Commit Graph

744 Commits

Author SHA1 Message Date
KOVACS Krisztian
4451362445 [NETFILTER] CLUSTERIP: introduce reference counting for entries
The CLUSTERIP target creates a procfs entry for all different cluster
IPs.  Although more than one rules can refer to a single cluster IP (and
thus a single config structure), removal of the procfs entry is done
unconditionally in destroy(). In more complicated situations involving
deferred dereferencing of the config structure by procfs and creating a
new rule with the same cluster IP it's also possible that no entry will
be created for the new rule.

This patch fixes the problem by counting the number of entries
referencing a given config structure and moving the config list
manipulation and procfs entry deletion parts to the
clusterip_config_entry_put() function.

Signed-off-by: KOVACS Krisztian <hidden@balabit.hu>
Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-16 16:59:46 -07:00
Arnaldo Carvalho de Melo
67e6b62921 [DCCP]: Introduce DCCP_SOCKOPT_SERVICE
As discussed in the dccp@vger mailing list:

Now applications have to use setsockopt(DCCP_SOCKOPT_SERVICE, service[s]),
prior to calling listen() and connect().

An array of unsigned ints can be passed meaning that the listening sock accepts
connection requests for several services.

With this we can ditch struct sockaddr_dccp and use only sockaddr_in (and
sockaddr_in6 in the future).

Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-16 16:58:40 -07:00
Arnaldo Carvalho de Melo
0c10c5d968 [DCCP]: More precisely set reset_code when sending RESET packets
Moving the setting of DCCP_SKB_CB(skb)->dccpd_reset_code to the places
where events happen that trigger sending a RESET packet.

Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-16 16:58:33 -07:00
David S. Miller
37f7f421cc [NET]: Do not leak MSG_CMSG_COMPAT into userspace.
Noticed by Sridhar Samudrala.

Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-16 16:51:01 -07:00
David L Stevens
40796c5e8f [IPV6]: Fix per-socket multicast filtering in sk_reuse case
per-socket multicast filters were not being applied to all sockets
in the case of an exact-match bound address, due to an over-exuberant
"return" in the look-up code. Fix below. IPv4 does not have this problem.

Thanks to Hoerdt Mickael for reporting the bug.

Signed-off-by: David L Stevens <dlstevens@us.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-14 21:10:20 -07:00
Julian Anastasov
87375ab47c [IPVS]: ip_vs_ftp breaks connections using persistence
ip_vs_ftp when loaded can create NAT connections with unknown client
port for passive FTP. For such expectations we lookup with cport=0 on
incoming packet but it matches the format of the persistence templates
causing packets to other persistent virtual servers to be forwarded to
real server without creating connection. Later the reply packets are
treated as foreign and not SNAT-ed.

This patch changes the connection lookup for packets from clients:

* introduce IP_VS_CONN_F_TEMPLATE connection flag to mark the
  connection as template

* create new connection lookup function just for templates -
  ip_vs_ct_in_get

* make sure ip_vs_conn_in_get hits only connections with
  IP_VS_CONN_F_NO_CPORT flag set when s_port is 0. By this way
  we avoid returning template when looking for cport=0 (ftp)

Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-14 21:08:51 -07:00
Julian Anastasov
f5e229db9c [IPVS]: Really invalidate persistent templates
Agostino di Salle noticed that persistent templates are not
invalidated due to buggy optimization.

Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-14 21:04:23 -07:00
Bart De Schuymer
1c011bed5f [BRIDGE-NF]: Fix iptables redirect on bridge interface
Here's a slightly altered patch, originally from Mark Glines who
diagnosed and fixed the problem.

Signed-off-by: Bart De Schuymer <bdschuym@pandora.be>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-14 20:55:16 -07:00
Denis Lukianov
de9daad90e [MCAST]: Fix MCAST_EXCLUDE line dupes
This patch fixes line dupes at /ipv4/igmp.c and /ipv6/mcast.c in the  
2.6 kernel, where MCAST_EXCLUDE is mistakenly used instead of  
MCAST_INCLUDE.

