summaryrefslogtreecommitdiffstats
path: root/net
Commit message (Collapse)AuthorAgeFilesLines
* [PATCH] ieee82011: Remove WIRELESS_EXT ifdefsJames Ketrenos2005-09-212-25/+0
| | | | | | | | | Remove old WIRELESS_EXT version compatibility In-tree doesn't need to maintain backward compatibility. Signed-off-by: James Ketrenos <jketreno@linux.intel.com> Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
* [PATCH] ieee80211: Updated copyright datesJames Ketrenos2005-09-214-4/+4
| | | | | | | | | | | | | | | tree 0d3e41e574fcb41b9da7f0b7e1d27ec350726654 parent dbe2885fe2f454d538eaaabefc741ded1026f476 author James Ketrenos <jketreno@linux.intel.com> 1126720499 -0500 committer James Ketrenos <jketreno@linux.intel.com> 1127314531 -0500 Updated copyright dates. NOTE: This is a split out of just the copyright updates from patch 24/29 in the prior series. Signed-off-by: James Ketrenos <jketreno@linux.intel.com> Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
* [PATCH] ieee80211: Keep auth mode unchanged after iwconfig key off/on cycleJames Ketrenos2005-09-211-5/+9
| | | | | | | | | | | | tree 2e6f6e7dc4f4eeb8e3dc265020016dd53e40578a parent ba2075794a089430b3dd7c90ff46ce1b67e9c7cc author Zhu Yi <yi.zhu@intel.com> 1125551043 +0800 committer James Ketrenos <jketreno@linux.intel.com> 1127314475 -0500 [Bug 768] Keep auth mode unchanged after iwconfig key off/on cycle. Signed-off-by: Zhu Yi <yi.zhu@intel.com> Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
* [PATCH] ieee80211: Mixed PTK/GTK CCMP/TKIP supportJames Ketrenos2005-09-213-5/+15
| | | | | | | | | | | | tree 5c7559a1216ae1121487f6aed94a6017490729b3 parent c1ff4c22e5622c8987bf96c09158c4924cde98c2 author Hong Liu <hong.liu@intel.com> 1125482767 +0800 committer James Ketrenos <jketreno@linux.intel.com> 1127314427 -0500 Mixed PTK/GTK CCMP/TKIP support. Signed-off-by: Hong Liu <hong.liu@intel.com> Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
* [PATCH] ieee80211: Type-o, capbility definition for QoS, and ERP parsingJames Ketrenos2005-09-211-1/+24
| | | | | | | | | | | | | | | | | tree 3ac0dd07b9972dfd68fee47ec2152d3d378de000 parent 9ada1d971d9829c34a14d98840080b7e69fdff6b author Mohamed Abbad <mohamed.abbas@intel.com> 1126054379 -0500 committer James Ketrenos <jketreno@linux.intel.com> 1127314340 -0500 Type-o, capbility definition for QoS, and ERP parsing Added WLAN_CAPABILITY_QOS Fixed type-o WLAN_CAPABILITY_OSSS_OFDM -> WLAN_CAPABILITY_DSSS_OFDM Added ERP IE parsing to ieee80211_rx Added handle_probe_request callback. Signed-off-by: James Ketrenos <jketreno@linux.intel.com> Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
* [PATCH] ieee80211: Added ieee80211_geo to provide helper functionsJames Ketrenos2005-09-212-1/+143
| | | | | | | | | | | | | tree 385b391fc0d7c124cd0547fdb6183e9a0c333391 parent 97d7a47f76e72bedde7f402785559ed4c7a8e8e8 author James Ketrenos <jketreno@linux.intel.com> 1124447590 -0500 committer James Ketrenos <jketreno@linux.intel.com> 1127313735 -0500 Added ieee80211_geo to provide helper functions to drivers for implementing supported channel maps. Signed-off-by: James Ketrenos <jketreno@linux.intel.com> Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
* [PATCH] ieee80211: Add QoS (WME) support to the ieee80211 subsystemJames Ketrenos2005-09-212-21/+318
| | | | | | | | | | | | | | | tree a3ad796273e98036eb0e9fc063225070fa24508a parent 1b9c0aeb377abf8e4a43a86cff42382f74ca0259 author Mohamed Abbas <mabbas@linux.intel.com> 1124447069 -0500 committer James Ketrenos <jketreno@linux.intel.com> 1127313435 -0500 Add QoS (WME) support to the ieee80211 subsystem. NOTE: This requires drivers that use the ieee80211 hard_start_xmit (ipw2100 and ipw2200) to add the priority parameter to their callback. Signed-off-by: James Ketrenos <jketreno@linux.intel.com> Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
* [PATCH] ieee80211: Return NETDEV_TX_BUSY when QoS buffer fullJames Ketrenos2005-09-211-0/+12
