From: Patrick McHardy <kaber@trash•net>
To: Shan Wei <shanwei@cn•fujitsu.com>
Cc: Alexey Dobriyan <adobriyan@gmail•com>, netdev@vger•kernel.org
Subject: Re: [RFC PATCH net-next 1/5]IPv6:netfilter: defrag:Introduce net namespace
Date: Thu, 25 Feb 2010 18:34:23 +0100 [thread overview]
Message-ID: <4B86B49F.1010806@trash.net> (raw)
In-Reply-To: <4B8660AD.7030308@cn.fujitsu.com>
Shan Wei wrote:
> Patrick McHardy wrote, at 02/24/2010 10:05 PM:
>> Shan Wei wrote:
>>> Alexey Dobriyan wrote, at 02/24/2010 03:48 PM:
>>>>> - .procname = "nf_conntrack_frag6_timeout",
>>>>> - .data = &nf_init_frags.timeout,
>>>>> - .maxlen = sizeof(unsigned int),
>>>>> - .mode = 0644,
>>>>> - .proc_handler = proc_dointvec_jiffies,
>>>> Why are you removing sysctls?
>>> Because, after introduced net namespace, we can use net->ipv6.frags to
>>> manage IPv6 conntrack fragment queue instead of nf_init_frags.
>>> And sysctls of ip6frag_low_thresh, ip6frag_time and ip6frag_high_thresh
>>> also can control IPv6 conntrack fragment queue.
>>>
>>> So, private member of nf_init_frags becomes redundant, and remove these sysctls.
>> You can't simply remove them without a warning, people might be
>> using them.
>
> How to provide a warning to user?
> How about handle these sysctl ABIs like this:
>
> s1) Retain these sysctls and refer .data to appropriate member of frags of init_net.
> Take nf_conntrack_frag6_timeout for example, .data = &init_net.ipv6.frags.timeout.
I'd suggest to refer to the proper namespace, check out
net/netfilter/nf_conntrack_standalone.c for an example.
> s2) When register sysctls of conntrack ipv6 protocol in nf_ct_l3proto_register_sysctl(),
> print a waring like this.
> "nf_conntrack_frag6_timeout and ip6frag_time, nf_conntrack_frag6_low_thresh and ip6frag_low_thresh,
> nf_conntrack_frag6_high_thresh and ip6frag_high_thresh, the three sets are equivalent.
> nf_conntrack_frag6_timeout is just an alias for ip6frag_time. The former Parameters of IPv6 conntrack
> will be removed in the future, please use the latter ones of IPv6."
>
> s3) Describe these removable sysctl ABIs in Documentation/feature-removal-schedule.txt
This sounds fine.
prev parent reply other threads:[~2010-02-25 17:34 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-02-24 7:48 [RFC PATCH net-next 1/5]IPv6:netfilter: defrag:Introduce net namespace Alexey Dobriyan
2010-02-24 8:26 ` Shan Wei
2010-02-24 14:05 ` Patrick McHardy
2010-02-25 11:36 ` Shan Wei
2010-02-25 17:34 ` Patrick McHardy [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4B86B49F.1010806@trash.net \
--to=kaber@trash$(echo .)net \
--cc=adobriyan@gmail$(echo .)com \
--cc=netdev@vger$(echo .)kernel.org \
--cc=shanwei@cn$(echo .)fujitsu.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox