- 18 Nov, 2008 2 commits
-
-
Pablo Neira Ayuso authored
As for now, the creation and update of conntracks via ctnetlink do not propagate an event to userspace. This can result in inconsistent situations if several userspace processes modify the connection tracking table by means of ctnetlink at the same time. Specifically, using the conntrack command line tool and conntrackd at the same time can trigger unconsistencies. This patch also modifies the event cache infrastructure to pass the process PID and the ECHO flag to nfnetlink_send() to report back to userspace if the process that triggered the change needs so. Based on a suggestion from Patrick McHardy. Signed-off-by:
Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by:
Patrick McHardy <kaber@trash.net>
-
Pablo Neira Ayuso authored
This patch adds module loading for helpers via ctnetlink. * Creation path: We support explicit and implicit helper assignation. For the explicit case, we try to load the module. If the module is correctly loaded and the helper is present, we return EAGAIN to re-start the creation. Otherwise, we return EOPNOTSUPP. * Update path: release the spin lock, load the module and check. If it is present, then return EAGAIN to re-start the update. This patch provides a refactorized function to lookup-and-set the connection tracking helper. The function removes the exported symbol __nf_ct_helper_find as it has not clients anymore. Signed-off-by:
-
- 17 Nov, 2008 4 commits
-
-
Pablo Neira Ayuso authored
This patch adds the macro MODULE_ALIAS_NFCT_HELPER that defines a way to provide generic and persistent aliases for the connection tracking helpers. This next patch requires this patch. Signed-off-by:
-
Pablo Neira Ayuso authored
This patch replaces the unnecessary module refcounting with the read-side locks. With this patch, all the dump and fill_info function are called under the RCU read lock. Based on a patch from Fabian Hugelshofer. Signed-off-by:
-
Pablo Neira Ayuso authored
This patch changes the return value if the conntrack has no helper assigned. Instead of EINVAL, which is reserved for malformed messages, it returns EOPNOTSUPP. Signed-off-by:
-
Pablo Neira Ayuso authored
Use nf_conntrack_get instead of the direct call to atomic_inc. Signed-off-by:
-
- 04 Nov, 2008 34 commits
-
-
Simon Arlott authored
In net/ipv4/netfilter/nf_nat_rule.c, the function warn_if_extra_mangle was added in commit 5b1158e9 (2006-12-02). I have a DNAT target in the OUTPUT chain than changes connections with dst 2.0.0.1 to another address which I'll substitute with 66.102.9.99 below. On every boot I get the following message: [ 146.252505] NAT: no longer support implicit source local NAT [ 146.252517] NAT: packet src 66.102.9.99 -> dst 2.0.0.1 As far as I can tell from reading the function doing this, it should warn if the source IP for the route to 66.102.9.99 is different from 2.0.0.1 but that is not the case. It doesn't make sense to check the DNAT target against the local route source. Either the function should be changed to correctly check the route, or it should be removed entirely as it's been nearly 2 years since it was added. Signed-off-by:
Simon Arlott <simon@fire.lp0.eu> Signed-off-by:
-
Alexey Dobriyan authored
Signed-off-by:
Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by:
-
Alexey Dobriyan authored
Signed-off-by:
-
Alexey Dobriyan authored
Signed-off-by:
-
Alexey Dobriyan authored
Signed-off-by:
-
Alexey Dobriyan authored
Now that ebt_unregister_table() can be called during netns stop, and module pinning scheme can't prevent netns stop, do table cleanup by hand. Signed-off-by:
-
Alexey Dobriyan authored
* return ebt_table from ebt_register_table(), module code will save it into per-netns data for unregistration * duplicate ebt_table at the very beginning of registration -- it's added into list, so one ebt_table wouldn't end up in many lists (and each netns has different one) * introduce underscored tables in individial modules, this is temporary to not break bisection. Signed-off-by:
-
Alexey Dobriyan authored
* propagate netns from userspace, register table in passed netns * remporarily register every ebt_table in init_net P. S.: one needs to add ".netns_ok = 1" to igmp_protocol to test with ebtables(8) in netns. Signed-off-by:
-
Alexey Dobriyan authored
It's identical to NF_ARP_IN hook. Signed-off-by:
-
Alexey Dobriyan authored
Signed-off-by:
-
Eric Leblond authored
This patch modifies xt_NFLOG to suppress the call to nf_log_packet() function. The call of this wrapper in xt_NFLOG was causing NFLOG to use the first initialized module. Thus, if ipt_ULOG is loaded before nfnetlink_log all NFLOG rules are treated as plain LOG rules. Signed-off-by:
Eric Leblond <eric@inl.fr> Signed-off-by:
-
David S. Miller authored
The generic packet receive code takes care of setting netdev->last_rx when necessary, for the sake of the bonding ARP monitor. Signed-off-by:David S. Miller <davem@davemloft.net>
-
Stephen Hemminger authored
All these individual parsing functions never return an error, so they can be void. Signed-off-by:
Stephen Hemminger <shemminger@vyatta.com> Signed-off-by:
-
David S. Miller authored
The generic packet receive code takes care of setting netdev->last_rx when necessary, for the sake of the bonding ARP monitor. Drivers need not do it any more. Some cases had to be skipped over because the drivers were making use of the ->last_rx value themselves. Signed-off-by: -
Jianjun Kong authored
Removed duplicated #include <rdma/ib_verbs.h> in net/9p/trans_rdma.c and #include <linux/thread_info.h> in net/socket.c Signed-off-by:
Jianjun Kong <jianjun@zeuux.org> Signed-off-by:
-
Alexey Dobriyan authored
I want to compile out proc_* and sysctl_* handlers totally and stub them to NULL depending on config options, however usage of & will prevent this, since taking adress of NULL pointer will break compilation. So, drop & in front of every ->proc_handler and every ->strategy handler, it was never needed in fact. Signed-off-by:
-
Jay Vosburgh authored
The only user of the net_device->last_rx field is bonding. This patch adds a conditional update of last_rx to the bonding special logic in skb_bond_should_drop, causing last_rx to only be updated when the ARP monitor is running. This frees network device drivers from the necessity of updating last_rx, which can have cache line thrash issues. Signed-off-by:
Jay Vosburgh <fubar@us.ibm.com> Signed-off-by:
-
Stephen Hemminger authored
This patch gets about 1.25% back on tbench regression. My change to NAPI for multiqueue support changed the time limit on network receive processing. Under sustained loads like tbench, this can cause the receiver to reschedule prematurely. Signed-off-by:
-
Harvey Harrison authored
put_dec_trunc prints the digits in reverse order and is reversed inside number(). Continue using put_dec_trunc, but reverse each quad in ip4_addr_string. [Noticed by Julius Volz] Signed-off-by:
Harvey Harrison <harvey.harrison@gmail.com> Signed-off-by:
-
Julius Volz authored
Remove the 'supports_ipv6' scheduler flag since all schedulers now support IPv6. Signed-off-by:
Julius Volz <julius.volz@gmail.com> Signed-off-by:
-
Julius Volz authored
Add IPv6 support to LBLC and LBLCR schedulers. These were the last schedulers without IPv6 support, but we might want to keep the supports_ipv6 flag in the case of future schedulers without IPv6 support. Signed-off-by:
Simon Horman <horms@verge.net.au> Signed-off-by:
-
Matt Carlson authored
This patch updates the version to 3.95. Signed-off-by:
Matt Carlson <mcarlson@broadcom.com> Signed-off-by:
Michael Chan <mchan@broadcom.com> Signed-off-by:
-
Matt Carlson authored
This patch adds the BCM50610 to the list of phys supported by the broadcom driver. Signed-off-by:
-
Matt Carlson authored
This patch makes the expansion register access routines a little more formal. They will be used by the following bcm50610 support patch. Signed-off-by:
-
Matt Carlson authored
This patch adds flow control support to Broadcom phys. Signed-off-by:
-
Matt Carlson authored
This patch refines support for the 5785 device. Signed-off-by:
-
Matt Carlson authored
This patch refines the phylib support in the tg3 driver. The patch does the following things : * Rename tg3_mdio_config() to tg3_mdio_config_5785(). The 5785 will be the only device that will use it so the name might as well reflect that. * Fix a memory leak if mdiobus_register() fails. * Add code to deal with phy device detection failures. * Add code to correct the supported list of phy features based on the MAC <=> PHY interface. Signed-off-by:
-
Matt Carlson authored
This patch allows WOL to be enabled for Broadcom phys under phylib control. The only exception is the AC131, which has a completely different register set. Signed-off-by:
-
Matt Carlson authored
Commit 12dac075 ("tg3: adapt tg3 to use reworked PCI PM code") introduced the new PCI PM API to the tg3 driver. The patch was understandably conservative, so this patch elaborates on that work. The patch starts by creating a single point in tg3_set_power_state() to decide whether or not to enable WOL. The rest of the code in tg3_set_power_state() was then pivoted to use the result of this decision. The patch then makes sure the device is allowed to wakeup before reporting whether or not WOL is currently enabled. The final hunks of the patch consolidate where the WOL capability and WOL enabled flags are set to a single location. Signed-off-by:
-
Matt Carlson authored
Currently, phylib reports appear with a eth%d prefix. Move the line after register_netdev() and place it alongside the other informative messages. Update nearby informative messages accordingly. Signed-off-by:
-
Matt Carlson authored
With older versions of the NVRAM format, the driver may mistakenly determine that APE is enabled. Make sure this doesn't happen by restricting the ENABLE_APE check to devices known to have more recent NVRAM image formats. Signed-off-by:
-
Matt Carlson authored
This patch reclaims the TG3_FLG3_5761_5784_AX_FIXES flag. It only used twice in non-fast paths. This patch also consolidates some other places where specific 5784 AX chip revisions can be generalized. Signed-off-by:
-
Matt Carlson authored
This patch moves the __tg3_set_mac_addr() function earlier in the file listing, to avoid a function prototype, and calls the function to restore the LAA after a driver unload chip reset. With this code in place, the administrator can wake the machine using the LAA. Signed-off-by:
-
Matt Carlson authored
DASH firmware runs on the APE side of the chip, but it requires a few MAC to be programmed correctly. When WOL is enabled and management firmware is disabled, incoming packets are evaluated and discarded at the chip's rule processor. When management firmware is enabled, the hardware must be informed that there are agents further up the stack that still use the incoming frames. Normally management firmware will configure the MAC correctly on its own, but there can be cases where the setting could get clobbered by the driver. The first hunk of this patch preserves this setting. The second hunk of this patch wipes out the driver present signature of the APE memory space. By doing so, the DASH firmware can assume driver absent behavior. Signed-off-by:
-
