Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/roland...
[linux-2.6] / net / ipv4 / sysctl_net_ipv4.c
1 /*
2  * sysctl_net_ipv4.c: sysctl interface to net IPV4 subsystem.
3  *
4  * $Id: sysctl_net_ipv4.c,v 1.50 2001/10/20 00:00:11 davem Exp $
5  *
6  * Begun April 1, 1996, Mike Shaver.
7  * Added /proc/sys/net/ipv4 directory entry (empty =) ). [MS]
8  */
9
10 #include <linux/mm.h>
11 #include <linux/module.h>
12 #include <linux/sysctl.h>
13 #include <linux/igmp.h>
14 #include <linux/inetdevice.h>
15 #include <linux/seqlock.h>
16 #include <net/snmp.h>
17 #include <net/icmp.h>
18 #include <net/ip.h>
19 #include <net/route.h>
20 #include <net/tcp.h>
21 #include <net/cipso_ipv4.h>
22 #include <net/inet_frag.h>
23
24 /* From af_inet.c */
25 extern int sysctl_ip_nonlocal_bind;
26
27 #ifdef CONFIG_SYSCTL
28 static int zero;
29 static int tcp_retr1_max = 255;
30 static int ip_local_port_range_min[] = { 1, 1 };
31 static int ip_local_port_range_max[] = { 65535, 65535 };
32 #endif
33
34 struct ipv4_config ipv4_config;
35
36 #ifdef CONFIG_SYSCTL
37
38 static
39 int ipv4_sysctl_forward(ctl_table *ctl, int write, struct file * filp,
40                         void __user *buffer, size_t *lenp, loff_t *ppos)
41 {
42         int val = IPV4_DEVCONF_ALL(FORWARDING);
43         int ret;
44
45         ret = proc_dointvec(ctl, write, filp, buffer, lenp, ppos);
46
47         if (write && IPV4_DEVCONF_ALL(FORWARDING) != val)
48                 inet_forward_change();
49
50         return ret;
51 }
52
53 static int ipv4_sysctl_forward_strategy(ctl_table *table,
54                          int __user *name, int nlen,
55                          void __user *oldval, size_t __user *oldlenp,
56                          void __user *newval, size_t newlen)
57 {
58         int *valp = table->data;
59         int new;
60
61         if (!newval || !newlen)
62                 return 0;
63
64         if (newlen != sizeof(int))
65                 return -EINVAL;
66
67         if (get_user(new, (int __user *)newval))
68                 return -EFAULT;
69
70         if (new == *valp)
71                 return 0;
72
73         if (oldval && oldlenp) {
74                 size_t len;
75
76                 if (get_user(len, oldlenp))
77                         return -EFAULT;
78
79                 if (len) {
80                         if (len > table->maxlen)
81                                 len = table->maxlen;
82                         if (copy_to_user(oldval, valp, len))
83                                 return -EFAULT;
84                         if (put_user(len, oldlenp))
85                                 return -EFAULT;
86                 }
87         }
88
89         *valp = new;
90         inet_forward_change();
91         return 1;
92 }
93
94 extern seqlock_t sysctl_port_range_lock;
95 extern int sysctl_local_port_range[2];
96
97 /* Update system visible IP port range */
98 static void set_local_port_range(int range[2])
99 {
100         write_seqlock(&sysctl_port_range_lock);
101         sysctl_local_port_range[0] = range[0];
102         sysctl_local_port_range[1] = range[1];
103         write_sequnlock(&sysctl_port_range_lock);
104 }
105
106 /* Validate changes from /proc interface. */
107 static int ipv4_local_port_range(ctl_table *table, int write, struct file *filp,
108                                  void __user *buffer,
109                                  size_t *lenp, loff_t *ppos)
110 {
111         int ret;
112         int range[2] = { sysctl_local_port_range[0],
113                          sysctl_local_port_range[1] };
114         ctl_table tmp = {
115                 .data = &range,
116                 .maxlen = sizeof(range),
117                 .mode = table->mode,
118                 .extra1 = &ip_local_port_range_min,
119                 .extra2 = &ip_local_port_range_max,
120         };
121
122         ret = proc_dointvec_minmax(&tmp, write, filp, buffer, lenp, ppos);
123
124         if (write && ret == 0) {
125                 if (range[1] < range[0])
126                         ret = -EINVAL;
127                 else
128                         set_local_port_range(range);
129         }
130
131         return ret;
132 }
133
134 /* Validate changes from sysctl interface. */
135 static int ipv4_sysctl_local_port_range(ctl_table *table, int __user *name,
136                                          int nlen, void __user *oldval,
137                                          size_t __user *oldlenp,
138                                         void __user *newval, size_t newlen)
139 {
140         int ret;
141         int range[2] = { sysctl_local_port_range[0],
142                          sysctl_local_port_range[1] };
143         ctl_table tmp = {
