mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-13 14:14:37 +00:00
Code Issues Releases Wiki Activity
linux-stable/include/linux/netfilter
History
Florian Westphal 47a6959fa3 netfilter: allow to turn off xtables compat layer 
The compat layer needs to parse untrusted input (the ruleset)
to translate it to a 64bit compatible format.

We had a number of bugs in this department in the past, so allow users
to turn this feature off.

Add CONFIG_NETFILTER_XTABLES_COMPAT kconfig knob and make it default to y
to keep existing behaviour.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2021-04-26 18:16:56 +02:00
..
ipset netfilter: ipset: Remove duplicate declaration 2021-03-31 22:34:11 +02:00
nf_conntrack_amanda.h
nf_conntrack_common.h netfilter: conntrack: add clash resolution stat counter 2020-08-28 19:51:26 +02:00
nf_conntrack_dccp.h
nf_conntrack_ftp.h
nf_conntrack_h323.h
nf_conntrack_h323_asn1.h
nf_conntrack_h323_types.h
nf_conntrack_irc.h
nf_conntrack_pptp.h
nf_conntrack_proto_gre.h
nf_conntrack_sane.h
nf_conntrack_sctp.h netfilter: conntrack: allow sctp hearbeat after connection re-use 2020-08-20 14:13:49 +02:00
nf_conntrack_sip.h
nf_conntrack_snmp.h
nf_conntrack_tcp.h
nf_conntrack_tftp.h
nf_conntrack_zones_common.h
nfnetlink.h netfilter: nfnetlink: consolidate callback types 2021-04-26 18:16:56 +02:00
nfnetlink_acct.h
nfnetlink_osf.h
x_tables.h netfilter: allow to turn off xtables compat layer 2021-04-26 18:16:56 +02:00