OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/net/ipv4/netfilter
History
Harald Welte 188bab3ae0 [NETFILTER]: Fix invalid module autoloading by splitting iptable_nat 
When you've enabled conntrack and NAT as a module (standard case in all
distributions), and you've also enabled the new conntrack netlink
interface, loading ip_conntrack_netlink.ko will auto-load iptable_nat.ko.
This causes a huge performance penalty, since for every packet you iterate
the nat code, even if you don't want it.

This patch splits iptable_nat.ko into the NAT core (ip_nat.ko) and the
iptables frontend (iptable_nat.ko).  Threfore, ip_conntrack_netlink.ko will
only pull ip_nat.ko, but not the frontend.  ip_nat.ko will "only" allocate
some resources, but not affect runtime performance.

This separation is also a nice step in anticipation of new packet filters
(nf-hipac, ipset, pkttables) being able to use the NAT core.

Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
 		2005-09-26 15:25:11 -07:00
..
Kconfig [NETFILTER]: Fix ip[6]t_NFQUEUE Kconfig dependency 2005-09-24 16:52:03 -07:00
Makefile [NETFILTER]: Fix invalid module autoloading by splitting iptable_nat 2005-09-26 15:25:11 -07:00
arp_tables.c [NETFILTER]: Kill lockhelp.h 2005-06-21 14:01:30 -07:00
arpt_mangle.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
arptable_filter.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ip_conntrack_amanda.c [NETFILTER] Fix conntrack event cache deadlock/oops 2005-09-22 23:46:57 -07:00
ip_conntrack_core.c [NETFILTER] Fix conntrack event cache deadlock/oops 2005-09-22 23:46:57 -07:00
ip_conntrack_ftp.c [NETFILTER]: Use correct type for "ports" module parameter 2005-09-13 13:48:00 -07:00
ip_conntrack_helper_pptp.c [NETFILTER] Fix conntrack event cache deadlock/oops 2005-09-22 23:46:57 -07:00
ip_conntrack_irc.c [NETFILTER]: Use correct type for "ports" module parameter 2005-09-13 13:48:00 -07:00
ip_conntrack_netbios_ns.c [NETFILTER] Fix conntrack event cache deadlock/oops 2005-09-22 23:46:57 -07:00
ip_conntrack_netlink.c [NETFILTER]: Rename misnamed function 2005-09-19 15:35:31 -07:00
ip_conntrack_proto_generic.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ip_conntrack_proto_gre.c [NETFILTER] ip_conntrack: Update event cache when status changes 2005-09-24 16:56:08 -07:00
ip_conntrack_proto_icmp.c [NETFILTER]: Extend netfilter logging API 2005-08-29 15:38:07 -07:00
ip_conntrack_proto_sctp.c [NETFILTER] ip_conntrack: Update event cache when status changes 2005-09-24 16:56:08 -07:00
ip_conntrack_proto_tcp.c [NETFILTER] ip_conntrack: Update event cache when status changes 2005-09-24 16:56:08 -07:00
ip_conntrack_proto_udp.c [NETFILTER]: Extend netfilter logging API 2005-08-29 15:38:07 -07:00
ip_conntrack_standalone.c [NETFILTER] Fix conntrack event cache deadlock/oops 2005-09-22 23:46:57 -07:00
ip_conntrack_tftp.c [NETFILTER]: Use correct type for "ports" module parameter 2005-09-13 13:48:00 -07:00
ip_nat_amanda.c [NETFILTER]: ip_conntrack_expect_related must not free expectation 2005-07-21 13:14:46 -07:00
ip_nat_core.c [NETFILTER]: Fix invalid module autoloading by splitting iptable_nat 2005-09-26 15:25:11 -07:00
ip_nat_ftp.c [NETFILTER]: ip_conntrack_expect_related must not free expectation 2005-07-21 13:14:46 -07:00
ip_nat_helper.c [NETFILTER]: Fix invalid module autoloading by splitting iptable_nat 2005-09-26 15:25:11 -07:00
ip_nat_helper_pptp.c [NETFILTER]: Add new PPTP conntrack and NAT helper 2005-09-19 15:33:08 -07:00
ip_nat_irc.c [NETFILTER]: ip_conntrack_expect_related must not free expectation 2005-07-21 13:14:46 -07:00
ip_nat_proto_gre.c [NETFILTER]: Add new PPTP conntrack and NAT helper 2005-09-19 15:33:08 -07:00
ip_nat_proto_icmp.c [NETFILTER]: Rename skb_ip_make_writable() to skb_make_writable() 2005-08-29 15:34:40 -07:00
ip_nat_proto_tcp.c [NETFILTER]: Rename skb_ip_make_writable() to skb_make_writable() 2005-08-29 15:34:40 -07:00
ip_nat_proto_udp.c [NETFILTER]: Rename skb_ip_make_writable() to skb_make_writable() 2005-08-29 15:34:40 -07:00
ip_nat_proto_unknown.c [NETFILTER]: C99 initizalizers for NAT protocols 2005-08-29 15:33:34 -07:00
ip_nat_rule.c [NETFILTER]: Handle NAT module load race 2005-09-06 15:09:43 -07:00
ip_nat_snmp_basic.c [NETFILTER]: Rename skb_ip_make_writable() to skb_make_writable() 2005-08-29 15:34:40 -07:00