Signed-off-by: Denis Lukianov <denis@voxelsoft.com>
Signed-off-by: David L Stevens <dlstevens@us.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-14 20:53:42 -07:00
Herbert Xu
3c05d92ed4 [TCP]: Compute in_sacked properly when we split up a TSO frame.
The problem is that the SACK fragmenting code may incorrectly call
tcp_fragment() with a length larger than the skb->len.  This happens
when the skb on the transmit queue completely falls to the LHS of the
SACK.

And add a BUG() check to tcp_fragment() so we can spot this kind of
error more quickly in the future.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-14 20:50:35 -07:00
David S. Miller
033d974405 Merge master.kernel.org:/pub/scm/linux/kernel/git/acme/net-2.6 2005-09-13 16:32:40 -07:00
Arnaldo Carvalho de Melo
2b80230a7f [DCCP]: Handle SYNC packets in dccp_rcv_state_process
Eliciting a SYNCACK in response, we were handling SYNC packets
only in the DCCP_OPEN state, in dccp_rcv_established.

Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
2005-09-13 19:05:08 -03:00
Arnaldo Carvalho de Melo
811265b8e8 [DCCP]: Check if already in the CLOSING state in dccp_rcv_closereq
It is possible to receive more than one CLOSEREQ packet if the
CLOSE packet sent in response is somehow lost, change the state
to DCCP_CLOSING only on the first CLOSEREQ packet received.

Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
2005-09-13 19:03:15 -03:00
David S. Miller
ae01d2798d Merge master.kernel.org:/pub/scm/linux/kernel/git/holtmann/bluetooth-2.6 2005-09-13 14:03:09 -07:00
Patrick McHardy
adcb5ad1e5 [NETFILTER]: Fix DHCP + MASQUERADE problem
In 2.6.13-rcX the MASQUERADE target was changed not to exclude local
packets for better source address consistency. This breaks DHCP clients
using UDP sockets when the DHCP requests are caught by a MASQUERADE rule
because the MASQUERADE target drops packets when no address is configured
on the outgoing interface. This patch makes it ignore packets with a
source address of 0.

Thanks to Rusty for this suggestion.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-13 13:49:15 -07:00
Patrick McHardy
cd0bf2d796 [NETFILTER]: Fix rcu race in ipt_REDIRECT
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-13 13:48:58 -07:00
Patrick McHardy
e7fa1bd93f [NETFILTER]: Simplify netbios helper
Don't parse the packet, the data is already available in the conntrack
structure.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-13 13:48:34 -07:00
Patrick McHardy
5cb30640ce [NETFILTER]: Use correct type for "ports" module parameter
With large port numbers the helper_names buffer can overflow.
Noticed by Samir Bellabes <sbellabes@mandriva.com>

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-13 13:48:00 -07:00
Neil Brown
939bb7ef90 [PATCH] Code cleanups in calbacks in svcsock
Change a printk(KERN_WARNING to dprintk, and it is really only interesting
when trying to debug a problem, and can occur normally without error.

Remove various gratuitous gotos in surrounding code, and remove some
type-cast assignments from inside 'if' conditionals, as that is just
obscuring what it going on.

Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-13 08:22:32 -07:00
Marcel Holtmann
354d28d5f8 [Bluetooth] Prevent RFCOMM connections through the RAW socket
This patch adds additional checks to prevent RFCOMM connections be
established through the RAW socket interface.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2005-09-13 01:32:31 +02:00
Marcel Holtmann
21d9e30ed0 [Bluetooth] Add support for extended inquiry responses
This patch adds the handling of the extended inquiry responses and
inserts them into the inquiry cache.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
2005-09-13 01:32:25 +02:00
Ralf Baechle
b88a762b60 [NETROM]: Introduct stuct nr_private
NET/ROM's virtual interfaces don't have a proper private data
structure yet.  Create struct nr_private and put the statistics there.

Signed-off-by: Ralf Baechle DL5RB <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-12 14:28:03 -07:00
Ralf Baechle
e21ce8c7c0 [NETROM]: Implement G8PZT Circuit reset for NET/ROM
NET/ROM is lacking a connection reset like TCP's RST flag which at times
may result in a connecting having to slowly timing out instead of just being
reset.  An earlier attempt to reset the connection by sending a
NR_CONNACK | NR_CHOKE_FLAG transport was inacceptable as it did result in
crashes of BPQ systems.  An alternative approach of introducing a new
transport type 7 (NR_RESET) has be implemented several years ago in
Paula Jayne Dowie G8PZT's Xrouter.