144                 .data = &range,
145                 .maxlen = sizeof(range),
146                 .mode = table->mode,
147                 .extra1 = &ip_local_port_range_min,
148                 .extra2 = &ip_local_port_range_max,
149         };
150
151         ret = sysctl_intvec(&tmp, name, nlen, oldval, oldlenp, newval, newlen);
152         if (ret == 0 && newval && newlen) {
153                 if (range[1] < range[0])
154                         ret = -EINVAL;
155                 else
156                         set_local_port_range(range);
157         }
158         return ret;
159 }
160
161
162 static int proc_tcp_congestion_control(ctl_table *ctl, int write, struct file * filp,
163                                        void __user *buffer, size_t *lenp, loff_t *ppos)
164 {
165         char val[TCP_CA_NAME_MAX];
166         ctl_table tbl = {
167                 .data = val,
168                 .maxlen = TCP_CA_NAME_MAX,
169         };
170         int ret;
171
172         tcp_get_default_congestion_control(val);
173
174         ret = proc_dostring(&tbl, write, filp, buffer, lenp, ppos);
175         if (write && ret == 0)
176                 ret = tcp_set_default_congestion_control(val);
177         return ret;
178 }
179
180 static int sysctl_tcp_congestion_control(ctl_table *table, int __user *name,
181                                          int nlen, void __user *oldval,
182                                          size_t __user *oldlenp,
183                                          void __user *newval, size_t newlen)
184 {
185         char val[TCP_CA_NAME_MAX];
186         ctl_table tbl = {
187                 .data = val,
188                 .maxlen = TCP_CA_NAME_MAX,
189         };
190         int ret;
191
192         tcp_get_default_congestion_control(val);
193         ret = sysctl_string(&tbl, name, nlen, oldval, oldlenp, newval, newlen);
194         if (ret == 0 && newval && newlen)
195                 ret = tcp_set_default_congestion_control(val);
196         return ret;
197 }
198
199 static int proc_tcp_available_congestion_control(ctl_table *ctl,
200                                                  int write, struct file * filp,
201                                                  void __user *buffer, size_t *lenp,
202                                                  loff_t *ppos)
203 {
204         ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX, };
205         int ret;
206
207         tbl.data = kmalloc(tbl.maxlen, GFP_USER);
208         if (!tbl.data)
209                 return -ENOMEM;
210         tcp_get_available_congestion_control(tbl.data, TCP_CA_BUF_MAX);
211         ret = proc_dostring(&tbl, write, filp, buffer, lenp, ppos);
212         kfree(tbl.data);
213         return ret;
214 }
215
216 static int proc_allowed_congestion_control(ctl_table *ctl,
217                                            int write, struct file * filp,
218                                            void __user *buffer, size_t *lenp,
219                                            loff_t *ppos)
220 {
221         ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX };
222         int ret;
223
224         tbl.data = kmalloc(tbl.maxlen, GFP_USER);
225         if (!tbl.data)
226                 return -ENOMEM;
227
228         tcp_get_allowed_congestion_control(tbl.data, tbl.maxlen);
229         ret = proc_dostring(&tbl, write, filp, buffer, lenp, ppos);
230         if (write && ret == 0)
231                 ret = tcp_set_allowed_congestion_control(tbl.data);
232         kfree(tbl.data);
233         return ret;
234 }
235
236 static int strategy_allowed_congestion_control(ctl_table *table, int __user *name,
237                                                int nlen, void __user *oldval,
238                                                size_t __user *oldlenp,
239                                                void __user *newval,
240                                                size_t newlen)
241 {
242         ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX };
243         int ret;
244
245         tbl.data = kmalloc(tbl.maxlen, GFP_USER);
246         if (!tbl.data)
247                 return -ENOMEM;
248
249         tcp_get_available_congestion_control(tbl.data, tbl.maxlen);
250         ret = sysctl_string(&tbl, name, nlen, oldval, oldlenp, newval, newlen);
251         if (ret == 0 && newval && newlen)
252                 ret = tcp_set_allowed_congestion_control(tbl.data);
253         kfree(tbl.data);
254
255         return ret;
256
257 }
258
259 ctl_table ipv4_table[] = {
260         {
261                 .ctl_name       = NET_IPV4_TCP_TIMESTAMPS,
262                 .procname       = "tcp_timestamps",
263                 .data           = &sysctl_tcp_timestamps,
