mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/net/bridge/netfilter
History
Pablo Neira Ayuso df05ef874b netfilter: nf_tables: release objects on netns destruction 
We have to release the existing objects on netns removal otherwise we
leak them. Chains are unregistered in first place to make sure no
packets are walking on our rules and sets anymore.

The object release happens by when we unregister the family via
nft_release_afinfo() which is called from nft_unregister_afinfo() from
the corresponding __net_exit path in every family.

Reported-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		2015-12-28 18:34:35 +01:00
..
Kconfig netfilter: bridge: add reject support 2014-07-22 12:00:22 +02:00
Makefile netfilter: kill remnants of ulog targets 2014-07-25 14:55:44 +02:00
ebt_802_3.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
ebt_among.c bridge: netfilter: Use ether_addr_copy 2014-02-24 19:16:44 -05:00
ebt_arp.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
ebt_arpreply.c netfilter: xtables: substitute temporary defines by final name 2010-05-11 18:31:17 +02:00
ebt_dnat.c bridge: netfilter: Use ether_addr_copy 2014-02-24 19:16:44 -05:00
ebt_ip.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
ebt_ip6.c netfilter-bridge: layout of if statements 2015-11-23 17:54:41 +01:00
ebt_limit.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
ebt_log.c netfilter-bridge: brace placement 2015-11-23 17:54:40 +01:00
ebt_mark.c netfilter: xtables: substitute temporary defines by final name 2010-05-11 18:31:17 +02:00
ebt_mark_m.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
ebt_nflog.c netfilter: x_tables: Use par->net instead of computing from the passed net devices 2015-09-18 21:58:25 +02:00
ebt_pkttype.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
ebt_redirect.c bridge: netfilter: Use ether_addr_copy 2014-02-24 19:16:44 -05:00
ebt_snat.c bridge: netfilter: Use ether_addr_copy 2014-02-24 19:16:44 -05:00
ebt_stp.c netfilter-bridge: Cleanse indentation 2015-11-23 17:54:39 +01:00
ebt_vlan.c netfilter-bridge: use netdev style comments 2015-11-23 17:54:39 +01:00
ebtable_broute.c netfilter: ebtables: Simplify the arguments to ebt_do_table 2015-09-18 21:57:35 +02:00
ebtable_filter.c netfilter-bridge: Cleanse indentation 2015-11-23 17:54:39 +01:00
ebtable_nat.c netfilter-bridge: Cleanse indentation 2015-11-23 17:54:39 +01:00
ebtables.c netfilter-bridge: layout of if statements 2015-11-23 17:54:41 +01:00
nf_log_bridge.c netfilter: bridge: add generic packet logger 2014-06-27 13:20:47 +02:00
nf_tables_bridge.c netfilter: nf_tables: release objects on netns destruction 2015-12-28 18:34:35 +01:00
nft_meta_bridge.c netfilter: nf_tables: wrap tracing with a static key 2015-12-09 13:23:13 +01:00
nft_reject_bridge.c netfilter: nf_tables: Use pkt->net instead of computing net from the passed net_devices 2015-09-18 21:58:49 +02:00