You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
121 lines
4.5 KiB
121 lines
4.5 KiB
From: Jeff Mahoney <jeffm@suse.com>
|
|
Subject: netfilter: Remove pointless CONFIG_NF_CT_ACCT warning
|
|
References: bnc#552033 (and others)
|
|
Patch-mainline: not yet
|
|
|
|
CONFIG_NF_CT_ACCT was scheduled at 2.6.27 release-time to be removed
|
|
in 2.6.29. That hasn't happened, and it's sort of pointless to remove the
|
|
option as it sets the default value for whether it's nf_conntrack_acct is
|
|
enabled at boot-time.
|
|
|
|
It still issues a really annoying warning though. This patch properly
|
|
documents the option as controlling the default and undeprecates it. It
|
|
also renames the option to a more subsystem-consistent NF_CONNTRACK_ACCT.
|
|
|
|
Signed-off-by: Jeff Mahoney <jeffm@suse.com>
|
|
---
|
|
Documentation/feature-removal-schedule.txt | 9 ---------
|
|
Documentation/kernel-parameters.txt | 3 +--
|
|
net/netfilter/Kconfig | 11 +++++------
|
|
net/netfilter/nf_conntrack_acct.c | 8 +-------
|
|
net/netfilter/nf_conntrack_netlink.c | 2 --
|
|
5 files changed, 7 insertions(+), 26 deletions(-)
|
|
|
|
--- a/Documentation/feature-removal-schedule.txt
|
|
+++ b/Documentation/feature-removal-schedule.txt
|
|
@@ -313,15 +313,6 @@ Who: Johannes Berg <johannes@sipsolution
|
|
|
|
---------------------------
|
|
|
|
-What: CONFIG_NF_CT_ACCT
|
|
-When: 2.6.29
|
|
-Why: Accounting can now be enabled/disabled without kernel recompilation.
|
|
- Currently used only to set a default value for a feature that is also
|
|
- controlled by a kernel/module/sysfs/sysctl parameter.
|
|
-Who: Krzysztof Piotr Oledzki <ole@ans.pl>
|
|
-
|
|
----------------------------
|
|
-
|
|
What: sysfs ui for changing p4-clockmod parameters
|
|
When: September 2009
|
|
Why: See commits 129f8ae9b1b5be94517da76009ea956e89104ce8 and
|
|
--- a/Documentation/kernel-parameters.txt
|
|
+++ b/Documentation/kernel-parameters.txt
|
|
@@ -1567,8 +1567,7 @@ and is between 256 and 4096 characters.
|
|
[NETFILTER] Enable connection tracking flow accounting
|
|
0 to disable accounting
|
|
1 to enable accounting
|
|
- Default value depends on CONFIG_NF_CT_ACCT that is
|
|
- going to be removed in 2.6.29.
|
|
+ Default value depends on CONFIG_NF_CT_ACCT.
|
|
|
|
nfsaddrs= [NFS]
|
|
See Documentation/filesystems/nfs/nfsroot.txt.
|
|
--- a/net/netfilter/Kconfig
|
|
+++ b/net/netfilter/Kconfig
|
|
@@ -40,12 +40,13 @@ config NF_CONNTRACK
|
|
|
|
if NF_CONNTRACK
|
|
|
|
-config NF_CT_ACCT
|
|
- bool "Connection tracking flow accounting"
|
|
+config NF_CONNTRACK_ACCT
|
|
+ bool "Enable connection tracking flow accounting by default"
|
|
depends on NETFILTER_ADVANCED
|
|
help
|
|
- If this option is enabled, the connection tracking code will
|
|
- keep per-flow packet and byte counters.
|
|
+
|
|
+ This option controls whether per-flow packet and byte counters
|
|
+ are enabled by default.
|
|
|
|
Those counters can be used for flow-based accounting or the
|
|
`connbytes' match.
|
|
@@ -57,8 +58,6 @@ config NF_CT_ACCT
|
|
You may also disable/enable it on a running system with:
|
|
sysctl net.netfilter.nf_conntrack_acct=0/1
|
|
|
|
- This option will be removed in 2.6.29.
|
|
-
|
|
If unsure, say `N'.
|
|
|
|
config NF_CONNTRACK_MARK
|
|
--- a/net/netfilter/nf_conntrack_acct.c
|
|
+++ b/net/netfilter/nf_conntrack_acct.c
|
|
@@ -16,7 +16,7 @@
|
|
#include <net/netfilter/nf_conntrack_extend.h>
|
|
#include <net/netfilter/nf_conntrack_acct.h>
|
|
|
|
-#ifdef CONFIG_NF_CT_ACCT
|
|
+#ifdef CONFIG_NF_CONNTRACK_ACCT
|
|
#define NF_CT_ACCT_DEFAULT 1
|
|
#else
|
|
#define NF_CT_ACCT_DEFAULT 0
|
|
@@ -113,12 +113,6 @@ int nf_conntrack_acct_init(struct net *n
|
|
net->ct.sysctl_acct = nf_ct_acct;
|
|
|
|
if (net_eq(net, &init_net)) {
|
|
-#ifdef CONFIG_NF_CT_ACCT
|
|
- printk(KERN_WARNING "CONFIG_NF_CT_ACCT is deprecated and will be removed soon. Please use\n");
|
|
- printk(KERN_WARNING "nf_conntrack.acct=1 kernel parameter, acct=1 nf_conntrack module option or\n");
|
|
- printk(KERN_WARNING "sysctl net.netfilter.nf_conntrack_acct=1 to enable it.\n");
|
|
-#endif
|
|
-
|
|
ret = nf_ct_extend_register(&acct_extend);
|
|
if (ret < 0) {
|
|
printk(KERN_ERR "nf_conntrack_acct: Unable to register extension\n");
|
|
--- a/net/netfilter/nf_conntrack_netlink.c
|
|
+++ b/net/netfilter/nf_conntrack_netlink.c
|
|
@@ -435,11 +435,9 @@ ctnetlink_nlmsg_size(const struct nf_con
|
|
+ 3 * nla_total_size(sizeof(u_int8_t)) /* CTA_PROTO_NUM */
|
|
+ nla_total_size(sizeof(u_int32_t)) /* CTA_ID */
|
|
+ nla_total_size(sizeof(u_int32_t)) /* CTA_STATUS */
|
|
-#ifdef CONFIG_NF_CT_ACCT
|
|
+ 2 * nla_total_size(0) /* CTA_COUNTERS_ORIG|REPL */
|
|
+ 2 * nla_total_size(sizeof(uint64_t)) /* CTA_COUNTERS_PACKETS */
|
|
+ 2 * nla_total_size(sizeof(uint64_t)) /* CTA_COUNTERS_BYTES */
|
|
-#endif
|
|
+ nla_total_size(sizeof(u_int32_t)) /* CTA_TIMEOUT */
|
|
+ nla_total_size(0) /* CTA_PROTOINFO */
|
|
+ nla_total_size(0) /* CTA_HELP */
|