* [PATCH 2.6] Use C99 initializers for conntrack sysctl tables
@ 2004-02-20 21:07 Harald Welte
2004-02-20 22:28 ` Patrick McHardy
2004-02-20 23:12 ` David S. Miller
0 siblings, 2 replies; 7+ messages in thread
From: Harald Welte @ 2004-02-20 21:07 UTC (permalink / raw)
To: David Miller; +Cc: Netfilter Development Mailinglist
[-- Attachment #1.1: Type: text/plain, Size: 522 bytes --]
Hi again, Dave!
I guess this needs no further comment. Oh yes, it depends on the
previous 2.6 resync patch I sent you.
Please apply, thanks
--
- Harald Welte <laforge@netfilter.org> http://www.netfilter.org/
============================================================================
"Fragmentation is like classful addressing -- an interesting early
architectural error that shows how much experimentation was going
on while IP was being designed." -- Paul Vixie
[-- Attachment #1.2: 2.6.3-sysctl.patch --]
[-- Type: text/plain, Size: 7540 bytes --]
--- linux-2.6.3-nfsubmit/net/ipv4/netfilter/ip_conntrack_standalone.c 2004-02-20 20:55:14.000000000 +0100
+++ linux-2.6.3-sysctl/net/ipv4/netfilter/ip_conntrack_standalone.c 2004-02-20 22:05:11.000000000 +0100
@@ -300,69 +300,159 @@
static struct ctl_table_header *ip_ct_sysctl_header;
static ctl_table ip_ct_sysctl_table[] = {
- {NET_IPV4_NF_CONNTRACK_MAX, "ip_conntrack_max",
- &ip_conntrack_max, sizeof(int), 0644, NULL,
- &proc_dointvec},
- {NET_IPV4_NF_CONNTRACK_BUCKETS, "ip_conntrack_buckets",
- &ip_conntrack_htable_size, sizeof(unsigned int), 0444, NULL,
- &proc_dointvec},
- {NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_SYN_SENT, "ip_conntrack_tcp_timeout_syn_sent",
- &ip_ct_tcp_timeout_syn_sent, sizeof(unsigned int), 0644, NULL,
- &proc_dointvec_jiffies},
- {NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_SYN_RECV, "ip_conntrack_tcp_timeout_syn_recv",
- &ip_ct_tcp_timeout_syn_recv, sizeof(unsigned int), 0644, NULL,
- &proc_dointvec_jiffies},
- {NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_ESTABLISHED, "ip_conntrack_tcp_timeout_established",
- &ip_ct_tcp_timeout_established, sizeof(unsigned int), 0644, NULL,
- &proc_dointvec_jiffies},
- {NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_FIN_WAIT, "ip_conntrack_tcp_timeout_fin_wait",
- &ip_ct_tcp_timeout_fin_wait, sizeof(unsigned int), 0644, NULL,
- &proc_dointvec_jiffies},
- {NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_CLOSE_WAIT, "ip_conntrack_tcp_timeout_close_wait",
- &ip_ct_tcp_timeout_close_wait, sizeof(unsigned int), 0644, NULL,
- &proc_dointvec_jiffies},
- {NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_LAST_ACK, "ip_conntrack_tcp_timeout_last_ack",
- &ip_ct_tcp_timeout_last_ack, sizeof(unsigned int), 0644, NULL,
- &proc_dointvec_jiffies},
- {NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_TIME_WAIT, "ip_conntrack_tcp_timeout_time_wait",
- &ip_ct_tcp_timeout_time_wait, sizeof(unsigned int), 0644, NULL,
- &proc_dointvec_jiffies},
- {NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_CLOSE, "ip_conntrack_tcp_timeout_close",
- &ip_ct_tcp_timeout_close, sizeof(unsigned int), 0644, NULL,
- &proc_dointvec_jiffies},
- {NET_IPV4_NF_CONNTRACK_UDP_TIMEOUT, "ip_conntrack_udp_timeout",
- &ip_ct_udp_timeout, sizeof(unsigned int), 0644, NULL,
- &proc_dointvec_jiffies},
- {NET_IPV4_NF_CONNTRACK_UDP_TIMEOUT_STREAM, "ip_conntrack_udp_timeout_stream",
