diff options
author | Rusty Russell <rusty@rustcorp.com.au> | 2005-01-16 21:59:11 -0800 |
---|---|---|
committer | David S. Miller <davem@nuts.davemloft.net> | 2005-01-16 21:59:11 -0800 |
commit | cd79564003e1b16ebc4090d3a2055e30e08898fc (patch) | |
tree | 7eb8c97a610b8184cd81ff968b53fd141f4b41f6 | |
parent | 1ae14212c6e6af2f7ca3522afe03d50084e9be7d (diff) |
[NETFILTER]: Adrian Bunk's cleanup patches
Adrian Bunk's cleanup patch, updated for after all the Rusty patches.
The ip_nat_protocol_register/unregister EXPORT_SYMBOLs() stay, as they
are used by future patches.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> (modified)
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | include/linux/netfilter_ipv4/ip_conntrack_helper.h | 3 | ||||
-rw-r--r-- | include/linux/netfilter_ipv4/ip_nat_core.h | 4 | ||||
-rw-r--r-- | net/ipv4/netfilter/ip_conntrack_core.c | 4 | ||||
-rw-r--r-- | net/ipv4/netfilter/ip_conntrack_ftp.c | 3 | ||||
-rw-r--r-- | net/ipv4/netfilter/ip_conntrack_irc.c | 4 | ||||
-rw-r--r-- | net/ipv4/netfilter/ip_conntrack_proto_sctp.c | 16 | ||||
-rw-r--r-- | net/ipv4/netfilter/ip_conntrack_standalone.c | 1 | ||||
-rw-r--r-- | net/ipv4/netfilter/ip_nat_core.c | 50 | ||||
-rw-r--r-- | net/ipv4/netfilter/ip_nat_helper.c | 2 | ||||
-rw-r--r-- | net/ipv4/netfilter/ipt_CLUSTERIP.c | 2 | ||||
-rw-r--r-- | net/ipv4/netfilter/ipt_ULOG.c | 4 | ||||
-rw-r--r-- | net/ipv4/netfilter/ipt_hashlimit.c | 2 |
12 files changed, 42 insertions, 53 deletions
diff --git a/include/linux/netfilter_ipv4/ip_conntrack_helper.h b/include/linux/netfilter_ipv4/ip_conntrack_helper.h index 318773e548cf5..b1bbba0a12cb2 100644 --- a/include/linux/netfilter_ipv4/ip_conntrack_helper.h +++ b/include/linux/netfilter_ipv4/ip_conntrack_helper.h @@ -29,9 +29,6 @@ struct ip_conntrack_helper extern int ip_conntrack_helper_register(struct ip_conntrack_helper *); extern void ip_conntrack_helper_unregister(struct ip_conntrack_helper *); -extern struct ip_conntrack_helper *ip_ct_find_helper(const struct ip_conntrack_tuple *tuple); - - /* Allocate space for an expectation: this is mandatory before calling ip_conntrack_expect_related. */ extern struct ip_conntrack_expect *ip_conntrack_expect_alloc(void); diff --git a/include/linux/netfilter_ipv4/ip_nat_core.h b/include/linux/netfilter_ipv4/ip_nat_core.h index 4f01f882f2fc6..0ae9a21d9746e 100644 --- a/include/linux/netfilter_ipv4/ip_nat_core.h +++ b/include/linux/netfilter_ipv4/ip_nat_core.h @@ -19,9 +19,5 @@ extern int icmp_reply_translation(struct sk_buff **pskb, unsigned int hooknum, int dir); -extern void replace_in_hashes(struct ip_conntrack *conntrack, - struct ip_nat_info *info); -extern void place_in_hashes(struct ip_conntrack *conntrack, - struct ip_nat_info *info); #endif /* _IP_NAT_CORE_H */ diff --git a/net/ipv4/netfilter/ip_conntrack_core.c b/net/ipv4/netfilter/ip_conntrack_core.c index 252a608c9b8bb..4811249aa30b0 