1/*
2 * sysctl_net_ipv4.c: sysctl interface to net IPV4 subsystem.
3 *
4 * $Id: sysctl_net_ipv4.c,v 1.1.1.1 2007/08/03 18:53:51 Exp $
5 *
6 * Begun April 1, 1996, Mike Shaver.
7 * Added /proc/sys/net/ipv4 directory entry (empty =) ). [MS]
8 */
9
10#include <linux/mm.h>
11#include <linux/module.h>
12#include <linux/sysctl.h>
13#include <linux/igmp.h>
14#include <linux/inetdevice.h>
15#include <net/snmp.h>
16#include <net/icmp.h>
17#include <net/ip.h>
18#include <net/route.h>
19#include <net/tcp.h>
20#include <net/cipso_ipv4.h>
21
22/* From af_inet.c */
23extern int sysctl_ip_nonlocal_bind;
24
25#ifdef CONFIG_SYSCTL
26static int zero;
27static int tcp_retr1_max = 255;
28static int ip_local_port_range_min[] = { 1, 1 };
29static int ip_local_port_range_max[] = { 65535, 65535 };
30#endif
31
32struct ipv4_config ipv4_config;
33
34#ifdef CONFIG_SYSCTL
35
36static
37int ipv4_sysctl_forward(ctl_table *ctl, int write, struct file * filp,
38			void __user *buffer, size_t *lenp, loff_t *ppos)
39{
40	int val = IPV4_DEVCONF_ALL(FORWARDING);
41	int ret;
42
43	ret = proc_dointvec(ctl, write, filp, buffer, lenp, ppos);
44
45	if (write && IPV4_DEVCONF_ALL(FORWARDING) != val)
46		inet_forward_change();
47
48	return ret;
49}
50
51static int ipv4_sysctl_forward_strategy(ctl_table *table,
52			 int __user *name, int nlen,
53			 void __user *oldval, size_t __user *oldlenp,
54			 void __user *newval, size_t newlen)
55{
56	int *valp = table->data;
57	int new;
58
59	if (!newval || !newlen)
60		return 0;
61
62	if (newlen != sizeof(int))
63		return -EINVAL;
64
65	if (get_user(new, (int __user *)newval))
66		return -EFAULT;
67
68	if (new == *valp)
69		return 0;
70
71	if (oldval && oldlenp) {
72		size_t len;
73
74		if (get_user(len, oldlenp))
75			return -EFAULT;
76
77		if (len) {
78			if (len > table->maxlen)
79				len = table->maxlen;
80			if (copy_to_user(oldval, valp, len))
81				return -EFAULT;
82			if (put_user(len, oldlenp))
83				return -EFAULT;
84		}
85	}
86
87	*valp = new;
88	inet_forward_change();
89	return 1;
90}
91
92static int proc_tcp_congestion_control(ctl_table *ctl, int write, struct file * filp,
93				       void __user *buffer, size_t *lenp, loff_t *ppos)
94{
95	char val[TCP_CA_NAME_MAX];
96	ctl_table tbl = {
97		.data = val,
98		.maxlen = TCP_CA_NAME_MAX,
99	};
100	int ret;
101
102	tcp_get_default_congestion_control(val);
103
104	ret = proc_dostring(&tbl, write, filp, buffer, lenp, ppos);
105	if (write && ret == 0)
106		ret = tcp_set_default_congestion_control(val);
107	return ret;
108}
109
110static int sysctl_tcp_congestion_control(ctl_table *table, int __user *name,
111					 int nlen, void __user *oldval,
112					 size_t __user *oldlenp,
113					 void __user *newval, size_t newlen)
114{
115	char val[TCP_CA_NAME_MAX];
116	ctl_table tbl = {
117		.data = val,