- &ip_ct_udp_timeout_stream, sizeof(unsigned int), 0644, NULL,
- &proc_dointvec_jiffies},
- {NET_IPV4_NF_CONNTRACK_ICMP_TIMEOUT, "ip_conntrack_icmp_timeout",
- &ip_ct_icmp_timeout, sizeof(unsigned int), 0644, NULL,
- &proc_dointvec_jiffies},
- {NET_IPV4_NF_CONNTRACK_GENERIC_TIMEOUT, "ip_conntrack_generic_timeout",
- &ip_ct_generic_timeout, sizeof(unsigned int), 0644, NULL,
- &proc_dointvec_jiffies},
- {0}
+ {
+ .ctl_name = NET_IPV4_NF_CONNTRACK_MAX,
+ .procname = "ip_conntrack_max",
+ .data = &ip_conntrack_max,
+ .maxlen = sizeof(int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec,
+ },
+ {
+ .ctl_name = NET_IPV4_NF_CONNTRACK_BUCKETS,
+ .procname = "ip_conntrack_buckets",
+ .data = &ip_conntrack_htable_size,
+ .maxlen = sizeof(unsigned int),
+ .mode = 0444,
+ .proc_handler = &proc_dointvec,
+ },
+ {
+ .ctl_name = NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_SYN_SENT,
+ .procname = "ip_conntrack_tcp_timeout_syn_sent",
+ .data = &ip_ct_tcp_timeout_syn_sent,
+ .maxlen = sizeof(unsigned int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec_jiffies,
+ },
+ {
+ .ctl_name = NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_SYN_RECV,
+ .procname = "ip_conntrack_tcp_timeout_syn_recv",
+ .data = &ip_ct_tcp_timeout_syn_recv,
+ .maxlen = sizeof(unsigned int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec_jiffies,
+ },
+ {
+ .ctl_name = NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_ESTABLISHED,
+ .procname = "ip_conntrack_tcp_timeout_established",
+ .data = &ip_ct_tcp_timeout_established,
+ .maxlen = sizeof(unsigned int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec_jiffies,
+ },
+ {
+ .ctl_name = NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_FIN_WAIT,
+ .procname = "ip_conntrack_tcp_timeout_fin_wait",
+ .data = &ip_ct_tcp_timeout_fin_wait,
+ .maxlen = sizeof(unsigned int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec_jiffies,
+ },
+ {
+ .ctl_name = NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_CLOSE_WAIT,
+ .procname = "ip_conntrack_tcp_timeout_close_wait",
+ .data = &ip_ct_tcp_timeout_close_wait,
+ .maxlen = sizeof(unsigned int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec_jiffies,
+ },
+ {
+ .ctl_name = NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_LAST_ACK,
+ .procname = "ip_conntrack_tcp_timeout_last_ack",
+ .data = &ip_ct_tcp_timeout_last_ack,
+ .maxlen = sizeof(unsigned int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec_jiffies,
+ },
+ {
+ .ctl_name = NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_TIME_WAIT,
+ .procname = "ip_conntrack_tcp_timeout_time_wait",
+ .data = &ip_ct_tcp_timeout_time_wait,
+ .maxlen = sizeof(unsigned int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec_jiffies,
+ },
+ {
+ .ctl_name = NET_IPV4_NF_CONNTRACK_TCP_TIMEOUT_CLOSE,
+ .procname = "ip_conntrack_tcp_timeout_close",
+ .data = &ip_ct_tcp_timeout_close,
+ .maxlen = sizeof(unsigned int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec_jiffies,
+ },
+ {
+ .ctl_name = NET_IPV4_NF_CONNTRACK_UDP_TIMEOUT,
+ .procname = "ip_conntrack_udp_timeout",
+ .data = &ip_ct_udp_timeout,
+ .maxlen = sizeof(unsigned int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec_jiffies,
+ },
+ {
+ .ctl_name = NET_IPV4_NF_CONNTRACK_UDP_TIMEOUT_STREAM,
+ .procname = "ip_conntrack_udp_timeout_stream",
+ .data = &ip_ct_udp_timeout_stream,
