git://git.onelab.eu / linux-2.6.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
fedora core 6 1.2949 + vserver 2.2.0
[linux-2.6.git] / net / netfilter / nf_conntrack_proto_sctp.c
diff --git a/net/netfilter/nf_conntrack_proto_sctp.c b/net/netfilter/nf_conntrack_proto_sctp.c
index 7fcd1dd..76e2636 100644 (file)
--- a/net/netfilter/nf_conntrack_proto_sctp.c
+++ b/net/netfilter/nf_conntrack_proto_sctp.c
@@ -28,9 +28,12 @@
 #include <linux/sctp.h>
 #include <linux/string.h>
 #include <linux/seq_file.h>
+#include <linux/spinlock.h>
+#include <linux/interrupt.h>
 
 #include <net/netfilter/nf_conntrack.h>
-#include <net/netfilter/nf_conntrack_protocol.h>
+#include <net/netfilter/nf_conntrack_l4proto.h>
+#include <net/netfilter/nf_conntrack_ecache.h>
 
 #if 0
 #define DEBUGP(format, ...) printk(format, ## __VA_ARGS__)
@@ -62,13 +65,13 @@ static const char *sctp_conntrack_names[] = {
 #define HOURS * 60 MINS
 #define DAYS  * 24 HOURS
 
-static unsigned int nf_ct_sctp_timeout_closed            =  10 SECS;
-static unsigned int nf_ct_sctp_timeout_cookie_wait       =   3 SECS;
-static unsigned int nf_ct_sctp_timeout_cookie_echoed     =   3 SECS;
-static unsigned int nf_ct_sctp_timeout_established       =   5 DAYS;
-static unsigned int nf_ct_sctp_timeout_shutdown_sent     = 300 SECS / 1000;
-static unsigned int nf_ct_sctp_timeout_shutdown_recd     = 300 SECS / 1000;
-static unsigned int nf_ct_sctp_timeout_shutdown_ack_sent =   3 SECS;
+static unsigned int nf_ct_sctp_timeout_closed __read_mostly          =  10 SECS;
+static unsigned int nf_ct_sctp_timeout_cookie_wait __read_mostly     =   3 SECS;
+static unsigned int nf_ct_sctp_timeout_cookie_echoed __read_mostly   =   3 SECS;
+static unsigned int nf_ct_sctp_timeout_established __read_mostly     =   5 DAYS;
+static unsigned int nf_ct_sctp_timeout_shutdown_sent __read_mostly   = 300 SECS / 1000;
+static unsigned int nf_ct_sctp_timeout_shutdown_recd __read_mostly   = 300 SECS / 1000;
+static unsigned int nf_ct_sctp_timeout_shutdown_ack_sent __read_mostly = 3 SECS;
 
 static unsigned int * sctp_timeouts[]
 = { NULL,                                  /* SCTP_CONNTRACK_NONE  */
@@ -214,7 +217,7 @@ static int sctp_print_conntrack(struct seq_file *s,
 for (offset = dataoff + sizeof(sctp_sctphdr_t), count = 0;             \
        offset < skb->len &&                                            \
        (sch = skb_header_pointer(skb, offset, sizeof(_sch), &_sch));   \
-       offset += (htons(sch->length) + 3) & ~3, count++)
+       offset += (ntohs(sch->length) + 3) & ~3, count++)
 
 /* Some validity checks to make sure the chunks are fine */
 static int do_basic_checks(struct nf_conn *conntrack,
@@ -506,36 +509,10 @@ static int sctp_new(struct nf_conn *conntrack, const struct sk_buff *skb,
        return 1;
 }
 
-struct nf_conntrack_protocol nf_conntrack_protocol_sctp4 = { 
-       .l3proto         = PF_INET,
-       .proto           = IPPROTO_SCTP, 
-       .name            = "sctp",
-       .pkt_to_tuple    = sctp_pkt_to_tuple, 
-       .invert_tuple    = sctp_invert_tuple, 
-       .print_tuple     = sctp_print_tuple, 
-       .print_conntrack = sctp_print_conntrack,
-       .packet          = sctp_packet, 
-       .new             = sctp_new, 
-       .destroy         = NULL, 
-       .me              = THIS_MODULE 
-};
-
-struct nf_conntrack_protocol nf_conntrack_protocol_sctp6 = { 
-       .l3proto         = PF_INET6,
-       .proto           = IPPROTO_SCTP, 
-       .name            = "sctp",
-       .pkt_to_tuple    = sctp_pkt_to_tuple, 
-       .invert_tuple    = sctp_invert_tuple, 
-       .print_tuple     = sctp_print_tuple, 
-       .print_conntrack = sctp_print_conntrack,
-       .packet          = sctp_packet, 
-       .new             = sctp_new, 
-       .destroy         = NULL, 
-       .me              = THIS_MODULE 
-};
-
 #ifdef CONFIG_SYSCTL
-static ctl_table nf_ct_sysctl_table[] = {
+static unsigned int sctp_sysctl_table_users;
+static struct ctl_table_header *sctp_sysctl_header;
+static struct ctl_table sctp_sysctl_table[] = {
        {
                .ctl_name       = NET_NF_CONNTRACK_SCTP_TIMEOUT_CLOSED,
                .procname       = "nf_conntrack_sctp_timeout_closed",
@@ -592,82 +569,151 @@ static ctl_table nf_ct_sysctl_table[] = {
                .mode           = 0644,
                .proc_handler   = &proc_dointvec_jiffies,
        },
-       { .ctl_name = 0 }
+       {
+               .ctl_name = 0
+       }
 };
 
