nf_conntrack_l4proto nf_conntrack_l4proto_udp6 =
171
171
{
172
172
.l3proto = PF_INET6,
173
-
.proto = IPPROTO_UDP,
173
+
.l4proto = IPPROTO_UDP,
174
174
.name = "udp",
175
175
.pkt_to_tuple = udp_pkt_to_tuple,
176
176
.invert_tuple = udp_invert_tuple,
···
186
186
#endif
187
187
};
188
188
189
-
EXPORT_SYMBOL(nf_conntrack_protocol_udp4);
190
-
EXPORT_SYMBOL(nf_conntrack_protocol_udp6);
189
+
EXPORT_SYMBOL(nf_conntrack_l4proto_udp4);
190
+
EXPORT_SYMBOL(nf_conntrack_l4proto_udp6);
+15
-15
net/netfilter/nf_conntrack_standalone.c
+15
-15
net/netfilter/nf_conntrack_standalone.c
···
35
35
#include <net/netfilter/nf_conntrack.h>
36
36
#include <net/netfilter/nf_conntrack_core.h>
37
37
#include <net/netfilter/nf_conntrack_l3proto.h>
38
-
#include <net/netfilter/nf_conntrack_protocol.h>
38
+
#include <net/netfilter/nf_conntrack_l4proto.h>
39
39
#include <net/netfilter/nf_conntrack_expect.h>
40
40
#include <net/netfilter/nf_conntrack_helper.h>
41
41
···
54
54
int
55
55
print_tuple(struct seq_file *s, const struct nf_conntrack_tuple *tuple,
56
56
struct nf_conntrack_l3proto *l3proto,
57
-
struct nf_conntrack_protocol *proto)
57
+
struct nf_conntrack_l4proto *l4proto)
58
58
{
59
-
return l3proto->print_tuple(s, tuple) || proto->print_tuple(s, tuple);
59
+
return l3proto->print_tuple(s, tuple) || l4proto->print_tuple(s, tuple);
60
60
}
61
61
62
62
#ifdef CONFIG_NF_CT_ACCT
···
135
135
const struct nf_conntrack_tuple_hash *hash = v;
136
136
const struct nf_conn *conntrack = nf_ct_tuplehash_to_ctrack(hash);
137
137
struct nf_conntrack_l3proto *l3proto;
138
-
struct nf_conntrack_protocol *proto;
138
+
struct nf_conntrack_l4proto *l4proto;
139
139
140
140
ASSERT_READ_LOCK(&nf_conntrack_lock);
141
141
NF_CT_ASSERT(conntrack);
···
148
148
.tuple.src.l3num);
149
149
150
150
NF_CT_ASSERT(l3proto);
151
-
proto = __nf_ct_proto_find(conntrack->tuplehash[IP_CT_DIR_ORIGINAL]
151
+
l4proto = __nf_ct_l4proto_find(conntrack->tuplehash[IP_CT_DIR_ORIGINAL]
152
152
.tuple.src.l3num,
153
153
conntrack->tuplehash[IP_CT_DIR_ORIGINAL]
154
154
.tuple.dst.protonum);
155
-
NF_CT_ASSERT(proto);
155
+
NF_CT_ASSERT(l4proto);
156
156
157
157
if (seq_printf(s, "%-8s %u %-8s %u %ld ",
158
158
l3proto->name,
159
159
conntrack->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num,
160
-
proto->name,
160
+
l4proto->name,
161
161
conntrack->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum,
162
162
timer_pending(&conntrack->timeout)
163
163
? (long)(conntrack->timeout.expires - jiffies)/HZ : 0) != 0)
···
166
166
if (l3proto->print_conntrack(s, conntrack))
167
167
return -ENOSPC;
168
168
169
-
if (proto->print_conntrack(s, conntrack))
169
+
if (l4proto->print_conntrack(s, conntrack))
170
170
return -ENOSPC;
171
171
172
172
if (print_tuple(s, &conntrack->tuplehash[IP_CT_DIR_ORIGINAL].tuple,
173
-
l3proto, proto))
173
+
l3proto, l4proto))
174
174
return -ENOSPC;
175
175
176
176
if (seq_print_counters(s, &conntrack->counters[IP_CT_DIR_ORIGINAL]))
···
181
181
return -ENOSPC;
182
182
183
183
if (print_tuple(s, &conntrack->tuplehash[IP_CT_DIR_REPLY].tuple,
184
-
l3proto, proto))
184
+
l3proto, l4proto))
185
185
return -ENOSPC;
186
186
187
187
if (seq_print_counters(s, &conntrack->counters[IP_CT_DIR_REPLY]))
···
655
655
EXPORT_SYMBOL(nf_ct_l3proto_module_put);
656
656
EXPORT_SYMBOL(nf_conntrack_l3proto_register);
657
657
EXPORT_SYMBOL(nf_conntrack_l3proto_unregister);
658
-
EXPORT_SYMBOL(nf_conntrack_protocol_register);
659
-
EXPORT_SYMBOL(nf_conntrack_protocol_unregister);
658
+
EXPORT_SYMBOL(nf_conntrack_l4proto_register);
659
+
EXPORT_SYMBOL(nf_conntrack_l4proto_unregister);
660
660
EXPORT_SYMBOL(nf_ct_invert_tuplepr);
661
661
EXPORT_SYMBOL(nf_conntrack_destroyed);
662
662
EXPORT_SYMBOL(need_conntrack);
···
665
665
EXPORT_SYMBOL(nf_ct_iterate_cleanup);
666
666
EXPORT_SYMBOL(__nf_ct_refresh_acct);
667
667
EXPORT_SYMBOL(nf_ct_protos);
668
-
EXPORT_SYMBOL(__nf_ct_proto_find);
669
-
EXPORT_SYMBOL(nf_ct_proto_find_get);
670
-
EXPORT_SYMBOL(nf_ct_proto_put);
668
+
EXPORT_SYMBOL(__nf_ct_l4proto_find);
669
+
EXPORT_SYMBOL(nf_ct_l4proto_find_get);
670
+
EXPORT_SYMBOL(nf_ct_l4proto_put);
671
671
EXPORT_SYMBOL(nf_ct_l3proto_find_get);
672
672
EXPORT_SYMBOL(nf_ct_l3proto_put);
673
673
EXPORT_SYMBOL(nf_ct_l3protos);