|
Lines 42-48
struct nf_nat_conn_key {
Link Here
|
| 42 |
const struct nf_conntrack_zone *zone; |
42 |
const struct nf_conntrack_zone *zone; |
| 43 |
}; |
43 |
}; |
| 44 |
|
44 |
|
| 45 |
static struct rhltable nf_nat_bysource_table; |
45 |
static struct rhashtable nf_nat_bysource_table; |
| 46 |
|
46 |
|
| 47 |
inline const struct nf_nat_l3proto * |
47 |
inline const struct nf_nat_l3proto * |
| 48 |
__nf_nat_l3proto_find(u8 family) |
48 |
__nf_nat_l3proto_find(u8 family) |
|
Lines 207-212
static struct rhashtable_params nf_nat_bysource_params = {
Link Here
|
| 207 |
.obj_cmpfn = nf_nat_bysource_cmp, |
207 |
.obj_cmpfn = nf_nat_bysource_cmp, |
| 208 |
.nelem_hint = 256, |
208 |
.nelem_hint = 256, |
| 209 |
.min_size = 1024, |
209 |
.min_size = 1024, |
|
|
210 |
.nulls_base = (1U << RHT_BASE_SHIFT), |
| 210 |
}; |
211 |
}; |
| 211 |
|
212 |
|
| 212 |
/* Only called for SRC manip */ |
213 |
/* Only called for SRC manip */ |
|
Lines 225-239
find_appropriate_src(struct net *net,
Link Here
|
| 225 |
.tuple = tuple, |
226 |
.tuple = tuple, |
| 226 |
.zone = zone |
227 |
.zone = zone |
| 227 |
}; |
228 |
}; |
| 228 |
struct rhlist_head *hl; |
|
|
| 229 |
|
229 |
|
| 230 |
hl = rhltable_lookup(&nf_nat_bysource_table, &key, |
230 |
ct = rhashtable_lookup_fast(&nf_nat_bysource_table, &key, |
| 231 |
nf_nat_bysource_params); |
231 |
nf_nat_bysource_params); |
| 232 |
if (!hl) |
232 |
if (!ct) |
| 233 |
return 0; |
233 |
return 0; |
| 234 |
|
234 |
|
| 235 |
ct = container_of(hl, typeof(*ct), nat_bysource); |
|
|
| 236 |
|
| 237 |
nf_ct_invert_tuplepr(result, |
235 |
nf_ct_invert_tuplepr(result, |
| 238 |
&ct->tuplehash[IP_CT_DIR_REPLY].tuple); |
236 |
&ct->tuplehash[IP_CT_DIR_REPLY].tuple); |
| 239 |
result->dst = tuple->dst; |
237 |
result->dst = tuple->dst; |
|
Lines 451-467
nf_nat_setup_info(struct nf_conn *ct,
Link Here
|
| 451 |
} |
449 |
} |
| 452 |
|
450 |
|
| 453 |
if (maniptype == NF_NAT_MANIP_SRC) { |
451 |
if (maniptype == NF_NAT_MANIP_SRC) { |
| 454 |
struct nf_nat_conn_key key = { |
|
|
| 455 |
.net = nf_ct_net(ct), |
| 456 |
.tuple = &ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple, |
| 457 |
.zone = nf_ct_zone(ct), |
| 458 |
}; |
| 459 |
int err; |
452 |
int err; |
| 460 |
|
453 |
|
| 461 |
err = rhltable_insert_key(&nf_nat_bysource_table, |
454 |
err = rhashtable_insert_fast(&nf_nat_bysource_table, |
| 462 |
&key, |
455 |
&ct->nat_bysource, |
| 463 |
&ct->nat_bysource, |
456 |
nf_nat_bysource_params); |
| 464 |
nf_nat_bysource_params); |
|
|
| 465 |
if (err) |
457 |
if (err) |
| 466 |
return NF_DROP; |
458 |
return NF_DROP; |
| 467 |
} |
459 |
} |
|
Lines 578-585
static int nf_nat_proto_clean(struct nf_conn *ct, void *data)
Link Here
|
| 578 |
* will delete entry from already-freed table. |
570 |
* will delete entry from already-freed table. |
| 579 |
*/ |
571 |
*/ |
| 580 |
ct->status &= ~IPS_NAT_DONE_MASK; |
572 |
