aboutsummaryrefslogtreecommitdiffstats
path: root/net/netfilter/nf_conntrack_proto_tcp.c
AgeCommit message (Expand)AuthorFilesLines
2024-01-31netfilter: conntrack: correct window scaling with retransmitted SYNRyan Schaefer1-4/+6
2023-10-10netfilter: conntrack: prefer tcp_error_log to pr_debugFlorian Westphal1-3/+4
2023-02-17netfilter: let reset rules clean out conntrack entriesFlorian Westphal1-0/+35
2023-01-20Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-0/+15
2023-01-18netfilter: conntrack: remove pr_debug callsFlorian Westphal1-9/+0
2023-01-17netfilter: conntrack: handle tcp challenge acks during connection reuseFlorian Westphal1-0/+15
2022-09-07netfilter: conntrack: reduce timeout when receiving out-of-window fin or rstFlorian Westphal1-0/+58
2022-09-07netfilter: conntrack: remove unneeded indent levelFlorian Westphal1-53/+45
2022-09-07netfilter: conntrack: ignore overly delayed tcp packetsFlorian Westphal1-28/+21
2022-09-07netfilter: conntrack: prepare tcp_in_window for ternary return valueFlorian Westphal1-49/+87
2022-08-23netfilter: conntrack: work around exceeded receive windowFlorian Westphal1-0/+31
2022-05-16netfilter: conntrack: remove pr_debug callsites from tcp trackerFlorian Westphal1-48/+4
2022-04-27netfilter: nf_conntrack_tcp: re-init for syn packets onlyFlorian Westphal1-15/+6
2022-03-24netfilter: nf_conntrack_tcp: preserve liberal flag in tcp optionsPablo Neira Ayuso1-4/+13
2022-02-04netfilter: conntrack: re-init state for retransmitted syn-ackFlorian Westphal1-0/+12
2022-02-04netfilter: conntrack: move synack init code to helperFlorian Westphal1-18/+29
2021-08-06netfilter: conntrack: remove offload_pickup sysctl againFlorian Westphal1-1/+0
2021-07-06netfilter: conntrack: add new sysctl to disable RST checkAli Abdallah1-1/+5
2021-07-06netfilter: conntrack: improve RST handling when tuple is re-usedAli Abdallah1-17/+36
2021-07-02netfilter: conntrack: do not renew entry stuck in tcp SYN_SENT stateFlorian Westphal1-0/+10
2021-06-18netfilter: conntrack: pass hook state to log functionsFlorian Westphal1-11/+12
2021-06-07netfilter: conntrack: Introduce tcp offload timeout configurationOz Shlomo1-0/+5
2021-05-05netfilter: remove BUG_ON() after skb_header_pointer()Pablo Neira Ayuso1-2/+4
2021-04-13netfilter: conntrack: convert sysctls to u8Florian Westphal1-17/+17
2021-02-28netfilter: conntrack: avoid misleading 'invalid' in log messageFlorian Westphal1-2/+4
2020-12-12netfilter: ctnetlink: add timeout and protoinfo to destroy eventsFlorian Westphal1-4/+9
2020-11-20net: openvswitch: Be liberal in tcp conntrack.Numan Siddique1-6/+0
2020-10-20netfilter: conntrack: connection timeout after re-registerFrancesco Ruggeri1-6/+13
2020-08-28netfilter: delete repeated wordsRandy Dunlap1-1/+1
2020-07-22netfilter: Use fallthrough pseudo-keywordGustavo A. R. Silva1-1/+1
2019-08-13netfilter: remove unnecessary spacesyangxingwu1-1/+1
2019-07-16netfilter: conntrack: always store window size un-scaledFlorian Westphal1-3/+5
2019-06-25Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-nextPablo Neira Ayuso1-4/+1
2019-06-19treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500Thomas Gleixner1-4/+1
2019-06-10Update my email addressJozsef Kadlecsik1-1/+1
2019-04-27netlink: make validation more configurable for future strictnessJohannes Berg1-2/+2
2019-04-27netlink: make nla_nest_start() add NLA_F_NESTED flagMichal Kubecek1-1/+1
2019-03-01netfilter: conntrack: tcp: only close if RST matches exact sequenceFlorian Westphal1-10/+40
2019-01-18netfilter: conntrack: remove l4proto init and get_net callbacksFlorian Westphal1-24/+11
2019-01-18netfilter: conntrack: unify sysctl handlingFlorian Westphal1-115/+1
