Commit 82f437b9 authored by David S. Miller's avatar David S. Miller
Browse files

Merge branch 'master' of git://1984.lsi.us.es/nf-next 

Pablo says:

====================
This is the second batch of Netfilter updates for net-next. It contains the
kernel changes for the new user-space connection tracking helper
infrastructure.

More details on this infrastructure are provides here:
http://lwn.net/Articles/500196/



Still, I plan to provide some official documentation through the
conntrack-tools user manual on how to setup user-space utilities for this.
So far, it provides two helper in user-space, one for NFSv3 and another for
Oracle/SQLnet/TNS. Yet in my TODO list.
====================

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents 7f95e188 12f7a505

include/linux/netfilter.h

+12 −0
Original line number Diff line number Diff line
@@ -393,6 +393,18 @@ nf_nat_decode_session(struct sk_buff *skb, struct flowi *fl, u_int8_t family) 
extern void (*ip_ct_attach)(struct sk_buff *, struct sk_buff *) __rcu;

extern void nf_ct_attach(struct sk_buff *, struct sk_buff *);

extern void (*nf_ct_destroy)(struct nf_conntrack *) __rcu;



struct nf_conn;

struct nlattr;



struct nfq_ct_hook {

	size_t (*build_size)(const struct nf_conn *ct);

	int (*build)(struct sk_buff *skb, struct nf_conn *ct);

	int (*parse)(const struct nlattr *attr, struct nf_conn *ct);

	void (*seq_adjust)(struct sk_buff *skb, struct nf_conn *ct,

			   u32 ctinfo, int off);

};

extern struct nfq_ct_hook *nfq_ct_hook;

#else

static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {}

#endif

include/linux/netfilter/Kbuild

+1 −0
Original line number Diff line number Diff line
@@ -10,6 +10,7 @@ header-y += nfnetlink.h 
header-y += nfnetlink_acct.h

header-y += nfnetlink_compat.h

header-y += nfnetlink_conntrack.h

header-y += nfnetlink_cthelper.h

header-y += nfnetlink_cttimeout.h

header-y += nfnetlink_log.h

header-y += nfnetlink_queue.h

include/linux/netfilter/nf_conntrack_sip.h

+2 −0
Original line number Diff line number Diff line
@@ -2,6 +2,8 @@ 
#define __NF_CONNTRACK_SIP_H__

#ifdef __KERNEL__



#include <net/netfilter/nf_conntrack_expect.h>



#define SIP_PORT	5060

#define SIP_TIMEOUT	3600

include/linux/netfilter/nfnetlink.h

+2 −1
Original line number Diff line number Diff line
@@ -50,7 +50,8 @@ struct nfgenmsg { 
#define NFNL_SUBSYS_IPSET		6

#define NFNL_SUBSYS_ACCT		7

#define NFNL_SUBSYS_CTNETLINK_TIMEOUT	8

#define NFNL_SUBSYS_COUNT		9

#define NFNL_SUBSYS_CTHELPER		9

#define NFNL_SUBSYS_COUNT		10



#ifdef __KERNEL__

include/linux/netfilter/nfnetlink_conntrack.h

+1 −0
Original line number Diff line number Diff line
@@ -191,6 +191,7 @@ enum ctattr_expect_nat { 
enum ctattr_help {

	CTA_HELP_UNSPEC,

	CTA_HELP_NAME,

	CTA_HELP_INFO,

	__CTA_HELP_MAX

};

#define CTA_HELP_MAX (__CTA_HELP_MAX - 1)

CRA Git | Maintained and supported by SUSTech CRA and CCSE