264                 .maxlen         = sizeof(int),
265                 .mode           = 0644,
266                 .proc_handler   = &proc_dointvec
267         },
268         {
269                 .ctl_name       = NET_IPV4_TCP_WINDOW_SCALING,
270                 .procname       = "tcp_window_scaling",
271                 .data           = &sysctl_tcp_window_scaling,
272                 .maxlen         = sizeof(int),
273                 .mode           = 0644,
274                 .proc_handler   = &proc_dointvec
275         },
276         {
277                 .ctl_name       = NET_IPV4_TCP_SACK,
278                 .procname       = "tcp_sack",
279                 .data           = &sysctl_tcp_sack,
280                 .maxlen         = sizeof(int),
281                 .mode           = 0644,
282                 .proc_handler   = &proc_dointvec
283         },
284         {
285                 .ctl_name       = NET_IPV4_TCP_RETRANS_COLLAPSE,
286                 .procname       = "tcp_retrans_collapse",
287                 .data           = &sysctl_tcp_retrans_collapse,
288                 .maxlen         = sizeof(int),
289                 .mode           = 0644,
290                 .proc_handler   = &proc_dointvec
291         },
292         {
293                 .ctl_name       = NET_IPV4_FORWARD,
294                 .procname       = "ip_forward",
295                 .data           = &IPV4_DEVCONF_ALL(FORWARDING),
296                 .maxlen         = sizeof(int),
297                 .mode           = 0644,
298                 .proc_handler   = &ipv4_sysctl_forward,
299                 .strategy       = &ipv4_sysctl_forward_strategy
300         },
301         {
302                 .ctl_name       = NET_IPV4_DEFAULT_TTL,
303                 .procname       = "ip_default_ttl",
304                 .data           = &sysctl_ip_default_ttl,
305                 .maxlen         = sizeof(int),
306                 .mode           = 0644,
307                 .proc_handler   = &ipv4_doint_and_flush,
308                 .strategy       = &ipv4_doint_and_flush_strategy,
309         },
310         {
311                 .ctl_name       = NET_IPV4_NO_PMTU_DISC,
312                 .procname       = "ip_no_pmtu_disc",
313                 .data           = &ipv4_config.no_pmtu_disc,
314                 .maxlen         = sizeof(int),
315                 .mode           = 0644,
316                 .proc_handler   = &proc_dointvec
317         },
318         {
319                 .ctl_name       = NET_IPV4_NONLOCAL_BIND,
320                 .procname       = "ip_nonlocal_bind",
321                 .data           = &sysctl_ip_nonlocal_bind,
322                 .maxlen         = sizeof(int),
323                 .mode           = 0644,
324                 .proc_handler   = &proc_dointvec
325         },
326         {
327                 .ctl_name       = NET_IPV4_TCP_SYN_RETRIES,
328                 .procname       = "tcp_syn_retries",
329                 .data           = &sysctl_tcp_syn_retries,
330                 .maxlen         = sizeof(int),
331                 .mode           = 0644,
332                 .proc_handler   = &proc_dointvec
333         },
334         {
335                 .ctl_name       = NET_TCP_SYNACK_RETRIES,
336                 .procname       = "tcp_synack_retries",
337                 .data           = &sysctl_tcp_synack_retries,
338                 .maxlen         = sizeof(int),
339                 .mode           = 0644,
340                 .proc_handler   = &proc_dointvec
341         },
342         {
343                 .ctl_name       = NET_TCP_MAX_ORPHANS,
344                 .procname       = "tcp_max_orphans",
345                 .data           = &sysctl_tcp_max_orphans,
346                 .maxlen         = sizeof(int),
347                 .mode           = 0644,
348                 .proc_handler   = &proc_dointvec
349         },
350         {
351                 .ctl_name       = NET_TCP_MAX_TW_BUCKETS,
352                 .procname       = "tcp_max_tw_buckets",
353                 .data           = &tcp_death_row.sysctl_max_tw_buckets,
354                 .maxlen         = sizeof(int),
355                 .mode           = 0644,
356                 .proc_handler   = &proc_dointvec
357         },
358         {
359                 .ctl_name       = NET_IPV4_IPFRAG_HIGH_THRESH,
360                 .procname       = "ipfrag_high_thresh",
361                 .data           = &ip4_frags_ctl.high_thresh,
362                 .maxlen         = sizeof(int),
363                 .mode           = 0644,
364                 .proc_handler   = &proc_dointvec
365         },
366         {
367                 .ctl_name       = NET_IPV4_IPFRAG_LOW_THRESH,
