Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a85406af authored by Davide Caratti's avatar Davide Caratti Committed by Pablo Neira Ayuso
Browse files

netfilter: conntrack: built-in support for SCTP 



CONFIG_NF_CT_PROTO_SCTP is no more a tristate. When set to y, connection
tracking support for SCTP protocol is built-in into nf_conntrack.ko.

footprint test:
$ ls -l net/netfilter/nf_conntrack{_proto_sctp,}.ko \
        net/ipv4/netfilter/nf_conntrack_ipv4.ko \
        net/ipv6/netfilter/nf_conntrack_ipv6.ko

(builtin)||  sctp  |  ipv4  |  ipv6  | nf_conntrack
---------++--------+--------+--------+--------------
none     || 498243 | 828755 | 828676 | 6141434
SCTP     ||   -    | 829254 | 829175 | 6547872

Signed-off-by: default avatarDavide Caratti <dcaratti@redhat.com>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent c51d3901

include/net/netfilter/ipv4/nf_conntrack_ipv4.h

+3 −0
Original line number Diff line number Diff line
@@ -18,6 +18,9 @@ extern struct nf_conntrack_l4proto nf_conntrack_l4proto_icmp; 
#ifdef CONFIG_NF_CT_PROTO_DCCP

extern struct nf_conntrack_l4proto nf_conntrack_l4proto_dccp4;

#endif

#ifdef CONFIG_NF_CT_PROTO_SCTP

extern struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp4;

#endif



int nf_conntrack_ipv4_compat_init(void);

void nf_conntrack_ipv4_compat_fini(void);

include/net/netfilter/ipv6/nf_conntrack_ipv6.h

+3 −0
Original line number Diff line number Diff line
@@ -9,6 +9,9 @@ extern struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6; 
#ifdef CONFIG_NF_CT_PROTO_DCCP

extern struct nf_conntrack_l4proto nf_conntrack_l4proto_dccp6;

#endif

#ifdef CONFIG_NF_CT_PROTO_SCTP

extern struct nf_conntrack_l4proto nf_conntrack_l4proto_sctp6;

#endif



#include <linux/sysctl.h>

extern struct ctl_table nf_ct_ipv6_sysctl_table[];

include/net/netns/conntrack.h

+13 −0
Original line number Diff line number Diff line
@@ -9,6 +9,9 @@ 
#ifdef CONFIG_NF_CT_PROTO_DCCP

#include <linux/netfilter/nf_conntrack_dccp.h>

#endif

#ifdef CONFIG_NF_CT_PROTO_SCTP

#include <linux/netfilter/nf_conntrack_sctp.h>

#endif

#include <linux/seqlock.h>



struct ctl_table_header;
@@ -59,6 +62,13 @@ struct nf_dccp_net { 
};

#endif



#ifdef CONFIG_NF_CT_PROTO_SCTP

struct nf_sctp_net {

	struct nf_proto_net pn;

	unsigned int timeouts[SCTP_CONNTRACK_MAX];

};

#endif



struct nf_ip_net {

	struct nf_generic_net   generic;

	struct nf_tcp_net	tcp;
@@ -68,6 +78,9 @@ struct nf_ip_net { 
#ifdef CONFIG_NF_CT_PROTO_DCCP

	struct nf_dccp_net	dccp;

#endif

#ifdef CONFIG_NF_CT_PROTO_SCTP

	struct nf_sctp_net	sctp;

#endif

};



struct ct_pcpu {

net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c

+3 −0
Original line number Diff line number Diff line
@@ -343,6 +343,9 @@ static struct nf_conntrack_l4proto *builtin_l4proto4[] = { 
#ifdef CONFIG_NF_CT_PROTO_DCCP

	&nf_conntrack_l4proto_dccp4,

#endif

#ifdef CONFIG_NF_CT_PROTO_SCTP

	&nf_conntrack_l4proto_sctp4,

#endif

};



static int ipv4_net_init(struct net *net)

net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c

+3 −0
Original line number Diff line number Diff line
@@ -343,6 +343,9 @@ static struct nf_conntrack_l4proto *builtin_l4proto6[] = { 
#ifdef CONFIG_NF_CT_PROTO_DCCP

	&nf_conntrack_l4proto_dccp6,

#endif

#ifdef CONFIG_NF_CT_PROTO_SCTP

	&nf_conntrack_l4proto_sctp6,

#endif

};



static int ipv6_net_init(struct net *net)