OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/net/ipv4
History
Herbert Xu 8b7817f3a9 [IPSEC]: Add ICMP host relookup support 
RFC 4301 requires us to relookup ICMP traffic that does not match any
policies using the reverse of its payload.  This patch implements this
for ICMP traffic that originates from or terminates on localhost.

This is activated on outbound with the new policy flag XFRM_POLICY_ICMP,
and on inbound by the new state flag XFRM_STATE_ICMP.

On inbound the policy check is now performed by the ICMP protocol so
that it can repeat the policy check where necessary.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
 		2008-01-28 14:57:23 -08:00
..
ipvs [NETFILTER]: Mark hooks __read_mostly 2008-01-28 14:56:07 -08:00
netfilter [NETFILTER]: {nfnetlink,ip,ip6}_queue: kill issue_verdict 2008-01-28 14:56:15 -08:00
Kconfig typo fixes 2007-10-20 01:34:40 +02:00
Makefile [IPV4]: Cleanup the sysctl_net_ipv4.c file 2008-01-28 14:56:27 -08:00
af_inet.c [IPSEC]: Add ICMP host relookup support 2008-01-28 14:57:23 -08:00
ah4.c [IPSEC]: Move state lock into x->type->input 2008-01-28 14:53:52 -08:00
arp.c [ARP]: Consolidate some code in arp_req_set/delete_publc 2008-01-28 14:56:38 -08:00
cipso_ipv4.c [IPV4] net/ipv4/cipso_ipv4.c: use LIST_HEAD instead of LIST_HEAD_INIT 2008-01-28 14:56:52 -08:00
datagram.c [IPV4]: Fix "ipOutNoRoutes" counter error for TCP and UDP 2007-06-03 18:08:50 -07:00
devinet.c [IPV4]: Cleanup sysctl manipulations in devinet.c 2008-01-28 14:57:09 -08:00
esp4.c [IPSEC]: Move state lock into x->type->input 2008-01-28 14:53:52 -08:00
fib_frontend.c [IPV4]: Add inet_dev_addr_type() 2008-01-28 14:55:56 -08:00
fib_hash.c [IPV4]: last default route is a fib table property 2008-01-28 14:57:01 -08:00
fib_lookup.h [IPV4]: Unify assignment of fi to fib_result 2008-01-28 14:57:01 -08:00
fib_rules.c [INET]: Small possible memory leak in FIB rules 2007-11-10 22:12:03 -08:00
fib_semantics.c [IPV4]: no need pass pointer to a default into fib_detect_death 2008-01-28 14:57:00 -08:00
fib_trie.c [IPV4]: last default route is a fib table property 2008-01-28 14:57:01 -08:00
icmp.c [IPSEC]: Add ICMP host relookup support 2008-01-28 14:57:23 -08:00
igmp.c [IPV4]: Add ip_local_out 2008-01-28 14:53:47 -08:00
inet_connection_sock.c [NET]: Convert init_timer into setup_timer 2008-01-28 14:53:35 -08:00
inet_diag.c [INET]: Fix inet_diag dead-lock regression 2007-12-03 15:51:25 +11:00
inet_fragment.c [NET]: Convert init_timer into setup_timer 2008-01-28 14:53:35 -08:00
inet_hashtables.c [INET]: Remove per bucket rwlock in tcp/dccp ehash table. 2007-11-07 04:15:11 -08:00
inet_lro.c [LRO] Fix lro_mgr->features checks 2008-01-08 23:30:18 -08:00
inet_timewait_sock.c [INET]: Use BUILD_BUG_ON in inet_timewait_sock.c checks 2008-01-28 14:57:08 -08:00
inetpeer.c [INET]: Use list_head-s in inetpeer.c 2007-11-12 21:27:28 -08:00
ip_forward.c [NETFILTER]: Introduce NF_INET_ hook values 2008-01-28 14:53:55 -08:00
ip_fragment.c [NET]: Fix uninitialised variable in ip_frag_reasm() 2007-10-17 21:37:22 -07:00
ip_gre.c [IPV4] ip_gre: set mac_header correctly in receive path 2007-12-20 00:10:33 -08:00
ip_input.c [IPv4] RAW: Compact the API for the kernel 2008-01-28 14:54:28 -08:00
ip_options.c [IPV4] ip_options.c: kmalloc + memset conversion to kzalloc 2007-07-31 14:06:45 -07:00
ip_output.c [NETFILTER]: Introduce NF_INET_ hook values 2008-01-28 14:53:55 -08:00
ip_sockglue.c [IPV4]: Clean the ip_sockglue.c from some ugly ifdefs 2007-11-07 04:08:55 -08:00
ipcomp.c [IPSEC]: Forbid BEET + ipcomp for now 2008-01-28 14:53:43 -08:00
ipconfig.c [IPCONFIG]: Mark vendor_class_identifier as __initdata. 2008-01-28 14:54:22 -08:00
ipip.c [NET]: Treat the sign of the result of skb_headroom() consistently 2007-10-23 21:27:55 -07:00
ipmr.c [NET]: Make rtnetlink infrastructure network namespace aware (v3) 2008-01-28 14:54:25 -08:00
netfilter.c [NETFILTER]: nf_queue: move list_head/skb/id to struct nf_info 2008-01-28 14:56:14 -08:00