ct->status &= ~IPS_NAT_DONE_MASK; |
| 581 |
rhltable_remove(&nf_nat_bysource_table, &ct->nat_bysource, |
573 |
rhashtable_remove_fast(&nf_nat_bysource_table, &ct->nat_bysource, |
| 582 |
nf_nat_bysource_params); |
574 |
nf_nat_bysource_params); |
| 583 |
|
575 |
|
| 584 |
/* don't delete conntrack. Although that would make things a lot |
576 |
/* don't delete conntrack. Although that would make things a lot |
| 585 |
* simpler, we'd end up flushing all conntracks on nat rmmod. |
577 |
* simpler, we'd end up flushing all conntracks on nat rmmod. |
|
Lines 709-716
static void nf_nat_cleanup_conntrack(struct nf_conn *ct)
Link Here
|
| 709 |
if (!nat) |
701 |
if (!nat) |
| 710 |
return; |
702 |
return; |
| 711 |
|
703 |
|
| 712 |
rhltable_remove(&nf_nat_bysource_table, &ct->nat_bysource, |
704 |
rhashtable_remove_fast(&nf_nat_bysource_table, &ct->nat_bysource, |
| 713 |
nf_nat_bysource_params); |
705 |
nf_nat_bysource_params); |
| 714 |
} |
706 |
} |
| 715 |
|
707 |
|
| 716 |
static struct nf_ct_ext_type nat_extend __read_mostly = { |
708 |
static struct nf_ct_ext_type nat_extend __read_mostly = { |
|
Lines 845-857
static int __init nf_nat_init(void)
Link Here
|
| 845 |
{ |
837 |
{ |
| 846 |
int ret; |
838 |
int ret; |
| 847 |
|
839 |
|
| 848 |
ret = rhltable_init(&nf_nat_bysource_table, &nf_nat_bysource_params); |
840 |
ret = rhashtable_init(&nf_nat_bysource_table, &nf_nat_bysource_params); |
| 849 |
if (ret) |
841 |
if (ret) |
| 850 |
return ret; |
842 |
return ret; |
| 851 |
|
843 |
|
| 852 |
ret = nf_ct_extend_register(&nat_extend); |
844 |
ret = nf_ct_extend_register(&nat_extend); |
| 853 |
if (ret < 0) { |
845 |
if (ret < 0) { |
| 854 |
rhltable_destroy(&nf_nat_bysource_table); |
846 |
rhashtable_destroy(&nf_nat_bysource_table); |
| 855 |
printk(KERN_ERR "nf_nat_core: Unable to register extension\n"); |
847 |
printk(KERN_ERR "nf_nat_core: Unable to register extension\n"); |
| 856 |
return ret; |
848 |
return ret; |
| 857 |
} |
849 |
} |
|
Lines 875-881
static int __init nf_nat_init(void)
Link Here
|
| 875 |
return 0; |
867 |
return 0; |
| 876 |
|
868 |
|
| 877 |
cleanup_extend: |
869 |
cleanup_extend: |
| 878 |
rhltable_destroy(&nf_nat_bysource_table); |
870 |
rhashtable_destroy(&nf_nat_bysource_table); |
| 879 |
nf_ct_extend_unregister(&nat_extend); |
871 |
nf_ct_extend_unregister(&nat_extend); |
| 880 |
return ret; |
872 |
return ret; |
| 881 |
} |
873 |
} |
|
Lines 894-900
static void __exit nf_nat_cleanup(void)
Link Here
|
| 894 |
for (i = 0; i < NFPROTO_NUMPROTO; i++) |
886 |
for (i = 0; i < NFPROTO_NUMPROTO; i++) |
| 895 |
kfree(nf_nat_l4protos[i]); |
887 |
kfree(nf_nat_l4protos[i]); |
| 896 |
|
888 |
|
| 897 |
rhltable_destroy(&nf_nat_bysource_table); |
889 |
rhashtable_destroy(&nf_nat_bysource_table); |
| 898 |
} |
890 |
} |
| 899 |
|
891 |
|
| 900 |
MODULE_LICENSE("GPL"); |
892 |
MODULE_LICENSE("GPL"); |
| 901 |
- |
|
|