aboutsummaryrefslogtreecommitdiffstats
path: root/net/netfilter/core.c
AgeCommit message (Expand)AuthorFilesLines
2023-10-18netfilter: make nftables drops visible in net dropmonitorFlorian Westphal1-3/+3
2023-07-28netfilter: defrag: Add glue hooks for enabling/disabling defragDaniel Xu1-0/+6
2023-05-10netfilter: conntrack: fix possible bug_on with enable_hooks=1Florian Westphal1-2/+4
2023-04-21netfilter: disallow bpf hook attachment at same priorityFlorian Westphal1-0/+12
2023-02-22Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nfJakub Kicinski1-0/+3
2023-02-22netfilter: ctnetlink: make event listener tracking globalFlorian Westphal1-0/+3
2023-02-17netfilter: let reset rules clean out conntrack entriesFlorian Westphal1-0/+16
2022-08-22Remove DECnet support from kernelStephen Hemminger1-10/+0
2022-03-28Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nfDavid S. Miller1-1/+1
2022-03-28memcg: enable accounting for nft objectsVasily Averin1-1/+1
2022-03-03Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-2/+3
2022-02-28netfilter: fix use-after-free in __nf_register_net_hook()Eric Dumazet1-2/+3
2022-02-07net: netfilter: use kfree_drop_reason() for NF_DROPMenglong Dong1-1/+2
2022-01-09netfilter: make function op structures constFlorian Westphal1-5/+5
2022-01-09netfilter: core: move ip_ct_attach indirection to struct nf_ct_hookFlorian Westphal1-11/+8
2021-10-17netfilter: core: Fix clang warnings about unused static inlinesLukas Wunner1-2/+4
2021-10-14netfilter: Introduce egress hookLukas Wunner1-3/+31
2020-10-12netfilter: add inet ingress supportPablo Neira Ayuso1-21/+82
2020-10-12netfilter: add nf_ingress_hook() helper functionPablo Neira Ayuso1-2/+7
2020-10-12netfilter: add nf_static_key_{inc,dec}Pablo Neira Ayuso1-6/+17
2020-04-15netfilter: Avoid assigning 'const' pointer to non-const pointerWill Deacon1-1/+1
2019-10-17netfilter: add and use nf_hook_slow_list()Florian Westphal1-0/+20
2019-07-04netfilter: nf_queue: remove unused hook entries pointerFlorian Westphal1-1/+1
2019-05-31netfilter: replace skb_make_writable with skb_ensure_writableFlorian Westphal1-22/+0
2019-05-14net: replace CONFIG_DEBUG_KERNEL with CONFIG_DEBUG_MISCSinan Kaya1-1/+1
2019-04-12bridge: netfilter: unroll NF_HOOK helper in bridge input pathFlorian Westphal1-0/+1
2019-01-06jump_label: move 'asm goto' support test to KconfigMasahiro Yamada1-3/+3
2018-07-10netfilter: Add nf_ct_get_tuple_skb global lookup functionToke Høiland-Jørgensen1-0/+15
2018-05-23Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-nextDavid S. Miller1-38/+64
2018-05-23netfilter: add struct nf_nat_hook and use itPablo Neira Ayuso1-5/+3
2018-05-23netfilter: add struct nf_ct_hook and use itPablo Neira Ayuso1-7/+7
2018-05-23netfilter: lift one-nat-hook-only restrictionFlorian Westphal1-5/+0
2018-05-23netfilter: core: export raw versions of add/delete hook functionsFlorian Westphal1-21/+54
2018-05-08netfilter: core: add missing __rcu annotationFlorian Westphal1-1/+2
2018-01-10netfilter: core: return EBUSY in case NAT hook is already in usePablo Neira Ayuso1-1/+1
2018-01-10netfilter: core: make local function __nf_unregister_net_hook staticWei Yongjun1-2/+2
2018-01-08netfilter: remove struct nf_afinfo and its helper functionsPablo Neira Ayuso1-24/+1
2018-01-08netfilter: core: support for NFPROTO_INET hook registrationPablo Neira Ayuso1-9/+44
2018-01-08netfilter: core: pass family as parameter to nf_remove_net_hook()Pablo Neira Ayuso1-5/+5
2018-01-08netfilter: core: pass hook number, family and device to nf_find_hook_list()Pablo Neira Ayuso1-17/+19
2018-01-08netfilter: core: add nf_remove_net_hookPablo Neira Ayuso1-4/+4
