linux-stable

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-12 13:55:32 +00:00

History

Pablo Neira Ayuso 8993cf8edf netfilter: move NAT Kconfig switches out of the iptables scope Currently, the NAT configs depend on iptables and ip6tables. However, users should be capable of enabling NAT for nft without having to switch on iptables. Fix this by adding new specific IP_NF_NAT and IP6_NF_NAT config switches for iptables and ip6tables NAT support. I have also moved the original NF_NAT_IPV4 and NF_NAT_IPV6 configs out of the scope of iptables to make them independent of it. This patch also adds NETFILTER_XT_NAT which selects the xt_nat combo that provides snat/dnat for iptables. We cannot use NF_NAT anymore since nf_tables can select this. Reported-by: Matteo Croce <technoboy85@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>		2014-08-18 21:55:54 +02:00
..
ip6_tables.c	netfilter: Can't fail and free after table replacement	2014-04-05 17:46:22 +02:00
ip6t_ah.c	netfilter: ip6_tables: add flags parameter to ipv6_find_hdr()	2012-05-09 12:53:47 +02:00
ip6t_eui64.c	netfilter: xtables: change hotdrop pointer to direct modification	2010-05-11 18:35:27 +02:00
ip6t_frag.c	netfilter: ip6_tables: add flags parameter to ipv6_find_hdr()	2012-05-09 12:53:47 +02:00
ip6t_hbh.c	netfilter: ip6_tables: add flags parameter to ipv6_find_hdr()	2012-05-09 12:53:47 +02:00
ip6t_ipv6header.c	netfilter: remove unnecessary break after return	2014-07-15 16:27:00 -07:00
ip6t_MASQUERADE.c	netfilter: nf_conntrack: don't send destroy events from iterator	2013-08-09 12:03:33 +02:00
ip6t_mh.c	netfilter: xtables: change hotdrop pointer to direct modification	2010-05-11 18:35:27 +02:00
ip6t_NPT.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2013-04-07 18:37:01 -04:00
ip6t_REJECT.c	netfilter: REJECT: separate reusable code	2013-12-30 15:04:41 +01:00
ip6t_rpfilter.c	net: ipv6: more places need LOOPBACK_IFINDEX for flowi6_iif	2014-04-28 14:47:03 -04:00
ip6t_rt.c	netfilter: ip6_tables: add flags parameter to ipv6_find_hdr()	2012-05-09 12:53:47 +02:00
ip6t_SYNPROXY.c	netfilter: SYNPROXY target: restrict to INPUT/FORWARD	2013-12-11 11:30:25 +01:00
ip6table_filter.c	netfilter: pass hook ops to hookfn	2013-10-14 11:29:31 +02:00
ip6table_mangle.c	netfilter: pass hook ops to hookfn	2013-10-14 11:29:31 +02:00
ip6table_nat.c	netfilter: add helper for adding nat extension	2014-04-29 20:56:22 +02:00
ip6table_raw.c	netfilter: pass hook ops to hookfn	2013-10-14 11:29:31 +02:00
ip6table_security.c	netfilter: pass hook ops to hookfn	2013-10-14 11:29:31 +02:00
Kconfig	netfilter: move NAT Kconfig switches out of the iptables scope	2014-08-18 21:55:54 +02:00
Makefile	netfilter: move NAT Kconfig switches out of the iptables scope	2014-08-18 21:55:54 +02:00
nf_conntrack_l3proto_ipv6.c	netfilter: push reasm skb through instead of original frag skbs	2013-11-11 00:19:35 -05:00
nf_conntrack_proto_icmpv6.c	netfilter: nf_log: prepare net namespace support for loggers	2013-04-05 20:12:54 +02:00
nf_conntrack_reasm.c	inet: frags: use kmem_cache for inet_frag_queue	2014-08-02 15:31:31 -07:00
nf_defrag_ipv6_hooks.c	netfilter: push reasm skb through instead of original frag skbs	2013-11-11 00:19:35 -05:00
nf_log_ipv6.c	netfilter: log: nf_log_packet() as real unified interface	2014-06-27 13:20:13 +02:00
nf_nat_l3proto_ipv6.c	netfilter: use IS_ENABLED() macro	2014-06-30 11:38:03 +02:00
nf_nat_proto_icmpv6.c	netfilter: nf_nat_proto_icmpv6:: fix wrong comparison in icmpv6_manip_pkt	2013-09-13 11:58:48 +02:00
nf_tables_ipv6.c	netfilter: nf_tables: fix error path in the init functions	2014-01-09 23:25:48 +01:00
nft_chain_nat_ipv6.c	netfilter: add helper for adding nat extension	2014-04-29 20:56:22 +02:00
nft_chain_route_ipv6.c	netfilter: nf_tables: rename nft_do_chain_pktinfo() to nft_do_chain()	2014-01-09 20:17:16 +01:00
nft_reject_ipv6.c	netfilter: nf_tables: add reject module for NFPROTO_INET	2014-02-06 09:44:18 +01:00