368                 .procname       = "ipfrag_low_thresh",
369                 .data           = &ip4_frags_ctl.low_thresh,
370                 .maxlen         = sizeof(int),
371                 .mode           = 0644,
372                 .proc_handler   = &proc_dointvec
373         },
374         {
375                 .ctl_name       = NET_IPV4_DYNADDR,
376                 .procname       = "ip_dynaddr",
377                 .data           = &sysctl_ip_dynaddr,
378                 .maxlen         = sizeof(int),
379                 .mode           = 0644,
380                 .proc_handler   = &proc_dointvec
381         },
382         {
383                 .ctl_name       = NET_IPV4_IPFRAG_TIME,
384                 .procname       = "ipfrag_time",
385                 .data           = &ip4_frags_ctl.timeout,
386                 .maxlen         = sizeof(int),
387                 .mode           = 0644,
388                 .proc_handler   = &proc_dointvec_jiffies,
389                 .strategy       = &sysctl_jiffies
390         },
391         {
392                 .ctl_name       = NET_IPV4_TCP_KEEPALIVE_TIME,
393                 .procname       = "tcp_keepalive_time",
394                 .data           = &sysctl_tcp_keepalive_time,
395                 .maxlen         = sizeof(int),
396                 .mode           = 0644,
397                 .proc_handler   = &proc_dointvec_jiffies,
398                 .strategy       = &sysctl_jiffies
399         },
400         {
401                 .ctl_name       = NET_IPV4_TCP_KEEPALIVE_PROBES,
402                 .procname       = "tcp_keepalive_probes",
403                 .data           = &sysctl_tcp_keepalive_probes,
404                 .maxlen         = sizeof(int),
405                 .mode           = 0644,
406                 .proc_handler   = &proc_dointvec
407         },
408         {
409                 .ctl_name       = NET_IPV4_TCP_KEEPALIVE_INTVL,
410                 .procname       = "tcp_keepalive_intvl",
411                 .data           = &sysctl_tcp_keepalive_intvl,
412                 .maxlen         = sizeof(int),
413                 .mode           = 0644,
414                 .proc_handler   = &proc_dointvec_jiffies,
415                 .strategy       = &sysctl_jiffies
416         },
417         {
418                 .ctl_name       = NET_IPV4_TCP_RETRIES1,
419                 .procname       = "tcp_retries1",
420                 .data           = &sysctl_tcp_retries1,
421                 .maxlen         = sizeof(int),
422                 .mode           = 0644,
423                 .proc_handler   = &proc_dointvec_minmax,
424                 .strategy       = &sysctl_intvec,
425                 .extra2         = &tcp_retr1_max
426         },
427         {
428                 .ctl_name       = NET_IPV4_TCP_RETRIES2,
429                 .procname       = "tcp_retries2",
430                 .data           = &sysctl_tcp_retries2,
431                 .maxlen         = sizeof(int),
432                 .mode           = 0644,
433                 .proc_handler   = &proc_dointvec
434         },
435         {
436                 .ctl_name       = NET_IPV4_TCP_FIN_TIMEOUT,
437                 .procname       = "tcp_fin_timeout",
438                 .data           = &sysctl_tcp_fin_timeout,
439                 .maxlen         = sizeof(int),
440                 .mode           = 0644,
441                 .proc_handler   = &proc_dointvec_jiffies,
442                 .strategy       = &sysctl_jiffies
443         },
444 #ifdef CONFIG_SYN_COOKIES
445         {
446                 .ctl_name       = NET_TCP_SYNCOOKIES,
447                 .procname       = "tcp_syncookies",
448                 .data           = &sysctl_tcp_syncookies,
449                 .maxlen         = sizeof(int),
450                 .mode           = 0644,
451                 .proc_handler   = &proc_dointvec
452         },
453 #endif
454         {
455                 .ctl_name       = NET_TCP_TW_RECYCLE,
456                 .procname       = "tcp_tw_recycle",
457                 .data           = &tcp_death_row.sysctl_tw_recycle,
458                 .maxlen         = sizeof(int),
459                 .mode           = 0644,
460                 .proc_handler   = &proc_dointvec
461         },
462         {
463                 .ctl_name       = NET_TCP_ABORT_ON_OVERFLOW,
464                 .procname       = "tcp_abort_on_overflow",
465                 .data           = &sysctl_tcp_abort_on_overflow,
466                 .maxlen         = sizeof(int),
467                 .mode           = 0644,
468                 .proc_handler   = &proc_dointvec
469         },
470         {
471                 .ctl_name       = NET_TCP_STDURG,
