aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv4/netfilter/arp_tables.c
AgeCommit message (Expand)AuthorFilesLines
2024-04-10netfilter: complete validation of user inputEric Dumazet1-0/+4
2024-04-04netfilter: validate user input for expected lengthEric Dumazet1-0/+4
2023-02-22netfilter: x_tables: fix percpu counter block leak on error path when creatin...Pavel Tikhomirov1-0/+4
2021-10-14netfilter: arp_tables: allow use of arpt_do_table as hookfnFlorian Westphal1-3/+4
2021-05-03netfilter: arptables: use pernet ops struct during unregisterFlorian Westphal1-3/+2
2021-04-26netfilter: allow to turn off xtables compat layerFlorian Westphal1-8/+8
2021-04-26netfilter: arp_tables: pass table pointer via nf_hook_opsFlorian Westphal1-14/+29
2021-04-26netfilter: arptables: unregister the tables by nameFlorian Westphal1-4/+10
2021-04-13netfilter: x_tables: fix compat match/target pad out-of-bound writeFlorian Westphal1-0/+2
2021-04-10netfilter: arp_tables: add pre_exit hook for table unregisterFlorian Westphal1-2/+7
2021-03-15Revert "netfilter: x_tables: Switch synchronization to RCU"Mark Tomlinson1-7/+7
2021-03-15Revert "netfilter: x_tables: Update remaining dereference to RCU"Mark Tomlinson1-1/+1
2020-12-17netfilter: x_tables: Update remaining dereference to RCUSubash Abhinov Kasiviswanathan1-1/+1
2020-12-08netfilter: x_tables: Switch synchronization to RCUSubash Abhinov Kasiviswanathan1-7/+7
2020-07-28net: remove sockptr_advanceChristoph Hellwig1-4/+4
2020-07-28netfilter: arp_tables: restore a SPDX identifierChristoph Hellwig1-1/+1
2020-07-24netfilter: switch nf_setsockopt to sockptr_tChristoph Hellwig1-14/+14
2020-07-24netfilter: switch xt_copy_counters to sockptr_tChristoph Hellwig1-4/+3
2020-07-19netfilter: remove the compat argument to xt_copy_counters_from_userChristoph Hellwig1-2/+1
2020-07-19netfilter/arp_tables: clean up compat {get, set}sockopt handlingChristoph Hellwig1-64/+21
2020-03-15netfilter: Replace zero-length array with flexible-array memberGustavo A. R. Silva1-2/+2
2020-01-13netfilter: arp_tables: init netns pointer in xt_tgdtor_param structFlorian Westphal1-9/+10
2019-12-30netfilter: arp_tables: init netns pointer in xt_tgchk_param structFlorian Westphal1-11/+16
2019-05-21treewide: Add SPDX license identifier for more missed filesThomas Gleixner1-0/+1
2018-03-30Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-nextDavid S. Miller1-20/+13
2018-03-30Revert "netfilter: x_tables: ensure last rule in base chain matches underflow...Florian Westphal1-16/+1
2018-03-27net: Drop pernet_operations::asyncKirill Tkhai1-1/+0
2018-03-05netfilter: x_tables: ensure last rule in base chain matches underflow/policyFlorian Westphal1-1/+16
2018-03-05netfilter: compat: prepare xt_compat_init_offsets to return errorsFlorian Westphal1-3/+7
2018-03-05netfilter: x_tables: add counters allocation wrapperFlorian Westphal1-1/+1
2018-03-05netfilter: x_tables: move hook entry checks into coreFlorian Westphal1-10/+3
2018-03-05netfilter: x_tables: check standard verdicts in coreFlorian Westphal1-5/+0
2018-03-05netfilter: unlock xt_table earlier in __do_replaceXin Long1-1/+2
2018-03-05net: Convert arp_tables_net_ops and ip6_tables_net_opsKirill Tkhai1-0/+1
2018-02-14netfilter: add back stackpointer size checksFlorian Westphal1-0/+4
2018-01-31Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextLinus Torvalds1-15/+12
2018-01-19netfilter: remove messages print and boot/module load timePablo Neira Ayuso1-1/+0
2018-01-08netfilter: xtables: add and use xt_request_find_table_lockFlorian Westphal1-14/+12
