mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/net/ipv4/netfilter
History
David S. Miller 1a01a07517 Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next 
Pablo Neira Ayuso says:

====================
Netfilter updates for net-next

This is v2 including deadlock fix in conntrack ecache rework
reported by Jakub Kicinski.

The following patchset contains Netfilter updates for net-next,
mostly updates to conntrack from Florian Westphal.

1) Add a dedicated list for conntrack event redelivery.

2) Include event redelivery list in conntrack dumps of dying type.

3) Remove per-cpu dying list for event redelivery, not used anymore.

4) Add netns .pre_exit to cttimeout to zap timeout objects before
   synchronize_rcu() call.

5) Remove nf_ct_unconfirmed_destroy.

6) Add generation id for conntrack extensions for conntrack
   timeout and helpers.

7) Detach timeout policy from conntrack on cttimeout module removal.

8) Remove __nf_ct_unconfirmed_destroy.

9) Remove unconfirmed list.

10) Remove unconditional local_bh_disable in init_conntrack().

11) Consolidate conntrack iterator nf_ct_iterate_cleanup().

12) Detect if ctnetlink listeners exist to short-circuit event
    path early.

13) Un-inline nf_ct_ecache_ext_add().

14) Add nf_conntrack_events autodetect ctnetlink listener mode
    and make it default.

15) Add nf_ct_ecache_exist() to check for event cache extension.

16) Extend flowtable reverse route lookup to include source, iif,
    tos and mark, from Sven Auhagen.

17) Do not verify zero checksum UDP packets in nf_reject,
    from Kevin Mitchell.

====================

Signed-off-by: David S. Miller <davem@davemloft.net>
 		2022-05-16 10:10:37 +01:00
..
Kconfig netfilter: Remove flowtable relics 2022-01-27 00:00:20 +01:00
Makefile netfilter: flowtable: remove ipv4/ipv6 modules 2021-12-23 01:07:44 +01:00
arp_tables.c netfilter: arp_tables: allow use of arpt_do_table as hookfn 2021-10-14 23:06:53 +02:00
arpt_mangle.c
arptable_filter.c netfilter: arp_tables: allow use of arpt_do_table as hookfn 2021-10-14 23:06:53 +02:00
ip_tables.c netfilter: iptables: allow use of ipt_do_table as hookfn 2021-10-14 23:06:53 +02:00
ipt_CLUSTERIP.c proc: remove PDE_DATA() completely 2022-01-22 08:33:37 +02:00
ipt_ECN.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-22 08:59:24 -04:00
ipt_REJECT.c netfilter: use actual socket sk for REJECT action 2020-12-01 14:33:55 +01:00
ipt_SYNPROXY.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
ipt_ah.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
ipt_rpfilter.c netfilter: rpfilter: mask ecn bits before fib lookup 2021-01-19 13:54:30 -08:00
iptable_filter.c netfilter: iptables: allow use of ipt_do_table as hookfn 2021-10-14 23:06:53 +02:00
iptable_mangle.c netfilter: iptables: allow use of ipt_do_table as hookfn 2021-10-14 23:06:53 +02:00
iptable_nat.c netfilter: iptables: allow use of ipt_do_table as hookfn 2021-10-14 23:06:53 +02:00
iptable_raw.c netfilter: iptables: allow use of ipt_do_table as hookfn 2021-10-14 23:06:53 +02:00
iptable_security.c netfilter: iptables: allow use of ipt_do_table as hookfn 2021-10-14 23:06:53 +02:00
nf_defrag_ipv4.c netfilter: conntrack: fix boot failure with nf_conntrack.enable_hooks=1 2021-09-28 13:04:55 +02:00
nf_dup_ipv4.c netfilter: drop bridge nf reset from nf_reset 2019-10-01 18:42:15 +02:00
nf_nat_h323.c netfilter: nf_nat_h323: eliminate anonymous module_init & module_exit 2022-03-20 00:29:47 +01:00
nf_nat_pptp.c netfilter: conntrack: pptp: use single option structure 2022-02-04 06:30:28 +01:00
nf_nat_snmp_basic.asn1
nf_nat_snmp_basic_main.c
nf_reject_ipv4.c netfilter: conntrack: skip verification of zero UDP checksum 2022-05-13 18:56:28 +02:00
nf_socket_ipv4.c treewide: Remove uninitialized_var() usage 2020-07-16 12:35:15 -07:00
nf_tproxy_ipv4.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-22 08:59:24 -04:00
nft_dup_ipv4.c netfilter: nf_tables: do not reduce read-only expressions 2022-03-20 00:29:46 +01:00
nft_fib_ipv4.c netfilter: nft_fib: reverse path filter for policy-based routing on iif 2022-04-11 12:10:09 +02:00
nft_reject_ipv4.c netfilter: nf_tables: do not reduce read-only expressions 2022-03-20 00:29:46 +01:00