Age | Commit message (Expand) | Author | Files | Lines |
2006-09-22 | [NETFILTER]: xt_limit: add compat conversion functions | Patrick McHardy | 1 | -0/+49 |
2006-09-22 | [NETFILTER]: xt_CONNMARK: add compat conversion functions | Patrick McHardy | 1 | -0/+36 |
2006-09-22 | [NETFILTER]: xt_connmark: add compat conversion functions | Patrick McHardy | 1 | -0/+36 |
2006-09-22 | [NETFILTER]: xt_MARK: add compat conversion functions | Patrick McHardy | 1 | -0/+34 |
2006-09-22 | [NETFILTER]: xt_mark: add compat conversion functions | Patrick McHardy | 1 | -0/+36 |
2006-09-22 | [NETFILTER]: x_tables: simplify compat API | Patrick McHardy | 1 | -83/+109 |
2006-09-22 | [NETFILTER]: make some netfilter globals __read_mostly | Brian Haley | 1 | -5/+5 |
2006-09-22 | [NETFILTER]: TCP conntrack: improve dead connection detection | George Hansper | 1 | -1/+3 |
2006-09-22 | [NETFILTER]: xt_policy: remove dups in .family | Alexey Dobriyan | 1 | -2/+0 |
2006-09-22 | [NETFILTER]: conntrack: fix race condition in early_drop | Pablo Neira Ayuso | 1 | -2/+8 |
2006-09-22 | [NETFILTER]: ctnetlink: simplify the code to dump the conntrack table | Pablo Neira Ayuso | 1 | -57/+10 |
2006-09-22 | [NETFILTER]: xt_limit: don't reset state on unrelated rule updates | Patrick McHardy | 1 | -8/+8 |
2006-09-22 | [NETFILTER]: xt_conntrack: clean up overly long lines | Patrick McHardy | 1 | -81/+98 |
2006-09-22 | [NETFILTER]: kill listhelp.h | Patrick McHardy | 3 | -107/+96 |
2006-09-22 | [NETFILTER]: Change tunables to __read_mostly | Brian Haley | 6 | -26/+26 |
2006-09-22 | [NETFILTER]: xt_CONNMARK.c build fix | Benoit Boissinot | 1 | -2/+2 |
2006-09-22 | [NETFILTER]: Fix nf_conntrack_ftp.c build. | David S. Miller | 1 | -1/+3 |
2006-09-22 | [NETFILTER] NF_CONNTRACK_FTP: Use in6_pton() to convert address string. | YOSHIFUJI Hideaki | 1 | -92/+4 |
2006-09-22 | [NETFILTER]: x_tables: Fix typos after conversion to use mass registation helper | Thomas Graf | 2 | -5/+5 |
2006-09-22 | [NETFILTER]: xt_tcpmss: minor cleanups | Patrick McHardy | 1 | -30/+18 |
2006-09-22 | [NETFILTER]: x_tables: remove unused size argument to check/destroy functions | Patrick McHardy | 23 | -35/+10 |
2006-09-22 | [NETFILTER]: x_tables: remove unused argument to target functions | Patrick McHardy | 9 | -19/+11 |
2006-09-22 | [NETFILTER]: x_tables: make use of mass registation helpers | Patrick McHardy | 31 | -1004/+678 |
2006-09-22 | [NETFILTER]: x_tables: add helpers for mass match/target registration | Patrick McHardy | 1 | -0/+60 |
2006-09-22 | [NETFILTER]: xt_CONNMARK: use tabs for indentation | Patrick McHardy | 1 | -28/+29 |
2006-09-22 | [NETFILTER]: nfnetlink_queue: fix typo in error message | Patrick McHardy | 1 | -2/+2 |
2006-09-22 | [NETFILTER]: ctnetlink: remove impossible events tests for updates | Pablo Neira Ayuso | 1 | -5/+1 |
2006-09-22 | [NETFILTER]: ctnetlink: check for listeners before sending expectation events | Pablo Neira Ayuso | 1 | -0/+3 |
2006-09-22 | [NETFILTER]: ctnetlink: dump connection mark | Pablo Neira Ayuso | 1 | -0/+4 |