2018-01-03Merge branch 'for-mingo' of git://git.kernel.org/pub/scm/linux/kernel/git/pau...Ingo Molnar1-6/+1
2017-12-04netfilter: Remove now-redundant smp_read_barrier_depends()Paul E. McKenney1-6/+1
2017-11-20netfilter: remove redundant assignment to eColin Ian King1-1/+0
2017-10-24netfilter: x_tables: don't use seqlock when fetching old countersFlorian Westphal1-2/+20
2017-09-08netfilter: xtables: add scheduling opportunity in get_countersFlorian Westphal1-0/+1
2017-09-03Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-nextDavid S. Miller1-2/+0
2017-08-02netfilter: xtables: Remove unused variable in compat_copy_entry_from_user()Taehee Yoo1-2/+0
2017-07-31netfilter: x_tables: Fix use-after-free in ipt_do_table.Taehee Yoo1-5/+5
2017-04-07netfilter: Remove unnecessary cast on void pointersimran singhal1-13/+8
2017-03-06netfilter: arp_tables: remove redundant check on ret being non-zeroColin Ian King1-2/+0
2017-01-09arptables: use match, target and data copy_to_user helpersWillem de Bruijn1-10/+5
2016-12-24Replace <asm/uaccess.h> with <linux/uaccess.h> globallyLinus Torvalds1-1/+1
2016-12-06netfilter: x_tables: pack percpu counter allocationsFlorian Westphal1-3/+6
2016-12-06netfilter: x_tables: pass xt_counters struct to counter allocatorFlorian Westphal1-4/+1
2016-12-06netfilter: x_tables: pass xt_counters struct instead of packet counterFlorian Westphal1-2/+2
2016-12-03Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-2/+2
2016-11-30netfilter: arp_tables: fix invoking 32bit "iptable -P INPUT ACCEPT" failed in...Hongxu Jia1-2/+2
2016-11-13netfilter: x_tables: simplify IS_ERR_OR_NULL to NULL testJulia Lawall1-10/+10
2016-11-03netfilter: x_tables: move hook state into xt_action_param structurePablo Neira Ayuso1-5/+1
2016-07-18netfilter: x_tables: speed up jump target validationFlorian Westphal1-22/+25
2016-07-03netfilter: Convert FWINV<[foo]> macros and uses to NF_INVFJoe Perches1-21/+20
2016-05-05netfilter: x_tables: get rid of old and inconsistent debuggingPablo Neira Ayuso1-181/+36
2016-04-29netfilter: fix IS_ERR_VALUE usagePablo Neira Ayuso1-2/+4
2016-04-14netfilter: x_tables: introduce and use xt_copy_counters_from_userFlorian Westphal1-43/+5
2016-04-14netfilter: x_tables: remove obsolete checkFlorian Westphal1-8/+0
2016-04-14netfilter: x_tables: remove obsolete overflow check for compat case tooFlorian Westphal1-2/+0
2016-04-14netfilter: x_tables: do compat validation via translate_tableFlorian Westphal1-91/+23
2016-04-14netfilter: x_tables: xt_compat_match_from_user doesn't need a retvalFlorian Westphal1-12/+5
2016-04-14netfilter: arp_tables: simplify translate_compat_table argsFlorian Westphal1-46/+36
2016-04-14netfilter: x_tables: check for bogus target offsetFlorian Westphal1-2/+3
2016-04-14netfilter: x_tables: add compat version of xt_check_entry_offsetsFlorian Westphal1-1/+2
2016-04-14netfilter: x_tables: kill check_entry helperFlorian Westphal1-11/+8
2016-04-14netfilter: x_tables: add and use xt_check_entry_offsetsFlorian Westphal1-10/+1
2016-04-14netfilter: x_tables: validate targets of jumpsFlorian Westphal1-0/+16
2016-04-14netfilter: x_tables: don't move to non-existent next ruleFlorian Westphal1-3/+5
2016-03-28netfilter: x_tables: enforce nul-terminated table name from getsockopt GET_EN...Pablo Neira Ayuso1-0/+2
2016-03-28netfilter: x_tables: fix unconditional helperFlorian Westphal1-9/+9
2016-03-28netfilter: x_tables: make sure e->next_offset covers remaining blob sizeFlorian Westphal1-2/+4
