int __init br_netfilter_init(void)
{
int ret;
ret = dst_entries_init(&fake_dst_ops);
if (ret < 0)
return ret;
ret = nf_register_hooks(br_nf_ops, ARRAY_SIZE(br_nf_ops));
if (ret < 0) {
dst_entries_destroy(&fake_dst_ops);
return ret;
}
#ifdef CONFIG_SYSCTL
brnf_sysctl_header = register_sysctl_paths(brnf_path, brnf_table);
if (brnf_sysctl_header == NULL) {
printk(KERN_WARNING
"br_netfilter: can't register to sysctl.\n");
nf_unregister_hooks(br_nf_ops, ARRAY_SIZE(br_nf_ops));
dst_entries_destroy(&fake_dst_ops);
return -ENOMEM;
}
#endif
printk(KERN_NOTICE "Bridge firewalling registered\n");
return 0;
}
int __init xfrm6_init(void)
{
int ret;
unsigned int gc_thresh;
gc_thresh = FIB6_TABLE_HASHSZ * 8;
xfrm6_dst_ops.gc_thresh = (gc_thresh < 1024) ? 1024 : gc_thresh;
dst_entries_init(&xfrm6_dst_ops);
ret = xfrm6_policy_init();
if (ret) {
dst_entries_destroy(&xfrm6_dst_ops);
goto out;
}
ret = xfrm6_state_init();
if (ret)
goto out_policy;
#ifdef CONFIG_SYSCTL
sysctl_hdr = register_net_sysctl_table(&init_net, net_ipv6_ctl_path,
xfrm6_policy_table);
#endif
out:
return ret;
out_policy:
xfrm6_policy_fini();
goto out;
}
void br_netfilter_fini(void) {
nf_unregister_hooks(br_nf_ops, ARRAY_SIZE(br_nf_ops));
#ifdef CONFIG_SYSCTL
unregister_net_sysctl_table(brnf_sysctl_header);
#endif
dst_entries_destroy(&fake_dst_ops);
}
int __init xfrm6_init(void)
{
int ret;
dst_entries_init(&xfrm6_dst_ops);
ret = xfrm6_policy_init();
if (ret) {
dst_entries_destroy(&xfrm6_dst_ops);
goto out;
}
ret = xfrm6_state_init();
if (ret)
goto out_policy;
ret = xfrm6_protocol_init();
if (ret)
goto out_state;
#ifdef CONFIG_SYSCTL
register_pernet_subsys(&xfrm6_net_ops);
#endif
out:
return ret;
out_state:
xfrm6_state_fini();
out_policy:
xfrm6_policy_fini();
goto out;
}
int __init xfrm6_init(void)
{
int ret;
dst_entries_init(&xfrm6_dst_ops);
ret = xfrm6_policy_init();
if (ret) {
dst_entries_destroy(&xfrm6_dst_ops);
goto out;
}
ret = xfrm6_state_init();
if (ret)
goto out_policy;
#ifdef CONFIG_SYSCTL
sysctl_hdr = register_net_sysctl(&init_net, "net/ipv6",
xfrm6_policy_table);
#endif
out:
return ret;
out_policy:
xfrm6_policy_fini();
goto out;
}
void xfrm6_fini(void)
{
#ifdef CONFIG_SYSCTL
unregister_pernet_subsys(&xfrm6_net_ops);
#endif
xfrm6_policy_fini();
xfrm6_state_fini();
dst_entries_destroy(&xfrm6_dst_ops);
}
void xfrm6_fini(void)
{
#ifdef CONFIG_SYSCTL
if (sysctl_hdr)
unregister_net_sysctl_table(sysctl_hdr);
#endif
xfrm6_policy_fini();
xfrm6_state_fini();
dst_entries_destroy(&xfrm6_dst_ops);
}
static int __net_init xfrm4_net_init(struct net *net)
{
int ret;
memcpy(&net->xfrm.xfrm4_dst_ops, &xfrm4_dst_ops_template,
sizeof(xfrm4_dst_ops_template));
ret = dst_entries_init(&net->xfrm.xfrm4_dst_ops);
if (ret)
return ret;
ret = xfrm4_net_sysctl_init(net);
if (ret)
dst_entries_destroy(&net->xfrm.xfrm4_dst_ops);
return ret;
}
int __init xfrm6_init(void)
{
int ret;
unsigned int gc_thresh;
/*
* We need a good default value for the xfrm6 gc threshold.
* In ipv4 we set it to the route hash table size * 8, which
* is half the size of the maximaum route cache for ipv4. It
* would be good to do the same thing for v6, except the table is
* constructed differently here. Here each table for a net namespace
* can have FIB_TABLE_HASHSZ entries, so lets go with the same
* computation that we used for ipv4 here. Also, lets keep the initial
* gc_thresh to a minimum of 1024, since, the ipv6 route cache defaults
* to that as a minimum as well
*/
gc_thresh = FIB6_TABLE_HASHSZ * 8;
xfrm6_dst_ops.gc_thresh = (gc_thresh < 1024) ? 1024 : gc_thresh;
dst_entries_init(&xfrm6_dst_ops);
ret = xfrm6_policy_init();
if (ret) {
dst_entries_destroy(&xfrm6_dst_ops);
goto out;
}
ret = xfrm6_state_init();
if (ret)
goto out_policy;
#ifdef CONFIG_SYSCTL
sysctl_hdr = register_net_sysctl_table(&init_net, net_ipv6_ctl_path,
xfrm6_policy_table);
#endif
out:
return ret;
out_policy:
xfrm6_policy_fini();
goto out;
}
void br_nf_core_fini(void)
{
dst_entries_destroy(&fake_dst_ops);
}
static void __net_exit xfrm4_net_exit(struct net *net)
{
xfrm4_net_sysctl_exit(net);
dst_entries_destroy(&net->xfrm.xfrm4_dst_ops);
}