118		.maxlen = TCP_CA_NAME_MAX,
119	};
120	int ret;
121
122	tcp_get_default_congestion_control(val);
123	ret = sysctl_string(&tbl, name, nlen, oldval, oldlenp, newval, newlen);
124	if (ret == 0 && newval && newlen)
125		ret = tcp_set_default_congestion_control(val);
126	return ret;
127}
128
129static int proc_tcp_available_congestion_control(ctl_table *ctl,
130						 int write, struct file * filp,
131						 void __user *buffer, size_t *lenp,
132						 loff_t *ppos)
133{
134	ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX, };
135	int ret;
136
137	tbl.data = kmalloc(tbl.maxlen, GFP_USER);
138	if (!tbl.data)
139		return -ENOMEM;
140	tcp_get_available_congestion_control(tbl.data, TCP_CA_BUF_MAX);
141	ret = proc_dostring(&tbl, write, filp, buffer, lenp, ppos);
142	kfree(tbl.data);
143	return ret;
144}
145
146static int proc_allowed_congestion_control(ctl_table *ctl,
147					   int write, struct file * filp,
148					   void __user *buffer, size_t *lenp,
149					   loff_t *ppos)
150{
151	ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX };
152	int ret;
153
154	tbl.data = kmalloc(tbl.maxlen, GFP_USER);
155	if (!tbl.data)
156		return -ENOMEM;
157
158	tcp_get_allowed_congestion_control(tbl.data, tbl.maxlen);
159	ret = proc_dostring(&tbl, write, filp, buffer, lenp, ppos);
160	if (write && ret == 0)
161		ret = tcp_set_allowed_congestion_control(tbl.data);
162	kfree(tbl.data);
163	return ret;
164}
165
166static int strategy_allowed_congestion_control(ctl_table *table, int __user *name,
167					       int nlen, void __user *oldval,
168					       size_t __user *oldlenp,
169					       void __user *newval,
170					       size_t newlen)
171{
172	ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX };
173	int ret;
174
175	tbl.data = kmalloc(tbl.maxlen, GFP_USER);
176	if (!tbl.data)
177		return -ENOMEM;
178
179	tcp_get_available_congestion_control(tbl.data, tbl.maxlen);
180	ret = sysctl_string(&tbl, name, nlen, oldval, oldlenp, newval, newlen);
181	if (ret == 0 && newval && newlen)
182		ret = tcp_set_allowed_congestion_control(tbl.data);
183	kfree(tbl.data);
184
185	return ret;
186
187}
188
189ctl_table ipv4_table[] = {
190	{
191		.ctl_name	= NET_IPV4_TCP_TIMESTAMPS,
192		.procname	= "tcp_timestamps",
193		.data		= &sysctl_tcp_timestamps,
194		.maxlen		= sizeof(int),
195		.mode		= 0644,
196		.proc_handler	= &proc_dointvec
197	},
198	{
199		.ctl_name	= NET_IPV4_TCP_WINDOW_SCALING,
200		.procname	= "tcp_window_scaling",
201		.data		= &sysctl_tcp_window_scaling,
202		.maxlen		= sizeof(int),
203		.mode		= 0644,
204		.proc_handler	= &proc_dointvec
205	},
206	{
207		.ctl_name	= NET_IPV4_TCP_SACK,
208		.procname	= "tcp_sack",
209		.data		= &sysctl_tcp_sack,
210		.maxlen		= sizeof(int),
211		.mode		= 0644,
212		.proc_handler	= &proc_dointvec
213	},
214	{