2006-09-22 | [NETFILTER]: conntrack: introduce connection mark event | Pablo Neira Ayuso | 1 | -2/+14 |
2006-09-22 | [NETFILTER]: x_tables: replace IPv4 DSCP target by address family independent... | Yasuyuki Kozakai | 3 | -0/+143 |
2006-09-22 | [NETFILTER]: x_tables: replace IPv4 dscp match by address family independent ... | Yasuyuki Kozakai | 3 | -0/+125 |
2006-09-22 | [NETFILTER]: nf_queue: handle GSO packets | Patrick McHardy | 3 | -22/+62 |
2006-09-22 | [NETFILTER]: Get rid of HW checksum invalidation | Patrick McHardy | 1 | -0/+22 |
2006-09-22 | [NET]: Replace CHECKSUM_HW by CHECKSUM_PARTIAL/CHECKSUM_COMPLETE | Patrick McHardy | 3 | -7/+5 |
2006-09-19 | [NETFILTER]: xt_quota: add missing module aliases | Patrick McHardy | 1 | -0/+2 |
2006-08-17 | [NETFILTER]: ctnetlink: fix deadlock in table dumping | Patrick McHardy | 1 | -10/+7 |
2006-08-17 | [NETFILTER]: xt_physdev build fix | Andrew Morton | 1 | -0/+1 |
2006-08-13 | [NETFILTER]: ulog: fix panic on SMP kernels | Mark Huang | 1 | -0/+3 |
2006-08-13 | [NETFILTER]: xt_string: fix negation | Phil Oester | 1 | -1/+1 |
2006-08-02 | [NETFILTER]: xt_hashlimit/xt_string: missing string validation | Patrick McHardy | 1 | -1/+4 |
2006-08-02 | [SECURITY] secmark: nul-terminate secdata | James Morris | 1 | -0/+2 |
2006-07-24 | [NETFILTER]: Demote xt_sctp to EXPERIMENTAL | Patrick McHardy | 1 | -2/+2 |
2006-07-24 | [NETFILTER]: bridge netfilter: add deferred output hooks to feature-removal-s... | Patrick McHardy | 1 | -0/+15 |
2006-07-24 | [NETFILTER]: xt_pkttype: fix mismatches on locally generated packets | Phil Oester | 1 | -1/+11 |
2006-07-24 | [NETFILTER]: conntrack: fix SYSCTL=n compile | Adrian Bunk | 1 | -2/+2 |
2006-07-24 | [NETFILTER]: nf_queue: handle NF_STOP and unknown verdicts in nf_reinject | Patrick McHardy | 1 | -5/+4 |
2006-06-30 | Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 | Linus Torvalds | 1 | -1/+1 |
2006-06-30 | [NETFILTER]: SCTP conntrack: fix crash triggered by packet without chunks | Patrick McHardy | 1 | -1/+1 |
2006-06-30 | Remove obsolete #include <linux/config.h> | Jörn Engel | 13 | -13/+0 |
2006-06-29 | [NETLINK]: Encapsulate eff_cap usage within security framework. | Darrel Goeddel | 1 | -1/+1 |
2006-06-29 | [NETFILTER]: statistic match: add missing Kconfig help text | Patrick McHardy | 1 | -1/+4 |
2006-06-29 | [NETFILTER]: ip_queue/nfnetlink_queue: drop bridge port references when dev d... | Patrick McHardy | 1 | -2/+10 |
2006-06-29 | [NETFILTER]: xt_sctp: fix --chunk-types matching | Jorge Matias | 1 | -1/+1 |
2006-06-29 | [NETFILTER]: xt_tcpudp: fix double unregistration in error path | Yuri Gushin | 1 | -1/+1 |
2006-06-29 | [NETFILTER]: nf_conntrack: Fix undefined references to local_bh_* | Yasuyuki Kozakai | 2 | -0/+3 |
2006-06-19 | [NETFILTER]: xt_sctp: fix endless loop caused by 0 chunk length | Patrick McHardy | 1 | -1/+1 |
2006-06-17 | [SECMARK]: Add CONNSECMARK xtables target | James Morris | 3 | -0/+167 |
2006-06-17 | [SECMARK]: Add secmark support to conntrack | James Morris | 3 | -0/+20 |