Implement NR_RESET for Linux's NET/ROM but like any messing with the state
engine consider this experimental for now and thus control it by a sysctl
(net.netrom.reset) which for the time being defaults to off.

Signed-off-by: Ralf Baechle DL5RB <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-12 14:27:37 -07:00
Ralf Baechle
d2ce4bc340 [ROSE]: ROSE has no ARP
ARP over ROSE does not exist so it's obviously not implemented on any
ROSE stack, so the ROSE interfaces really should default to IFF_NOARP.

Signed-off-by: Ralf Baechle DL5RB <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-12 14:26:52 -07:00
Ralf Baechle
723772913e [NETROM]: NET/ROM has no ARP
ARP over NET/ROM does not exist so it's obviously not implemented on any
NET/ROM stack, so the NET/ROM interfaces really should default to IFF_NOARP.

Signed-off-by: Ralf Baechle DL5RB <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-12 14:26:26 -07:00
Ralf Baechle
dd8aa40431 [NETROM] NET/ROM has no txqueue
NET/ROM uses virtual interfaces so setting a queue length is wrong.

Signed-off-by: Ralf Baechle DL5RB <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-12 14:25:57 -07:00
Ralf Baechle
4676356b57 [AX.25]: Reformat ax25_proto_ops initialization
Reformat iniitalization of ax25_proto_ops.

Signed-off-by: Ralf Baechle DL5RB <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-12 14:25:25 -07:00
Ralf Baechle
20b7d10a33 [AX.25/ROSE]: Whitespace formatting changes
Small formatting changes.

Signed-off-by: Ralf Baechle DL5RB <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-12 14:24:55 -07:00
Ralf Baechle
9b37ee7585 [NETROM/AX.25/ROSE]: Remove useless tests
Remove error tests that have already been performed by the caller.

Signed-off-by: Ralf Baechle DL5RB <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-12 14:23:52 -07:00
Ralf Baechle
6ddcf626fd [NETROM]: statistics fix
Calling an incoming NET/ROM-encapsulated IP packet an error if the
interface isn't up is probably a bit over the top, so count it as
dropped instead of an error.

Signed-off-by: Ralf Baechle DL5RB <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-12 14:23:06 -07:00
Ralf Baechle
3f2aadd041 [NETROM]: Fix rebuild header mess
For reason that probably nobody recalls NET/ROM does it's actual
packet transmission in nr_rebuild_header and even treats invocation of
it's hard_start_xmit method nr_xmit as a bug.  Fix that by splitting
the job done by nr_rebuild_header into two halves.  Along with that we
now also can get rid of the silly clone of the skb on transmit.

Signed-off-by: Ralf Baechle DL5RB <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-12 14:21:48 -07:00
Ralf Baechle
6f74998e5c [AX.25]: Rename ax25_encapsulate to ax25_hard_header
Rename ax25_encapsulate to ax25_hard_header which these days more
accurately describes what the function is supposed to do.

Signed-off-by: Ralf Baechle DL5RB <ralf@linux-mips.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-12 14:21:01 -07:00
Arnaldo Carvalho de Melo
59c2353dd0 [CCID3]: Listen socks doesn't have a private CCID block
Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-12 14:16:58 -07:00
Nishanth Aravamudan
121caf577d [NET]: fix-up schedule_timeout() usage
Use schedule_timeout_{,un}interruptible() instead of
set_current_state()/schedule_timeout() to reduce kernel size.  Also use
human-time conversion functions instead of hard-coded division to avoid
rounding issues.

