1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
diff --git a/xt_FULLCONENAT.c b/xt_FULLCONENAT.c
index 9bb8660..c061b98 100644
--- a/xt_FULLCONENAT.c
+++ b/xt_FULLCONENAT.c
@@ -123,7 +123,9 @@ struct notifier_block ct_event_notifier;
struct nf_ct_event_notifier ct_event_notifier;
#endif
int tg_refer_count = 0;
+#if LINUX_VERSION_CODE < KERNEL_VERSION(5,15,0)
int ct_event_notifier_registered = 0;
+#endif
static DEFINE_MUTEX(nf_ct_net_event_lock);
@@ -894,8 +896,10 @@ static void gc_worker(struct work_struct *work) {
#ifdef CONFIG_NF_CONNTRACK_CHAIN_EVENTS
static int ct_event_cb(struct notifier_block *this, unsigned long events, void *ptr) {
struct nf_ct_event *item = ptr;
-#else
+#elif LINUX_VERSION_CODE < KERNEL_VERSION(5,15,0)
static int ct_event_cb(unsigned int events, struct nf_ct_event *item) {
+#else
+static int ct_event_cb(unsigned int events, const struct nf_ct_event *item) {
#endif
struct nf_conn *ct;
struct nf_conntrack_tuple *ct_tuple_reply, *ct_tuple_original;
@@ -1242,9 +1246,8 @@ static int fullconenat_tg_check(const struct xt_tgchk_param *par)
if (tg_refer_count == 1) {
#ifdef CONFIG_NF_CONNTRACK_CHAIN_EVENTS
ct_event_notifier.notifier_call = ct_event_cb;
-#else
+#elif LINUX_VERSION_CODE < KERNEL_VERSION(5,15,0)
ct_event_notifier.fcn = ct_event_cb;
-#endif
if (nf_conntrack_register_notifier(par->net, &ct_event_notifier) == 0) {
ct_event_notifier_registered = 1;
@@ -1252,6 +1255,11 @@ static int fullconenat_tg_check(const struct xt_tgchk_param *par)
} else {
printk("xt_FULLCONENAT: warning: failed to register a conntrack notifier. Disable active GC for mappings.\n");
}
+#else
+ ct_event_notifier.ct_event = ct_event_cb;
+ nf_conntrack_register_notifier(par->net, &ct_event_notifier);
+ pr_debug("xt_FULLCONENAT: fullconenat_tg_check(): ct_event_notifier registered\n");
+#endif
}
@@ -1269,6 +1277,7 @@ static void fullconenat_tg_destroy(const struct xt_tgdtor_param *par)
pr_debug("xt_FULLCONENAT: fullconenat_tg_destroy(): tg_refer_count is now %d\n", tg_refer_count);
if (tg_refer_count == 0) {
+#if LINUX_VERSION_CODE < KERNEL_VERSION(5,15,0)
if (ct_event_notifier_registered) {
nf_conntrack_unregister_notifier(par->net, &ct_event_notifier);
ct_event_notifier_registered = 0;
@@ -1276,6 +1285,10 @@ static void fullconenat_tg_destroy(const struct xt_tgdtor_param *par)
pr_debug("xt_FULLCONENAT: fullconenat_tg_destroy(): ct_event_notifier unregistered\n");
}
+#else
+ nf_conntrack_unregister_notifier(par->net);
+ pr_debug("xt_FULLCONENAT: fullconenat_tg_destroy(): ct_event_notifier unregistered\n");
+#endif
nf_ct_netns_put(par->net, par->family);
}
|