215		.ctl_name	= NET_IPV4_TCP_RETRANS_COLLAPSE,
216		.procname	= "tcp_retrans_collapse",
217		.data		= &sysctl_tcp_retrans_collapse,
218		.maxlen		= sizeof(int),
219		.mode		= 0644,
220		.proc_handler	= &proc_dointvec
221	},
222	{
223		.ctl_name	= NET_IPV4_FORWARD,
224		.procname	= "ip_forward",
225		.data		= &IPV4_DEVCONF_ALL(FORWARDING),
226		.maxlen		= sizeof(int),
227		.mode		= 0644,
228		.proc_handler	= &ipv4_sysctl_forward,
229		.strategy	= &ipv4_sysctl_forward_strategy
230	},
231	{
232		.ctl_name	= NET_IPV4_DEFAULT_TTL,
233		.procname	= "ip_default_ttl",
234		.data		= &sysctl_ip_default_ttl,
235		.maxlen		= sizeof(int),
236		.mode		= 0644,
237		.proc_handler	= &ipv4_doint_and_flush,
238		.strategy	= &ipv4_doint_and_flush_strategy,
239	},
240	{
241		.ctl_name	= NET_IPV4_NO_PMTU_DISC,
242		.procname	= "ip_no_pmtu_disc",
243		.data		= &ipv4_config.no_pmtu_disc,
244		.maxlen		= sizeof(int),
245		.mode		= 0644,
246		.proc_handler	= &proc_dointvec
247	},
248	{
249		.ctl_name	= NET_IPV4_NONLOCAL_BIND,
250		.procname	= "ip_nonlocal_bind",
251		.data		= &sysctl_ip_nonlocal_bind,
252		.maxlen		= sizeof(int),
253		.mode		= 0644,
254		.proc_handler	= &proc_dointvec
255	},
256	{
257		.ctl_name	= NET_IPV4_TCP_SYN_RETRIES,
258		.procname	= "tcp_syn_retries",
259		.data		= &sysctl_tcp_syn_retries,
260		.maxlen		= sizeof(int),
261		.mode		= 0644,
262		.proc_handler	= &proc_dointvec
263	},
264	{
265		.ctl_name	= NET_TCP_SYNACK_RETRIES,
266		.procname	= "tcp_synack_retries",
267		.data		= &sysctl_tcp_synack_retries,
268		.maxlen		= sizeof(int),
269		.mode		= 0644,
270		.proc_handler	= &proc_dointvec
271	},
272	{
273		.ctl_name	= NET_TCP_MAX_ORPHANS,
274		.procname	= "tcp_max_orphans",
275		.data		= &sysctl_tcp_max_orphans,
276		.maxlen		= sizeof(int),
277		.mode		= 0644,
278		.proc_handler	= &proc_dointvec
279	},
280	{
281		.ctl_name	= NET_TCP_MAX_TW_BUCKETS,
282		.procname	= "tcp_max_tw_buckets",
283		.data		= &tcp_death_row.sysctl_max_tw_buckets,
284		.maxlen		= sizeof(int),
285		.mode		= 0644,
286		.proc_handler	= &proc_dointvec
287	},
288	{
289		.ctl_name	= NET_IPV4_IPFRAG_HIGH_THRESH,
290		.procname	= "ipfrag_high_thresh",
291		.data		= &sysctl_ipfrag_high_thresh,
292		.maxlen		= sizeof(int),
293		.mode		= 0644,
294		.proc_handler	= &proc_dointvec
295	},
296	{
297		.ctl_name	= NET_IPV4_IPFRAG_LOW_THRESH,
298		.procname	= "ipfrag_low_thresh",
299		.data		= &sysctl_ipfrag_low_thresh,
300		.maxlen		= sizeof(int),
301		.mode		= 0644,
302		.proc_handler	= &proc_dointvec
303	},
304	{
305		.ctl_name	= NET_IPV4_DYNADDR,
306		.procname	= "ip_dynaddr",
307		.data		= &sysctl_ip_dynaddr,
308		.maxlen		= sizeof(int),
309		.mode		= 0644,
310		.proc_handler	= &proc_dointvec
311	},
312	{
313		.ctl_name	= NET_IPV4_IPFRAG_TIME,
314		.procname	= "ipfrag_time",
315		.data		= &sysctl_ipfrag_time,
316		.maxlen		= sizeof(int),
317		.mode		= 0644,
318		.proc_handler	= &proc_dointvec_jiffies,
319		.strategy	= &sysctl_jiffies
320	},
321	{
322		.ctl_name	= NET_IPV4_TCP_KEEPALIVE_TIME,
323		.procname	= "tcp_keepalive_time",
324		.data		= &sysctl_tcp_keepalive_time,
325		.maxlen		= sizeof(int),
326		.mode		= 0644,
327		.proc_handler	= &proc_dointvec_jiffies,
328		.strategy	= &sysctl_jiffies
329	},
330	{
331		.ctl_name	= NET_IPV4_TCP_KEEPALIVE_PROBES,
332		.procname	= "tcp_keepalive_probes",
333		.data		= &sysctl_tcp_keepalive_probes,
334		.maxlen		= sizeof(int),
335		.mode		= 0644,
336		.proc_handler	= &proc_dointvec
337	},
338	{
339		.ctl_name	= NET_IPV4_TCP_KEEPALIVE_INTVL,
340		.procname	= "tcp_keepalive_intvl",
341		.data		= &sysctl_tcp_keepalive_intvl,
342		.maxlen		= sizeof(int),
343		.mode		= 0644,
344		.proc_handler	= &proc_dointvec_jiffies,
345		.strategy	= &sysctl_jiffies
346	},
347	{
348		.ctl_name	= NET_IPV4_TCP_RETRIES1,
349		.procname	= "tcp_retries1",
350		.data		= &sysctl_tcp_retries1,
351		.maxlen		= sizeof(int),
352		.mode		= 0644,
353		.proc_handler	= &proc_dointvec_minmax,
354		.strategy	= &sysctl_intvec,
355		.extra2		= &tcp_retr1_max
356	},
357	{
358		.ctl_name	= NET_IPV4_TCP_RETRIES2,
359		.procname	= "tcp_retries2",
360		.data		= &sysctl_tcp_retries2,
361		.maxlen		= sizeof(int),
362		.mode		= 0644,
363		.proc_handler	= &proc_dointvec
364	},
365	{
366		.ctl_name	= NET_IPV4_TCP_FIN_TIMEOUT,
367		.procname	= "tcp_fin_timeout",
368		.data		= &sysctl_tcp_fin_timeout,
369		.maxlen		= sizeof(int),
370		.mode		= 0644,
371		.proc_handler	= &proc_dointvec_jiffies,
372		.strategy	= &sysctl_jiffies
373	},
374#ifdef CONFIG_SYN_COOKIES
375	{
376		.ctl_name	= NET_TCP_SYNCOOKIES,
377		.procname	= "tcp_syncookies",
378		.data		= &sysctl_tcp_syncookies,
379		.maxlen		= sizeof(int),
380		.mode		= 0644,
381		.proc_handler	= &proc_dointvec
382	},
383#endif
384	{
385		.ctl_name	= NET_TCP_TW_RECYCLE,
386		.procname	= "tcp_tw_recycle",
387		.data		= &tcp_death_row.sysctl_tw_recycle,
388		.maxlen		= sizeof(int),
389		.mode		= 0644,
390		.proc_handler	= &proc_dointvec
391	},
392	{
393		.ctl_name	= NET_TCP_ABORT_ON_OVERFLOW,
394		.procname	= "tcp_abort_on_overflow",
395		.data		= &sysctl_tcp_abort_on_overflow,
396		.maxlen		= sizeof(int),
397		.mode		= 0644,
398		.proc_handler	= &proc_dointvec
399	},
400	{
401		.ctl_name	= NET_TCP_STDURG,
402		.procname	= "tcp_stdurg",
403		.data		= &sysctl_tcp_stdurg,
404		.maxlen		= sizeof(int),
405		.mode		= 0644,
406		.proc_handler	= &proc_dointvec
407	},
408	{
409		.ctl_name	= NET_TCP_RFC1337,
410		.procname	= "tcp_rfc1337",
411		.data		= &sysctl_tcp_rfc1337,
412		.maxlen		= sizeof(int),
413		.mode		= 0644,
414		.proc_handler	= &proc_dointvec
415	},
416	{
417		.ctl_name	= NET_TCP_MAX_SYN_BACKLOG,
418		.procname	= "tcp_max_syn_backlog",
419		.data		= &sysctl_max_syn_backlog,
420		.maxlen		= sizeof(int),
421		.mode		= 0644,
422		.proc_handler	= &proc_dointvec
423	},
424	{
425		.ctl_name	= NET_IPV4_LOCAL_PORT_RANGE,
426		.procname	= "ip_local_port_range",
427		.data		= &sysctl_local_port_range,
428		.maxlen		= sizeof(sysctl_local_port_range),
429		.mode		= 0644,
430		.proc_handler	= &proc_dointvec_minmax,
431		.strategy	= &sysctl_intvec,
432		.extra1		= ip_local_port_range_min,
433		.extra2		= ip_local_port_range_max
434	},
435	{
436		.ctl_name	= NET_IPV4_ICMP_ECHO_IGNORE_ALL,
437		.procname	= "icmp_echo_ignore_all",
438		.data		= &sysctl_icmp_echo_ignore_all,
439		.maxlen		= sizeof(int),
440		.mode		= 0644,
441		.proc_handler	= &proc_dointvec
442	},
443	{
444		.ctl_name	= NET_IPV4_ICMP_ECHO_IGNORE_BROADCASTS,
445		.procname	= "icmp_echo_ignore_broadcasts",
446		.data		= &sysctl_icmp_echo_ignore_broadcasts,
447		.maxlen		= sizeof(int),
448		.mode		= 0644,
449		.proc_handler	= &proc_dointvec
450	},
451	{
452		.ctl_name	= NET_IPV4_ICMP_IGNORE_BOGUS_ERROR_RESPONSES,
453		.procname	= "icmp_ignore_bogus_error_responses",
454		.data		= &sysctl_icmp_ignore_bogus_error_responses,
455		.maxlen		= sizeof(int),
456		.mode		= 0644,
457		.proc_handler	= &proc_dointvec
458	},
459	{
460		.ctl_name	= NET_IPV4_ICMP_ERRORS_USE_INBOUND_IFADDR,
461		.procname	= "icmp_errors_use_inbound_ifaddr",
462		.data		= &sysctl_icmp_errors_use_inbound_ifaddr,
463		.maxlen		= sizeof(int),
464		.mode		= 0644,
465		.proc_handler	= &proc_dointvec
466	},
467	{
468		.ctl_name	= NET_IPV4_ROUTE,
469		.procname	= "route",
470		.maxlen		= 0,
471		.mode		= 0555,
472		.child		= ipv4_route_table
473	},
474#ifdef CONFIG_IP_MULTICAST
475	{
476		.ctl_name	= NET_IPV4_IGMP_MAX_MEMBERSHIPS,
477		.procname	= "igmp_max_memberships",
478		.data		= &sysctl_igmp_max_memberships,
479		.maxlen		= sizeof(int),
480		.mode		= 0644,
481		.proc_handler	= &proc_dointvec
482	},
483
484#endif
485	{
486		.ctl_name	= NET_IPV4_IGMP_MAX_MSF,
487		.procname	= "igmp_max_msf",
488		.data		= &sysctl_igmp_max_msf,
489		.maxlen		= sizeof(int),
490		.mode		= 0644,
491		.proc_handler	= &proc_dointvec
492	},
493	{
494		.ctl_name	= NET_IPV4_INET_PEER_THRESHOLD,
495		.procname	= "inet_peer_threshold",
496		.data		= &inet_peer_threshold,
497		.maxlen		= sizeof(int),
498		.mode		= 0644,
499		.proc_handler	= &proc_dointvec
500	},
501	{
502		.ctl_name	= NET_IPV4_INET_PEER_MINTTL,
503		.procname	= "inet_peer_minttl",
504		.data		= &inet_peer_minttl,
505		.maxlen		= sizeof(int),
506		.mode		= 0644,
507		.proc_handler	= &proc_dointvec_jiffies,
508		.strategy	= &sysctl_jiffies
509	},
510	{
511		.ctl_name	= NET_IPV4_INET_PEER_MAXTTL,
512		.procname	= "inet_peer_maxttl",
513		.data		= &inet_peer_maxttl,
514		.maxlen		= sizeof(int),
515		.mode		= 0644,