2016-03-28netfilter: x_tables: validate e->target_offset earlyFlorian Westphal1-9/+8
2016-03-02netfilter: xtables: don't hook tables by defaultFlorian Westphal1-14/+27
2016-03-02netfilter: xtables: prepare for on-demand hook registerFlorian Westphal1-11/+14
2015-11-18net ipv4: use preferred log methodsBastian Stender1-3/+3
2015-10-16netfilter: ipv4: function definition layoutIan Morris1-3/+3
2015-10-16netfilter: ipv4: ternary operator layoutIan Morris1-2/+2
2015-10-16netfilter: ipv4: label placementIan Morris1-1/+1
2015-09-18netfilter: x_tables: Pass struct net in xt_action_paramEric W. Biederman1-0/+1
2015-09-18inet netfilter: Remove hook from ip6t_do_table, arp_do_table, ipt_do_tableEric W. Biederman1-1/+1
2015-08-28Revert "netfilter: xtables: compute exact size needed for jumpstack"Florian Westphal1-12/+7
2015-07-15netfilter: xtables: remove __pure annotationFlorian Westphal1-1/+1
2015-07-15netfilter: xtables: don't save/restore jumpstack offsetFlorian Westphal1-8/+3
2015-07-15netfilter: xtables: compute exact size needed for jumpstackFlorian Westphal1-7/+12
2015-07-02netfilter: arptables: use percpu jumpstackFlorian Westphal1-9/+16
2015-06-15netfilter: x_tables: remove XT_TABLE_INFO_SZ and a dereference.Eric Dumazet1-2/+2
2015-06-12netfilter: xtables: avoid percpu ruleset duplicationFlorian Westphal1-35/+15
2015-06-12netfilter: xtables: use percpu rule countersFlorian Westphal1-5/+27
2015-05-20netfilter: ensure number of counters is >0 in do_replace()Dave Jones1-0/+6
2015-04-04netfilter: Pass nf_hook_state through arpt_do_table().David S. Miller1-6/+5
2014-04-05netfilter: Can't fail and free after table replacementThomas Graf1-2/+4
2013-10-22netfilter: x_tables: fix ordering of jumpstack allocation and table updateWill Deacon1-0/+5
2013-04-18netfilter: add my copyright statementsPatrick McHardy1-0/+1
2013-01-22netfilter: Use IS_ERR_OR_NULL().YOSHIFUJI Hideaki / 吉藤英明1-5/+5
2012-11-18net: Allow userns root to control ipv4Eric W. Biederman1-4/+4
2012-05-15net: Convert net_ratelimit uses to net_<level>_ratelimitedJoe Perches1-3/+2
2012-04-15net: cleanup unsigned to unsigned intEric Dumazet1-1/+1
2011-04-19Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/...David S. Miller1-7/+11
2011-04-04netfilter: get rid of atomic ops in fast pathEric Dumazet1-7/+11
2011-03-31Fix common misspellingsLucas De Marchi1-2/+2
2011-03-15netfilter: arp_tables: fix infoleak to userspaceVasiliy Kulikov1-0/+3
2011-01-19Merge branch 'master' of /repos/git/net-next-2.6Patrick McHardy1-31/+14
2011-01-13netfilter: x_table: speedup compat operationsEric Dumazet1-0/+2
2011-01-10netfilter: x_tables: dont block BH while reading countersEric Dumazet1-31/+14
2010-11-03ipv4: netfilter: arp_tables: fix information leak to userlandVasiliy Kulikov1-0/+1
2010-10-21Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/...David S. Miller1-31/+31
2010-10-13netfilter: xtables: resolve indirect macros 3/3Jan Engelhardt1-7/+7
2010-10-13netfilter: xtables: resolve indirect macros 2/3Jan Engelhardt1-19/+19
2010-10-13netfilter: xtables: resolve indirect macros 1/3Jan Engelhardt1-5/+5
2010-09-23net: return operator cleanupEric Dumazet1-1/+1
2010-08-23netfilter: fix CONFIG_COMPAT supportFlorian Westphal1-0/+3
2010-08-17netfilter: {ip,ip6,arp}_tables: avoid lockdep false positiveEric Dumazet1-0/+2
2010-08-02netfilter: {ip,ip6,arp}_tables: dont block bottom half more than necessaryEric Dumazet1-4/+6
2010-07-23netfilter: arptables: use arp_hdr_len()Changli Gao1-4/+1
