dd2934a957
l4 protocols are demuxed by l3num, l4num pair. However, almost all l4 trackers are l3 agnostic. Only exceptions are: - gre, icmp (ipv4 only) - icmpv6 (ipv6 only) This commit gets rid of the l3 mapping, l4 trackers can now be looked up by their IPPROTO_XXX value alone, which gets rid of the additional l3 indirection. For icmp, ipcmp6 and gre, add a check on state->pf and return -NF_ACCEPT in case we're asked to track e.g. icmpv6-in-ipv4, this seems more fitting than using the generic tracker. Additionally we can kill the 2nd l4proto definitions that were needed for v4/v6 split -- they are now the same so we can use single l4proto struct for each protocol, rather than two. The EXPORT_SYMBOLs can be removed as all these object files are part of nf_conntrack with no external references. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
11 lines
280 B
C
11 lines
280 B
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
#ifndef _NF_CONNTRACK_IPV6_H
|
|
#define _NF_CONNTRACK_IPV6_H
|
|
|
|
extern const struct nf_conntrack_l4proto nf_conntrack_l4proto_icmpv6;
|
|
|
|
#include <linux/sysctl.h>
|
|
extern struct ctl_table nf_ct_ipv6_sysctl_table[];
|
|
|
|
#endif /* _NF_CONNTRACK_IPV6_H*/
|