| | | | | | | | | | | | | | | | | | | tree ba6509c7cd1dd4244a2f285f2da5d632e7ffbb25 parent 7b5f9f2ddcabdaea214527a895e6e8445cafdd80 author James Ketrenos <jketreno@linux.intel.com> 1124447000 -0500 committer James Ketrenos <jketreno@linux.intel.com> 1127313383 -0500 Per the conversations with folks at OLS, the QoS layer in 802.11 drivers can now result in NETDEV_TX_BUSY being returned when the queue a packet is targetted for is full. To implement this, ieee80211_xmit will now call the driver's is_queue_full to determine if the current priority queue is full. If so, NETDEV_TX_BUSY is returned to the kernel and no processing is done on the frame. Signed-off-by: James Ketrenos <jketreno@linux.intel.com> Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
* [PATCH] ieee80211: Fix TKIP, repeated fragmentation problem, and ↵James Ketrenos2005-09-216-74/+98
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | payload_size reporting tree 8428e9f510e6ad6c77baec89cb57374842abf733 parent d78bfd3ddae9c422dd350159110f9c4d7cfc50de author Liu Hong <hong.liu@intel.com> 1124446520 -0500 committer James Ketrenos <jketreno@linux.intel.com> 1127313183 -0500 Fix TKIP, repeated fragmentation problem, and payload_size reporting 1. TKIP encryption Originally, TKIP encryption issues msdu + mpdu encryption on every fragment. Change the behavior to msdu encryption on the whole packet, then mpdu encryption on every fragment. 2. Avoid repeated fragmentation when !host_encrypt. We only need do fragmentation when using host encryption. Otherwise we only need pass the whole packet to driver, letting driver do the fragmentation. 3. change the txb->payload_size to correct value FW will use this value to determine whether to do fragmentation. If we pass the wrong value, fw may cut on the wrong bound which will make decryption fail when we do host encryption. NOTE: This requires changing drivers (hostap) that have extra_prefix_len used within them (structure member name change). Signed-off-by: Hong Liu <liu.hong@intel.com> Signed-off-by: James Ketrenos <jketreno@linux.intel.com> Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
* [PATCH] ieee82011: Added ieee80211_tx_frame to convert generic 802.11 data ↵James Ketrenos2005-09-212-15/+107
| | | | | | | | | | | | | | | | | | | frames, and callbacks tree 40adc78b623ae70d56074934ec6334eb4f0ae6a5 parent db43d847bcebaa3df6414e26d0008eb21690e8cf author James Ketrenos <jketreno@linux.intel.com> 1124445938 -0500 committer James Ketrenos <jketreno@linux.intel.com> 1127313102 -0500 Added ieee80211_tx_frame to convert generic 802.11 data frames into txbs for transmission. Added several purpose specific callbacks (handle_assoc, handle_auth, etc.) which the driver can register with for being notified on reception of variouf frame elements. Signed-off-by: James Ketrenos <jketreno@linux.intel.com> Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
* [PATCH] ieee80211: adds support for the creation of RTS packetsJames Ketrenos2005-09-212-3/+39
| | | | | | | | | | | | | | tree b45c9c1017fd23216bfbe71e441aed9aa297fc84 parent 04aacdd71e904656a304d923bdcf57ad3bd2b254 author Ivo van Doorn <IvDoorn@gmail.com> 1124445405 -0500 committer James Ketrenos <jketreno@linux.intel.com> 1127313029 -0500 This patch adds support for the creation of RTS packets when the config flag CFG_IEEE80211_RTS has been set. Signed-Off-By: Ivo van Doorn <IvDoorn@gmail.com> Signed-off-by: James Ketrenos <jketreno@linux.intel.com> Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
* [PATCH] ieee80211: Renamed ieee80211_hdr to ieee80211_hdr_3addrJames Ketrenos2005-09-214-37/+39
| | | | | | | | | | | | | | | | | | | tree e9c18b2c8e5ad446a4d213243c2dcf9fd1652a7b parent 4e97ad6ae7084a4f741e94e76c41c68bc7c5a76a author James Ketrenos <jketreno@linux.intel.com> 1124444315 -0500 committer James Ketrenos <jketreno@linux.intel.com> 1127312922 -0500 Renamed ieee80211_hdr to ieee80211_hdr_3addr and modified ieee80211_hdr to just contain the frame_ctrl and duration_id. Changed uses of ieee80211_hdr to ieee80211_hdr_4addr or ieee80211_hdr_3addr based on what was expected for that portion of code. NOTE: This requires changes to ipw2100, ipw2200, hostap, and atmel drivers. Signed-off-by: James Ketrenos <jketreno@linux.intel.com> Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
* [PATCH] ieee82011: Added WE-18 support to default wireless extension handlerJames Ketrenos2005-09-211-8/+230
