From: "Maciej Żenczykowski" <zenczykowski@gmail.com>
To: "Maciej Żenczykowski" <maze@google.com>
Cc: netfilter-devel@vger.kernel.org, "Maciej Żenczykowski" <maze@google.com>
Subject: [PATCH 1/5] Don't load ip6?_tables module when already loaded.
Date: Mon, 18 Apr 2011 18:23:49 -0700 [thread overview]
Message-ID: <1303176233-14063-1-git-send-email-zenczykowski@gmail.com> (raw)
In-Reply-To: <BANLkTikeSwL=TU9nPFsUJeLXTHnPdu5BUg@mail.gmail.com>
From: Maciej Żenczykowski <maze@google.com>
Signed-off-by: Maciej Zenczykowski <maze@google.com>
---
xshared.h | 2 ++
xtables.c | 34 +++++++++++++++++++++++++++++-----
2 files changed, 31 insertions(+), 5 deletions(-)
diff --git a/xshared.h b/xshared.h
index be53535..34f3265 100644
--- a/xshared.h
+++ b/xshared.h
@@ -29,6 +29,7 @@ struct xtables_target;
/**
* xtables_afinfo - protocol family dependent information
* @kmod: kernel module basename (e.g. "ip_tables")
+ * @proc_exists: file which exists in procfs when module already loaded
* @libprefix: prefix of .so library name (e.g. "libipt_")
* @family: nfproto family
* @ipproto: used by setsockopt (e.g. IPPROTO_IP)
@@ -37,6 +38,7 @@ struct xtables_target;
*/
struct xtables_afinfo {
const char *kmod;
+ const char *proc_exists;
const char *libprefix;
uint8_t family;
uint8_t ipproto;
diff --git a/xtables.c b/xtables.c
index a260c7b..e424c28 100644
--- a/xtables.c
+++ b/xtables.c
@@ -27,9 +27,11 @@
#include <unistd.h>
#include <sys/socket.h>
#include <sys/stat.h>
+#include <sys/statfs.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <arpa/inet.h>
+#include <linux/magic.h> /* for PROC_SUPER_MAGIC */
#include <xtables.h>
#include <limits.h> /* INT_MAX in ip_tables.h/ip6_tables.h */
@@ -139,6 +141,7 @@ struct option *xtables_merge_options(struct option *orig_opts,
static const struct xtables_afinfo afinfo_ipv4 = {
.kmod = "ip_tables",
+ .proc_exists = "/proc/net/ip_tables_names",
.libprefix = "libipt_",
.family = NFPROTO_IPV4,
.ipproto = IPPROTO_IP,
@@ -148,6 +151,7 @@ static const struct xtables_afinfo afinfo_ipv4 = {
static const struct xtables_afinfo afinfo_ipv6 = {
.kmod = "ip6_tables",
+ .proc_exists = "/proc/net/ip6_tables_names",
.libprefix = "libip6t_",
.family = NFPROTO_IPV6,
.ipproto = IPPROTO_IPV6,
@@ -369,15 +373,35 @@ int xtables_insmod(const char *modname, const char *modprobe, bool quiet)
return -1;
}
+/* return true if a given file exists within procfs */
+static bool proc_file_exists(const char *filename)
+{
+ struct stat s;
+ struct statfs f;
+
+ if (lstat(filename, &s)) return false;
+ if (!S_ISREG(s.st_mode)) return false;
+ if (statfs(filename, &f)) return false;
+ if (f.f_type != PROC_SUPER_MAGIC) return false;
+ return true;
+}
+
int xtables_load_ko(const char *modprobe, bool quiet)
{
static bool loaded = false;
- static int ret = -1;
+ int ret;
- if (!loaded) {
- ret = xtables_insmod(afinfo->kmod, modprobe, quiet);
- loaded = (ret == 0);
- }
+ if (loaded)
+ return 0;
+
+ if (proc_file_exists(afinfo->proc_exists)) {
+ loaded = true;
+ return 0;
+ };
+
+ ret = xtables_insmod(afinfo->kmod, modprobe, quiet);
+ if (ret == 0)
+ loaded = true;
return ret;
}
--
1.7.3.1
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2011-04-19 1:24 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-04-19 1:22 Patches: don't call modprobe, ipv4/ipv6 flag support, xtables-multi unification Maciej Żenczykowski
2011-04-19 1:23 ` Maciej Żenczykowski [this message]
2011-04-19 7:03 ` [PATCH 1/5] Don't load ip6?_tables module when already loaded Patrick McHardy
2011-04-19 7:10 ` [PATCH] " Maciej Żenczykowski
2011-04-19 7:14 ` Patrick McHardy
2011-04-19 1:23 ` [PATCH 2/5] Add --ipv4/-4 and --ipv6/-6 support to ip6?tables{,-restore} Maciej Żenczykowski
2011-04-19 7:17 ` Patrick McHardy
2011-04-19 7:32 ` Maciej Żenczykowski
2011-04-19 7:33 ` Patrick McHardy
2011-04-19 1:23 ` [PATCH 3/5] Move common parts of libext{4,6}.a into libext.a Maciej Żenczykowski
2011-04-19 1:23 ` [PATCH 4/5] combine ip6?tables-multi into xtables-multi Maciej Żenczykowski
2011-04-19 1:23 ` [PATCH 5/5] add xtables-multi{32,64} recognition Maciej Żenczykowski
2011-04-19 7:18 ` Patrick McHardy
2011-04-19 7:29 ` Maciej Żenczykowski
2011-04-19 7:32 ` Patrick McHardy
2011-04-19 7:55 ` Jan Engelhardt
2011-04-19 8:55 ` Maciej Żenczykowski
2011-04-20 1:44 ` Patches: don't call modprobe, ipv4/ipv6 flag support, xtables-multi unification Maciej Żenczykowski
2011-04-20 1:44 ` [PATCH 1/3] Add --ipv4/-4 and --ipv6/-6 support to ip6?tables{,-restore} Maciej Żenczykowski
2011-04-20 1:44 ` [PATCH 2/3] Move common parts of libext{4,6}.a into libext.a Maciej Żenczykowski
2011-04-20 1:44 ` [PATCH 3/3] combine ip6?tables-multi into xtables-multi Maciej Żenczykowski
2011-04-21 9:16 ` Patches: don't call modprobe, ipv4/ipv6 flag support, xtables-multi unification Patrick McHardy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1303176233-14063-1-git-send-email-zenczykowski@gmail.com \
--to=zenczykowski@gmail.com \
--cc=maze@google.com \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).