2018-01-08netfilter: core: only allow one nat hook per hook pointFlorian Westphal1-0/+6
2018-01-08netfilter: don't allocate space for arp/bridge hooks unless neededFlorian Westphal1-0/+8
2018-01-08netfilter: don't allocate space for decnet hooks unless neededFlorian Westphal1-0/+4
2018-01-08netfilter: reduce hook array sizes to what is neededFlorian Westphal1-7/+17
2018-01-08netfilter: reduce size of hook entry point locationsFlorian Westphal1-8/+30
2018-01-08netfilter: core: free hooks with call_rcuFlorian Westphal1-6/+28
2018-01-08netfilter: core: remove synchronize_net call if nfqueue is usedFlorian Westphal1-5/+1
2018-01-08netfilter: core: make nf_unregister_net_hooks simple wrapper againFlorian Westphal1-56/+3
2017-09-08netfilter: core: remove erroneous warn_onFlorian Westphal1-1/+1
2017-08-28netfilter: core: batch nf_unregister_net_hooks synchronize_net callsFlorian Westphal1-3/+56
2017-08-28netfilter: debug: check for sorted arrayFlorian Westphal1-0/+23
2017-08-28netfilter: convert hook list to an arrayAaron Conole1-73/+224
2017-07-18netfilter: fix netfilter_net_init() returnDan Carpenter1-2/+2
2017-07-17netfilter: remove old pre-netns era hook apiFlorian Westphal1-143/+0
2017-05-01netfilter: nf_queue: only call synchronize_net twice if nf_queue is activeFlorian Westphal1-9/+12
2017-05-01netfilter: batch synchronize_net calls during hook unregisterFlorian Westphal1-6/+40
2017-02-02netfilter: merge ctinfo into nfct pointer storage areaFlorian Westphal1-1/+1
2016-12-06netfilter: convert while loops to for loopsAaron Conole1-4/+2
2016-12-06netfilter: introduce accessor functions for hook entriesAaron Conole1-6/+4
2016-11-03netfilter: handle NF_REPEAT from nf_conntrack_in()Pablo Neira Ayuso1-2/+0
2016-11-03netfilter: merge nf_iterate() into nf_hook_slow()Pablo Neira Ayuso1-45/+28
2016-11-03netfilter: remove hook_entries field from nf_hook_statePablo Neira Ayuso1-5/+4
2016-11-03netfilter: use switch() to handle verdict cases from nf_hook_slow()Pablo Neira Ayuso1-4/+14
2016-11-03netfilter: deprecate NF_STOPPablo Neira Ayuso1-1/+1
2016-11-03netfilter: kill NF_HOOK_THRESH() and state->treshPablo Neira Ayuso1-4/+0
2016-11-03netfilter: remove comments that predate rcu daysPablo Neira Ayuso1-7/+0
2016-11-03netfilter: get rid of useless debugging from corePablo Neira Ayuso1-9/+0
2016-10-20netfilter: fix nf_queue handlingPablo Neira Ayuso1-10/+3
2016-10-11netfilter: Fix slab corruption.Linus Torvalds1-75/+33
2016-09-30netfilter: accommodate different kconfig in nf_set_hooks_headAaron Conole1-4/+11
2016-09-30netfilter: Fix potential null pointer dereferenceAaron Conole1-1/+1
2016-09-25Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/...Pablo Neira Ayuso1-5/+46
2016-09-25netfilter: replace list_head with single linked listAaron Conole1-49/+92
2016-09-24netfilter: Only allow sane values in nf_register_net_hookAaron Conole1-0/+5
2016-09-24netfilter: Remove explicit rcu_read_lock in nf_hook_slowAaron Conole1-5/+1
2016-09-19net: Add _nf_(un)register_hooks symbolsMahesh Bandewar1-5/+46
2015-10-24Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-0/+2
2015-10-16netfilter: make nf_queue_entry_get_refs return voidFlorian Westphal1-2/+0
2015-10-13netfilter: sync with packet rx also after removing queue entriesFlorian Westphal1-0/+2
2015-10-05netfilter: nfnetlink_queue: rename related to nfqueue attaching conntrack infoKen-ichirou MATSUZAWA1-2/+2
2015-10-04netfilter: nfnetlink_queue: get rid of nfnetlink_queue_ct.cPablo Neira Ayuso1-3/+6
2015-09-18netfilter: Pass priv instead of nf_hook_ops to netfilter hooksEric W. Biederman1-1/+1
2015-09-02netfilter: nf_conntrack: make nf_ct_zone_dflt built-inDaniel Borkmann1-0/+6
