On Feb 19 2008 13:22, Patrick McHardy wrote:
> Jan Engelhardt wrote:
>> Hi,
>>
>>
>> I just noticed that nf_nat_core.c uses
>>
>> l3proto = nf_ct_l3proto_find_get((u_int16_t)AF_INET);
>>
>> in its nf_nat_init() function. Why is not it using
>> nf_ct_l3proto_module_try_get here?
>
> There is no such function, nf_ct_l3proto_find_get() takes a
> module reference.
>
Hm?
=== nf_nat_core.c ===
spin_unlock_bh(&nf_nat_lock);
/* Initialize fake conntrack so that NAT will skip it */
nf_conntrack_untracked.status |= IPS_NAT_DONE_MASK;
l3proto = nf_ct_l3proto_find_get((u_int16_t)AF_INET);
return 0;
cleanup_extend:
nf_ct_extend_unregister(&nat_extend);
return ret;
}
===
Since nf_ct_l3proto_find_get is listed in System.map, it
cannot be a macro, but it is a function indeed.
And nf_ct_l3proto_try_module_get does take a numerical value:
=== xt_conntrack.c
conntrack_mt_check(const char *tablename, const void *ip,
const struct xt_match *match, void *matchinfo,
unsigned int hook_mask)
{
if (nf_ct_l3proto_try_module_get(match->family) < 0) {
printk(KERN_WARNING "can't load conntrack support for "
"proto=%u\n", match->family);
===
leading to the original question why nf_nat_core does not use
nf_ct_l3proto_try_module_get.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
