Loading include/linux/if_bridge.h +2 −0 Original line number Diff line number Diff line Loading @@ -56,6 +56,8 @@ extern void brioctl_set(int (*ioctl_hook)(struct net *, unsigned int, void __use typedef int br_should_route_hook_t(struct sk_buff *skb); extern br_should_route_hook_t __rcu *br_should_route_hook; extern struct net_device *br_port_dev_get(struct net_device *dev, unsigned char *addr); #if IS_ENABLED(CONFIG_BRIDGE) && IS_ENABLED(CONFIG_BRIDGE_IGMP_SNOOPING) int br_multicast_list_adjacent(struct net_device *dev, Loading include/net/netfilter/nf_conntrack.h +1 −0 Original line number Diff line number Diff line Loading @@ -292,6 +292,7 @@ extern struct hlist_nulls_head *nf_conntrack_hash; extern unsigned int nf_conntrack_htable_size; extern seqcount_t nf_conntrack_generation; extern unsigned int nf_conntrack_max; extern unsigned int nf_conntrack_pkt_threshold; /* must be called with rcu read lock held */ static inline void Loading include/uapi/linux/netfilter/nf_conntrack_common.h +3 −0 Original line number Diff line number Diff line Loading @@ -125,11 +125,14 @@ enum ip_conntrack_events { IPCT_NATSEQADJ = IPCT_SEQADJ, IPCT_SECMARK, /* new security mark has been set */ IPCT_LABEL, /* new connlabel has been set */ IPCT_COUNTER, /* Packet counters have matched. */ #ifdef __KERNEL__ __IPCT_MAX #endif }; #define IPCT_COUNTER IPCT_COUNTER enum ip_conntrack_expect_events { IPEXP_NEW, /* new expectation */ IPEXP_DESTROY, /* destroyed expectation */ Loading net/bridge/br_if.c +31 −0 Original line number Diff line number Diff line Loading @@ -654,3 +654,34 @@ void br_port_flags_change(struct net_bridge_port *p, unsigned long mask) if (mask & BR_AUTO_MASK) nbp_update_port_count(br); } /* br_port_dev_get() * Using the given addr, identify the port to which it is reachable, * returing a reference to the net device associated with that port. * * NOTE: Return NULL if given dev is not a bridge or * the mac has no associated port */ struct net_device *br_port_dev_get(struct net_device *dev, unsigned char *addr) { struct net_bridge_fdb_entry *fdbe; struct net_bridge *br; struct net_device *netdev = NULL; /* Is this a bridge? */ if (!(dev->priv_flags & IFF_EBRIDGE)) return NULL; br = netdev_priv(dev); /* Lookup the fdb entry and get reference to the port dev */ rcu_read_lock(); fdbe = br_fdb_find_rcu(br, addr, 0); if (fdbe && fdbe->dst) { netdev = fdbe->dst->dev; /* port device */ dev_hold(netdev); } rcu_read_unlock(); return netdev; } EXPORT_SYMBOL(br_port_dev_get); net/netfilter/nf_conntrack_core.c +28 −3 Original line number Diff line number Diff line Loading @@ -189,6 +189,10 @@ EXPORT_SYMBOL_GPL(nf_conntrack_htable_size); unsigned int nf_conntrack_max __read_mostly; seqcount_t nf_conntrack_generation __read_mostly; unsigned int nf_conntrack_pkt_threshold __read_mostly; EXPORT_SYMBOL(nf_conntrack_pkt_threshold); static unsigned int nf_conntrack_hash_rnd __read_mostly; static u32 hash_conntrack_raw(const struct nf_conntrack_tuple *tuple, Loading Loading @@ -1495,8 +1499,10 @@ void __nf_ct_refresh_acct(struct nf_conn *ct, unsigned long extra_jiffies, int do_acct) { WARN_ON(!skb); struct nf_conn_acct *acct; u64 pkts; WARN_ON(!skb); /* Only update if this is not a fixed timeout */ if (test_bit(IPS_FIXED_TIMEOUT_BIT, &ct->status)) goto acct; Loading @@ -1507,8 +1513,27 @@ void __nf_ct_refresh_acct(struct nf_conn *ct, ct->timeout = extra_jiffies; acct: if (do_acct) nf_ct_acct_update(ct, ctinfo, skb->len); if (do_acct) { acct = nf_conn_acct_find(ct); if (acct) { struct nf_conn_counter *counter = acct->counter; atomic64_inc(&counter[CTINFO2DIR(ctinfo)].packets); atomic64_add(skb->len, &counter [CTINFO2DIR(ctinfo)].bytes); pkts = atomic64_read(&counter[CTINFO2DIR(ctinfo)].packets) + atomic64_read(&counter[!CTINFO2DIR(ctinfo)].packets); /* Report if the packet threshold is reached. */ if (nf_conntrack_pkt_threshold > 0 && pkts == nf_conntrack_pkt_threshold) { nf_conntrack_event_cache(IPCT_COUNTER, ct); nf_conntrack_event_cache(IPCT_PROTOINFO, ct); nf_ct_deliver_cached_events(ct); } } } } EXPORT_SYMBOL_GPL(__nf_ct_refresh_acct); Loading Loading
