git.baikalelectronics.ru Git - kernel.git/commit

author	Patrick McHardy <kaber@trash.net>
	Mon, 14 Apr 2008 09:15:52 +0000 (11:15 +0200)
committer	Patrick McHardy <kaber@trash.net>
	Mon, 14 Apr 2008 09:15:52 +0000 (11:15 +0200)
commit	7a818b285a92261da61c52553b7c6e36c3dff794
tree	f7f0a8fa77858674564aeb614499f40dd3c6dcd8	tree \| snapshot
parent	32c5b6d462820e762a7c9841df7f4d7e27f061c3	commit \| diff

[NETFILTER]: nf_nat: kill helper and seq_adjust hooks

Connection tracking helpers (specifically FTP) need to be called
before NAT sequence numbers adjustments are performed to be able
to compare them against previously seen ones. We've introduced
two new hooks around 2.6.11 to maintain this ordering when NAT
modules were changed to get called from conntrack helpers directly.

The cost of netfilter hooks is quite high and sequence number
adjustments are only rarely needed however. Add a RCU-protected
sequence number adjustment function pointer and call it from
IPv4 conntrack after calling the helper.

Signed-off-by: Patrick McHardy <kaber@trash.net>

include/linux/netfilter_ipv4.h		diff \| blob \| history
include/net/netfilter/nf_nat_helper.h		diff \| blob \| history
net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c		diff \| blob \| history
net/ipv4/netfilter/nf_nat_core.c		diff \| blob \| history
net/ipv4/netfilter/nf_nat_helper.c		diff \| blob \| history
net/ipv4/netfilter/nf_nat_standalone.c		diff \| blob \| history