2006-06-17 | [SECMARK]: Add xtables SECMARK target | James Morris | 3 | -0/+166 |
2006-06-17 | [NETFILTER]: FTP helper: search optimization | Patrick McHardy | 1 | -34/+43 |
2006-06-17 | [NETFILTER]: ctnetlink: change table dumping not to require an unique ID | Patrick McHardy | 1 | -8/+24 |
2006-06-17 | [NETFILTER]: ctnetlink: fix NAT configuration | Patrick McHardy | 1 | -31/+22 |
2006-06-17 | [NETFILTER]: conntrack: add fixed timeout flag in connection tracking | Eric Leblond | 1 | -0/+6 |
2006-06-17 | [NETFILTER]: conntrack: add sysctl to disable checksumming | Patrick McHardy | 3 | -3/+16 |
2006-06-17 | [NETFILTER]: x_tables: add statistic match | Patrick McHardy | 3 | -0/+119 |
2006-06-17 | [NETFILTER]: x_tables: add quota match | Patrick McHardy | 3 | -0/+107 |
2006-06-17 | [NETFILTER]: x_tables: add SCTP/DCCP support where missing | Patrick McHardy | 1 | -3/+4 |
2006-06-17 | [NETFILTER]: x_tables: remove some unnecessary casts | Patrick McHardy | 5 | -8/+5 |
2006-05-19 | [NETFILTER]: nfnetlink_log: fix byteorder confusion | Patrick McHardy | 1 | -2/+2 |
2006-05-03 | [NETFILTER]: x_tables: don't use __copy_{from,to}_user on unchecked memory in... | Patrick McHardy | 1 | -2/+2 |
2006-05-02 | [NETFILTER] SCTP conntrack: fix infinite loop | Patrick McHardy | 1 | -4/+7 |
2006-04-24 | [NETFILTER]: x_tables: move table->lock initialization | Dmitry Mishin | 1 | -1/+1 |
2006-04-24 | [NETFILTER]: nf_conntrack: kill unused callback init_conntrack | Yasuyuki Kozakai | 1 | -3/+0 |
2006-04-24 | [NETFILTER]: nf_conntrack: Fix module refcount dropping too far | Yasuyuki Kozakai | 2 | -9/+4 |
2006-04-11 | [PATCH] for_each_possible_cpu: network codes | KAMEZAWA Hiroyuki | 2 | -3/+3 |
2006-04-09 | [NETFILTER]: Convert conntrack/ipt_REJECT to new checksumming functions | Patrick McHardy | 2 | -90/+10 |
2006-04-09 | [NETFILTER]: Introduce infrastructure for address family specific operations | Patrick McHardy | 2 | -36/+36 |
2006-04-09 | [NETFILTER]: Fix section mismatch warnings | Patrick McHardy | 3 | -94/+73 |
2006-04-09 | [NETFILTER]: Add helper functions for mass hook registration/unregistration | Patrick McHardy | 1 | -0/+28 |
2006-04-01 | [NETFILTER]: iptables 32bit compat layer | Dmitry Mishin | 1 | -0/+113 |
2006-04-01 | [NETFILTER]: {ip,nf}_conntrack_netlink: fix expectation notifier unregistration | Martin Josefsson | 1 | -1/+1 |
2006-04-01 | [NETFILTER]: fix ifdef for connmark support in nf_conntrack_netlink | Martin Josefsson | 1 | -2/+2 |
2006-04-01 | [NETFILTER]: x_tables: unify IPv4/IPv6 multiport match | Yasuyuki Kozakai | 3 | -0/+325 |
2006-04-01 | [NETFILTER]: x_tables: unify IPv4/IPv6 esp match | Yasuyuki Kozakai | 3 | -0/+146 |
2006-04-01 | [IPSEC]: Kill unused decap state structure | Herbert Xu | 1 | -1/+1 |
2006-03-28 | [NETFILTER]: Rename init functions. | Andrew Morton | 28 | -113/+113 |
2006-03-27 | [PATCH] Notifier chain update: API changes | Alan Stern | 1 | -3/+3 |
2006-03-25 | [NETFILTER] x_table.c: sem2mutex | Ingo Molnar | 1 | -27/+29 |
