netfilter: conntrack: remove indirect err call from l4proto trackers

Florian Westphal <fw@xxxxxxxxx> · Wed, 12 Sep 2018 15:19:06 +0200

icmp(v6) are the only protocols that need the error()
callback (to handle icmp errors that are related to an established
connections, e.g. packet too big, port unreachable and the like).

Handle icmp from core, then get rid of ->error().
The other protocols can call the 'old' indirect error call as a direct
one.

As all l4 trackers are now l3 agnostic, get rid of the 'duplicate'
l4 trackers.  This also avoids one level of indirection during l4proto lookup.

Florian Westphal (8):
      netfilter: conntrack: pass nf_hook_state to packet and error handlers
      netfilter: conntrack: remove the l4proto->new() function
      netfilter: conntrack: deconstify packet callback skb pointer
      netfilter: conntrack: avoid using ->error callback if possible
      netfilter: conntrack: remove error callback and handle icmp from core
      netfilter: conntrack: remove unused proto arg from netns init functions
      netfilter: conntrack: remove l3->l4 mapping information
      netfilter: conntrack: clamp l4proto array size at largers supported protocol

 include/net/netfilter/ipv4/nf_conntrack_ipv4.h |   13 -
 include/net/netfilter/ipv6/nf_conntrack_ipv6.h |   13 -
 include/net/netfilter/nf_conntrack_core.h      |    3 
 include/net/netfilter/nf_conntrack_l4proto.h   |   40 +--
 net/netfilter/nf_conntrack_core.c              |  113 ++++++----
 net/netfilter/nf_conntrack_expect.c            |    3 
 net/netfilter/nf_conntrack_netlink.c           |   14 -
 net/netfilter/nf_conntrack_proto.c             |  121 +++--------
 net/netfilter/nf_conntrack_proto_dccp.c        |  171 ++++++----------
 net/netfilter/nf_conntrack_proto_generic.c     |   28 --
 net/netfilter/nf_conntrack_proto_gre.c         |   44 +---
 net/netfilter/nf_conntrack_proto_icmp.c        |   82 +++----
 net/netfilter/nf_conntrack_proto_icmpv6.c      |   92 ++++----
 net/netfilter/nf_conntrack_proto_sctp.c        |  263 ++++++++++--------------
 net/netfilter/nf_conntrack_proto_tcp.c         |  257 ++++++++++--------------
 net/netfilter/nf_conntrack_proto_udp.c         |  267 ++++++++++---------------
 net/netfilter/nf_conntrack_standalone.c        |    2 
 net/netfilter/nf_flow_table_core.c             |    2 
 net/netfilter/nfnetlink_cttimeout.c            |   11 -
 net/netfilter/nft_ct.c                         |    2 
 net/netfilter/xt_CT.c                          |    2 
 net/openvswitch/conntrack.c                    |    8 
 22 files changed, 663 insertions(+), 888 deletions(-)