include/linux/if_bridge.h +2 −0 Original line number Diff line number Diff line Loading @@ -56,6 +56,8 @@ extern void brioctl_set(int (*ioctl_hook)(struct net *, unsigned int, void __use typedef int br_should_route_hook_t(struct sk_buff *skb); extern br_should_route_hook_t __rcu *br_should_route_hook; extern struct net_device *br_port_dev_get(struct net_device *dev, unsigned char *addr); #if IS_ENABLED(CONFIG_BRIDGE) && IS_ENABLED(CONFIG_BRIDGE_IGMP_SNOOPING) int br_multicast_list_adjacent(struct net_device *dev, Loading
include/net/netfilter/nf_conntrack.h +1 −0 Original line number Diff line number Diff line Loading @@ -292,6 +292,7 @@ extern struct hlist_nulls_head *nf_conntrack_hash; extern unsigned int nf_conntrack_htable_size; extern seqcount_t nf_conntrack_generation; extern unsigned int nf_conntrack_max; extern unsigned int nf_conntrack_pkt_threshold; /* must be called with rcu read lock held */ static inline void Loading
include/uapi/linux/netfilter/nf_conntrack_common.h +3 −0 Original line number Diff line number Diff line Loading @@ -125,11 +125,14 @@ enum ip_conntrack_events { IPCT_NATSEQADJ = IPCT_SEQADJ, IPCT_SECMARK, /* new security mark has been set */ IPCT_LABEL, /* new connlabel has been set */ IPCT_COUNTER, /* Packet counters have matched. */ #ifdef __KERNEL__ __IPCT_MAX #endif }; #define IPCT_COUNTER IPCT_COUNTER enum ip_conntrack_expect_events { IPEXP_NEW, /* new expectation */ IPEXP_DESTROY, /* destroyed expectation */ Loading
net/bridge/br_if.c +31 −0 Original line number Diff line number Diff line Loading @@ -654,3 +654,34 @@ void br_port_flags_change(struct net_bridge_port *p, unsigned long mask) if (mask & BR_AUTO_MASK) nbp_update_port_count(br); } /* br_port_dev_get() * Using the given addr, identify the port to which it is reachable, * returing a reference to the net device associated with that port. * * NOTE: Return NULL if given dev is not a bridge or * the mac has no associated port */ struct net_device *br_port_dev_get(struct net_device *dev, unsigned char *addr) { struct net_bridge_fdb_entry *fdbe; struct net_bridge *br; struct net_device *netdev = NULL; /* Is this a bridge? */ if (!(dev->priv_flags & IFF_EBRIDGE)) return NULL; br = netdev_priv(dev); /* Lookup the fdb entry and get reference to the port dev */ rcu_read_lock(); fdbe = br_fdb_find_rcu(br, addr, 0); if (fdbe && fdbe->dst) { netdev = fdbe->dst->dev; /* port device */ dev_hold(netdev); } rcu_read_unlock(); return netdev; } EXPORT_SYMBOL(br_port_dev_get);
net/netfilter/nf_conntrack_core.c +28 −3 Original line number Diff line number Diff line Loading @@ -189,6 +189,10 @@ EXPORT_SYMBOL_GPL(nf_conntrack_htable_size); unsigned int nf_conntrack_max __read_mostly; seqcount_t nf_conntrack_generation __read_mostly; unsigned int nf_conntrack_pkt_threshold __read_mostly; EXPORT_SYMBOL(nf_conntrack_pkt_threshold); static unsigned int nf_conntrack_hash_rnd __read_mostly; static u32 hash_conntrack_raw(const struct nf_conntrack_tuple *tuple, Loading Loading @@ -1495,8 +1499,10 @@ void __nf_ct_refresh_acct(struct nf_conn *ct, unsigned long extra_jiffies, int do_acct) { WARN_ON(!skb); struct nf_conn_acct *acct; u64 pkts; WARN_ON(!skb); /* Only update if this is not a fixed timeout */ if (test_bit(IPS_FIXED_TIMEOUT_BIT, &ct->status)) goto acct; Loading @@ -1507,8 +1513,27 @@ void __nf_ct_refresh_acct(struct nf_conn *ct, ct->timeout = extra_jiffies; acct: if (do_acct) nf_ct_acct_update(ct, ctinfo, skb->len); if (do_acct) { acct = nf_conn_acct_find(ct); if (acct) { struct nf_conn_counter *counter = acct->counter; atomic64_inc(&counter[CTINFO2DIR(ctinfo)].packets); atomic64_add(skb->len, &counter [CTINFO2DIR(ctinfo)].bytes); pkts = atomic64_read(&counter[CTINFO2DIR(ctinfo)].packets) + atomic64_read(&counter[!CTINFO2DIR(ctinfo)].packets); /* Report if the packet threshold is reached. */ if (nf_conntrack_pkt_threshold > 0 && pkts == nf_conntrack_pkt_threshold) { nf_conntrack_event_cache(IPCT_COUNTER, ct); nf_conntrack_event_cache(IPCT_PROTOINFO, ct); nf_ct_deliver_cached_events(ct); } } } } EXPORT_SYMBOL_GPL(__nf_ct_refresh_acct); Loading
