Commit 6f45933d authored by David S. Miller's avatar David S. Miller
Browse files

Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 



Pablo Neira Ayuso says:

====================
Netfilter updates for net-next

The following patchset contains Netfilter updates for net-next:

1) Use nfnetlink_unicast() instead of netlink_unicast() in nft_compat.

2) Remove call to nf_ct_l4proto_find() in flowtable offload timeout
   fixup.

3) CLUSTERIP registers ARP hook on demand, from Florian.

4) Use clusterip_net to store pernet warning, also from Florian.

5) Remove struct netns_xt, from Florian Westphal.

6) Enable ebtables hooks in initns on demand, from Florian.

7) Allow to filter conntrack netlink dump per status bits,
   from Florian Westphal.

8) Register x_tables hooks in initns on demand, from Florian.

9) Remove queue_handler from per-netns structure, again from Florian.
====================

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents d3432bf1 87029970

include/linux/netfilter/x_tables.h

+3 −3
Original line number Diff line number Diff line
@@ -238,9 +238,6 @@ struct xt_table { 
	u_int8_t af;		/* address/protocol family */

	int priority;		/* hook order */



	/* called when table is needed in the given netns */

	int (*table_init)(struct net *net);



	/* A unique name... */

	const char name[XT_TABLE_MAXNAMELEN];

};
@@ -452,6 +449,9 @@ xt_get_per_cpu_counter(struct xt_counters *cnt, unsigned int cpu) 


struct nf_hook_ops *xt_hook_ops_alloc(const struct xt_table *, nf_hookfn *);



int xt_register_template(const struct xt_table *t, int(*table_init)(struct net *net));

void xt_unregister_template(const struct xt_table *t);



#ifdef CONFIG_NETFILTER_XTABLES_COMPAT

#include <net/compat.h>

include/linux/netfilter_bridge/ebtables.h

+2 −0
Original line number Diff line number Diff line
@@ -127,4 +127,6 @@ static inline bool ebt_invalid_target(int target) 
	return (target < -NUM_STANDARD_TARGETS || target >= 0);

}



int ebt_register_template(const struct ebt_table *t, int(*table_init)(struct net *net));

void ebt_unregister_template(const struct ebt_table *t);

#endif

include/net/net_namespace.h

+0 −2
Original line number Diff line number Diff line
@@ -23,7 +23,6 @@ 
#include <net/netns/ieee802154_6lowpan.h>

#include <net/netns/sctp.h>

#include <net/netns/netfilter.h>

#include <net/netns/x_tables.h>

#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)

#include <net/netns/conntrack.h>

#endif
@@ -133,7 +132,6 @@ struct net { 
#endif

#ifdef CONFIG_NETFILTER

	struct netns_nf		nf;

	struct netns_xt		xt;

#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)

	struct netns_ct		ct;

#endif

include/net/netfilter/nf_queue.h

+2 −2
Original line number Diff line number Diff line
@@ -33,8 +33,8 @@ struct nf_queue_handler { 
	void		(*nf_hook_drop)(struct net *net);

};



void nf_register_queue_handler(struct net *net, const struct nf_queue_handler *qh);

void nf_unregister_queue_handler(struct net *net);

void nf_register_queue_handler(const struct nf_queue_handler *qh);

void nf_unregister_queue_handler(void);

void nf_reinject(struct nf_queue_entry *entry, unsigned int verdict);



void nf_queue_entry_get_refs(struct nf_queue_entry *entry);

include/net/netns/netfilter.h

+0 −1
Original line number Diff line number Diff line
@@ -12,7 +12,6 @@ struct netns_nf { 
#if defined CONFIG_PROC_FS

	struct proc_dir_entry *proc_netfilter;

#endif

	const struct nf_queue_handler __rcu *queue_handler;

	const struct nf_logger __rcu *nf_loggers[NFPROTO_NUMPROTO];

#ifdef CONFIG_SYSCTL

	struct ctl_table_header *nf_log_dir_header;