summaryrefslogtreecommitdiffstats
path: root/include/net/netns/conntrack.h
diff options
context:
space:
mode:
authorGao feng <gaofeng@cn.fujitus.com>2012-05-28 23:04:09 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2012-06-07 14:58:39 +0200
commit2c352f444ccfa966a1aa4fd8e9ee29381c467448 (patch)
treebefcba86ddf2cdbd73d15e1e2620439158c8e2f4 /include/net/netns/conntrack.h
parentnetfilter: Add fail-open support (diff)
downloadlinux-2c352f444ccfa966a1aa4fd8e9ee29381c467448.tar.xz
linux-2c352f444ccfa966a1aa4fd8e9ee29381c467448.zip
netfilter: nf_conntrack: prepare namespace support for l4 protocol trackers
This patch prepares the namespace support for layer 4 protocol trackers. Basically, this modifies the following interfaces: * nf_ct_[un]register_sysctl * nf_conntrack_l4proto_[un]register to include the namespace parameter. We still use init_net in this patch to prepare the ground for follow-up patches for each layer 4 protocol tracker. We add a new net_id field to struct nf_conntrack_l4proto that is used to store the pernet_operations id for each layer 4 protocol tracker. Note that AF_INET6's protocols do not need to do sysctl compat. Thus, we only register compat sysctl when l4proto.l3proto != AF_INET6. Acked-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/net/netns/conntrack.h')
-rw-r--r--include/net/netns/conntrack.h12
1 files changed, 12 insertions, 0 deletions
diff --git a/include/net/netns/conntrack.h b/include/net/netns/conntrack.h
index a053a19870cf..1f53038b0d1b 100644
--- a/include/net/netns/conntrack.h
+++ b/include/net/netns/conntrack.h
@@ -8,6 +8,18 @@
struct ctl_table_header;
struct nf_conntrack_ecache;
+struct nf_proto_net {
+#ifdef CONFIG_SYSCTL
+ struct ctl_table_header *ctl_table_header;
+ struct ctl_table *ctl_table;
+#ifdef CONFIG_NF_CONNTRACK_PROC_COMPAT
+ struct ctl_table_header *ctl_compat_header;
+ struct ctl_table *ctl_compat_table;
+#endif
+#endif
+ unsigned int users;
+};
+
struct netns_ct {
atomic_t count;
unsigned int expect_count;