472                 .procname       = "tcp_stdurg",
473                 .data           = &sysctl_tcp_stdurg,
474                 .maxlen         = sizeof(int),
475                 .mode           = 0644,
476                 .proc_handler   = &proc_dointvec
477         },
478         {
479                 .ctl_name       = NET_TCP_RFC1337,
480                 .procname       = "tcp_rfc1337",
481                 .data           = &sysctl_tcp_rfc1337,
482                 .maxlen         = sizeof(int),
483                 .mode           = 0644,
484                 .proc_handler   = &proc_dointvec
485         },
486         {
487                 .ctl_name       = NET_TCP_MAX_SYN_BACKLOG,
488                 .procname       = "tcp_max_syn_backlog",
489                 .data           = &sysctl_max_syn_backlog,
490                 .maxlen         = sizeof(int),
491                 .mode           = 0644,
492                 .proc_handler   = &proc_dointvec
493         },
494         {
495                 .ctl_name       = NET_IPV4_LOCAL_PORT_RANGE,
496                 .procname       = "ip_local_port_range",
497                 .data           = &sysctl_local_port_range,
498                 .maxlen         = sizeof(sysctl_local_port_range),
499                 .mode           = 0644,
500                 .proc_handler   = &ipv4_local_port_range,
501                 .strategy       = &ipv4_sysctl_local_port_range,
502         },
503         {
504                 .ctl_name       = NET_IPV4_ICMP_ECHO_IGNORE_ALL,
505                 .procname       = "icmp_echo_ignore_all",
506                 .data           = &sysctl_icmp_echo_ignore_all,
507                 .maxlen         = sizeof(int),
508                 .mode           = 0644,
509                 .proc_handler   = &proc_dointvec
510         },
511         {
512                 .ctl_name       = NET_IPV4_ICMP_ECHO_IGNORE_BROADCASTS,
513                 .procname       = "icmp_echo_ignore_broadcasts",
514                 .data           = &sysctl_icmp_echo_ignore_broadcasts,
515                 .maxlen         = sizeof(int),
516                 .mode           = 0644,
517                 .proc_handler   = &proc_dointvec
518         },
519         {
520                 .ctl_name       = NET_IPV4_ICMP_IGNORE_BOGUS_ERROR_RESPONSES,
521                 .procname       = "icmp_ignore_bogus_error_responses",
522                 .data           = &sysctl_icmp_ignore_bogus_error_responses,
523                 .maxlen         = sizeof(int),
524                 .mode           = 0644,
525                 .proc_handler   = &proc_dointvec
526         },
527         {
528                 .ctl_name       = NET_IPV4_ICMP_ERRORS_USE_INBOUND_IFADDR,
529                 .procname       = "icmp_errors_use_inbound_ifaddr",
530                 .data           = &sysctl_icmp_errors_use_inbound_ifaddr,
531                 .maxlen         = sizeof(int),
532                 .mode           = 0644,
533                 .proc_handler   = &proc_dointvec
534         },
535         {
536                 .ctl_name       = NET_IPV4_ROUTE,
537                 .procname       = "route",
538                 .maxlen         = 0,
539                 .mode           = 0555,
540                 .child          = ipv4_route_table
541         },
542 #ifdef CONFIG_IP_MULTICAST
543         {
544                 .ctl_name       = NET_IPV4_IGMP_MAX_MEMBERSHIPS,
545                 .procname       = "igmp_max_memberships",
546                 .data           = &sysctl_igmp_max_memberships,
547                 .maxlen         = sizeof(int),
548                 .mode           = 0644,
549                 .proc_handler   = &proc_dointvec
550         },
551
552 #endif
553         {
554                 .ctl_name       = NET_IPV4_IGMP_MAX_MSF,
555                 .procname       = "igmp_max_msf",
556                 .data           = &sysctl_igmp_max_msf,
557                 .maxlen         = sizeof(int),
558                 .mode           = 0644,
559                 .proc_handler   = &proc_dointvec
560         },
561         {
562                 .ctl_name       = NET_IPV4_INET_PEER_THRESHOLD,
563                 .procname       = "inet_peer_threshold",
564                 .data           = &inet_peer_threshold,
565                 .maxlen         = sizeof(int),
566                 .mode           = 0644,
567                 .proc_handler   = &proc_dointvec
568         },
569         {
570                 .ctl_name       = NET_IPV4_INET_PEER_MINTTL,
571                 .procname       = "inet_peer_minttl",
572                 .data           = &inet_peer_minttl,
573                 .maxlen         = sizeof(int),
574                 .mode           = 0644,