2010-06-04netfilter: vmalloc_node cleanupEric Dumazet1-4/+3
2010-05-13netfilter: cleanup printk messagesStephen Hemminger1-2/+2
2010-05-13netfilter: change NF_ASSERT to WARN_ONStephen Hemminger1-6/+1
2010-05-11netfilter: xtables: combine built-in extension structsJan Engelhardt1-23/+18
2010-05-11netfilter: xtables: change hotdrop pointer to direct modificationJan Engelhardt1-3/+3
2010-05-11netfilter: xtables: substitute temporary defines by final nameJan Engelhardt1-1/+1
2010-05-11netfilter: xtables: combine struct xt_match_param and xt_target_paramJan Engelhardt1-8/+8
2010-04-19netfilter: xtables: make ip_tables reentrantJan Engelhardt1-2/+4
2010-03-25netfilter: xtables: make use of xt_request_find_targetJan Engelhardt1-12/+8
2010-02-26netfilter: xtables: restore indentationJan Engelhardt1-9/+14
2010-02-24netfilter: xtables: reduce arguments to translate_tableJan Engelhardt1-27/+15
2010-02-24netfilter: xtables: optimize call flow around xt_entry_foreachJan Engelhardt1-122/+58
2010-02-24netfilter: xtables: replace XT_ENTRY_ITERATE macroJan Engelhardt1-53/+98
2010-02-15netfilter: xtables: add const qualifiersJan Engelhardt1-30/+39
2010-02-15netfilter: xtables: constify args in compat copying functionsJan Engelhardt1-2/+2
2010-02-10netfilter: xtables: generate initial table on-demandJan Engelhardt1-0/+7
2010-02-08netfilter: xtables: compat out of scope fixAlexey Dobriyan1-2/+2
2009-11-23netfilter: net/ipv[46]/netfilter: Move && and || to end of previous lineJoe Perches1-11/+11
2009-08-24netfilter: xtables: mark initial tables constantJan Engelhardt1-1/+2
2009-08-10netfilter: xtables: check for standard verdicts in policiesJan Engelhardt1-2/+19
2009-08-10netfilter: xtables: check for unconditionality of policiesJan Engelhardt1-5/+7
2009-08-10netfilter: xtables: ignore unassigned hooks in check_entry_size_and_hooksJan Engelhardt1-1/+4
2009-08-10netfilter: xtables: use memcmp in unconditional checkJan Engelhardt1-7/+3
2009-05-08netfilter: xtables: remove another level of indentJan Engelhardt1-16/+17
2009-05-08netfilter: xtables: reduce indent level by oneJan Engelhardt1-52/+48
2009-05-08netfilter: xtables: consolidate open-coded logicJan Engelhardt1-4/+10
2009-04-28netfilter: revised locking for x_tablesStephen Hemminger1-89/+36
2009-04-02netfilter: use rcu_read_bh() in ipt_do_table()Eric Dumazet1-2/+2
2009-03-26Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/...David S. Miller1-14/+4
2009-03-25netfilter: {ip,ip6,arp}_tables: fix incorrect loop detectionPatrick McHardy1-1/+3
2009-03-25netfilter: factorize ifname_compare()Eric Dumazet1-13/+1
2009-03-24arp_tables: ifname_compare() can assume 16bit alignmentEric Dumazet1-2/+6
2009-02-20netfilter: iptables: lock free countersStephen Hemminger1-27/+88
2009-02-18netfilter: arp_tables: unfold two critical loops in arp_packet_match()Eric Dumazet1-10/+34
2008-10-31net: replace NIPQUAD() in net/ipv4/netfilter/Harvey Harrison1-8/+8
2008-10-08netfilter: xtables: provide invoked family value to extensionsJan Engelhardt1-2/+4
2008-10-08netfilter: xtables: move extension arguments into compound structure (6/6)Jan Engelhardt1-3/+6
2008-10-08netfilter: xtables: move extension arguments into compound structure (5/6)Jan Engelhardt1-9/+11
2008-10-08netfilter: xtables: move extension arguments into compound structure (4/6)Jan Engelhardt1-11/+12
2008-10-08netfilter: xtables: do centralized checkentry call (1/2)Jan Engelhardt1-6/+4
2008-10-08netfilter: x_tables: use NFPROTO_* in extensionsJan Engelhardt1-28/+30