+ .maxlen = sizeof(unsigned int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec_jiffies,
+ },
+ {
+ .ctl_name = NET_IPV4_NF_CONNTRACK_ICMP_TIMEOUT,
+ .procname = "ip_conntrack_icmp_timeout",
+ .data = &ip_ct_icmp_timeout,
+ .maxlen = sizeof(unsigned int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec_jiffies,
+ },
+ {
+ .ctl_name = NET_IPV4_NF_CONNTRACK_GENERIC_TIMEOUT,
+ .procname = "ip_conntrack_generic_timeout",
+ .data = &ip_ct_generic_timeout,
+ .maxlen = sizeof(unsigned int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec_jiffies,
+ },
+ { .ctl_name = 0 }
};
#define NET_IP_CONNTRACK_MAX 2089
static ctl_table ip_ct_netfilter_table[] = {
- {NET_IPV4_NETFILTER, "netfilter", NULL, 0, 0555, ip_ct_sysctl_table, 0, 0, 0, 0, 0},
- {NET_IP_CONNTRACK_MAX, "ip_conntrack_max",
- &ip_conntrack_max, sizeof(int), 0644, NULL,
- &proc_dointvec},
- {0}
+ {
+ .ctl_name = NET_IPV4_NETFILTER,
+ .procname = "netfilter",
+ .mode = 0555,
+ .child = ip_ct_sysctl_table,
+ },
+ {
+ .ctl_name = NET_IP_CONNTRACK_MAX,
+ .procname = "ip_conntrack_max",
+ .data = &ip_conntrack_max,
+ .maxlen = sizeof(int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec
+ },
+ { .ctl_name = 0 }
};
static ctl_table ip_ct_ipv4_table[] = {
- {NET_IPV4, "ipv4", NULL, 0, 0555, ip_ct_netfilter_table, 0, 0, 0, 0, 0},
- {0}
+ {
+ .ctl_name = NET_IPV4,
+ .procname = "ipv4",
+ .mode = 0555,
+ .child = ip_ct_netfilter_table,
+ },
+ { .ctl_name = 0 }
};
static ctl_table ip_ct_net_table[] = {
- {CTL_NET, "net", NULL, 0, 0555, ip_ct_ipv4_table, 0, 0, 0, 0, 0},
- {0}
+ {
+ .ctl_name = CTL_NET,
+ .procname = "net",
+ .mode = 0555,
+ .child = ip_ct_ipv4_table,
+ },
+ { .ctl_name = 0 }
};
#endif
static int init_or_cleanup(int init)
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 2.6] Use C99 initializers for conntrack sysctl tables
2004-02-20 21:07 [PATCH 2.6] Use C99 initializers for conntrack sysctl tables Harald Welte
@ 2004-02-20 22:28 ` Patrick McHardy
2004-02-20 23:12 ` David S. Miller
1 sibling, 0 replies; 7+ messages in thread
From: Patrick McHardy @ 2004-02-20 22:28 UTC (permalink / raw)
To: Harald Welte; +Cc: Netfilter Development Mailinglist
Harald Welte wrote:
> Hi again, Dave!
>
> I guess this needs no further comment. Oh yes, it depends on the
> previous 2.6 resync patch I sent you.
>
> Please apply, thanks
>
Hi Harald,
not sure if you're done yet, I just wanted to remind you of
the expect-evict-order fix in 2.6 pom, the 2.4 fix already got
submitted some time ago. Also I wanted to ask about your plans
to submit the 2.6 version of the owner-socketlookup patch. It
has had enough testing in 2.4 that I feel confident it won't
cause any problems.
Best regards,
Patrick
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 2.6] Use C99 initializers for conntrack sysctl tables
2004-02-20 21:07 [PATCH 2.6] Use C99 initializers for conntrack sysctl tables Harald Welte
2004-02-20 22:28 ` Patrick McHardy
@ 2004-02-20 23:12 ` David S. Miller
2004-02-21 3:57 ` Bo Xiong
1 sibling, 1 reply; 7+ messages in thread
From: David S. Miller @ 2004-02-20 23:12 UTC (permalink / raw)
To: Harald Welte; +Cc: netfilter-devel
On Fri, 20 Feb 2004 22:07:58 +0100
Harald Welte <laforge@netfilter.org> wrote:
> I guess this needs no further comment. Oh yes, it depends on the
> previous 2.6 resync patch I sent you.