| | | | | | | | | | | | | | | | tree 1536f39c18756698d033da72c49300a561be1289 parent 07172d7c9f10ee3d05d6f6489ba6d6ee2628da06 author Liu Hong <hong.liu@intel.com> 1124436225 -0500 committer James Ketrenos <jketreno@linux.intel.com> 1127312664 -0500 Added WE-18 support to default wireless extension handler in ieee80211 subsystem. Updated patch since last send to account for ieee80211_device parameter being added to the crypto init method. Signed-off-by: James Ketrenos <jketreno@linux.intel.com> Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
* [PATCH] ieee80211: Allow drivers to fix an issue when using wpa_supplicant ↵James Ketrenos2005-09-211-4/+3
| | | | | | | | | | | | | | | | | | | | | | | with WEP tree 898fedef6ca1b5b58b8bdf7e6d8894a78bbde4cd parent 8720fff53090ae428d2159332b6f4b2749dea10f author Zhu Yi <jketreno@io.(none)> 1124435746 -0500 committer James Ketrenos <jketreno@linux.intel.com> 1127312509 -0500 Allow drivers to fix an issue when using wpa_supplicant with WEP. The problem is introduced by the hwcrypto patch. We changed indicator of the encryption request from the upper layer (i.e. wpa_supplicant): In the original host based crypto the driver could use: crypt && crypt->ops. In the new hardware based crypto, the driver should use the flags specified in ieee->sec.encrypt. Signed-off-by: James Ketrenos <jketreno@linux.intel.com> Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
* [PATCH] ieee80211: Fix kernel Oops when module unloadJames Ketrenos2005-09-212-6/+29
| | | | | | | | | | | | | | | | | | tree b69e983266840983183a00f5ac02c66d5270ca47 parent cdd6372949b76694622ed74fe36e1dd17a92eb71 author Zhu Yi <jketreno@io.(none)> 1124435425 -0500 committer James Ketrenos <jketreno@linux.intel.com> 1127312421 -0500 Fix kernel Oops when module unload. Export a new function ieee80211_crypt_quiescing from ieee80211. Device drivers call it to make the host crypto stack enter the quiescence state, which means "process existing requests, but don't accept new ones". This is usually called during a driver's host crypto data structure free (module unload) path. Signed-off-by: James Ketrenos <jketreno@linux.intel.com> Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
* [PATCH] ieee80211: Fix time calculation, switching to use jiffies_to_msecsJames Ketrenos2005-09-211-6/+7
| | | | | | | | | | | | tree b9cdd7058b787807655ea6f125e2adbf8d26c863 parent 85d9b2bddfcf3ed2eb4d061947c25c6a832891ab author Zhu Yi <jketreno@io.(none)> 1124435212 -0500 committer James Ketrenos <jketreno@linux.intel.com> 1127312152 -0500 Fix time calculation, switching to use jiffies_to_msecs. Signed-off-by: James Ketrenos <jketreno@linux.intel.com> Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
* [PATCH] ieee80211: Hardware crypto and fragmentation offload supportJames Ketrenos2005-09-212-27/+50
| | | | | | | | | | | | tree 5322d496af90d03ffbec27292dc1a6268a746ede parent 6c9364386ccb786e4a84427ab3ad712f0b7b8904 author James Ketrenos <jketreno@linux.intel.com> 1124432367 -0500 committer James Ketrenos <jketreno@linux.intel.com> 1127311810 -0500 Hardware crypto and fragmentation offload support added (Zhu Yi) Signed-off-by: James Ketrenos <jketreno@linux.intel.com> Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
* [PATCH] ieee80211: Fixed a kernel oops on module unloadJames Ketrenos2005-09-217-37/+38
| | | | | | | | | | | | | | | | | | | | tree 367069f24fc38b4aa910e86ff40094d2078d8aa7 parent a33a1982012e9070736e3717231714dc9892303b author James Ketrenos <jketreno@linux.intel.com> 1124430800 -0500 committer James Ketrenos <jketreno@linux.intel.com> 1127310571 -0500 Fixed a kernel oops on module unload by adding spin lock protection to ieee80211's crypt handlers (thanks to Zhu Yi) Modified scan result logic to report WPA and RSN IEs if set (vs.being based on wpa_enabled) Added ieee80211_device as the first parameter to the crypt init() method. TKIP modified to use that structure for determining whether to countermeasures are active. Signed-off-by: James Ketrenos <jketreno@linux.intel.com> Signed-off-by: Jeff Garzik <jgarzik@pobox.com>
* Merge /spare/repo/linux-2.6/Jeff Garzik2005-09-2148-1335/+3037
|\