575                 .proc_handler   = &proc_dointvec_jiffies,
576                 .strategy       = &sysctl_jiffies
577         },
578         {
579                 .ctl_name       = NET_IPV4_INET_PEER_MAXTTL,
580                 .procname       = "inet_peer_maxttl",
581                 .data           = &inet_peer_maxttl,
582                 .maxlen         = sizeof(int),
583                 .mode           = 0644,
584                 .proc_handler   = &proc_dointvec_jiffies,
585                 .strategy       = &sysctl_jiffies
586         },
587         {
588                 .ctl_name       = NET_IPV4_INET_PEER_GC_MINTIME,
589                 .procname       = "inet_peer_gc_mintime",
590                 .data           = &inet_peer_gc_mintime,
591                 .maxlen         = sizeof(int),
592                 .mode           = 0644,
593                 .proc_handler   = &proc_dointvec_jiffies,
594                 .strategy       = &sysctl_jiffies
595         },
596         {
597                 .ctl_name       = NET_IPV4_INET_PEER_GC_MAXTIME,
598                 .procname       = "inet_peer_gc_maxtime",
599                 .data           = &inet_peer_gc_maxtime,
600                 .maxlen         = sizeof(int),
601                 .mode           = 0644,
602                 .proc_handler   = &proc_dointvec_jiffies,
603                 .strategy       = &sysctl_jiffies
604         },
605         {
606                 .ctl_name       = NET_TCP_ORPHAN_RETRIES,
607                 .procname       = "tcp_orphan_retries",
608                 .data           = &sysctl_tcp_orphan_retries,
609                 .maxlen         = sizeof(int),
610                 .mode           = 0644,
611                 .proc_handler   = &proc_dointvec
612         },
613         {
614                 .ctl_name       = NET_TCP_FACK,
615                 .procname       = "tcp_fack",
616                 .data           = &sysctl_tcp_fack,
617                 .maxlen         = sizeof(int),
618                 .mode           = 0644,
619                 .proc_handler   = &proc_dointvec
620         },
621         {
622                 .ctl_name       = NET_TCP_REORDERING,
623                 .procname       = "tcp_reordering",
624                 .data           = &sysctl_tcp_reordering,
625                 .maxlen         = sizeof(int),
626                 .mode           = 0644,
627                 .proc_handler   = &proc_dointvec
628         },
629         {
630                 .ctl_name       = NET_TCP_ECN,
631                 .procname       = "tcp_ecn",
632                 .data           = &sysctl_tcp_ecn,
633                 .maxlen         = sizeof(int),
634                 .mode           = 0644,
635                 .proc_handler   = &proc_dointvec
636         },
637         {
638                 .ctl_name       = NET_TCP_DSACK,
639                 .procname       = "tcp_dsack",
640                 .data           = &sysctl_tcp_dsack,
641                 .maxlen         = sizeof(int),
642                 .mode           = 0644,
643                 .proc_handler   = &proc_dointvec
644         },
645         {
646                 .ctl_name       = NET_TCP_MEM,
647                 .procname       = "tcp_mem",
648                 .data           = &sysctl_tcp_mem,
649                 .maxlen         = sizeof(sysctl_tcp_mem),
650                 .mode           = 0644,
651                 .proc_handler   = &proc_dointvec
652         },
653         {
654                 .ctl_name       = NET_TCP_WMEM,
655                 .procname       = "tcp_wmem",
656                 .data           = &sysctl_tcp_wmem,
657                 .maxlen         = sizeof(sysctl_tcp_wmem),
658                 .mode           = 0644,
659                 .proc_handler   = &proc_dointvec
660         },
661         {
662                 .ctl_name       = NET_TCP_RMEM,
663                 .procname       = "tcp_rmem",
664                 .data           = &sysctl_tcp_rmem,
665                 .maxlen         = sizeof(sysctl_tcp_rmem),
666                 .mode           = 0644,
667                 .proc_handler   = &proc_dointvec
668         },
669         {
670                 .ctl_name       = NET_TCP_APP_WIN,
671                 .procname       = "tcp_app_win",
672                 .data           = &sysctl_tcp_app_win,
673                 .maxlen         = sizeof(int),
674                 .mode           = 0644,
675                 .proc_handler   = &proc_dointvec
676         },
677         {
678                 .ctl_name       = NET_TCP_ADV_WIN_SCALE,
679                 .procname       = "tcp_adv_win_scale",
680                 .data           = &sysctl_tcp_adv_win_scale,
