mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-13 22:25:03 +00:00
Code Issues Releases Wiki Activity
linux-stable/net/ipv4/netfilter
History
Pablo Neira Ayuso 20710b3b81 netfilter: ctnetlink: synproxy support 
This patch exposes synproxy information per-conntrack. Moreover, send
sequence adjustment events once server sends us the SYN,ACK packet, so
we can synchronize the sequence adjustment too for packets going as
reply from the server, as part of the synproxy logic.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2018-03-20 14:39:31 +01:00
..
arp_tables.c netfilter: x_tables: ensure last rule in base chain matches underflow/policy 2018-03-05 23:15:44 +01:00
arpt_mangle.c
arptable_filter.c netfilter: arp_tables: register table in initns 2016-04-07 11:58:49 +02:00
ip_tables.c netfilter: x_tables: ensure last rule in base chain matches underflow/policy 2018-03-05 23:15:44 +01:00
ipt_ah.c netfilter: ipt_ah: return boolean instead of integer 2018-03-05 23:15:43 +01:00
ipt_CLUSTERIP.c net: Convert clusterip_net_ops 2018-02-27 11:01:39 -05:00
ipt_ECN.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
ipt_MASQUERADE.c netfilter: nat: add dependencies on conntrack module 2016-12-04 21:16:51 +01:00
ipt_REJECT.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
ipt_rpfilter.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
ipt_SYNPROXY.c netfilter: ctnetlink: synproxy support 2018-03-20 14:39:31 +01:00
iptable_filter.c net: Convert iptable_filter_net_ops 2018-02-19 14:19:12 -05:00
iptable_mangle.c netfilter: remove defensive check on malformed packets from raw sockets 2018-01-08 18:11:04 +01:00
iptable_nat.c netfilter: core: only allow one nat hook per hook point 2018-01-08 18:01:13 +01:00
iptable_raw.c netfilter: nf_defrag: mark xt_table structures 'const' again 2018-01-16 01:52:07 +01:00
iptable_security.c netfilter: remove defensive check on malformed packets from raw sockets 2018-01-08 18:11:04 +01:00
Kconfig netfilter: flowtable infrastructure depends on NETFILTER_INGRESS 2018-02-02 13:21:48 +01:00
Makefile netfilter: nf_nat_snmp_basic: use asn1 decoder library 2018-01-19 13:59:07 +01:00
nf_conntrack_l3proto_ipv4.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 2018-02-01 14:41:46 -05:00
nf_conntrack_proto_icmp.c netfilter: conntrack: timeouts can be const 2018-01-08 18:01:02 +01:00
nf_defrag_ipv4.c net: Convert defrag4_net_ops 2018-02-27 11:01:39 -05:00
nf_dup_ipv4.c netfilter: kill the fake untracked conntrack objects 2017-04-15 11:47:57 +02:00
nf_flow_table_ipv4.c netfilter: nf_tables: fix flowtable free 2018-02-07 00:58:57 +01:00
nf_log_arp.c net: Convert log pernet_operations 2018-03-05 10:48:27 -05:00
nf_log_ipv4.c net: Convert log pernet_operations 2018-03-05 10:48:27 -05:00
nf_nat_h323.c netfilter: nf_nat_h323: fix logical-not-parentheses warning 2017-08-24 18:48:05 +02:00
nf_nat_l3proto_ipv4.c netfilter: remove defensive check on malformed packets from raw sockets 2018-01-08 18:11:04 +01:00
nf_nat_masquerade_ipv4.c net: Replace NF_CT_ASSERT() with WARN_ON(). 2017-09-04 13:25:19 +02:00
nf_nat_pptp.c netfilter: pptp: attach nat extension when needed 2017-04-26 09:30:22 +02:00
nf_nat_proto_gre.c netfilter: gre: Use consistent GRE and PTTP header structure instead of the ones defined by netfilter 2016-09-07 10:36:52 +02:00
nf_nat_proto_icmp.c net: Change pseudohdr argument of inet_proto_csum_replace* to be a bool 2015-08-17 21:33:06 -07:00
nf_nat_snmp_basic.asn1 netfilter: nf_nat_snmp_basic: use asn1 decoder library 2018-01-19 13:59:07 +01:00
nf_nat_snmp_basic_main.c netfilter: nf_nat_snmp_basic: use asn1 decoder library 2018-01-19 13:59:07 +01:00
nf_reject_ipv4.c netfilter: nf_reject_ipv4: Fix use-after-free in send_reset 2017-11-01 12:15:29 +01:00
nf_socket_ipv4.c netfilter: remove nf_ct_is_untracked 2017-04-15 11:51:33 +02:00
nf_tables_arp.c netfilter: nf_tables: get rid of struct nft_af_info abstraction 2018-01-10 15:32:11 +01:00
nf_tables_ipv4.c netfilter: nf_tables: get rid of struct nft_af_info abstraction 2018-01-10 15:32:11 +01:00
nft_chain_nat_ipv4.c netfilter: nf_tables: explicit nft_set_pktinfo() call from hook path 2018-01-08 18:01:15 +01:00
nft_chain_route_ipv4.c netfilter: remove defensive check on malformed packets from raw sockets 2018-01-08 18:11:04 +01:00
nft_dup_ipv4.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2016-11-15 10:54:36 -05:00
nft_fib_ipv4.c netfilter: nf_tables: fib: use skb_header_pointer 2017-07-31 19:01:39 +02:00
nft_masq_ipv4.c netfilter: nf_tables: fix mismatch in big-endian system 2017-03-13 13:30:28 +01:00
nft_redir_ipv4.c netfilter: nf_tables: fix mismatch in big-endian system 2017-03-13 13:30:28 +01:00
nft_reject_ipv4.c netfilter: nf_tables: use hook state from xt_action_param structure 2016-11-03 11:52:34 +01:00