Already in my tree, as mentioned.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 2.6] Use C99 initializers for conntrack sysctl tables
2004-02-20 23:12 ` David S. Miller
@ 2004-02-21 3:57 ` Bo Xiong
2004-02-22 16:07 ` Henrik Nordstrom
2004-02-22 23:41 ` Pablo Neira
0 siblings, 2 replies; 7+ messages in thread
From: Bo Xiong @ 2004-02-21 3:57 UTC (permalink / raw)
Cc: netfilter-devel
init_conntrack() will creat a new conntrack, bu where add the new
conntrack to hash_list?
-Bo
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 2.6] Use C99 initializers for conntrack sysctl tables
2004-02-21 3:57 ` Bo Xiong
@ 2004-02-22 16:07 ` Henrik Nordstrom
2004-02-22 23:41 ` Pablo Neira
1 sibling, 0 replies; 7+ messages in thread
From: Henrik Nordstrom @ 2004-02-22 16:07 UTC (permalink / raw)
To: Bo Xiong; +Cc: netfilter-devel
On Fri, 20 Feb 2004, Bo Xiong wrote:
> init_conntrack() will creat a new conntrack, bu where add the new
> conntrack to hash_list?
When it is confirmed by ip_conntrack_confirm(), called when the packet is
confirmed to be accepted (NF_IP_POST_ROTING / NF_IP_LOCAL_IN)
Regards
Henrik
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 2.6] Use C99 initializers for conntrack sysctl tables
2004-02-21 3:57 ` Bo Xiong
2004-02-22 16:07 ` Henrik Nordstrom
@ 2004-02-22 23:41 ` Pablo Neira
2004-02-22 23:45 ` Pablo Neira
1 sibling, 1 reply; 7+ messages in thread
From: Pablo Neira @ 2004-02-22 23:41 UTC (permalink / raw)
To: Bo Xiong, netfilter-devel
Bo Xiong wrote:
>init_conntrack() will creat a new conntrack, bu where add the new
>conntrack to hash_list?
>-Bo
>
>
>
Hi Bo,
why didn't you create a new thread? the topic of this message is different.
anyway, have a look at:
http://lxr.linux.no/source/net/ipv4/netfilter/ip_conntrack_core.c#L460
init_conntrack creates a new conntrack and insert it to the hash list as
well (see list_prepend).
best regards,
Pablo
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 2.6] Use C99 initializers for conntrack sysctl tables
2004-02-22 23:41 ` Pablo Neira
@ 2004-02-22 23:45 ` Pablo Neira
0 siblings, 0 replies; 7+ messages in thread
From: Pablo Neira @ 2004-02-22 23:45 UTC (permalink / raw)
To: Bo Xiong, netfilter-devel
Pablo Neira wrote:
> Bo Xiong wrote:
>
>> init_conntrack() will creat a new conntrack, bu where add the new
>> conntrack to hash_list?
>> -Bo
>>
>>
>>
> Hi Bo,
>
> why didn't you create a new thread? the topic of this message is
> different.
>
> anyway, have a look at:
>
> http://lxr.linux.no/source/net/ipv4/netfilter/ip_conntrack_core.c#L460
>
> init_conntrack creates a new conntrack and insert it to the hash list
> as well (see list_prepend).
Sorry!! this is wrong, init_conntrack only creates the conntrack, it is
inserted in __ip_conntrack_confirm, see the link above. A little
blackout :-(
Pablo
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2004-02-22 23:45 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-02-20 21:07 [PATCH 2.6] Use C99 initializers for conntrack sysctl tables Harald Welte
2004-02-20 22:28 ` Patrick McHardy
2004-02-20 23:12 ` David S. Miller
2004-02-21 3:57 ` Bo Xiong
2004-02-22 16:07 ` Henrik Nordstrom
2004-02-22 23:41 ` Pablo Neira
2004-02-22 23:45 ` Pablo Neira
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.