git.openwrt.org Git - openwrt/staging/blogic.git/commit

author	Florian Westphal <fw@strlen.de>
	Wed, 12 Sep 2018 13:19:08 +0000 (15:19 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Thu, 20 Sep 2018 15:57:17 +0000 (17:57 +0200)
commit	9976fc6e6edbb0372f084a2ae8c1b8103b3bff1d
tree	9240051ddacc76e3824b6efcb0cf8f02f1d94cd0	tree \| snapshot
parent	93e66024b0249cec81e91328c55a754efd3192e0	commit \| diff

netfilter: conntrack: remove the l4proto->new() function

->new() gets invoked after ->error() and before ->packet() if
a conntrack lookup has found no result for the tuple.

We can fold it into ->packet() -- the packet() implementations
can check if the conntrack is confirmed (new) or not
(already in hash).

If its unconfirmed, the conntrack isn't in the hash yet so current
skb created a new conntrack entry.

Only relevant side effect -- if packet() doesn't return NF_ACCEPT
but -NF_ACCEPT (or drop), while the conntrack was just created,
then the newly allocated conntrack is freed right away, rather than not
created in the first place.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/net/netfilter/nf_conntrack_l4proto.h		diff \| blob \| history
net/netfilter/nf_conntrack_core.c		diff \| blob \| history
net/netfilter/nf_conntrack_proto_dccp.c		diff \| blob \| history
net/netfilter/nf_conntrack_proto_generic.c		diff \| blob \| history
net/netfilter/nf_conntrack_proto_gre.c		diff \| blob \| history
net/netfilter/nf_conntrack_proto_icmp.c		diff \| blob \| history
net/netfilter/nf_conntrack_proto_icmpv6.c		diff \| blob \| history
net/netfilter/nf_conntrack_proto_sctp.c		diff \| blob \| history
net/netfilter/nf_conntrack_proto_tcp.c		diff \| blob \| history
net/netfilter/nf_conntrack_proto_udp.c		diff \| blob \| history