2006-03-22 | [NETFILTER]: Fix xt_policy address matching | Patrick McHardy | 1 | -3/+3 |
2006-03-22 | [NETFILTER]: nf_conntrack: support for layer 3 protocol load on demand | Pablo Neira Ayuso | 6 | -0/+124 |
2006-03-22 | [NETFILTER]: x_tables: set the protocol family in x_tables targets/matches | Pablo Neira Ayuso | 25 | -133/+187 |
2006-03-22 | [NETFILTER]: conntrack: cleanup the conntrack ID initialization | Pablo Neira Ayuso | 1 | -2/+2 |
2006-03-22 | [NETFILTER]: nfnetlink_queue: fix nfnetlink message size | Pablo Neira Ayuso | 1 | -9/+10 |
2006-03-22 | [NETFILTER]: ctnetlink: Fix expectaction mask dumping | Pablo Neira Ayuso | 1 | -22/+62 |
2006-03-22 | [NETFILTER]: Fix Kconfig typos | Thomas Vögtle | 1 | -3/+3 |
2006-03-20 | [NET]: Identation & other cleanups related to compat_[gs]etsockopt cset | Arnaldo Carvalho de Melo | 1 | -1/+1 |
2006-03-20 | [NET]: {get|set}sockopt compatibility layer | Dmitry Mishin | 1 | -0/+69 |
2006-03-20 | [NET]: sem2mutex part 2 | Ingo Molnar | 1 | -7/+9 |
2006-03-20 | [NET] sem2mutex: net/ | Arjan van de Ven | 1 | -12/+13 |
2006-03-20 | [NETFILTER]: ctnetlink: avoid unneccessary event message generation | Patrick McHardy | 2 | -3/+10 |
2006-03-20 | [NETFILTER]: x_tables: replace IPv4/IPv6 policy match by address family indep... | Patrick McHardy | 3 | -0/+220 |
2006-03-20 | [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions | Patrick McHardy | 23 | -1/+44 |
2006-03-20 | [NETFILTER]: Convert x_tables matches/targets to centralized error checking | Patrick McHardy | 23 | -511/+167 |
2006-03-20 | [NETFILTER]: xt_tables: add centralized error checking | Patrick McHardy | 1 | -7/+65 |
2006-03-20 | [NETFILTER] nf_conntrack: clean up to reduce size of 'struct nf_conn' | Harald Welte | 5 | -89/+80 |
2006-03-20 | [NETFILTER] nfnetlink_log: add sequence numbers for log events | Harald Welte | 1 | -0/+46 |
2006-03-12 | [NETFILTER]: nfnetlink_queue: fix possible NULL-ptr dereference | Patrick McHardy | 1 | -1/+5 |
2006-02-27 | [NETFILTER]: nf_queue: fix end-of-list check | Patrick McHardy | 1 | -1/+1 |
2006-02-27 | [NETFILTER]: nf_queue: remove unnecessary check for outfn | Patrick McHardy | 1 | -1/+1 |
2006-02-27 | [NETFILTER]: nf_queue: fix rerouting after packet mangling | Patrick McHardy | 1 | -7/+15 |
2006-02-27 | [NETFILTER]: nf_queue: check if rerouter is present before using it | Patrick McHardy | 1 | -2/+2 |
2006-02-27 | [NETFILTER]: nf_queue: don't copy registered rerouter data | Patrick McHardy | 1 | -19/+9 |
2006-02-15 | [NETFILTER]: nf_conntrack: Fix TCP/UDP HW checksum handling for IPv6 packet | Yasuyuki Kozakai | 2 | -2/+6 |
2006-02-15 | [NETFILTER]: nf_conntrack: move registration of __nf_ct_attach | Yasuyuki Kozakai | 1 | -0/+5 |
2006-02-15 | [NETFILTER]: x_tables: fix dependencies of conntrack related modules | Yasuyuki Kozakai | 1 | -3/+3 |
2006-02-13 | [NETFILTER] Fix Kconfig menu level for x_tables | Harald Welte | 1 | -2/+2 |
2006-02-04 | [NETFILTER]: nf_conntrack: fix incorrect memset() size in FTP helper | Samir Bellabes | 1 | -2/+0 |