| * [TCP]: Set default congestion control correctly for incoming connections.Stephen Hemminger2005-09-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | Patch from Joel Sing to fix the default congestion control algorithm for incoming connections. If a new congestion control handler is added (via module), it should become the default for new connections. Instead, the incoming connections use reno. The cause is incorrect initialisation causes the tcp_init_congestion_control() function to return after the initial if test fails. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Acked-by: Ian McDonald <imcdnzl@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [FIB_TRIE]: message cleanupStephen Hemminger2005-09-211-12/+3
| | | | | | | | | | | | | | | | | | | | | | | | Cleanup the printk's in fib_trie: * Convert a couple of places in the dump code to BUG_ON * Put log level's on each message The version message really needed the message since it leaks out on the pretty Fedora bootup. Signed-off-by: Stephen Hemminger <shemminger@osdl.org> Acked-by: Robert Olsson <Robert.Olsson@data.slu.se>, Signed-off-by: David S. Miller <davem@davemloft.net>
| * [AF_PACKET]: Allow for > 8 byte hardware addresses.Eric W. Biederman2005-09-211-17/+48
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The convention is that longer addresses will simply extend the hardeware address byte arrays at the end of sockaddr_ll and packet_mreq. In making this change a small information leak was also closed. The code only initializes the hardware address bytes that are used, but all of struct sockaddr_ll was copied to userspace. Now we just copy sockaddr_ll to the last byte of the hardware address used. For error checking larger structures than our internal maximums continue to be allowed but an error is signaled if we can not fit the hardware address into our internal structure. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds2005-09-1920-490/+1897
| |\
| | * [TCP]: Handle SACK'd packets properly in tcp_fragment().Herbert Xu2005-09-191-3/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The problem is that we're now calling tcp_fragment() in a context where the packets might be marked as SACKED_ACKED or SACKED_RETRANS. This was not possible before as you never retransmitted packets that are so marked. Because of this, we need to adjust sacked_out and retrans_out in tcp_fragment(). This is exactly what the following patch does. We also need to preserve the SACKED_ACKED/SACKED_RETRANS marking if they exist. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
| | * [8021Q]: Add endian annotations.Alexey Dobriyan2005-09-191-1/+1
| | | | | | | | | | | | | | | Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| | * [NETFILTER]: Export ip_nat_port_{nfattr_to_range,range_to_nfattr}Harald Welte2005-09-191-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | Those exports are needed by the PPTP helper following in the next couple of changes. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| | * [NETFILTER]: Rename misnamed functionPatrick McHardy2005-09-193-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Both __ip_conntrack_expect_find and ip_conntrack_expect_find_get take a reference to the expectation, the difference is that callers of __ip_conntrack_expect_find must hold ip_conntrack_lock. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| | * [NETFILTER] ip6tables: remove duplicate codeYasuyuki Kozakai2005-09-197-464/+91
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some IPv6 matches have very similar loops to find IPv6 extension header and we can unify them. This patch introduces ipv6_find_hdr() to do it. I just checked that it can find the target headers in the packet which has dst,hbh,rt,frag,ah,esp headers. Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| | * [NETFILTER]: Add new PPTP conntrack and NAT helperHarald Welte2005-09-196-0/+1774
| | | | | | | | | | | | | | | | | | | | | | | | | | | This new "version 3" PPTP conntrack/nat helper is finally ready for mainline inclusion. Special thanks to lots of last-minute bugfixing by Patric McHardy. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| | * [IPV4]: fib_trie RCU refinementsRobert Olsson2005-09-191-11/+10