681                 .maxlen         = sizeof(int),
682                 .mode           = 0644,
683                 .proc_handler   = &proc_dointvec
684         },
685         {
686                 .ctl_name       = NET_IPV4_ICMP_RATELIMIT,
687                 .procname       = "icmp_ratelimit",
688                 .data           = &sysctl_icmp_ratelimit,
689                 .maxlen         = sizeof(int),
690                 .mode           = 0644,
691                 .proc_handler   = &proc_dointvec
692         },
693         {
694                 .ctl_name       = NET_IPV4_ICMP_RATEMASK,
695                 .procname       = "icmp_ratemask",
696                 .data           = &sysctl_icmp_ratemask,
697                 .maxlen         = sizeof(int),
698                 .mode           = 0644,
699                 .proc_handler   = &proc_dointvec
700         },
701         {
702                 .ctl_name       = NET_TCP_TW_REUSE,
703                 .procname       = "tcp_tw_reuse",
704                 .data           = &sysctl_tcp_tw_reuse,
705                 .maxlen         = sizeof(int),
706                 .mode           = 0644,
707                 .proc_handler   = &proc_dointvec
708         },
709         {
710                 .ctl_name       = NET_TCP_FRTO,
711                 .procname       = "tcp_frto",
712                 .data           = &sysctl_tcp_frto,
713                 .maxlen         = sizeof(int),
714                 .mode           = 0644,
715                 .proc_handler   = &proc_dointvec
716         },
717         {
718                 .ctl_name       = NET_TCP_FRTO_RESPONSE,
719                 .procname       = "tcp_frto_response",
720                 .data           = &sysctl_tcp_frto_response,
721                 .maxlen         = sizeof(int),
722                 .mode           = 0644,
723                 .proc_handler   = &proc_dointvec
724         },
725         {
726                 .ctl_name       = NET_TCP_LOW_LATENCY,
727                 .procname       = "tcp_low_latency",
728                 .data           = &sysctl_tcp_low_latency,
729                 .maxlen         = sizeof(int),
730                 .mode           = 0644,
731                 .proc_handler   = &proc_dointvec
732         },
733         {
734                 .ctl_name       = NET_IPV4_IPFRAG_SECRET_INTERVAL,
735                 .procname       = "ipfrag_secret_interval",
736                 .data           = &ip4_frags_ctl.secret_interval,
737                 .maxlen         = sizeof(int),
738                 .mode           = 0644,
739                 .proc_handler   = &proc_dointvec_jiffies,
740                 .strategy       = &sysctl_jiffies
741         },
742         {
743                 .procname       = "ipfrag_max_dist",
744                 .data           = &sysctl_ipfrag_max_dist,
745                 .maxlen         = sizeof(int),
746                 .mode           = 0644,
747                 .proc_handler   = &proc_dointvec_minmax,
748                 .extra1         = &zero
749         },
750         {
751                 .ctl_name       = NET_TCP_NO_METRICS_SAVE,
752                 .procname       = "tcp_no_metrics_save",
753                 .data           = &sysctl_tcp_nometrics_save,
754                 .maxlen         = sizeof(int),
755                 .mode           = 0644,
756                 .proc_handler   = &proc_dointvec,
757         },
758         {
759                 .ctl_name       = NET_TCP_MODERATE_RCVBUF,
760                 .procname       = "tcp_moderate_rcvbuf",
761                 .data           = &sysctl_tcp_moderate_rcvbuf,
762                 .maxlen         = sizeof(int),
763                 .mode           = 0644,
764                 .proc_handler   = &proc_dointvec,
765         },
766         {
767                 .ctl_name       = NET_TCP_TSO_WIN_DIVISOR,
768                 .procname       = "tcp_tso_win_divisor",
769                 .data           = &sysctl_tcp_tso_win_divisor,
770                 .maxlen         = sizeof(int),
771                 .mode           = 0644,
772                 .proc_handler   = &proc_dointvec,
773         },
774         {
775                 .ctl_name       = NET_TCP_CONG_CONTROL,
776                 .procname       = "tcp_congestion_control",
777                 .mode           = 0644,
778                 .maxlen         = TCP_CA_NAME_MAX,
779                 .proc_handler   = &proc_tcp_congestion_control,
780                 .strategy       = &sysctl_tcp_congestion_control,
781         },
782         {
783                 .ctl_name       = NET_TCP_ABC,
784                 .procname       = "tcp_abc",
785                 .data           = &sysctl_tcp_abc,