100644 --- a/net/ipv4/netfilter/ip_conntrack_core.c +++ b/net/ipv4/netfilter/ip_conntrack_core.c @@ -78,7 +78,7 @@ static int ip_conntrack_vmalloc; DEFINE_PER_CPU(struct ip_conntrack_stat, ip_conntrack_stat); -inline void +void ip_conntrack_put(struct ip_conntrack *ct) { IP_NF_ASSERT(ct); @@ -440,7 +440,7 @@ static inline int helper_cmp(const struct ip_conntrack_helper *i, return ip_ct_tuple_mask_cmp(rtuple, &i->tuple, &i->mask); } -struct ip_conntrack_helper *ip_ct_find_helper(const struct ip_conntrack_tuple *tuple) +static struct ip_conntrack_helper *ip_ct_find_helper(const struct ip_conntrack_tuple *tuple) { return LIST_FIND(&helpers, helper_cmp, struct ip_conntrack_helper *, diff --git a/net/ipv4/netfilter/ip_conntrack_ftp.c b/net/ipv4/netfilter/ip_conntrack_ftp.c index e699a6f7703c9..595ac33dd35f0 100644 --- a/net/ipv4/netfilter/ip_conntrack_ftp.c +++ b/net/ipv4/netfilter/ip_conntrack_ftp.c @@ -29,7 +29,6 @@ MODULE_DESCRIPTION("ftp connection tracking helper"); static char ftp_buffer[65536]; static DECLARE_LOCK(ip_ftp_lock); -struct module *ip_conntrack_ftp = THIS_MODULE; #define MAX_PORTS 8 static int ports[MAX_PORTS]; @@ -477,7 +476,7 @@ static int __init init(void) ftp[i].mask.dst.protonum = 0xFFFF; ftp[i].max_expected = 1; ftp[i].timeout = 5 * 60; /* 5 minutes */ - ftp[i].me = ip_conntrack_ftp; + ftp[i].me = THIS_MODULE; ftp[i].help = help; tmpname = &ftp_names[i][0]; diff --git a/net/ipv4/netfilter/ip_conntrack_irc.c b/net/ipv4/netfilter/ip_conntrack_irc.c index 1fba6dc18a0da..77ba64c52eccf 100644 --- a/net/ipv4/netfilter/ip_conntrack_irc.c +++ b/net/ipv4/netfilter/ip_conntrack_irc.c @@ -63,8 +63,6 @@ MODULE_PARM_DESC(dcc_timeout, "timeout on for unestablished DCC channels"); static char *dccprotos[] = { "SEND ", "CHAT ", "MOVE ", "TSEND ", "SCHAT " }; #define MINMATCHLEN 5 -struct module *ip_conntrack_irc = THIS_MODULE; - #if 0 #define DEBUGP(format, args...) printk(KERN_DEBUG "%s:%s:" format, \ __FILE__, __FUNCTION__ , ## args) @@ -270,7 +268,7 @@ static int __init init(void) hlpr->mask.dst.protonum = 0xFFFF; hlpr->max_expected = max_dcc_channels; hlpr->timeout = dcc_timeout; - hlpr->me = ip_conntrack_irc; + hlpr->me = THIS_MODULE; hlpr->help = help; tmpname = &irc_names[i][0]; diff --git a/net/ipv4/netfilter/ip_conntrack_proto_sctp.c b/net/ipv4/netfilter/ip_conntrack_proto_sctp.c index 22b58409311ac..7d9f8ea14a5e3 100644 --- a/net/ipv4/netfilter/ip_conntrack_proto_sctp.c +++ b/net/ipv4/netfilter/ip_conntrack_proto_sctp.c @@ -58,13 +58,13 @@ static const char *sctp_conntrack_names[] = { #define HOURS * 60 MINS #define DAYS * 24 HOURS -unsigned long ip_ct_sctp_timeout_closed = 10 SECS; -unsigned long ip_ct_sctp_timeout_cookie_wait = 3 SECS; -unsigned long ip_ct_sctp_timeout_cookie_echoed = 3 SECS; -unsigned long ip_ct_sctp_timeout_established = 5 DAYS; -unsigned long ip_ct_sctp_timeout_shutdown_sent = 300 SECS / 1000; -unsigned long