2019-01-18netfilter: conntrack: handle builtin l4proto packet functions via direct callsFlorian Westphal1-6/+5
2018-11-03netfilter: conntrack: add nf_{tcp,udp,sctp,icmp,dccp,icmpv6,generic}_pernet()Pablo Neira Ayuso1-10/+5
2018-10-08Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-nextDavid S. Miller1-147/+104
2018-09-20netfilter: conntrack: get rid of double sizeofzhong jiang1-2/+2
2018-09-20netfilter: conntrack: remove l3->l4 mapping informationFlorian Westphal1-36/+1
2018-09-20netfilter: conntrack: remove unused proto arg from netns init functionsFlorian Westphal1-1/+1
2018-09-20netfilter: conntrack: avoid using ->error callback if possibleFlorian Westphal1-20/+12
2018-09-20netfilter: conntrack: deconstify packet callback skb pointerFlorian Westphal1-1/+1
2018-09-20netfilter: conntrack: remove the l4proto->new() functionFlorian Westphal1-79/+77
2018-09-20netfilter: conntrack: pass nf_hook_state to packet and error handlersFlorian Westphal1-13/+15
2018-09-11netfilter: conntrack: timeout interface depend on CONFIG_NF_CONNTRACK_TIMEOUTPablo Neira Ayuso1-6/+6
2018-08-29netfilter: conntrack: place 'new' timeout in first location tooFlorian Westphal1-0/+7
2018-07-16netfilter: conntrack: remove get_timeout() indirectionFlorian Westphal1-12/+11
2018-07-16netfilter: conntrack: avoid l4proto pkt_to_tuple callsFlorian Westphal1-19/+0
2018-07-16netfilter: conntrack: avoid calls to l4proto invert_tupleFlorian Westphal1-10/+0
2018-04-27netfilter: Fix handling simultaneous open in TCP conntrackJozsef Kadlecsik1-0/+11
2018-01-08netfilter: nf_conntrack: add IPS_OFFLOAD status bitPablo Neira Ayuso1-0/+3
2018-01-08netfilter: conntrack: timeouts can be constFlorian Westphal1-1/+1
2018-01-08netfilter: conntrack: l4 protocol trackers can be constFlorian Westphal1-2/+2
2018-01-08netfilter: conntrack: remove nlattr_size pointer from l4proto trackersFlorian Westphal1-8/+8
2017-11-20netfilter: conntrack: lower timeout to RETRANS seconds if window is 0Florian Westphal1-0/+3
2017-11-06netfilter: conntrack: don't cache nlattr_tuple_size result in nla_sizeFlorian Westphal1-2/+7
2017-10-24netfilter: conntrack: remove pf argument from l4 packet functionsFlorian Westphal1-4/+2
2017-10-24netfilter: conntrack: add and use nf_ct_l4proto_log_invalidFlorian Westphal1-16/+9
2017-10-24netfilter: conntrack: add and use nf_l4proto_log_invalidFlorian Westphal1-12/+10
2017-09-04netfilter: remove unused hooknum arg from packet functionsFlorian Westphal1-1/+0
2017-08-24netfilter: conntrack: print_conntrack only needed if CONFIG_NF_CONNTRACK_PROCFSFlorian Westphal1-0/+6
2017-08-24netfilter: conntrack: place print_tuple in procfs partFlorian Westphal1-11/+0
2017-08-24netfilter: conntrack: remove protocol name from l4proto structFlorian Westphal1-2/+0
2017-05-01Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-nextDavid S. Miller1-4/+21
2017-04-19netfilter: tcp: Use TCP_MAX_WSCALE instead of literal 14Gao Feng1-4/+3
2017-04-19netfilter: allow early drop of assured conntracksFlorian Westphal1-0/+18
2017-04-13netlink: pass extended ACK struct to parsing functionsJohannes Berg1-1/+2
2017-02-02netfilter: conntrack: no need to pass ctinfo to error handlerFlorian Westphal1-1/+0
2016-08-13netfilter: remove ip_conntrack* sysctl compat codePablo Neira Ayuso1-126/+1
2016-08-12netfilter: conntrack: Only need first 4 bytes to get l4proto portsGao Feng1-2/+2
2016-04-24Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-nextDavid S. Miller1-7/+1
2016-04-19netfilter: conntrack: don't acquire lock during seq_printfFlorian Westphal1-7/+1
2016-04-07netfilter: nf_conntrack_tcp: Fix stack out of bounds when parsing TCP optionsJozsef Kadlecsik1-0/+4