2015-08-28netfilter: reduce sparse warningsFlorian Westphal1-3/+0
2015-07-23netfilter: rename local nf_hook_list to hook_listPablo Neira Ayuso1-14/+14
2015-07-23netfilter: fix possible removal of wrong hookPablo Neira Ayuso1-22/+19
2015-07-23netfilter: nf_queue: fix nf_queue_nf_hook_drop()Pablo Neira Ayuso1-1/+1
2015-07-20netfilter: Fix memory leak in nf_register_net_hookEric W. Biederman1-1/+3
2015-07-15netfilter: move tee_active to coreFlorian Westphal1-0/+3
2015-07-15netfilter: Per network namespace netfilter hooks.Eric W. Biederman1-21/+161
2015-07-15netfilter: Factor out the hook list selection from nf_register_hookEric W. Biederman1-14/+18
2015-07-15netfilter: Simply the tests for enabling and disabling the ingress queue hookEric W. Biederman1-11/+6
2015-06-23netfilter: nf_qeueue: Drop queue entries on nf_unregister_hookEric W. Biederman1-0/+1
2015-05-14netfilter: add netfilter ingress hook after handle_ing() under unique static keyPablo Neira1-1/+30
2015-05-14netfilter: add hook list to nf_hook_statePablo Neira1-4/+2
2015-04-04netfilter: Make nf_hookfn use nf_hook_state.David S. Miller1-2/+1
2015-04-04netfilter: Create and use nf_hook_state.David S. Miller1-19/+13
2014-11-13netfilter: fix various sparse warningsFlorian Westphal1-0/+1
2014-08-25netfilter: HAVE_JUMP_LABEL instead of CONFIG_JUMP_LABELZhouyi Zhou1-3/+3
2014-08-08netfilter: don't use mutex_lock_interruptible()Pablo Neira Ayuso1-9/+2
2013-10-14netfilter: pass hook ops to hookfnPatrick McHardy1-1/+1
2013-07-31netfilter: nf_conntrack: constify sk_buff argument to nf_ct_attach()Patrick McHardy1-3/+4
2013-06-06Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/pablo/...David S. Miller1-6/+15
2013-05-23netfilter: don't panic on error while walking through the init pathPablo Neira Ayuso1-6/+15
2013-05-23netfilter: add nf_ipv6_ops hook to fix xt_addrtype with IPv6Florian Westphal1-0/+2
2013-04-18netfilter: add my copyright statementsPatrick McHardy1-0/+1
2013-04-05netfilter: remove unneeded variable proc_net_netfilterPablo Neira Ayuso1-12/+4
2013-04-05netfilter: make /proc/net/netfilter pernetGao feng1-4/+29
2012-12-03netfilter: kill support for per-af queue backendsFlorian Westphal1-2/+0
2012-09-03netfilter: pass 'nf_hook_ops' instead of 'list_head' to nf_queue()Michael Wang1-2/+2
2012-09-03netfilter: pass 'nf_hook_ops' instead of 'list_head' to nf_iterate()Michael Wang1-14/+10
2012-08-30netfilter: add protocol independent NAT corePatrick McHardy1-0/+5
2012-08-22netfilter: replace list_for_each_continue_rcu with new interfaceMichael Wang1-4/+6
2012-06-22netfilter: nfnetlink_queue: fix compilation with CONFIG_NF_NAT=m and CONFIG_N...Pablo Neira Ayuso1-0/+3
2012-06-20netfilter: nfq_ct_hook needs __rcu and __read_mostlyPablo Neira Ayuso1-1/+1
2012-06-16netfilter: add glue code to integrate nfnetlink_queue and ctnetlinkPablo Neira Ayuso1-0/+4
2012-04-20net: Delete all remaining instances of ctl_pathEric W. Biederman1-9/+0
2012-02-24static keys: Introduce 'struct static_key', static_key_true()/false() and sta...Ingo Molnar1-3/+3
2011-12-16net:netfilter: use IS_ENABLEDIgor Maravić1-1/+1
2011-11-21netfilter: use jump_label for nf_hooksEric Dumazet1-1/+12
2011-11-01netfilter: do not propagate nf_queue errors in nf_hook_slowFlorian Westphal1-6/+5
2011-08-02rcu: convert uses of rcu_assign_pointer(x, NULL) to RCU_INIT_POINTERStephen Hemminger1-2/+2
2011-02-19Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/ne...David S. Miller1-1/+2
2011-02-14netfilter: nf_iterate: fix incorrect RCU usagePatrick McHardy1-1/+2
2011-01-18netfilter: allow NFQUEUE bypass if no listener is availableFlorian Westphal1-0/+3
2011-01-18netfilter: reduce NF_VERDICT_MASK to 0xffFlorian Westphal1-2/+2