proc.c [NET]: Define infrastructure to keep 'inuse' changes in an efficent SMP/NUMA way. 2007-11-07 04:08:57 -08:00
protocol.c [IPV4]: align inet_protos[] on SMP 2007-04-25 22:28:20 -07:00
raw.c [RAW]: Consolidate proc interface. 2008-01-28 14:54:32 -08:00
route.c [NET]: Multiple namespaces in the all dst_ifdown routines. 2008-01-28 14:56:44 -08:00
syncookies.c [SK_BUFF]: Introduce tcp_hdr(), remove skb->h.th 2007-04-25 22:25:26 -07:00
sysctl_net_ipv4.c [INET]: Merge sys.net.ipv4.ip_forward and sys.net.ipv4.conf.all.forwarding 2008-01-28 14:56:31 -08:00
tcp.c [TCP]: Use BUILD_BUG_ON for tcp_skb_cb size checking 2008-01-28 14:57:07 -08:00
tcp_bic.c [TCP]: Cong.ctrl modules: remove unused good_ack from cong_avoid 2008-01-28 14:55:41 -08:00
tcp_cong.c [TCP]: Cong.ctrl modules: remove unused good_ack from cong_avoid 2008-01-28 14:55:41 -08:00
tcp_cubic.c [TCP]: Cong.ctrl modules: remove unused good_ack from cong_avoid 2008-01-28 14:55:41 -08:00
tcp_diag.c [INET]: Let inet_diag and friends autoload 2007-10-22 02:59:54 -07:00
tcp_highspeed.c [TCP]: Cong.ctrl modules: remove unused good_ack from cong_avoid 2008-01-28 14:55:41 -08:00
tcp_htcp.c [TCP]: Cong.ctrl modules: remove unused good_ack from cong_avoid 2008-01-28 14:55:41 -08:00
tcp_hybla.c [TCP]: Cong.ctrl modules: remove unused good_ack from cong_avoid 2008-01-28 14:55:41 -08:00
tcp_illinois.c [TCP]: Cong.ctrl modules: remove unused good_ack from cong_avoid 2008-01-28 14:55:41 -08:00
tcp_input.c [TCP]: Abstract tp->highest_sack accessing & point to next skb 2008-01-28 14:55:46 -08:00
tcp_ipv4.c [IPV4] TCPMD5: Use memmove() instead of memcpy() because we have overlaps. 2007-11-20 17:30:31 -08:00
tcp_lp.c [TCP]: Cong.ctrl modules: remove unused good_ack from cong_avoid 2008-01-28 14:55:41 -08:00
tcp_minisocks.c [TCP]: Move sack_ok access to obviously named funcs & cleanup 2007-10-10 16:48:00 -07:00
tcp_output.c [TCP]: Abstract tp->highest_sack accessing & point to next skb 2008-01-28 14:55:46 -08:00
tcp_probe.c [NET]: Make /proc/net per network namespace 2007-10-10 16:49:06 -07:00
tcp_scalable.c [TCP]: Cong.ctrl modules: remove unused good_ack from cong_avoid 2008-01-28 14:55:41 -08:00
tcp_timer.c [TCP]: Move sack_ok access to obviously named funcs & cleanup 2007-10-10 16:48:00 -07:00
tcp_vegas.c [TCP]: Cong.ctrl modules: remove unused good_ack from cong_avoid 2008-01-28 14:55:41 -08:00
tcp_vegas.h [TCP]: congestion control API pass RTT in microseconds 2007-07-31 02:27:57 -07:00
tcp_veno.c [TCP]: Cong.ctrl modules: remove unused good_ack from cong_avoid 2008-01-28 14:55:41 -08:00
tcp_westwood.c [TCP]: congestion control API pass RTT in microseconds 2007-07-31 02:27:57 -07:00
tcp_yeah.c [TCP]: Cong.ctrl modules: remove unused good_ack from cong_avoid 2008-01-28 14:55:41 -08:00
tunnel4.c [INET]: Cleanup the xfrm4_tunnel_(un)register 2007-11-10 21:48:54 -08:00
udp.c [UDP]: Only increment counter on first peek/recv 2008-01-28 14:56:34 -08:00
udp_impl.h [UDP]: Randomize port selection. 2007-10-10 16:48:31 -07:00
udplite.c [IPV4]: Use the {DEFINE|REF}_PROTO_INUSE infrastructure 2007-11-07 04:08:58 -08:00
xfrm4_input.c [IPSEC]: Use the correct family for input state lookup 2008-01-28 14:55:49 -08:00
xfrm4_mode_beet.c [IPSEC]: Separate inner/outer mode processing on input 2008-01-28 14:53:46 -08:00
xfrm4_mode_transport.c [IPSEC]: Use IPv6 calling convention as the convention for x->mode->output 2007-10-10 16:55:54 -07:00
xfrm4_mode_tunnel.c [IPSEC]: Separate inner/outer mode processing on input 2008-01-28 14:53:46 -08:00
xfrm4_output.c [NETFILTER]: Introduce NF_INET_ hook values 2008-01-28 14:53:55 -08:00
xfrm4_policy.c [IPSEC]: Added xfrm_decode_session_reverse and xfrmX_policy_check_reverse 2008-01-28 14:57:22 -08:00
xfrm4_state.c [IPSEC]: Kill afinfo->nf_post_routing 2008-01-28 14:53:55 -08:00
xfrm4_tunnel.c [IPSEC]: Move tunnel parsing for IPv4 out of xfrm4_input 2007-10-17 21:28:53 -07:00