2015-09-18netfilter: nf_conntrack: Add a struct net parameter to l4_pkt_to_tupleEric W. Biederman1-1/+1
2015-05-15conntrack: RFC5961 challenge ACK confuse conntrack LAST-ACK transitionJesper Dangaard Brouer1-3/+32
2014-12-08Merge branch 'iov_iter' into for-nextAl Viro1-2/+2
2014-11-05netfilter: Convert print_tuple functions to return voidJoe Perches1-5/+5
2014-11-05netfilter: Remove return values for print_conntrack callbacksSteven Rostedt (Red Hat)1-2/+2
2014-10-22netfilter: nf_conntrack: allow server to become a client in TW handlingMarcelo Leitner1-2/+2
2013-08-28netfilter: add SYNPROXY core/targetPatrick McHardy1-0/+16
2013-08-28netfilter: nf_conntrack: make sequence number adjustments usuable without NATPatrick McHardy1-16/+2
2013-08-20Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/pablo/...David S. Miller1-2/+2
2013-08-10netfilter: nf_conntrack: fix tcp_in_window for Fast OpenYuchung Cheng1-4/+8
2013-07-31netfilter: nf_nat: change sequence number adjustments to 32 bitsPatrick McHardy1-2/+2
2013-06-20netfilter: nf_conntrack: avoid large timeout for mid-stream pickupFlorian Westphal1-0/+6
2013-04-18netfilter: add my copyright statementsPatrick McHardy1-0/+2
2013-04-05netfilter: nf_log: prepare net namespace support for loggersGao feng1-9/+9
2012-12-03netfilter: ctnetlink: nla_policy updatesFlorian Westphal1-0/+2
2012-09-15Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-19/+10
2012-09-09netfilter: Validate the sequence number of dataless ACK packets as wellJozsef Kadlecsik1-8/+2
2012-09-09netfilter: Mark SYN/ACK packets as invalid from original directionJozsef Kadlecsik1-11/+8
2012-08-30netfilter: add protocol independent NAT corePatrick McHardy1-4/+4
2012-07-04netfilter: nf_ct_tcp: missing per-net support for cttimeoutPablo Neira Ayuso1-1/+1
2012-07-04netfilter: nf_conntrack: generalize nf_ct_l4proto_netPablo Neira Ayuso1-0/+7
2012-06-27netfilter: nf_ct_tcp: merge tcpv[4,6]_net_init into tcp_net_initGao feng1-50/+21
2012-06-27netfilter: nf_conntrack: prepare l4proto->init_net cleanupGao feng1-2/+2
2012-06-11netfilter: nf_ct_tcp, udp: fix compilation with sysctl disabledPablo Neira Ayuso1-2/+2
2012-06-07netfilter: nf_conntrack: add namespace support for cttimeoutGao feng1-2/+4
2012-06-07netfilter: nf_conntrack: remove now unused sysctl for nf_conntrack_l[3|4]protoPablo Neira Ayuso1-15/+0
2012-06-07netfilter: nf_ct_tcp: add namespace supportGao feng1-29/+133
2012-05-17netfilter: nf_ct_tcp: extend log message for invalid ignored packetsPablo Neira Ayuso1-1/+2
2012-04-12Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-2/+2
2012-04-09netfilter: nf_ct_tcp: don't scale the size of the window up twiceChangli Gao1-2/+2
2012-04-01nf_conntrack_proto_tcp: Stop using NLA_PUT*().David S. Miller1-33/+35
2012-03-07netfilter: add cttimeout infrastructure for fine timeout tuningPablo Neira Ayuso1-0/+127
2012-03-07netfilter: nf_conntrack: pass timeout array to l4->new and l4->packetPablo Neira Ayuso1-7/+15
2012-03-07netfilter: nf_ct_tcp: move retransmission and unacknowledged timeout to arrayPablo Neira Ayuso1-14/+13
2011-12-16net:netfilter: use IS_ENABLEDIgor Maravić1-3/+3
2011-08-30netfilter: nf_ct_tcp: wrong multiplication of TCPOLEN_TSTAMP_ALIGNED in tcp_s...Jozsef Kadlecsik1-1/+1
2011-08-30netfilter: nf_ct_tcp: fix incorrect handling of invalid TCP optionJozsef Kadlecsik1-2/+2
2011-02-28netfilter: nf_ct_tcp: fix out of sync scenario while in SYN_RECVPablo Neira Ayuso1-2/+2
2010-11-12netfilter: nf_conntrack: don't always initialize ct->protoChangli Gao1-11/+3
2010-10-18Update broken web addresses in the kernel.Justin P. Mattock1-2/+2
