[PATCH 28/30] netfilter: Refactor nf_conncount

[PATCH 00/30] Netfilter/IPVS updates for net-next · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 01/30] netfilter: nf_tables: nf_tables_obj_lookup_byhandle() can be static · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 03/30] netfilter: xt_cluster: get rid of xt_cluster_ipv6_is_multicast · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 02/30] netfilter: nfnetlink_acct: remove useless parameter · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 04/30] netfilter: nf_conntrack_broadcast: remove useless parameter · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 05/30] netfilter: ipt_ah: return boolean instead of integer · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 06/30] netfilter: unlock xt_table earlier in __do_replace · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 07/30] netfilter: x_tables: check standard verdicts in core · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 08/30] netfilter: x_tables: check error target size too · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 09/30] netfilter: x_tables: move hook entry checks into core · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 10/30] netfilter: x_tables: enforce unique and ascending entry points · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 11/30] netfilter: x_tables: cap allocations at 512 mbyte · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 12/30] netfilter: x_tables: limit allocation requests for blob rule heads · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 13/30] netfilter: x_tables: add counters allocation wrapper · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 14/30] netfilter: compat: prepare xt_compat_init_offsets to return errors · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 15/30] netfilter: compat: reject huge allocation requests · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 16/30] netfilter: x_tables: make sure compat af mutex is held · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 17/30] netfilter: x_tables: ensure last rule in base chain matches underflow/policy · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 19/30] netfilter: xt_limit: Spelling s/maxmum/maximum/ · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 18/30] netfilter: make xt_rateest hash table per net · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 21/30] netfilter: nf_flow_table: clean up flow_offload_alloc · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 20/30] netfilter: nf_flow_table: use IP_CT_DIR_* values for FLOW_OFFLOAD_DIR_* · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 22/30] ipv6: make ip6_dst_mtu_forward inline · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 23/30] netfilter: nf_flow_table: cache mtu in struct flow_offload_tuple · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 24/30] netfilter: nf_flow_table: rename nf_flow_table.c to nf_flow_table_core.c · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 25/30] netfilter: x_tables: fix build with CONFIG_COMPAT=n · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 26/30] ipvs: use true and false for boolean values · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 27/30] netfilter: nf_tables: handle rt0 and rt2 properly · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 28/30] netfilter: Refactor nf_conncount · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 29/30] netfilter: conncount: Support count only use case · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 30/30] netfilter: nft_ct: add NFT_CT_{SRC,DST}_{IP,IP6} · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
Re: [PATCH 00/30] Netfilter/IPVS updates for net-next · David Miller <davem@davemloft.net> · 2018-03-12
Re: [PATCH 00/30] Netfilter/IPVS updates for net-next · Felix Fietkau <nbd@nbd.name> · 2018-03-12
Re: [PATCH 00/30] Netfilter/IPVS updates for net-next · David Miller <davem@davemloft.net> · 2018-03-12
Re: [PATCH 00/30] Netfilter/IPVS updates for net-next · Felix Fietkau <nbd@nbd.name> · 2018-03-12
Re: [PATCH 00/30] Netfilter/IPVS updates for net-next · Florian Westphal <fw@strlen.de> · 2018-03-13
Re: [PATCH 00/30] Netfilter/IPVS updates for net-next · David Miller <davem@davemloft.net> · 2018-03-13
Re: [PATCH 00/30] Netfilter/IPVS updates for net-next · Florian Westphal <fw@strlen.de> · 2018-03-13
Re: [PATCH 00/30] Netfilter/IPVS updates for net-next · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-14
Re: [PATCH 00/30] Netfilter/IPVS updates for net-next · David Miller <davem@davemloft.net> · 2018-03-16
Re: [PATCH 00/30] Netfilter/IPVS updates for net-next · Guy Shattah <hidden> · 2018-03-16
Re: [PATCH 00/30] Netfilter/IPVS updates for net-next · David Miller <davem@davemloft.net> · 2018-03-16

STALE3023d REVIEWED: 1 (1M)

Revisions (11)

2014-03-17 v1 [diff vs current]
2015-09-22 v1 [diff vs current]
2017-05-01 v1 [diff vs current]
2018-01-08 v1 [diff vs current]
2018-01-19 v1 [diff vs current]
2018-03-12 v1 current
2018-05-06 v1 [diff vs current]
2018-07-20 v1 [diff vs current]
2019-01-28 v1 [diff vs current]
2019-10-26 v1 [diff vs current]
2020-03-30 v1 [diff vs current]

From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: 2018-03-12 17:59:49
Subsystem: netfilter, networking [general], the rest · Maintainers: Pablo Neira Ayuso, Florian Westphal, "David S. Miller", Eric Dumazet, Jakub Kicinski, Paolo Abeni, Linus Torvalds

From: Yi-Hung Wei <redacted>

Remove parameter 'family' in nf_conncount_count() and count_tree().
It is because the parameter is not useful after commit 625c556118f3
("netfilter: connlimit: split xt_connlimit into front and backend").

Signed-off-by: Yi-Hung Wei <redacted>
Acked-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 include/net/netfilter/nf_conntrack_count.h | 1 -
 net/netfilter/nf_conncount.c               | 4 +---
 net/netfilter/xt_connlimit.c               | 4 ++--
 3 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/include/net/netfilter/nf_conntrack_count.h b/include/net/netfilter/nf_conntrack_count.h
index adf8db44cf86..e61184fbfb71 100644
--- a/include/net/netfilter/nf_conntrack_count.h
+++ b/include/net/netfilter/nf_conntrack_count.h

@@ -11,7 +11,6 @@ void nf_conncount_destroy(struct net *net, unsigned int family,
 unsigned int nf_conncount_count(struct net *net,
 				struct nf_conncount_data *data,
 				const u32 *key,
-				unsigned int family,
 				const struct nf_conntrack_tuple *tuple,
 				const struct nf_conntrack_zone *zone);
 #endif

diff --git a/net/netfilter/nf_conncount.c b/net/netfilter/nf_conncount.c
index 6d65389e308f..9305a08b4422 100644
--- a/net/netfilter/nf_conncount.c
+++ b/net/netfilter/nf_conncount.c

@@ -158,7 +158,6 @@ static void tree_nodes_free(struct rb_root *root,
 static unsigned int
 count_tree(struct net *net, struct rb_root *root,
 	   const u32 *key, u8 keylen,
-	   u8 family,
 	   const struct nf_conntrack_tuple *tuple,
 	   const struct nf_conntrack_zone *zone)
 {

@@ -246,7 +245,6 @@ count_tree(struct net *net, struct rb_root *root,
 unsigned int nf_conncount_count(struct net *net,
 				struct nf_conncount_data *data,
 				const u32 *key,
-				unsigned int family,
 				const struct nf_conntrack_tuple *tuple,
 				const struct nf_conntrack_zone *zone)
 {

@@ -259,7 +257,7 @@ unsigned int nf_conncount_count(struct net *net,
 
 	spin_lock_bh(&nf_conncount_locks[hash % CONNCOUNT_LOCK_SLOTS]);
 
-	count = count_tree(net, root, key, data->keylen, family, tuple, zone);
+	count = count_tree(net, root, key, data->keylen, tuple, zone);
 
 	spin_unlock_bh(&nf_conncount_locks[hash % CONNCOUNT_LOCK_SLOTS]);

diff --git a/net/netfilter/xt_connlimit.c b/net/netfilter/xt_connlimit.c
index b1b17b9353e1..6275106ccf50 100644
--- a/net/netfilter/xt_connlimit.c
+++ b/net/netfilter/xt_connlimit.c

@@ -67,8 +67,8 @@ connlimit_mt(const struct sk_buff *skb, struct xt_action_param *par)
 		key[1] = zone->id;
 	}
 
-	connections = nf_conncount_count(net, info->data, key,
-					 xt_family(par), tuple_ptr, zone);
+	connections = nf_conncount_count(net, info->data, key, tuple_ptr,
+					 zone);
 	if (connections == 0)
 		/* kmalloc failed, drop it entirely */
 		goto hotdrop;

-- 
2.11.0

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help