| | | | | | | | | | | | | | | | | | | | | * This patch is from Paul McKenney's RCU reviewing. Signed-off-by: Robert Olsson <robert.olsson@its.uu.se> Signed-off-by: David S. Miller <davem@davemloft.net>
| | * [IPV4]: fib_trie tnode stats refinementsRobert Olsson2005-09-191-6/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | * Prints the route tnode and set the stats level deepth as before. Signed-off-by: Robert Olsson <robert.olsson@its.uu.se> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | [PATCH] raw_sendmsg DoS on 2.6Mark J Cox2005-09-192-2/+2
| |/ | | | | | | | | | | | | | | | | | | | | | | Fix unchecked __get_user that could be tricked into generating a memory read on an arbitrary address. The result of the read is not returned directly but you may be able to divine some information about it, or use the read to cause a crash on some architectures by reading hardware state. CAN-2004-2492. Fix from Al Viro, ack from Dave Miller. Signed-off-by: Linus Torvalds <torvalds@osdl.org>
| * [NETFILTER]: Solve Kconfig dependency problemHarald Welte2005-09-181-3/+1
| | | | | | | | | | | | | | As suggested by Roman Zippel. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [IPV6]: Check connect(2) status for IPv6 UDP socket (Re: xfrm_lookup)Mitsuru KANDA2005-09-181-2/+8
| | | | | | | | | | | | | | | | | | I think we should cache the per-socket route(dst_entry) only when the IPv6 UDP socket is connect(2)'ed. (which is same as IPv4 UDP send behavior) Signed-off-by: Mitsuru KANDA <mk@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [DCCP]: Introduce CCID getsockopt for the CCIDsArnaldo Carvalho de Melo2005-09-183-6/+98
| | | | | | | | | | | | | | | | Allocation for the optnames is similar to the DCCP options, with a range for rx and tx half connection CCIDs. Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [DCCP]: Don't use necessarily the same CCID for tx and rxArnaldo Carvalho de Melo2005-09-182-3/+4
| | | | | | | | | | Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [CCID3]: Introduce include/linux/tfrc.hArnaldo Carvalho de Melo2005-09-181-10/+13
| | | | | | | | | | | | | | | | | | Moving the TFRC sender and receiver variables to separate structs, so that we can copy these structs to userspace thru getsockopt, dccp_diag, etc. Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [DCCP]: Move the ack vector code to net/dccp/ackvec.[ch]Arnaldo Carvalho de Melo2005-09-189-622/+607
| | | | | | | | | | | | | | | | Isolating it, that will be used when we introduce a CCID2 (TCP-Like) implementation. Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NETFILTER] move nfnetlink options to right location in kconfig menuHarald Welte2005-09-171-2/+1
| | | | | | | | | | Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NETFILTER] Fix Kconfig dependencies for nfnetlink/ctnetlinkHarald Welte2005-09-171-6/+10
| | | | | | | | | | Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NETFILTER]: Fix oops in conntrack event cacheHarald Welte2005-09-161-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | ip_ct_refresh_acct() can be called without a valid "skb" pointer. This used to work, since ct_add_counters() deals with that fact. However, the recently-added event cache doesn't handle this at all. This patch is a quick fix that is supposed to be replaced soon by a cleaner solution during the pending redesign of the event cache. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NETFILTER] CLUSTERIP: use a bitmap to store node responsibility dataKOVACS Krisztian2005-09-161-82/+61
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead of maintaining an array containing a list of nodes this instance is responsible for let's use a simple bitmap. This provides the following features: * clusterip_responsible() and the add_node()/delete_node() operations become very simple and don't need locking * the config structure is much smaller In spite of the completely different internal data representation the user-space interface remains almost unchanged; the only difference is that the proc file does not list nodes in the order they were added. (The target info structure remains the same.) Signed-off-by: KOVACS Krisztian <hidden@balabit.hu> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NETFILTER] CLUSTERIP: introduce reference counting for entriesKOVACS Krisztian2005-09-161-18/+62