2010-07-15netfilter: nf_ct_tcp: fix flow recovery with TCP window tracking enabledPablo Neira Ayuso1-1/+9
2010-06-15tcp: unify tcp flag macrosChangli Gao1-20/+12
2010-02-15netfilter: nf_conntrack: pass template to l4proto ->error() handlerPatrick McHardy1-1/+1
2010-02-03netfilter: nf_conntrack: split up IPCT_STATUS eventPatrick McHardy1-1/+1
2009-12-08Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6Linus Torvalds1-10/+41
2009-12-03Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/...David S. Miller1-10/+41
2009-11-23netfilter: nf_ct_tcp: improve out-of-sync situation in TCP trackingPablo Neira Ayuso1-10/+41
2009-11-17Merge commit 'v2.6.32-rc7'Eric W. Biederman1-38/+26
2009-11-12sysctl net: Remove unused binary sysctl codeEric W. Biederman1-12/+2
2009-11-06netfilter: nf_nat: fix NAT issue in 2.6.30.4+Jozsef Kadlecsik1-38/+26
2009-06-29netfilter: tcp conntrack: fix unacknowledged data detection with NATPatrick McHardy1-3/+3
2009-06-11netfilter: nf_ct_tcp: fix up build after mergePatrick McHardy1-1/+1
2009-06-11Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/...Patrick McHardy1-0/+18
2009-06-10netfilter: nf_conntrack: use per-conntrack locks for protocol dataPatrick McHardy1-21/+18
2009-06-02netfilter: conntrack: simplify event caching systemPablo Neira Ayuso1-1/+0
2009-06-02netfilter: nf_ct_tcp: TCP simultaneous open supportJozsef Kadlecsik1-37/+61
2009-05-25netfilter: nf_ct_tcp: fix accepting invalid RST segmentsJozsef Kadlecsik1-0/+18
2009-03-26Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/...David S. Miller1-0/+15
2009-03-26Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/ne...David S. Miller1-1/+2
2009-03-25netfilter: nf_conntrack: calculate per-protocol nlattr sizeHolger Eitzenberger1-0/+15
2009-03-24Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/...David S. Miller1-0/+2
2009-03-23netfilter: nf_conntrack_tcp: fix unaligned memory access in tcp_sackMark H. Weaver1-1/+2
2009-03-16netfilter: conntrack: fix dropping packet after l4proto->packet()Christoph Paasch1-2/+2
2009-03-16netfilter: remove IPvX specific parts from nf_conntrack_l4proto.hChristoph Paasch1-0/+2
2008-11-03net: '&' reduxAlexey Dobriyan1-25/+25
2008-10-08netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_log_inval...Alexey Dobriyan1-8/+10
2008-10-08netfilter: netns nf_conntrack: per-netns net.netfilter.nf_conntrack_checksum ...Alexey Dobriyan1-1/+1
2008-10-08netfilter: netns nf_conntrack: pass conntrack to nf_conntrack_event_cache() n...Alexey Dobriyan1-3/+3
2008-10-08netfilter: netns nf_conntrack: pass netns pointer to L4 protocol's ->error hookAlexey Dobriyan1-1/+2
2008-10-08netfilter: Use unsigned types for hooknum and pf varsJan Engelhardt1-3/+3
2008-07-31netfilter: nf_conntrack_tcp: decrease timeouts while data in unacknowledgedPatrick McHardy1-5/+24
2008-07-14Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/ne...David S. Miller1-2/+8
2008-07-09netfilter: nf_conntrack_tcp: fix endless loopPatrick McHardy1-2/+8
2008-07-05Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/ne...David S. Miller1-6/+7
2008-06-30netfilter: nf_conntrack_tcp: fixing to check the lower bound of valid ACKJozsef Kadlecsik1-6/+7
2008-06-09netfilter: nf_conntrack: properly account terminating packetsFabian Hugelshofer1-1/+1
2008-06-09netfilter: nf_conntrack: add nf_ct_kill()Patrick McHardy1-6/+3
2008-04-14[NETFILTER]: nf_conntrack: replace NF_CT_DUMP_TUPLE macro indrection by funct...Jan Engelhardt1-3/+3
2008-04-14[NETFILTER]: nf_conntrack: use bool type in struct nf_conntrack_l4protoJan Engelhardt1-27/+25
2008-04-14[NETFILTER]: nf_conntrack_tcp: catch invalid state updates over ctnetlinkPatrick McHardy1-2/+4