-static ctl_table nf_ct_netfilter_table[] = {
+#ifdef CONFIG_NF_CONNTRACK_PROC_COMPAT
+static struct ctl_table sctp_compat_sysctl_table[] = {
        {
-               .ctl_name       = NET_NETFILTER,
-               .procname       = "netfilter",
-               .mode           = 0555,
-               .child          = nf_ct_sysctl_table,
+               .ctl_name       = NET_IPV4_NF_CONNTRACK_SCTP_TIMEOUT_CLOSED,
+               .procname       = "ip_conntrack_sctp_timeout_closed",
+               .data           = &nf_ct_sctp_timeout_closed,
+               .maxlen         = sizeof(unsigned int),
+               .mode           = 0644,
+               .proc_handler   = &proc_dointvec_jiffies,
+       },
+       {
+               .ctl_name       = NET_IPV4_NF_CONNTRACK_SCTP_TIMEOUT_COOKIE_WAIT,
+               .procname       = "ip_conntrack_sctp_timeout_cookie_wait",
+               .data           = &nf_ct_sctp_timeout_cookie_wait,
+               .maxlen         = sizeof(unsigned int),
+               .mode           = 0644,
+               .proc_handler   = &proc_dointvec_jiffies,
+       },
+       {
+               .ctl_name       = NET_IPV4_NF_CONNTRACK_SCTP_TIMEOUT_COOKIE_ECHOED,
+               .procname       = "ip_conntrack_sctp_timeout_cookie_echoed",
+               .data           = &nf_ct_sctp_timeout_cookie_echoed,
+               .maxlen         = sizeof(unsigned int),
+               .mode           = 0644,
+               .proc_handler   = &proc_dointvec_jiffies,
+       },
+       {
+               .ctl_name       = NET_IPV4_NF_CONNTRACK_SCTP_TIMEOUT_ESTABLISHED,
+               .procname       = "ip_conntrack_sctp_timeout_established",
+               .data           = &nf_ct_sctp_timeout_established,
+               .maxlen         = sizeof(unsigned int),
+               .mode           = 0644,
+               .proc_handler   = &proc_dointvec_jiffies,
+       },
+       {
+               .ctl_name       = NET_IPV4_NF_CONNTRACK_SCTP_TIMEOUT_SHUTDOWN_SENT,
+               .procname       = "ip_conntrack_sctp_timeout_shutdown_sent",
+               .data           = &nf_ct_sctp_timeout_shutdown_sent,
+               .maxlen         = sizeof(unsigned int),
+               .mode           = 0644,
+               .proc_handler   = &proc_dointvec_jiffies,
+       },
+       {
+               .ctl_name       = NET_IPV4_NF_CONNTRACK_SCTP_TIMEOUT_SHUTDOWN_RECD,
+               .procname       = "ip_conntrack_sctp_timeout_shutdown_recd",
+               .data           = &nf_ct_sctp_timeout_shutdown_recd,
+               .maxlen         = sizeof(unsigned int),
+               .mode           = 0644,
+               .proc_handler   = &proc_dointvec_jiffies,
        },
-       { .ctl_name = 0 }
-};
-
-static ctl_table nf_ct_net_table[] = {
        {
-               .ctl_name       = CTL_NET,
-               .procname       = "net",
-               .mode           = 0555, 
-               .child          = nf_ct_netfilter_table,
+               .ctl_name       = NET_IPV4_NF_CONNTRACK_SCTP_TIMEOUT_SHUTDOWN_ACK_SENT,
+               .procname       = "ip_conntrack_sctp_timeout_shutdown_ack_sent",
+               .data           = &nf_ct_sctp_timeout_shutdown_ack_sent,
+               .maxlen         = sizeof(unsigned int),
+               .mode           = 0644,
+               .proc_handler   = &proc_dointvec_jiffies,
        },
-       { .ctl_name = 0 }
+       {
+               .ctl_name = 0
+       }
+};
+#endif /* CONFIG_NF_CONNTRACK_PROC_COMPAT */
+#endif
+
+struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp4 = {
+       .l3proto                = PF_INET,
+       .l4proto                = IPPROTO_SCTP,
+       .name                   = "sctp",
+       .pkt_to_tuple           = sctp_pkt_to_tuple,
+       .invert_tuple           = sctp_invert_tuple,
+       .print_tuple            = sctp_print_tuple,
+       .print_conntrack        = sctp_print_conntrack,
+       .packet                 = sctp_packet,
+       .new                    = sctp_new,
+       .me                     = THIS_MODULE,
+#ifdef CONFIG_SYSCTL
+       .ctl_table_users        = &sctp_sysctl_table_users,
+       .ctl_table_header       = &sctp_sysctl_header,
+       .ctl_table              = sctp_sysctl_table,
+#ifdef CONFIG_NF_CONNTRACK_PROC_COMPAT
+       .ctl_compat_table       = sctp_compat_sysctl_table,
+#endif
+#endif
 };
 
