datapath: compat: Backports nf_conncount
This patch backports the nf_conncount backend that counts the number
of connections matching an arbitrary key. The following patch will
use the feature to support connection tracking zone limit in ovs
kernel datapath.
This backport is based on an upstream net-next upstream commits.
5c789e131cbb ("netfilter: nf_conncount: Add list lock and gc worker, and RCU for init tree search")
34848d5c896e ("netfilter: nf_conncount: Split insert and traversal")
2ba39118c10a ("netfilter: nf_conncount: Move locking into count_tree()")
976afca1ceba ("netfilter: nf_conncount: Early exit in nf_conncount_lookup() and cleanup")
cb2b36f5a97d ("netfilter: nf_conncount: Switch to plain list")
2a406e8ac7c3 ("netfilter: nf_conncount: Early exit for garbage collection")
b36e4523d4d5 ("netfilter: nf_conncount: fix garbage collection confirm race")
21ba8847f857 ("netfilter: nf_conncount: Fix garbage collection with zones")
5e5cbc7b23ea ("netfilter: nf_conncount: expose connection list interface")
35d8deb80c30 ("netfilter: conncount: Support count only use case")
6aec208786c2 ("netfilter: Refactor nf_conncount")
d384e65f1e75 ("netfilter: return booleans instead of integers")
625c556118f3 ("netfilter: connlimit: split xt_connlimit into front and backend")
The upstream nf_conncount has a couple of export functions while
this patch only export the ones that ovs kernel module needs.
Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Justin Pettit <jpettit@ovn.org>
projects / mirror_ovs.git / commit