summaryrefslogtreecommitdiff
path: root/include/net
diff options
context:
space:
mode:
authorMichal Kubecek <mkubecek@suse.cz>2013-02-06 09:46:33 (GMT)
committerSteffen Klassert <steffen.klassert@secunet.com>2013-02-06 10:36:29 (GMT)
commit8d068875caca3b507ffa8a57d521483fd4eebcc7 (patch)
tree2c12e956ab40e55abbb803f4cf710f09e5d72b70 /include/net
parent1f53c808502f1472bfc5829e6dd80317c7198a4a (diff)
downloadlinux-8d068875caca3b507ffa8a57d521483fd4eebcc7.tar.xz
xfrm: make gc_thresh configurable in all namespaces
The xfrm gc threshold can be configured via xfrm{4,6}_gc_thresh sysctl but currently only in init_net, other namespaces always use the default value. This can substantially limit the number of IPsec tunnels that can be effectively used. Signed-off-by: Michal Kubecek <mkubecek@suse.cz> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Diffstat (limited to 'include/net')
-rw-r--r--include/net/netns/ipv4.h1
-rw-r--r--include/net/netns/ipv6.h1
2 files changed, 2 insertions, 0 deletions
diff --git a/include/net/netns/ipv4.h b/include/net/netns/ipv4.h
index 9b78862..2ba9de8 100644
--- a/include/net/netns/ipv4.h
+++ b/include/net/netns/ipv4.h
@@ -22,6 +22,7 @@ struct netns_ipv4 {
struct ctl_table_header *frags_hdr;
struct ctl_table_header *ipv4_hdr;
struct ctl_table_header *route_hdr;
+ struct ctl_table_header *xfrm4_hdr;
#endif
struct ipv4_devconf *devconf_all;
struct ipv4_devconf *devconf_dflt;
diff --git a/include/net/netns/ipv6.h b/include/net/netns/ipv6.h
index 214cb0a..1242f37 100644
--- a/include/net/netns/ipv6.h
+++ b/include/net/netns/ipv6.h
@@ -16,6 +16,7 @@ struct netns_sysctl_ipv6 {
struct ctl_table_header *route_hdr;
struct ctl_table_header *icmp_hdr;
struct ctl_table_header *frags_hdr;
+ struct ctl_table_header *xfrm6_hdr;
#endif
int bindv6only;
int flush_delay;