2006-02-04 | [NETFILTER]: nfnetlink_queue: fix packet marking over netlink | Patrick McHardy | 1 | -1/+2 |
2006-02-04 | [NETFILTER]: Fix undersized skb allocation in ipt_ULOG/ebt_ulog/nfnetlink_log | Patrick McHardy | 1 | -7/+11 |
2006-02-04 | [NETFILTER]: ULOG/nfnetlink_log: Use better default value for 'nlbufsiz' | Holger Eitzenberger | 1 | -1/+1 |
2006-02-04 | [NETFILTER]: nf_conntrack: check address family when finding protocol module | Yasuyuki Kozakai | 1 | -1/+1 |
2006-02-04 | [NETFILTER]: ctnetlink: add MODULE_ALIAS for expectation subsystem | Pablo Neira Ayuso | 1 | -0/+1 |
2006-02-04 | [NETFILTER]: ctnetlink: Fix subsystem used for expectation events | Marcus Sundberg | 1 | -1/+1 |
2006-01-14 | [PATCH] Unlinline a bunch of other functions | Arjan van de Ven | 1 | -1/+1 |
2006-01-13 | [NETFILTER] x-tables: Missing linux/ipv6.h includes. | David S. Miller | 2 | -0/+2 |
2006-01-13 | [NET]: Use NIP6_FMT in kernel.h | Joe Perches | 1 | -2/+2 |
2006-01-12 | [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables | Harald Welte | 27 | -5/+4316 |
2006-01-10 | [NETFILTER]: Fix timeout sysctls on big-endian 64bit architectures | Patrick McHardy | 5 | -34/+34 |
2006-01-10 | spelling: s/trough/through/ | Adrian Bunk | 1 | -2/+2 |
2006-01-05 | [NETFILTER]: Fix module_param types and permissions | Patrick McHardy | 1 | -1/+1 |
2006-01-05 | [NETFILTER]: Filter dumped entries based on the layer 3 protocol number | Pablo Neira Ayuso | 1 | -6/+17 |
2006-01-05 | [NETFILTER]: Add ctnetlink port for nf_conntrack | Pablo Neira Ayuso | 7 | -34/+1973 |
2006-01-05 | [NETFILTER]: Decrease number of pointer derefs in nf_conntrack_core.c | Jesper Juhl | 1 | -3/+4 |
2006-01-05 | [NETFILTER]: Decrease number of pointer derefs in nfnetlink_queue.c | Jesper Juhl | 1 | -35/+44 |
2006-01-04 | [NETFILTER]: Use macro for spinlock_t/rwlock_t initializations/definition. | YOSHIFUJI Hideaki | 2 | -2/+2 |
2005-12-05 | [NETFILTER]: Wait for untracked references in nf_conntrack module unload | Patrick McHardy | 1 | -0/+3 |
2005-12-05 | [NETFILTER]: Mark ctnetlink as EXPERIMENTAL | Patrick McHardy | 1 | -2/+2 |
2005-12-05 | [NETFILTER]: nfnetlink: Fix calculation of minimum message length | Yasuyuki Kozakai | 1 | -3/+2 |
2005-12-01 | [NETFILTER]: Ignore ACKs ACKs on half open connections in TCP conntrack | Jozsef Kadlecsik | 1 | -9/+20 |
2005-11-16 | [NETFILTER]: Fix nf_conntrack compilation with CONFIG_NETFILTER_DEBUG | Patrick McHardy | 1 | -1/+1 |
2005-11-15 | [NETFILTER] Free layer-3 specific protocol tables at cleanup | KOVACS Krisztian | 1 | -0/+7 |
2005-11-15 | [NETFILTER] Remove nf_conntrack stat proc file when cleaning up | KOVACS Krisztian | 1 | -1/+1 |
2005-11-14 | [NETFILTER] nfnetlink: unconditionally require CAP_NET_ADMIN | Harald Welte | 3 | -26/+17 |
2005-11-14 | [NETFILTER] nf_conntrack: Add missing code to TCP conntrack module | KOVACS Krisztian | 1 | -0/+6 |
2005-11-12 | [NETFILTER] {ip,nf}_conntrack TCP: Accept SYN+PUSH like SYN | Vlad Drukker | 1 | -0/+1 |
2005-11-09 | [NETFILTER]: Add nf_conntrack subsystem. | Yasuyuki Kozakai | 10 | -0/+5418 |