516		.proc_handler	= &proc_dointvec_jiffies,
517		.strategy	= &sysctl_jiffies
518	},
519	{
520		.ctl_name	= NET_IPV4_INET_PEER_GC_MINTIME,
521		.procname	= "inet_peer_gc_mintime",
522		.data		= &inet_peer_gc_mintime,
523		.maxlen		= sizeof(int),
524		.mode		= 0644,
525		.proc_handler	= &proc_dointvec_jiffies,
526		.strategy	= &sysctl_jiffies
527	},
528	{
529		.ctl_name	= NET_IPV4_INET_PEER_GC_MAXTIME,
530		.procname	= "inet_peer_gc_maxtime",
531		.data		= &inet_peer_gc_maxtime,
532		.maxlen		= sizeof(int),
533		.mode		= 0644,
534		.proc_handler	= &proc_dointvec_jiffies,
535		.strategy	= &sysctl_jiffies
536	},
537	{
538		.ctl_name	= NET_TCP_ORPHAN_RETRIES,
539		.procname	= "tcp_orphan_retries",
540		.data		= &sysctl_tcp_orphan_retries,
541		.maxlen		= sizeof(int),
542		.mode		= 0644,
543		.proc_handler	= &proc_dointvec
544	},
545	{
546		.ctl_name	= NET_TCP_FACK,
547		.procname	= "tcp_fack",
548		.data		= &sysctl_tcp_fack,
549		.maxlen		= sizeof(int),
550		.mode		= 0644,
551		.proc_handler	= &proc_dointvec
552	},
553	{
554		.ctl_name	= NET_TCP_REORDERING,
555		.procname	= "tcp_reordering",
556		.data		= &sysctl_tcp_reordering,
557		.maxlen		= sizeof(int),
558		.mode		= 0644,
559		.proc_handler	= &proc_dointvec
560	},
561	{
562		.ctl_name	= NET_TCP_ECN,
563		.procname	= "tcp_ecn",
564		.data		= &sysctl_tcp_ecn,
565		.maxlen		= sizeof(int),
566		.mode		= 0644,
567		.proc_handler	= &proc_dointvec
568	},
569	{
570		.ctl_name	= NET_TCP_DSACK,
571		.procname	= "tcp_dsack",
572		.data		= &sysctl_tcp_dsack,
573		.maxlen		= sizeof(int),
574		.mode		= 0644,
575		.proc_handler	= &proc_dointvec
576	},
577	{
578		.ctl_name	= NET_TCP_MEM,
579		.procname	= "tcp_mem",
580		.data		= &sysctl_tcp_mem,
581		.maxlen		= sizeof(sysctl_tcp_mem),
582		.mode		= 0644,
583		.proc_handler	= &proc_dointvec
584	},
585	{
586		.ctl_name	= NET_TCP_WMEM,
587		.procname	= "tcp_wmem",
588		.data		= &sysctl_tcp_wmem,
589		.maxlen		= sizeof(sysctl_tcp_wmem),
590		.mode		= 0644,
591		.proc_handler	= &proc_dointvec
592	},
593	{
594		.ctl_name	= NET_TCP_RMEM,
595		.procname	= "tcp_rmem",
596		.data		= &sysctl_tcp_rmem,
597		.maxlen		= sizeof(sysctl_tcp_rmem),
598		.mode		= 0644,
599		.proc_handler	= &proc_dointvec
600	},
601	{
602		.ctl_name	= NET_TCP_APP_WIN,
603		.procname	= "tcp_app_win",
604		.data		= &sysctl_tcp_app_win,
605		.maxlen		= sizeof(int),
606		.mode		= 0644,
607		.proc_handler	= &proc_dointvec
608	},
609	{
610		.ctl_name	= NET_TCP_ADV_WIN_SCALE,
611		.procname	= "tcp_adv_win_scale",
612		.data		= &sysctl_tcp_adv_win_scale,
613		.maxlen		= sizeof(int),
614		.mode		= 0644,
615		.proc_handler	= &proc_dointvec
616	},
617	{
618		.ctl_name	= NET_IPV4_ICMP_RATELIMIT,
619		.procname	= "icmp_ratelimit",
620		.data		= &sysctl_icmp_ratelimit,
621		.maxlen		= sizeof(int),
622		.mode		= 0644,
623		.proc_handler	= &proc_dointvec