-static struct ctl_table_header *nf_ct_sysctl_header;
+struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp6 = {
+       .l3proto                = PF_INET6,
+       .l4proto                = IPPROTO_SCTP,
+       .name                   = "sctp",
+       .pkt_to_tuple           = sctp_pkt_to_tuple,
+       .invert_tuple           = sctp_invert_tuple,
+       .print_tuple            = sctp_print_tuple,
+       .print_conntrack        = sctp_print_conntrack,
+       .packet                 = sctp_packet,
+       .new                    = sctp_new,
+       .me                     = THIS_MODULE,
+#ifdef CONFIG_SYSCTL
+       .ctl_table_users        = &sctp_sysctl_table_users,
+       .ctl_table_header       = &sctp_sysctl_header,
+       .ctl_table              = sctp_sysctl_table,
 #endif
+};
 
-int __init init(void)
+int __init nf_conntrack_proto_sctp_init(void)
 {
        int ret;
 
-       ret = nf_conntrack_protocol_register(&nf_conntrack_protocol_sctp4);
+       ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_sctp4);
        if (ret) {
-               printk("nf_conntrack_proto_sctp4: protocol register failed\n");
+               printk("nf_conntrack_l4proto_sctp4: protocol register failed\n");
                goto out;
        }
-       ret = nf_conntrack_protocol_register(&nf_conntrack_protocol_sctp6);
+       ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_sctp6);
        if (ret) {
-               printk("nf_conntrack_proto_sctp6: protocol register failed\n");
+               printk("nf_conntrack_l4proto_sctp6: protocol register failed\n");
                goto cleanup_sctp4;
        }
 
-#ifdef CONFIG_SYSCTL
-       nf_ct_sysctl_header = register_sysctl_table(nf_ct_net_table, 0);
-       if (nf_ct_sysctl_header == NULL) {
-               printk("nf_conntrack_proto_sctp: can't register to sysctl.\n");
-               goto cleanup;
-       }
-#endif
-
        return ret;
 
-#ifdef CONFIG_SYSCTL
- cleanup:
-       nf_conntrack_protocol_unregister(&nf_conntrack_protocol_sctp6);
-#endif
  cleanup_sctp4:
-       nf_conntrack_protocol_unregister(&nf_conntrack_protocol_sctp4);
+       nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_sctp4);
  out:
        DEBUGP("SCTP conntrack module loading %s\n", 
                                        ret ? "failed": "succeeded");
        return ret;
 }
 
-void __exit fini(void)
+void __exit nf_conntrack_proto_sctp_fini(void)
 {
-       nf_conntrack_protocol_unregister(&nf_conntrack_protocol_sctp6);
-       nf_conntrack_protocol_unregister(&nf_conntrack_protocol_sctp4);
-#ifdef CONFIG_SYSCTL
-       unregister_sysctl_table(nf_ct_sysctl_header);
-#endif
+       nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_sctp6);
+       nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_sctp4);
        DEBUGP("SCTP conntrack module unloaded\n");
 }
 
-module_init(init);
-module_exit(fini);
+module_init(nf_conntrack_proto_sctp_init);
+module_exit(nf_conntrack_proto_sctp_fini);
 
 MODULE_LICENSE("GPL");
 MODULE_AUTHOR("Kiran Kumar Immidi");
 MODULE_DESCRIPTION("Netfilter connection tracking protocol helper for SCTP");
+MODULE_ALIAS("ip_conntrack_proto_sctp");
linux-2.6