2005-11-09 | [NETFILTER] nfnetlink: only load subsystems if CAP_NET_ADMIN is set | Harald Welte | 1 | -7/+10 |
2005-11-09 | [NETFILTER] nfnetlink: nfattr_parse() can never fail, make it void | Harald Welte | 1 | -3/+1 |
2005-11-05 | [NETFILTER] nf_queue: Fix Ooops when no queue handler registered | Harald Welte | 1 | -1/+1 |
2005-11-05 | [NETFILTER] nfnetlink: Use kzalloc | Harald Welte | 2 | -8/+4 |
2005-10-10 | [NETFILTER] nfnetlink: use highest bit of nfa_type to indicate nested TLV | Harald Welte | 1 | -2/+2 |
2005-10-08 | [PATCH] gfp flags annotations - part 1 | Al Viro | 1 | -2/+1 |
2005-10-04 | [NETFILTER]: fix sparse gfp nocast warnings | Randy Dunlap | 1 | -1/+2 |
2005-10-03 | [NET]: Fix packet timestamping. | Herbert Xu | 2 | -4/+4 |
2005-09-06 | [NETFILTER]: Fix HW checksum handling in nfnetlink_queue | Patrick McHardy | 1 | -1/+7 |
2005-09-05 | [NETFILTER] remove bogus hand-coded htonll() from nenetlink_queue | Harald Welte | 1 | -13/+2 |
2005-09-05 | [NETFILTER]: net/netfilter/nfnetlink*: make functions static | Adrian Bunk | 2 | -3/+3 |
2005-08-29 | [NETLINK]: Add "groups" argument to netlink_kernel_create | Patrick McHardy | 1 | -2/+2 |
2005-08-29 | [NETLINK]: Convert netlink users to use group numbers instead of bitmasks | Patrick McHardy | 1 | -1/+1 |
2005-08-29 | [NET]: Store skb->timestamp as offset to a base timestamp | Patrick McHardy | 2 | -6/+6 |
2005-08-29 | [NETFILTER]: Fix compilation when no PROC_FS enabled | Harald Welte | 1 | -2/+2 |
2005-08-29 | [NETFILTER]: check nf_log function call arguments | Harald Welte | 1 | -1/+9 |
2005-08-29 | [NETFILTER]: more verbose return codes from nf_{log,queue} | Harald Welte | 2 | -2/+10 |
2005-08-29 | [NETFILTER]: add /proc/net/netfilter interface to nf_queue | Harald Welte | 3 | -25/+94 |
2005-08-29 | [NETFILTER]: add correct bridging support to nfnetlink_{queue,log} | Harald Welte | 2 | -0/+116 |
2005-08-29 | [NETFILTER]: split net/core/netfilter.c into net/netfilter/*.c | Harald Welte | 6 | -0/+829 |
2005-08-29 | [NETFILTER]: fix autoloading of nfnetlink_log | Harald Welte | 1 | -0/+1 |
2005-08-29 | [NETFILTER]: cleanup nfnetlink_check_attributes() | Harald Welte | 1 | -9/+10 |
2005-08-29 | [NETFILTER]: attribute count is an attribute of message type, not subsytem | Harald Welte | 3 | -7/+22 |
2005-08-29 | [NETFILTER]: Add new "nfnetlink_log" userspace packet logging facility | Harald Welte | 4 | -0/+1008 |
2005-08-29 | [NETFILTER]: Add refcounting and /proc/net/netfilter interface to nfnetlink_q... | Harald Welte | 1 | -28/+220 |
2005-08-29 | [NETFILTER]: Add "nfnetlink_queue" netfilter queue handler over nfnetlink | Harald Welte | 3 | -0/+886 |
2005-08-29 | [NETFILTER]: Core changes required by upcoming nfnetlink_queue code | Harald Welte | 1 | -6/+22 |
2005-08-29 | [NETLINK]: Add properly module refcounting for kernel netlink sockets. | Harald Welte | 1 | -1/+4 |
2005-08-29 | [NETFILTER]: Add ctnetlink subsystem | Harald Welte | 1 | -0/+1 |
2005-08-29 | [NETFITLER]: Add nfnetlink layer. | Harald Welte | 3 | -0/+349 |