624	},
625	{
626		.ctl_name	= NET_IPV4_ICMP_RATEMASK,
627		.procname	= "icmp_ratemask",
628		.data		= &sysctl_icmp_ratemask,
629		.maxlen		= sizeof(int),
630		.mode		= 0644,
631		.proc_handler	= &proc_dointvec
632	},
633	{
634		.ctl_name	= NET_TCP_TW_REUSE,
635		.procname	= "tcp_tw_reuse",
636		.data		= &sysctl_tcp_tw_reuse,
637		.maxlen		= sizeof(int),
638		.mode		= 0644,
639		.proc_handler	= &proc_dointvec
640	},
641	{
642		.ctl_name	= NET_TCP_FRTO,
643		.procname	= "tcp_frto",
644		.data		= &sysctl_tcp_frto,
645		.maxlen		= sizeof(int),
646		.mode		= 0644,
647		.proc_handler	= &proc_dointvec
648	},
649	{
650		.ctl_name	= NET_TCP_FRTO_RESPONSE,
651		.procname	= "tcp_frto_response",
652		.data		= &sysctl_tcp_frto_response,
653		.maxlen		= sizeof(int),
654		.mode		= 0644,
655		.proc_handler	= &proc_dointvec
656	},
657	{
658		.ctl_name	= NET_TCP_LOW_LATENCY,
659		.procname	= "tcp_low_latency",
660		.data		= &sysctl_tcp_low_latency,
661		.maxlen		= sizeof(int),
662		.mode		= 0644,
663		.proc_handler	= &proc_dointvec
664	},
665	{
666		.ctl_name	= NET_IPV4_IPFRAG_SECRET_INTERVAL,
667		.procname	= "ipfrag_secret_interval",
668		.data		= &sysctl_ipfrag_secret_interval,
669		.maxlen		= sizeof(int),
670		.mode		= 0644,
671		.proc_handler	= &proc_dointvec_jiffies,
672		.strategy	= &sysctl_jiffies
673	},
674	{
675		.ctl_name	= NET_IPV4_IPFRAG_MAX_DIST,
676		.procname	= "ipfrag_max_dist",
677		.data		= &sysctl_ipfrag_max_dist,
678		.maxlen		= sizeof(int),
679		.mode		= 0644,
680		.proc_handler	= &proc_dointvec_minmax,
681		.extra1		= &zero
682	},
683	{
684		.ctl_name	= NET_TCP_NO_METRICS_SAVE,
685		.procname	= "tcp_no_metrics_save",
686		.data		= &sysctl_tcp_nometrics_save,
687		.maxlen		= sizeof(int),
688		.mode		= 0644,
689		.proc_handler	= &proc_dointvec,
690	},
691	{
692		.ctl_name	= NET_TCP_MODERATE_RCVBUF,
693		.procname	= "tcp_moderate_rcvbuf",
694		.data		= &sysctl_tcp_moderate_rcvbuf,
695		.maxlen		= sizeof(int),
696		.mode		= 0644,
697		.proc_handler	= &proc_dointvec,
698	},
699	{
700		.ctl_name	= NET_TCP_TSO_WIN_DIVISOR,
701		.procname	= "tcp_tso_win_divisor",
702		.data		= &sysctl_tcp_tso_win_divisor,
703		.maxlen		= sizeof(int),
704		.mode		= 0644,
705		.proc_handler	= &proc_dointvec,
706	},
707	{
708		.ctl_name	= NET_TCP_CONG_CONTROL,
709		.procname	= "tcp_congestion_control",
710		.mode		= 0644,
711		.maxlen		= TCP_CA_NAME_MAX,
712		.proc_handler	= &proc_tcp_congestion_control,
713		.strategy	= &sysctl_tcp_congestion_control,
714	},
715	{
716		.ctl_name	= NET_TCP_ABC,
717		.procname	= "tcp_abc",
718		.data		= &sysctl_tcp_abc,
719		.maxlen		= sizeof(int),
720		.mode		= 0644,
721		.proc_handler	= &proc_dointvec,
722	},
723	{
724		.ctl_name	= NET_TCP_MTU_PROBING,
725		.procname	= "tcp_mtu_probing",
726		.data		= &sysctl_tcp_mtu_probing,
