mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-15 23:25:07 +00:00
Code Issues Releases Wiki Activity
linux-stable/net/ipv4/netfilter
History
James Morris 7c9728c393 [SECMARK]: Add secmark support to conntrack 
Add a secmark field to IP and NF conntracks, so that security markings
on packets can be copied to their associated connections, and also
copied back to packets as required.  This is similar to the network
mark field currently used with conntrack, although it is intended for
enforcement of security policy rather than network policy.

Signed-off-by: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-17 21:30:01 -07:00
..
arp_tables.c [NETFILTER]: Fix do_add_counters race, possible oops or info leak (CVE-2006-0039) 2006-05-19 02:16:52 -07:00
arpt_mangle.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
arptable_filter.c [NETFILTER]: Clean up hook registration 2006-04-09 22:25:33 -07:00
ip_conntrack_amanda.c [NETFILTER]: amanda helper: convert to textsearch infrastructure 2006-06-17 21:29:09 -07:00
ip_conntrack_core.c [SECMARK]: Add secmark support to conntrack 2006-06-17 21:30:01 -07:00
ip_conntrack_ftp.c [NETFILTER]: FTP helper: search optimization 2006-06-17 21:29:07 -07:00
ip_conntrack_helper_h323.c [NETFILTER]: H.323 helper: replace internal_net_addr parameter by routing-based heuristic 2006-06-17 21:29:13 -07:00
ip_conntrack_helper_h323_asn1.c [NETFILTER]: H.323 helper: fix sequence extension parsing 2006-05-23 15:15:10 -07:00
ip_conntrack_helper_h323_types.c [NETFILTER]: H.323 helper: Add support for Call Forwarding 2006-06-17 21:29:11 -07:00
ip_conntrack_helper_pptp.c [NETFILTER]: PPTP helper: fix sstate/cstate typo 2006-05-28 22:51:05 -07:00
ip_conntrack_irc.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ip_conntrack_netbios_ns.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ip_conntrack_netlink.c [NETFILTER]: ctnetlink: change table dumping not to require an unique ID 2006-06-17 21:29:03 -07:00
ip_conntrack_proto_generic.c [NETFILTER]: Fix timeout sysctls on big-endian 64bit architectures 2006-01-10 12:54:35 -08:00
ip_conntrack_proto_gre.c [NETFILTER]: PPTP helper: fixup gre_keymap_lookup() return type 2006-06-17 21:29:17 -07:00
ip_conntrack_proto_icmp.c [NETFILTER]: conntrack: add sysctl to disable checksumming 2006-06-17 21:28:57 -07:00
ip_conntrack_proto_sctp.c [NETFILTER] SCTP conntrack: fix infinite loop 2006-05-02 17:26:39 -07:00
ip_conntrack_proto_tcp.c [NETFILTER]: conntrack: add sysctl to disable checksumming 2006-06-17 21:28:57 -07:00
ip_conntrack_proto_udp.c [NETFILTER]: conntrack: add sysctl to disable checksumming 2006-06-17 21:28:57 -07:00
ip_conntrack_sip.c [NETFILTER]: Add SIP connection tracking helper 2006-06-17 21:29:15 -07:00
ip_conntrack_standalone.c [SECMARK]: Add secmark support to conntrack 2006-06-17 21:30:01 -07:00
ip_conntrack_tftp.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ip_nat_amanda.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ip_nat_core.c [NETFILTER]: Fix NAT PMTUD problems 2006-02-19 22:26:40 -08:00
ip_nat_ftp.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ip_nat_helper.c [NETFILTER]: Fix invalid module autoloading by splitting iptable_nat 2005-09-26 15:25:11 -07:00
ip_nat_helper_h323.c [NETFILTER]: H.323 helper: Add support for Call Forwarding 2006-06-17 21:29:11 -07:00
ip_nat_helper_pptp.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ip_nat_irc.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ip_nat_proto_gre.c [NETFILTER]: GRE conntrack: fix htons/htonl confusion 2006-05-19 02:16:29 -07:00
ip_nat_proto_icmp.c [NETFILTER]: Remove unused function from NAT protocol helpers 2006-01-10 12:54:34 -08:00
ip_nat_proto_tcp.c [NETFILTER]: Remove unused function from NAT protocol helpers 2006-01-10 12:54:34 -08:00
ip_nat_proto_udp.c [NETFILTER]: Remove unused function from NAT protocol helpers 2006-01-10 12:54:34 -08:00
ip_nat_proto_unknown.c [NETFILTER]: Remove unused function from NAT protocol helpers 2006-01-10 12:54:34 -08:00
ip_nat_rule.c [NETFILTER]: Fix DNAT in LOCAL_OUT 2006-04-09 22:38:29 -07:00
ip_nat_sip.c [NETFILTER]: Add SIP connection tracking helper 2006-06-17 21:29:15 -07:00
ip_nat_snmp_basic.c [NETFILTER]: SNMP helper: fix debug module param type 2006-06-17 21:29:05 -07:00
ip_nat_standalone.c [NETFILTER]: NAT: silence unused variable warnings with CONFIG_XFRM=n 2006-05-03 23:19:26 -07:00
ip_nat_tftp.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ip_queue.c [NETFILTER]: Fix section mismatch warnings 2006-04-09 22:25:34 -07:00
ip_tables.c [NETFILTER]: x_tables: don't use __copy_{from,to}_user on unchecked memory in compat layer 2006-05-03 23:20:27 -07:00
ipt_addrtype.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ipt_ah.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ipt_CLUSTERIP.c [NETFILTER]: x_tables: add SCTP/DCCP support where missing 2006-06-17 21:28:47 -07:00
ipt_dscp.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ipt_DSCP.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ipt_ECN.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ipt_ecn.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ipt_hashlimit.c [NETFILTER]: x_tables: add SCTP/DCCP support where missing 2006-06-17 21:28:47 -07:00
ipt_iprange.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ipt_LOG.c [NETFILTER]: fix format specifier for netfilter log targets 2006-05-19 02:15:47 -07:00
ipt_MASQUERADE.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ipt_NETMAP.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ipt_owner.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ipt_recent.c [NETFILTER]: recent match: replace by rewritten version 2006-06-17 21:28:53 -07:00
ipt_REDIRECT.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ipt_REJECT.c [SECMARK]: Add secmark support to core networking. 2006-06-17 21:29:57 -07:00
ipt_SAME.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ipt_TCPMSS.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ipt_TOS.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ipt_tos.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ipt_TTL.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ipt_ttl.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
ipt_ULOG.c [NETFILTER]: Rename init functions. 2006-03-28 17:02:48 -08:00
iptable_filter.c [NETFILTER]: Clean up hook registration 2006-04-09 22:25:33 -07:00
iptable_mangle.c [NETFILTER]: Clean up hook registration 2006-04-09 22:25:33 -07:00
iptable_raw.c [NETFILTER]: Clean up hook registration 2006-04-09 22:25:33 -07:00
Kconfig [SECMARK]: Add secmark support to conntrack 2006-06-17 21:30:01 -07:00
Makefile [NETFILTER]: Add SIP connection tracking helper 2006-06-17 21:29:15 -07:00
nf_conntrack_l3proto_ipv4.c [NETFILTER]: conntrack: don't call helpers for related ICMP messages 2006-06-17 21:28:55 -07:00
nf_conntrack_proto_icmp.c [NETFILTER]: conntrack: add sysctl to disable checksumming 2006-06-17 21:28:57 -07:00