Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c51d3901 authored by Davide Caratti's avatar Davide Caratti Committed by Pablo Neira Ayuso
Browse files

netfilter: conntrack: built-in support for DCCP 



CONFIG_NF_CT_PROTO_DCCP is no more a tristate. When set to y, connection
tracking support for DCCP protocol is built-in into nf_conntrack.ko.

footprint test:
$ ls -l net/netfilter/nf_conntrack{_proto_dccp,}.ko \
        net/ipv4/netfilter/nf_conntrack_ipv4.ko \
        net/ipv6/netfilter/nf_conntrack_ipv6.ko

(builtin)||  dccp  |  ipv4  |  ipv6  | nf_conntrack
---------++--------+--------+--------+--------------
none     || 469140 | 828755 | 828676 | 6141434
DCCP     ||   -    | 830566 | 829935 | 6533526

Signed-off-by: default avatarDavide Caratti <dcaratti@redhat.com>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 3fefeb88

include/linux/netfilter/nf_conntrack_dccp.h

+1 −1
Original line number Diff line number Diff line
@@ -25,7 +25,7 @@ enum ct_dccp_roles { 
#define CT_DCCP_ROLE_MAX	(__CT_DCCP_ROLE_MAX - 1)



#ifdef __KERNEL__

#include <net/netfilter/nf_conntrack_tuple.h>

#include <linux/netfilter/nf_conntrack_tuple_common.h>



struct nf_ct_dccp {

	u_int8_t	role[IP_CT_DIR_MAX];

include/net/netfilter/ipv4/nf_conntrack_ipv4.h

+3 −0
Original line number Diff line number Diff line
@@ -15,6 +15,9 @@ extern struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv4; 
extern struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp4;

extern struct nf_conntrack_l4proto nf_conntrack_l4proto_udp4;

extern struct nf_conntrack_l4proto nf_conntrack_l4proto_icmp;

#ifdef CONFIG_NF_CT_PROTO_DCCP

extern struct nf_conntrack_l4proto nf_conntrack_l4proto_dccp4;

#endif



int nf_conntrack_ipv4_compat_init(void);

void nf_conntrack_ipv4_compat_fini(void);

include/net/netfilter/ipv6/nf_conntrack_ipv6.h

+3 −0
Original line number Diff line number Diff line
@@ -6,6 +6,9 @@ extern struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6; 
extern struct nf_conntrack_l4proto nf_conntrack_l4proto_tcp6;

extern struct nf_conntrack_l4proto nf_conntrack_l4proto_udp6;

extern struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6;

#ifdef CONFIG_NF_CT_PROTO_DCCP

extern struct nf_conntrack_l4proto nf_conntrack_l4proto_dccp6;

#endif



#include <linux/sysctl.h>

extern struct ctl_table nf_ct_ipv6_sysctl_table[];

include/net/netns/conntrack.h

+14 −0
Original line number Diff line number Diff line
@@ -6,6 +6,9 @@ 
#include <linux/atomic.h>

#include <linux/workqueue.h>

#include <linux/netfilter/nf_conntrack_tcp.h>

#ifdef CONFIG_NF_CT_PROTO_DCCP

#include <linux/netfilter/nf_conntrack_dccp.h>

#endif

#include <linux/seqlock.h>



struct ctl_table_header;
@@ -48,12 +51,23 @@ struct nf_icmp_net { 
	unsigned int timeout;

};



#ifdef CONFIG_NF_CT_PROTO_DCCP

struct nf_dccp_net {

	struct nf_proto_net pn;

	int dccp_loose;

	unsigned int dccp_timeout[CT_DCCP_MAX + 1];

};

#endif



struct nf_ip_net {

	struct nf_generic_net   generic;

	struct nf_tcp_net	tcp;

	struct nf_udp_net	udp;

	struct nf_icmp_net	icmp;

	struct nf_icmp_net	icmpv6;

#ifdef CONFIG_NF_CT_PROTO_DCCP

	struct nf_dccp_net	dccp;

#endif

};



struct ct_pcpu {

net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c

+3 −0
Original line number Diff line number Diff line
@@ -340,6 +340,9 @@ static struct nf_conntrack_l4proto *builtin_l4proto4[] = { 
	&nf_conntrack_l4proto_tcp4,

	&nf_conntrack_l4proto_udp4,

	&nf_conntrack_l4proto_icmp,

#ifdef CONFIG_NF_CT_PROTO_DCCP

	&nf_conntrack_l4proto_dccp4,

#endif

};



static int ipv4_net_init(struct net *net)