727		.maxlen		= sizeof(int),
728		.mode		= 0644,
729		.proc_handler	= &proc_dointvec,
730	},
731	{
732		.ctl_name	= NET_TCP_BASE_MSS,
733		.procname	= "tcp_base_mss",
734		.data		= &sysctl_tcp_base_mss,
735		.maxlen		= sizeof(int),
736		.mode		= 0644,
737		.proc_handler	= &proc_dointvec,
738	},
739	{
740		.ctl_name	= NET_IPV4_TCP_WORKAROUND_SIGNED_WINDOWS,
741		.procname	= "tcp_workaround_signed_windows",
742		.data		= &sysctl_tcp_workaround_signed_windows,
743		.maxlen		= sizeof(int),
744		.mode		= 0644,
745		.proc_handler	= &proc_dointvec
746	},
747#ifdef CONFIG_NET_DMA
748	{
749		.ctl_name	= NET_TCP_DMA_COPYBREAK,
750		.procname	= "tcp_dma_copybreak",
751		.data		= &sysctl_tcp_dma_copybreak,
752		.maxlen		= sizeof(int),
753		.mode		= 0644,
754		.proc_handler	= &proc_dointvec
755	},
756#endif
757	{
758		.ctl_name	= NET_TCP_SLOW_START_AFTER_IDLE,
759		.procname	= "tcp_slow_start_after_idle",
760		.data		= &sysctl_tcp_slow_start_after_idle,
761		.maxlen		= sizeof(int),
762		.mode		= 0644,
763		.proc_handler	= &proc_dointvec
764	},
765#ifdef CONFIG_NETLABEL
766	{
767		.ctl_name	= NET_CIPSOV4_CACHE_ENABLE,
768		.procname	= "cipso_cache_enable",
769		.data		= &cipso_v4_cache_enabled,
770		.maxlen		= sizeof(int),
771		.mode		= 0644,
772		.proc_handler	= &proc_dointvec,
773	},
774	{
775		.ctl_name	= NET_CIPSOV4_CACHE_BUCKET_SIZE,
776		.procname	= "cipso_cache_bucket_size",
777		.data		= &cipso_v4_cache_bucketsize,
778		.maxlen		= sizeof(int),
779		.mode		= 0644,
780		.proc_handler	= &proc_dointvec,
781	},
782	{
783		.ctl_name	= NET_CIPSOV4_RBM_OPTFMT,
784		.procname	= "cipso_rbm_optfmt",
785		.data		= &cipso_v4_rbm_optfmt,
786		.maxlen		= sizeof(int),
787		.mode		= 0644,
788		.proc_handler	= &proc_dointvec,
789	},
790	{
791		.ctl_name	= NET_CIPSOV4_RBM_STRICTVALID,
792		.procname	= "cipso_rbm_strictvalid",
793		.data		= &cipso_v4_rbm_strictvalid,
794		.maxlen		= sizeof(int),
795		.mode		= 0644,
796		.proc_handler	= &proc_dointvec,
797	},
798#endif /* CONFIG_NETLABEL */
799	{
800		.ctl_name	= NET_TCP_AVAIL_CONG_CONTROL,
801		.procname	= "tcp_available_congestion_control",
802		.maxlen		= TCP_CA_BUF_MAX,
803		.mode		= 0444,
804		.proc_handler   = &proc_tcp_available_congestion_control,
805	},
806	{
807		.ctl_name	= NET_TCP_ALLOWED_CONG_CONTROL,
808		.procname	= "tcp_allowed_congestion_control",
809		.maxlen		= TCP_CA_BUF_MAX,
810		.mode		= 0644,
811		.proc_handler   = &proc_allowed_congestion_control,
812		.strategy	= &strategy_allowed_congestion_control,
813	},
814	{
815		.ctl_name	= NET_TCP_MAX_SSTHRESH,
816		.procname	= "tcp_max_ssthresh",
817		.data		= &sysctl_tcp_max_ssthresh,
818		.maxlen		= sizeof(int),
819		.mode		= 0644,
820		.proc_handler	= &proc_dointvec,
821	},
822	{ .ctl_name = 0 }
823};
824
825#endif /* CONFIG_SYSCTL */
826
827EXPORT_SYMBOL(ipv4_config);
828