git://git.onelab.eu
/
linux-2.6.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge to Fedora kernel-2.6.18-1.2224_FC5 patched with stable patch-2.6.18.1-vs2.0...
[linux-2.6.git]
/
net
/
ipv4
/
netfilter
/
ip_conntrack_standalone.c
diff --git
a/net/ipv4/netfilter/ip_conntrack_standalone.c
b/net/ipv4/netfilter/ip_conntrack_standalone.c
index
929d61f
..
7a9fa04
100644
(file)
--- a/
net/ipv4/netfilter/ip_conntrack_standalone.c
+++ b/
net/ipv4/netfilter/ip_conntrack_standalone.c
@@
-12,7
+12,6
@@
* published by the Free Software Foundation.
*/
* published by the Free Software Foundation.
*/
-#include <linux/config.h>
#include <linux/types.h>
#include <linux/ip.h>
#include <linux/netfilter.h>
#include <linux/types.h>
#include <linux/ip.h>
#include <linux/netfilter.h>
@@
-189,6
+188,11
@@
static int ct_seq_show(struct seq_file *s, void *v)
return -ENOSPC;
#endif
return -ENOSPC;
#endif
+#ifdef CONFIG_IP_NF_CONNTRACK_SECMARK
+ if (seq_printf(s, "secmark=%u ", conntrack->secmark))
+ return -ENOSPC;
+#endif
+
if (seq_printf(s, "use=%u\n", atomic_read(&conntrack->ct_general.use)))
return -ENOSPC;
if (seq_printf(s, "use=%u\n", atomic_read(&conntrack->ct_general.use)))
return -ENOSPC;
@@
-417,7
+421,7
@@
static unsigned int ip_conntrack_help(unsigned int hooknum,
/* This is where we call the helper: as the packet goes out. */
ct = ip_conntrack_get(*pskb, &ctinfo);
/* This is where we call the helper: as the packet goes out. */
ct = ip_conntrack_get(*pskb, &ctinfo);
- if (ct && ct->helper) {
+ if (ct && ct->helper
&& ctinfo != IP_CT_RELATED + IP_CT_IS_REPLY
) {
unsigned int ret;
ret = ct->helper->help(pskb, ct, ctinfo);
if (ret != NF_ACCEPT)
unsigned int ret;
ret = ct->helper->help(pskb, ct, ctinfo);
if (ret != NF_ACCEPT)
@@
-530,6
+534,8
@@
static struct nf_hook_ops ip_conntrack_ops[] = {
/* Sysctl support */
/* Sysctl support */
+int ip_conntrack_checksum = 1;
+
#ifdef CONFIG_SYSCTL
/* From ip_conntrack_core.c */
#ifdef CONFIG_SYSCTL
/* From ip_conntrack_core.c */
@@
-591,6
+597,14
@@
static ctl_table ip_ct_sysctl_table[] = {
.mode = 0444,
.proc_handler = &proc_dointvec,
},
.mode = 0444,
.proc_handler = &proc_dointvec,
},
+ {
+ .ctl_name = NET_IPV4_NF_CONNTRACK_CHECKSUM,
+ .procname = "ip_conntrack_checksum",
+ .data = &ip_conntrack_checksum,
+ .maxlen = sizeof(int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec,
+ },
{
.ctl_name = NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_SYN_SENT,
.procname = "ip_conntrack_tcp_timeout_syn_sent",
{
.ctl_name = NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_SYN_SENT,
.procname = "ip_conntrack_tcp_timeout_syn_sent",
@@
-946,6
+960,7
@@
EXPORT_SYMBOL_GPL(__ip_conntrack_helper_find_byname);
EXPORT_SYMBOL_GPL(ip_conntrack_proto_find_get);
EXPORT_SYMBOL_GPL(ip_conntrack_proto_put);
EXPORT_SYMBOL_GPL(__ip_conntrack_proto_find);
EXPORT_SYMBOL_GPL(ip_conntrack_proto_find_get);
EXPORT_SYMBOL_GPL(ip_conntrack_proto_put);
EXPORT_SYMBOL_GPL(__ip_conntrack_proto_find);
+EXPORT_SYMBOL_GPL(ip_conntrack_checksum);
#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \
defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
EXPORT_SYMBOL_GPL(ip_ct_port_tuple_to_nfattr);
#if defined(CONFIG_IP_NF_CONNTRACK_NETLINK) || \
defined(CONFIG_IP_NF_CONNTRACK_NETLINK_MODULE)
EXPORT_SYMBOL_GPL(ip_ct_port_tuple_to_nfattr);