ip_ct_sctp_timeout_shutdown_recd = 300 SECS / 1000; -unsigned long ip_ct_sctp_timeout_shutdown_ack_sent = 3 SECS; +static unsigned long ip_ct_sctp_timeout_closed = 10 SECS; +static unsigned long ip_ct_sctp_timeout_cookie_wait = 3 SECS; +static unsigned long ip_ct_sctp_timeout_cookie_echoed = 3 SECS; +static unsigned long ip_ct_sctp_timeout_established = 5 DAYS; +static unsigned long ip_ct_sctp_timeout_shutdown_sent = 300 SECS / 1000; +static unsigned long ip_ct_sctp_timeout_shutdown_recd = 300 SECS / 1000; +static unsigned long ip_ct_sctp_timeout_shutdown_ack_sent = 3 SECS; static unsigned long * sctp_timeouts[] = { NULL, /* SCTP_CONNTRACK_NONE */ @@ -494,7 +494,7 @@ static int sctp_new(struct ip_conntrack *conntrack, return 1; } -struct ip_conntrack_protocol ip_conntrack_protocol_sctp = { +static struct ip_conntrack_protocol ip_conntrack_protocol_sctp = { .proto = IPPROTO_SCTP, .name = "sctp", .pkt_to_tuple = sctp_pkt_to_tuple, diff --git a/net/ipv4/netfilter/ip_conntrack_standalone.c b/net/ipv4/netfilter/ip_conntrack_standalone.c index c7779c281793a..9d6ae28dde10f 100644 --- a/net/ipv4/netfilter/ip_conntrack_standalone.c +++ b/net/ipv4/netfilter/ip_conntrack_standalone.c @@ -905,7 +905,6 @@ EXPORT_SYMBOL(ip_ct_iterate_cleanup); EXPORT_SYMBOL(ip_ct_refresh_acct); EXPORT_SYMBOL(ip_ct_protos); EXPORT_SYMBOL(ip_ct_find_proto); -EXPORT_SYMBOL(ip_ct_find_helper); EXPORT_SYMBOL(ip_conntrack_expect_alloc); EXPORT_SYMBOL(ip_conntrack_expect_free); EXPORT_SYMBOL(ip_conntrack_expect_related); diff --git a/net/ipv4/netfilter/ip_nat_core.c b/net/ipv4/netfilter/ip_nat_core.c index b6b3df4e6dcd6..d7f0369e2dbbc 100644 --- a/net/ipv4/netfilter/ip_nat_core.c +++ b/net/ipv4/netfilter/ip_nat_core.c @@ -288,6 +288,31 @@ static unsigned int opposite_hook[NF_IP_NUMHOOKS] [NF_IP_LOCAL_IN] = NF_IP_LOCAL_OUT, }; +static void replace_in_hashes(struct ip_conntrack *conntrack, + struct ip_nat_info *info) +{ + /* Source has changed, so replace in hashes. */ + unsigned int srchash + = hash_by_src(&conntrack->tuplehash[IP_CT_DIR_ORIGINAL] + .tuple.src, + conntrack->tuplehash[IP_CT_DIR_ORIGINAL] + .tuple.dst.protonum); + MUST_BE_WRITE_LOCKED(&ip_nat_lock); + list_move(&info->bysource, &bysource[srchash]); +} + +static void place_in_hashes(struct ip_conntrack *conntrack, + struct ip_nat_info *info) +{ + unsigned int srchash + = hash_by_src(&conntrack->tuplehash[IP_CT_DIR_ORIGINAL] + .tuple.src, + conntrack->tuplehash[IP_CT_DIR_ORIGINAL] + .tuple.dst.protonum); + MUST_BE_WRITE_LOCKED(&ip_nat_lock); + list_add(&info->bysource, &bysource[srchash]); +} + unsigned int ip_nat_setup_info(struct ip_conntrack *conntrack, const struct ip_nat_range *range, @@ -411,31 +436,6 @@ ip_nat_setup_info(struct ip_conntrack *conntrack, return NF_ACCEPT; } -void replace_in_hashes(struct ip_conntrack *conntrack, - struct ip_nat_info *info) -{ - /* Source has changed, so replace in hashes. */ - unsigned int srchash - = hash_by_src(&conntrack->tuplehash[IP_CT_DIR_ORIGINAL] - .tuple.src, - conntrack->tuplehash[IP_CT_DIR_ORIGINAL] - .tuple.dst.protonum); - MUST_BE_WRITE_LOCKED(&ip_nat_lock); - list_move(&info->bysource, &bysource[srchash]); -} - -void place_in_hashes(struct ip_conntrack *conntrack, - struct ip_nat_info *info) -{ - unsigned int srchash - = hash_by_src(&conntrack->tuplehash[IP_CT_DIR_ORIGINAL] - .tuple.src, - conntrack->tuplehash[IP_CT_DIR_ORIGINAL] - .tuple.dst.protonum); - MUST_BE_WRITE_LOCKED(&ip_nat_lock); - list_add(&info->bysource, &bysource[srchash]); -} - /* Returns true if succeeded. */ static int manip_pkt(u_int16_t proto, diff --git a/net/ipv4/netfilter/ip_nat_helper.c b/net/ipv4/netfilter/ip_nat_helper.c index f1c21205c4a46..9bca2faa52bc6 100644 --- a/net/ipv4/netfilter/ip_nat_helper.c +++ b/net/ipv4/netfilter/ip_nat_helper.c @@ -47,7 +47,7 @@ #define DUMP_OFFSET(x) #endif -DECLARE_LOCK(ip_nat_seqofs_lock); +static DECLARE_LOCK(ip_nat_seqofs_lock); /* Setup TCP sequence correction given this change at this sequence */ static inline void diff --git a/net/ipv4/netfilter/ipt_CLUSTERIP.c b/net/ipv4/netfilter/ipt_CLUSTERIP.c index 68002ff25454d..b3dda712f1f70 100644 --- a/net/ipv4/netfilter/ipt_CLUSTERIP.c +++ b/net/ipv4/netfilter/ipt_CLUSTERIP.c @@ -66,7 +66,7 @@ static LIST_HEAD(clusterip_configs); /* clusterip_lock protects the clusterip_configs list _AND_ the configurable * data within all structurses (num_local_nodes, local_nodes[]) */ -DECLARE_RWLOCK(clusterip_lock); +static DECLARE_RWLOCK(clusterip_lock); #ifdef CONFIG_PROC_FS static struct file_operations clusterip_proc_fops; diff --git a/net/ipv4/netfilter/ipt_ULOG.c b/net/ipv4/netfilter/ipt_ULOG.c index 56d018940954f..6f2cefbe16cd8 100644 --- a/net/ipv4/netfilter/ipt_ULOG.c +++ b/net/ipv4/netfilter/ipt_ULOG.c @@ -100,7 +100,7 @@ typedef struct { static ulog_buff_t ulog_buffers[ULOG_MAXNLGROUPS]; /* array of buffers */ static struct sock *nflognl; /* our socket */ -DECLARE_LOCK(ulog_lock); /* spinlock */ +static DECLARE_LOCK(ulog_lock); /* spinlock */ /* send one ulog_buff_t to userspace */ static void ulog_send(unsigned int nlgroupnum) @@ -140,7 +140,7 @@ static void ulog_timer(unsigned long data) UNLOCK_BH(&ulog_lock); } -struct sk_buff *ulog_alloc_skb(unsigned int size) +static struct sk_buff *ulog_alloc_skb(unsigned int size) { struct sk_buff *skb; diff --git a/net/ipv4/netfilter/ipt_hashlimit.c b/net/ipv4/netfilter/ipt_hashlimit.c index 04c95d8748868..90e6d05831dbb 100644 --- a/net/ipv4/netfilter/ipt_hashlimit.c +++ b/net/ipv4/netfilter/ipt_hashlimit.c @@ -97,7 +97,7 @@ struct ipt_hashlimit_htable { struct list_head hash[0]; /* hashtable itself */ }; -DECLARE_RWLOCK(hashlimit_lock); /* protects htables list */ +static DECLARE_RWLOCK(hashlimit_lock); /* protects htables list */ static LIST_HEAD(hashlimit_htables); static kmem_cache_t *hashlimit_cachep; |