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The CLUSTERIP target creates a procfs entry for all different cluster IPs. Although more than one rules can refer to a single cluster IP (and thus a single config structure), removal of the procfs entry is done unconditionally in destroy(). In more complicated situations involving deferred dereferencing of the config structure by procfs and creating a new rule with the same cluster IP it's also possible that no entry will be created for the new rule. This patch fixes the problem by counting the number of entries referencing a given config structure and moving the config list manipulation and procfs entry deletion parts to the clusterip_config_entry_put() function. Signed-off-by: KOVACS Krisztian <hidden@balabit.hu> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [DCCP]: Introduce DCCP_SOCKOPT_SERVICEArnaldo Carvalho de Melo2005-09-165-19/+125
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As discussed in the dccp@vger mailing list: Now applications have to use setsockopt(DCCP_SOCKOPT_SERVICE, service[s]), prior to calling listen() and connect(). An array of unsigned ints can be passed meaning that the listening sock accepts connection requests for several services. With this we can ditch struct sockaddr_dccp and use only sockaddr_in (and sockaddr_in6 in the future). Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [DCCP]: More precisely set reset_code when sending RESET packetsArnaldo Carvalho de Melo2005-09-162-14/+18
| | | | | | | | | | | | | | | | Moving the setting of DCCP_SKB_CB(skb)->dccpd_reset_code to the places where events happen that trigger sending a RESET packet. Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [NET]: Do not leak MSG_CMSG_COMPAT into userspace.David S. Miller2005-09-161-1/+2
| | | | | | | | | | | | Noticed by Sridhar Samudrala. Signed-off-by: David S. Miller <davem@davemloft.net>
| * [IPV6]: Fix per-socket multicast filtering in sk_reuse caseDavid L Stevens2005-09-141-3/+2
| | | | | | | | | | | | | | | | | | | | | | | | per-socket multicast filters were not being applied to all sockets in the case of an exact-match bound address, due to an over-exuberant "return" in the look-up code. Fix below. IPv4 does not have this problem. Thanks to Hoerdt Mickael for reporting the bug. Signed-off-by: David L Stevens <dlstevens@us.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [IPVS]: ip_vs_ftp breaks connections using persistenceJulian Anastasov2005-09-143-17/+60
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ip_vs_ftp when loaded can create NAT connections with unknown client port for passive FTP. For such expectations we lookup with cport=0 on incoming packet but it matches the format of the persistence templates causing packets to other persistent virtual servers to be forwarded to real server without creating connection. Later the reply packets are treated as foreign and not SNAT-ed. This patch changes the connection lookup for packets from clients: * introduce IP_VS_CONN_F_TEMPLATE connection flag to mark the connection as template * create new connection lookup function just for templates - ip_vs_ct_in_get * make sure ip_vs_conn_in_get hits only connections with IP_VS_CONN_F_NO_CPORT flag set when s_port is 0. By this way we avoid returning template when looking for cport=0 (ftp) Signed-off-by: Julian Anastasov <ja@ssi.bg> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [IPVS]: Really invalidate persistent templatesJulian Anastasov2005-09-141-1/+1
| | | | | | | | | | | | | | | | Agostino di Salle noticed that persistent templates are not invalidated due to buggy optimization. Signed-off-by: Julian Anastasov <ja@ssi.bg> Signed-off-by: David S. Miller <davem@davemloft.net>
| * [BRIDGE-NF]: Fix iptables redirect on bridge interfaceBart De Schuymer2005-09-141-3/+5
| | | | | | | | | | | | | | | | Here's a slightly altered patch, originally from Mark Glines who diagnosed and fixed the problem. Signed-off-by: Bart De Schuymer <bdschuym@pandora.be> Signed-off-by: David S. Miller <davem@davemloft.net>
OpenPOWER on IntegriCloud