786                 .maxlen         = sizeof(int),
787                 .mode           = 0644,
788                 .proc_handler   = &proc_dointvec,
789         },
790         {
791                 .ctl_name       = NET_TCP_MTU_PROBING,
792                 .procname       = "tcp_mtu_probing",
793                 .data           = &sysctl_tcp_mtu_probing,
794                 .maxlen         = sizeof(int),
795                 .mode           = 0644,
796                 .proc_handler   = &proc_dointvec,
797         },
798         {
799                 .ctl_name       = NET_TCP_BASE_MSS,
800                 .procname       = "tcp_base_mss",
801                 .data           = &sysctl_tcp_base_mss,
802                 .maxlen         = sizeof(int),
803                 .mode           = 0644,
804                 .proc_handler   = &proc_dointvec,
805         },
806         {
807                 .ctl_name       = NET_IPV4_TCP_WORKAROUND_SIGNED_WINDOWS,
808                 .procname       = "tcp_workaround_signed_windows",
809                 .data           = &sysctl_tcp_workaround_signed_windows,
810                 .maxlen         = sizeof(int),
811                 .mode           = 0644,
812                 .proc_handler   = &proc_dointvec
813         },
814 #ifdef CONFIG_NET_DMA
815         {
816                 .ctl_name       = NET_TCP_DMA_COPYBREAK,
817                 .procname       = "tcp_dma_copybreak",
818                 .data           = &sysctl_tcp_dma_copybreak,
819                 .maxlen         = sizeof(int),
820                 .mode           = 0644,
821                 .proc_handler   = &proc_dointvec
822         },
823 #endif
824         {
825                 .ctl_name       = NET_TCP_SLOW_START_AFTER_IDLE,
826                 .procname       = "tcp_slow_start_after_idle",
827                 .data           = &sysctl_tcp_slow_start_after_idle,
828                 .maxlen         = sizeof(int),
829                 .mode           = 0644,
830                 .proc_handler   = &proc_dointvec
831         },
832 #ifdef CONFIG_NETLABEL
833         {
834                 .ctl_name       = NET_CIPSOV4_CACHE_ENABLE,
835                 .procname       = "cipso_cache_enable",
836                 .data           = &cipso_v4_cache_enabled,
837                 .maxlen         = sizeof(int),
838                 .mode           = 0644,
839                 .proc_handler   = &proc_dointvec,
840         },
841         {
842                 .ctl_name       = NET_CIPSOV4_CACHE_BUCKET_SIZE,
843                 .procname       = "cipso_cache_bucket_size",
844                 .data           = &cipso_v4_cache_bucketsize,
845                 .maxlen         = sizeof(int),
846                 .mode           = 0644,
847                 .proc_handler   = &proc_dointvec,
848         },
849         {
850                 .ctl_name       = NET_CIPSOV4_RBM_OPTFMT,
851                 .procname       = "cipso_rbm_optfmt",
852                 .data           = &cipso_v4_rbm_optfmt,
853                 .maxlen         = sizeof(int),
854                 .mode           = 0644,
855                 .proc_handler   = &proc_dointvec,
856         },
857         {
858                 .ctl_name       = NET_CIPSOV4_RBM_STRICTVALID,
859                 .procname       = "cipso_rbm_strictvalid",
860                 .data           = &cipso_v4_rbm_strictvalid,
861                 .maxlen         = sizeof(int),
862                 .mode           = 0644,
863                 .proc_handler   = &proc_dointvec,
864         },
865 #endif /* CONFIG_NETLABEL */
866         {
867                 .procname       = "tcp_available_congestion_control",
868                 .maxlen         = TCP_CA_BUF_MAX,
869                 .mode           = 0444,
870                 .proc_handler   = &proc_tcp_available_congestion_control,
871         },
872         {
873                 .ctl_name       = NET_TCP_ALLOWED_CONG_CONTROL,
874                 .procname       = "tcp_allowed_congestion_control",
875                 .maxlen         = TCP_CA_BUF_MAX,
876                 .mode           = 0644,
877                 .proc_handler   = &proc_allowed_congestion_control,
878                 .strategy       = &strategy_allowed_congestion_control,
879         },
880         {
881                 .ctl_name       = NET_TCP_MAX_SSTHRESH,
882                 .procname       = "tcp_max_ssthresh",
883                 .data           = &sysctl_tcp_max_ssthresh,
884                 .maxlen         = sizeof(int),
885                 .mode           = 0644,
886                 .proc_handler   = &proc_dointvec,
887         },
888         { .ctl_name = 0 }
889 };
890
891 #endif /* CONFIG_SYSCTL */
892
893 EXPORT_SYMBOL(ipv4_config);