2011-01-18netfilter: nfnetlink_queue: do not free skb on errorFlorian Westphal1-2/+5
2011-01-18netfilter: nfnetlink_queue: return error number to callerFlorian Westphal1-2/+4
2011-01-13Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/...Simon Horman1-2/+4
2010-11-17netfilter: allow hooks to pass error code back up the stackEric Paris1-2/+4
2010-11-15netfilter: add __rcu annotationsEric Dumazet1-2/+2
2010-10-23Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6Linus Torvalds1-4/+2
2010-10-04netfilter: unregister nf hooks, matches and targets in the reverse orderChangli Gao1-4/+2
2010-08-19net/netfilter: __rcu annotationsArnd Bergmann1-1/+1
2010-03-30include cleanup: Update gfp.h and slab.h includes to prepare for breaking imp...Tejun Heo1-0/+1
2009-11-12sysctl net: Remove unused binary sysctl codeEric W. Biederman1-2/+2
2009-02-18netfilter: remove unneeded gotoJan Engelhardt1-2/+0
2008-10-08netfilter: enable netfilter in netnsAlexey Dobriyan1-8/+0
2008-10-08netfilter: Introduce NFPROTO_* constantsJan Engelhardt1-3/+3
2008-10-08netfilter: Use unsigned types for hooknum and pf varsJan Engelhardt1-2/+2
2008-03-26[NET] NETNS: Omit net_device->nd_net without CONFIG_NET_NS.YOSHIFUJI Hideaki1-1/+1
2008-03-24[NETNS]: Process netfilter hooks in initial namespace only.Denis V. Lunev1-0/+8
2008-01-28[NETFILTER]: kill nf_sysctl.cPatrick McHardy1-0/+9
2008-01-28[NETFILTER]: constify nf_afinfoPatrick McHardy1-3/+3
2008-01-28[NETFILTER]: remove annoying debugging messagePatrick McHardy1-2/+1
2008-01-28[NETFILTER]: nf_queue: remove unnecessary hook existance checkPatrick McHardy1-5/+0
2008-01-28[NETFILTER]: replace list_for_each with list_for_each_entryLi Zefan1-4/+4
2008-01-28[NET]: Move netfilter checksum helpers to net/core/utils.cPatrick McHardy1-16/+0
2007-10-15[NETFILTER]: Replace sk_buff ** with sk_buff *Herbert Xu1-5/+5
2007-10-15[NETFILTER]: Do not copy skb in skb_make_writableHerbert Xu1-24/+14
2007-10-10[NET]: Make /proc/net per network namespaceEric W. Biederman1-1/+2
2007-07-10[NETFILTER]: add some consts, remove some castsJan Engelhardt1-3/+3
2007-07-10[SKBUFF]: Keep track of writable header len of headerless clonesPatrick McHardy1-1/+3
2007-04-25[NETFILTER]: nf_conntrack: kill destroy() in struct nf_conntrack for dietYasuyuki Kozakai1-1/+16
2007-04-25[NETFILTER]: nf_conntrack: don't use nfct in skb if conntrack is disabledYasuyuki Kozakai1-0/+2
2007-04-25[NETFILTER]: Remove changelogs and CVS IDsPatrick McHardy1-4/+0
2007-02-12[NETFILTER]: Fix whitespace errorsYOSHIFUJI Hideaki1-3/+3
2007-02-12[NETFILTER]: Switch nf_register_hook/nf_unregister_hook to mutexPatrick McHardy1-5/+8
2007-02-12[NETFILTER]: Switch nf_register_afinfo/nf_unregister_afinfo to mutexPatrick McHardy1-5/+10
2007-02-12[NETFILTER]: Remove unnecessary synchronize_net() in nf_register_hookPatrick McHardy1-2/+0
2007-02-12[NETFILTER]: Properly use RCU in nf_ct_attachPatrick McHardy1-3/+6
2006-12-02[NETFILTER]: More __read_mostly annotationsMartin Josefsson1-2/+2
2006-12-02[NET]: netfilter checksum annotationsAl Viro1-17/+10
2006-09-22[NETFILTER]: nf_queue: handle GSO packetsPatrick McHardy1-1/+1
2006-09-22[NETFILTER]: Get rid of HW checksum invalidationPatrick McHardy1-0/+22
2006-06-30Remove obsolete #include <linux/config.h>Jörn Engel1-1/+0
2006-04-09[NETFILTER]: Introduce infrastructure for address family specific operationsPatrick McHardy1-0/+23
2006-04-09[NETFILTER]: Add helper functions for mass hook registration/unregistrationPatrick McHardy1-0/+28
2005-08-29[NETFILTER]: split net/core/netfilter.c into net/netfilter/*.cHarald Welte1-0/+216
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-03 10:11:09 +0000