Signed-off-by: Nishanth Aravamudan <nacc@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-12 14:15:34 -07:00
Herbert Xu
e130af5dab [TCP]: Fix double adjustment of tp->{lost,left}_out in tcp_fragment().
There is an extra left_out/lost_out adjustment in tcp_fragment which
means that the lost_out accounting is always wrong.  This patch removes
that chunk of code.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-10 17:19:09 -07:00
Brian Haley
e6df439b89 [IPV6]: Bring Type 0 routing header in-line with rfc3542.
Signed-off-by: Brian Haley <brian.haley@hp.com>
Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-10 00:15:06 -07:00
David S. Miller
41c29dd15b Merge master.kernel.org:/pub/scm/linux/kernel/git/acme/net-2.6 2005-09-10 00:01:36 -07:00
Arnaldo Carvalho de Melo
59d203f9e9 [CCID3] Cleanup ccid3 debug calls
Also use some BUG_ON where appropriate and use LIMIT_NETDEBUG for the unlikely
cases where we, at this stage, want to know about, that in my tests hasn't
appeared in the radar.

Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
2005-09-09 20:01:25 -03:00
Arnaldo Carvalho de Melo
dc19336c76 [DCCP] Only call the HC _exit() routines in dccp_v4_destroy_sock
Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
2005-09-09 19:59:26 -03:00
Arnaldo Carvalho de Melo
d7e0fb985c [CCID3] Initialize ccid3hctx_t_ipi to 250ms
To match more closely what is described in RFC 3448.

Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
Signed-off-by: Ian McDonald <iam4@cs.waikato.ac.nz>
2005-09-09 19:58:18 -03:00
Linus Torvalds
1d8674edb5 Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2005-09-09 14:25:22 -07:00
Ingo Molnar
a9f6a0dd54 [PATCH] more SPIN_LOCK_UNLOCKED -> DEFINE_SPINLOCK conversions
This converts the final 20 DEFINE_SPINLOCK holdouts.  (another 580 places
are already using DEFINE_SPINLOCK).  Build tested on x86.

Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-09 14:03:48 -07:00
Ingo Molnar
8d06afab73 [PATCH] timer initialization cleanup: DEFINE_TIMER
Clean up timer initialization by introducing DEFINE_TIMER a'la
DEFINE_SPINLOCK.  Build and boot-tested on x86.  A similar patch has been
been in the -RT tree for some time.

Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-09 14:03:48 -07:00
Dipankar Sarma
b835996f62 [PATCH] files: lock-free fd look-up
With the use of RCU in files structure, the look-up of files using fds can now
be lock-free.  The lookup is protected by rcu_read_lock()/rcu_read_unlock().
This patch changes the readers to use lock-free lookup.

Signed-off-by: Maneesh Soni <maneesh@in.ibm.com>
Signed-off-by: Ravikiran Thirumalai <kiran_th@gmail.com>
Signed-off-by: Dipankar Sarma <dipankar@in.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-09 13:57:55 -07:00
Stephen Hemminger
cb7b593c2c [IPV4] fib_trie: fix proc interface
Create one iterator for walking over FIB trie, and use it
for all the /proc functions. Add a /proc/net/route
output for backwards compatibility with old applications.

Make initialization of fib_trie same as fib_hash so no #ifdef
is needed in af_inet.c

Fixes: http://bugzilla.kernel.org/show_bug.cgi?id=5209

Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-09 13:35:42 -07:00
David S. Miller
8259f16257 Merge master.kernel.org:/pub/scm/linux/kernel/git/acme/net-2.6 2005-09-09 13:17:43 -07:00
Arnaldo Carvalho de Melo
59725dc2a2 [CCID3] Introduce ccid3_hc_[rt]x_sk() for overal consistency
Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
2005-09-09 02:40:58 -03:00
Arnaldo Carvalho de Melo
b0e567806d [DCCP] Introduce dccp_timestamp
To start the timestamps with 0.0ms, easing the integer maths in the CCIDs, this
probably will be reworked to use the to be introduced struct timeval_offset
infrastructure out of skb_get_timestamp, etc.

Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
2005-09-09 02:38:35 -03:00
Arnaldo Carvalho de Melo
954ee31f36 [CCID3] Initialize more fields in ccid3_hc_rx_init
The initialization of ccid3hcrx_rtt to 5ms is just a bandaid, I'll continue
auditing the CCID3 HC rx codebase to fix this properly, probably I'll add a
feedback timer as suggested in the CCID3 draft.

Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
2005-09-09 02:37:05 -03:00
Arnaldo Carvalho de Melo
b3a3077d96 [CCID3] Make the ccid3hcrx_rtt calc look more like the ccid3hctx_rtt one
Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
2005-09-09 02:34:10 -03:00