2008-04-14[NETFILTER]: {ip,ip6,arp}_tables: return EAGAIN for invalid SO_GET_ENTRIES sizePatrick McHardy1-2/+2
2008-04-14[NETFILTER]: remove arpt_target indirection macroJan Engelhardt1-4/+4
2008-04-14[NETFILTER]: remove arpt_table indirection macroJan Engelhardt1-14/+13
2008-04-14[NETFILTER]: annotate {arp,ip,ip6,x}tables with constJan Engelhardt1-15/+16
2008-03-26[NET] NETNS: Omit sock->sk_net without CONFIG_NET_NS.YOSHIFUJI Hideaki1-8/+8
2008-03-05net: replace remaining __FUNCTION__ occurrencesHarvey Harrison1-1/+1
2008-03-03[ARP]: Introduce the arp_hdr_len helper.Pavel Emelyanov1-4/+1
2008-01-31[NETFILTER]: x_tables: create per-netns /proc/net/*_tables_*Alexey Dobriyan1-3/+18
2008-01-31[NETFILTER]: netns: put table module on netns stopAlexey Dobriyan1-0/+3
2008-01-31[NETFILTER]: arp_tables: netns preparationAlexey Dobriyan1-24/+31
2008-01-31[NETFILTER]: x_tables: return new table from {arp,ip,ip6}t_register_table()Alexey Dobriyan1-10/+12
2008-01-31[NETFILTER]: x_tables: per-netns xt_tablesAlexey Dobriyan1-6/+6
2008-01-31[NETFILTER]: x_tables: change xt_table_register() return value conventionAlexey Dobriyan1-3/+4
2008-01-28[NETFILTER]: Parenthesize macro parametersJan Engelhardt1-1/+2
2008-01-28[NETFILTER]: arp_tables: add compat supportPatrick McHardy1-58/+690
2008-01-28[NETFILTER]: arp_tables: resync get_entries() with ip_tablesPatrick McHardy1-20/+19
2008-01-28[NETFILTER]: arp_tables: move ARPT_SO_GET_INFO handling to seperate functionPatrick McHardy1-42/+46
2008-01-28[NETFILTER]: arp_tables: move counter allocation to seperate functionPatrick McHardy1-8/+21
2008-01-28[NETFILTER]: arp_tables: move entry and target checks to seperate functionsPatrick McHardy1-17/+41
2008-01-28[NETFILTER]: arp_tables: remove ipchains compat hackPatrick McHardy1-4/+0
2008-01-28[NETFILTER]: arp_tables: use vmalloc_node()Patrick McHardy1-2/+3
2008-01-28[NETFILTER]: arp_tables: remove obsolete standard_check functionPatrick McHardy1-25/+3
2008-01-28[NETFILTER]: x_tables: remove obsolete overflow checkPatrick McHardy1-2/+0
2008-01-28[NETFILTER]: x_tables: struct xt_table_info dietEric Dumazet1-3/+2
2007-10-15[NETFILTER]: Replace sk_buff ** with sk_buff *Herbert Xu1-10/+10
2007-09-11[NETFILTER]: Fix/improve deadlock condition on module removal netfilterNeil Horman1-0/+1
2007-07-14[NETFILTER]: Lower *tables printk severityPatrick McHardy1-1/+1
2007-07-10[NETFILTER]: x_tables: mark matches and targets __read_mostlyPatrick McHardy1-2/+2
2007-07-10[NETFILTER]: x_tables: switch hotdrop to boolJan Engelhardt1-1/+1
2007-04-25[SK_BUFF]: Introduce arp_hdr(), remove skb->nh.arphArnaldo Carvalho de Melo1-2/+2
2007-04-13[NETFILTER] arp_tables: Fix unaligned accesses.David S. Miller1-7/+3
2007-02-10[NET] IPV4: Fix whitespace errors.YOSHIFUJI Hideaki1-3/+3
2006-12-13[NETFILTER]: {ip,ip6,arp}_tables: fix exponential worst-case search for loopsAl Viro1-2/+3
2006-12-06[NETFILTER]: Fix {ip,ip6,arp}_tables hook validationDmitry Mishin1-24/+24
2006-10-30[NETFILTER]: Missed and reordered checks in {arp,ip,ip6}_tablesDmitry Mishin1-9/+16
2006-10-15[NETFILTER]: arp_tables: missing unregistration on module unloadPatrick McHardy1-0/+2
2006-09-28[NETFILTER]: netfilter misc annotationsAl Viro1-1/+1
2006-09-22[NETFILTER]: x_tables: small check_entry & module_refcount cleanupDmitry Mishin1-1/+1
2006-09-22[NETFILTER]: kill listhelp.hPatrick McHardy1-2/+0
2006-09-22[NETFILTER]: x_tables: remove unused size argument to check/destroy functionsPatrick McHardy1-4/+1
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-07 02:51:23 +0000