2008-02-14[NETFILTER] nf_conntrack_proto_tcp.c: Mistyped state corrected.Jozsef Kadlecsik1-1/+1
2008-02-07[NETFILTER]: nf_conntrack: TCP conntrack reopening fixJozsef Kadlecsik1-6/+26
2008-01-31[NETFILTER]: nf_{conntrack,nat}_proto_tcp: constify and annotate TCP modulesJan Engelhardt1-20/+24
2008-01-31[NETFILTER]: nf_conntrack: naming unificationPatrick McHardy1-78/+72
2008-01-31[NETFILTER]: conntrack: get rid of sparse warningsStephen Hemminger1-3/+3
2008-01-28[NETFILTER]: nf_conntrack_tcp: remove timeout indirectionPatrick McHardy1-39/+28
2008-01-28[NETFILTER]: nf_conntrack_{tcp,sctp}: shrink state tablePatrick McHardy1-1/+1
2008-01-28[NETFILTER]: nf_conntrack_{tcp,sctp}: mark state table constPatrick McHardy1-1/+1
2008-01-28[NETFILTER]: nf_log: move logging stuff to seperate headerPatrick McHardy1-0/+1
2008-01-28[NETFILTER]: ctnetlink: use netlink attribute helpersPatrick McHardy1-12/+10
2008-01-28[NETFILTER]: Introduce NF_INET_ hook valuesPatrick McHardy1-3/+1
2007-10-18Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/ne...Linus Torvalds1-4/+7
2007-10-18sysctl: remove broken netfilter binary sysctlsEric W. Biederman1-18/+0
2007-10-18[NETFILTER]: nf_conntrack_tcp: fix connection reopening fixJozsef Kadlecsik1-4/+7
2007-10-11[NETFILTER]: nf_conntrack_tcp: fix connection reopeningJozsef Kadlecsik1-21/+14
2007-10-10[NETFILTER]: ctnetlink: use netlink policyPatrick McHardy1-10/+12
2007-10-10[NETFILTER]: nfnetlink: rename functions containing 'nfattr'Patrick McHardy1-11/+11
2007-10-10[NETFILTER]: nfnetlink: convert to generic netlink attribute functionsPatrick McHardy1-30/+33
2007-07-24[NETFILTER]: Clean up duplicate includes in net/netfilter/Jesper Juhl1-1/+0
2007-07-14[NETFILTER]: nf_conntrack: mark protocols __read_mostlyPatrick McHardy1-2/+2
2007-07-10[NETFILTER]: Convert DEBUGP to pr_debugPatrick McHardy1-70/+59
2007-04-25[NETFILTER]: Remove changelogs and CVS IDsPatrick McHardy1-18/+0
2007-04-25[NETFILTER]: ctnetlink: add support for internal tcp connection tracking flag...Pablo Neira Ayuso1-1/+44
2007-04-25[NETFILTER]: TCP conntrack: factorize out the PUSH flagWilly Tarreau1-13/+4
2007-04-25[NETFILTER]: TCP conntrack: accept RST|PSH as validWilly Tarreau1-0/+1
2007-04-25[NET] NETFILTER: Use htonl() where appropriate.YOSHIFUJI Hideaki1-5/+4
2007-03-05[NETFILTER]: tcp conntrack: accept SYN|URG as validPatrick McHardy1-1/+3
2007-03-05[NETFILTER]: nf_conntrack/nf_nat: fix incorrect config ifdefsPatrick McHardy1-6/+3
2007-02-14[PATCH] remove many unneeded #includes of sched.hTim Schmielau1-1/+0
2007-02-12[NETFILTER]: nf_conntrack_tcp: make sysctl variables staticPatrick McHardy1-3/+3
2007-02-12[NETFILTER]: Fix whitespace errorsYOSHIFUJI Hideaki1-102/+102
2007-02-08[NETFILTER]: tcp conntrack: do liberal tracking for picked up connectionsPatrick McHardy1-25/+15
2006-12-02[NETFILTER]: nf_conntrack: EXPORT_SYMBOL cleanupPatrick McHardy1-4/+3
2006-12-02[NETFILTER]: Add NAT support for nf_conntrackJozsef Kadlecsik1-1/+1
2006-12-02[NETFILTER]: nf_conntrack: endian annotationsPatrick McHardy1-5/+3
2006-12-02[NETFILTER]: nf_conntrack: sysctl compatibility with old connection trackingPatrick McHardy1-0/+107
2006-12-02[NETFILTER]: nf_conntrack: move conntrack protocol sysctls to individual modulesPatrick McHardy1-12/+128
2006-12-02[NETFILTER]: nf_conntrack: rename struct nf_conntrack_protocolMartin Josefsson1-7/+7
2006-12-02[NETFILTER]: nf_conntrack: split out the event cacheMartin Josefsson1-0/+1
2006-09-22[NETFILTER]: TCP conntrack: improve dead connection detectionGeorge Hansper1-1/+3
2006-09-22[NETFILTER]: Change tunables to __read_mostlyBrian Haley1-12/+12
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-03 07:23:30 +0000