Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 547b9ca8 authored by David S. Miller's avatar David S. Miller
Browse files

Merge branch 'ip-sysctl-namespaceify' 



Nikolay Borisov says:

====================
Namespacify various ip sysctl knobs

This series continues namespacifying more net related knobs.
The focus here is on ip options. Patches 1,3,4,5 namespacify
the respective sysctl knobs. Patch 2 moves some igmp code to the
correct file (and function) and also adds some #ifdef guards to
silence compilation warnings.

Finally, patch 5 exposes the ip fragmentation related sysctls
since all of the knobs are namespaced.
====================

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents 6cd21d79 52a773d6

include/net/inet_frag.h

+1 −0
Original line number Diff line number Diff line
@@ -13,6 +13,7 @@ struct netns_frags { 
	int			timeout;

	int			high_thresh;

	int			low_thresh;

	int			max_dist;

};



/**

include/net/ip.h

+0 −6
Original line number Diff line number Diff line
@@ -245,12 +245,6 @@ extern int inet_peer_threshold; 
extern int inet_peer_minttl;

extern int inet_peer_maxttl;



/* From ip_input.c */

extern int sysctl_ip_early_demux;



/* From ip_output.c */

extern int sysctl_ip_dynaddr;



void ipfrag_init(void);



void ip_static_sysctl_init(void);

include/net/netns/ipv4.h

+4 −0
Original line number Diff line number Diff line
@@ -80,9 +80,13 @@ struct netns_ipv4 { 
	int sysctl_tcp_ecn;

	int sysctl_tcp_ecn_fallback;



	int sysctl_ip_default_ttl;

	int sysctl_ip_no_pmtu_disc;

	int sysctl_ip_fwd_use_pmtu;

	int sysctl_ip_nonlocal_bind;

	/* Shall we try to damage output packets if routing dev changes? */

	int sysctl_ip_dynaddr;

	int sysctl_ip_early_demux;



	int sysctl_fwmark_reflect;

	int sysctl_tcp_fwmark_accept;

include/net/route.h

+2 −3
Original line number Diff line number Diff line
@@ -329,14 +329,13 @@ static inline int inet_iif(const struct sk_buff *skb) 
	return skb->skb_iif;

}



extern int sysctl_ip_default_ttl;



static inline int ip4_dst_hoplimit(const struct dst_entry *dst)

{

	int hoplimit = dst_metric_raw(dst, RTAX_HOPLIMIT);

	struct net *net = dev_net(dst->dev);



	if (hoplimit == 0)

		hoplimit = sysctl_ip_default_ttl;

		hoplimit = net->ipv4.sysctl_ip_default_ttl;

	return hoplimit;

}

net/bridge/netfilter/nft_reject_bridge.c

+5 −3
Original line number Diff line number Diff line
@@ -48,6 +48,7 @@ static void nft_reject_br_send_v4_tcp_reset(struct sk_buff *oldskb, 
	struct iphdr *niph;

	const struct tcphdr *oth;

	struct tcphdr _oth;

	struct net *net = sock_net(oldskb->sk);



	if (!nft_bridge_iphdr_validate(oldskb))

		return;
@@ -63,9 +64,9 @@ static void nft_reject_br_send_v4_tcp_reset(struct sk_buff *oldskb, 


	skb_reserve(nskb, LL_MAX_HEADER);

	niph = nf_reject_iphdr_put(nskb, oldskb, IPPROTO_TCP,

				   sysctl_ip_default_ttl);

				   net->ipv4.sysctl_ip_default_ttl);

	nf_reject_ip_tcphdr_put(nskb, oldskb, oth);

	niph->ttl	= sysctl_ip_default_ttl;

	niph->ttl	= net->ipv4.sysctl_ip_default_ttl;

	niph->tot_len	= htons(nskb->len);

	ip_send_check(niph);
@@ -85,6 +86,7 @@ static void nft_reject_br_send_v4_unreach(struct sk_buff *oldskb, 
	void *payload;

	__wsum csum;

	u8 proto;

	struct net *net = sock_net(oldskb->sk);



	if (oldskb->csum_bad || !nft_bridge_iphdr_validate(oldskb))

		return;
@@ -119,7 +121,7 @@ static void nft_reject_br_send_v4_unreach(struct sk_buff *oldskb, 


	skb_reserve(nskb, LL_MAX_HEADER);

	niph = nf_reject_iphdr_put(nskb, oldskb, IPPROTO_ICMP,

				   sysctl_ip_default_ttl);

				   net->ipv4.sysctl_ip_default_ttl);



	skb_reset_transport_header(nskb);

	icmph = (struct icmphdr *)skb_put(nskb, sizeof(struct icmphdr));