ip_nat_standalone.c [NETFILTER]: Fix invalid module autoloading by splitting iptable_nat 2005-09-26 15:25:11 -07:00
ip_nat_tftp.c [NETFILTER]: ip_conntrack_expect_related must not free expectation 2005-07-21 13:14:46 -07:00
ip_queue.c [NETLINK]: Add "groups" argument to netlink_kernel_create 2005-08-29 16:01:11 -07:00
ip_tables.c [NETFILTER]: Add goto target 2005-08-29 16:04:18 -07:00
ipt_CLASSIFY.c [NETFILTER]: reduce netfilter sk_buff enlargement 2005-08-29 15:31:04 -07:00
ipt_CLUSTERIP.c [NETFILTER] CLUSTERIP: use a bitmap to store node responsibility data 2005-09-16 17:00:04 -07:00
ipt_CONNMARK.c [NETFILTER]: reduce netfilter sk_buff enlargement 2005-08-29 15:31:04 -07:00
ipt_DSCP.c [NETFILTER]: Rename skb_ip_make_writable() to skb_make_writable() 2005-08-29 15:34:40 -07:00
ipt_ECN.c [NETFILTER]: Rename skb_ip_make_writable() to skb_make_writable() 2005-08-29 15:34:40 -07:00
ipt_LOG.c [NETFILTER]: Extend netfilter logging API 2005-08-29 15:38:07 -07:00
ipt_MARK.c [NETFILTER]: reduce netfilter sk_buff enlargement 2005-08-29 15:31:04 -07:00
ipt_MASQUERADE.c [NETFILTER]: Fix DHCP + MASQUERADE problem 2005-09-13 13:49:15 -07:00
ipt_NETMAP.c [NETFILTER]: Make NETMAP target usable in OUTPUT 2005-08-29 15:58:41 -07:00
ipt_NFQUEUE.c [NETFILTER]: Add "nfnetlink_queue" netfilter queue handler over nfnetlink 2005-08-29 15:36:56 -07:00
ipt_NOTRACK.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_REDIRECT.c [NETFILTER]: Fix rcu race in ipt_REDIRECT 2005-09-13 13:48:58 -07:00
ipt_REJECT.c [XFRM]: Always release dst_entry on error in xfrm_lookup 2005-09-08 15:11:55 -07:00
ipt_SAME.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_TCPMSS.c [NETFILTER]: Rename skb_ip_make_writable() to skb_make_writable() 2005-08-29 15:34:40 -07:00
ipt_TOS.c [NETFILTER]: Rename skb_ip_make_writable() to skb_make_writable() 2005-08-29 15:34:40 -07:00
ipt_TTL.c [NETFILTER]: Add new iptables TTL target 2005-08-29 16:13:22 -07:00
ipt_ULOG.c [NETLINK]: Add "groups" argument to netlink_kernel_create 2005-08-29 16:01:11 -07:00
ipt_addrtype.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_ah.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_comment.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_connbytes.c [NETFILTER]: Nicer names for ipt_connbytes constants 2005-08-29 15:58:17 -07:00
ipt_connmark.c [NETFILTER]: convert nfmark and conntrack mark to 32bit 2005-08-29 15:29:31 -07:00
ipt_conntrack.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_dccp.c [NETFILTER]: New iptables DCCP protocol header match 2005-08-29 15:54:28 -07:00
ipt_dscp.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_ecn.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_esp.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_hashlimit.c [NET]: use __read_mostly on kmem_cache_t , DEFINE_SNMP_STAT pointers 2005-08-29 16:11:18 -07:00
ipt_helper.c [NETFILTER]: Kill lockhelp.h 2005-06-21 14:01:30 -07:00
ipt_iprange.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_length.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_limit.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_mac.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_mark.c [NETFILTER]: convert nfmark and conntrack mark to 32bit 2005-08-29 15:29:31 -07:00
ipt_multiport.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_owner.c [PATCH] files: lock-free fd look-up 2005-09-09 13:57:55 -07:00
ipt_physdev.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_pkttype.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_realm.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_recent.c [NETFILTER]: ipt_recent: last_pkts is an array of "unsigned long" not "u_int32_t" 2005-06-15 20:51:14 -07:00
ipt_sctp.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_state.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_string.c [NETFILTER]: Add string match 2005-08-29 16:04:07 -07:00
ipt_tcpmss.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_tos.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ipt_ttl.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
iptable_filter.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
iptable_mangle.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
iptable_raw.c [NETFILTER]: Missing owner-field initialization in iptable_raw 2005-05-03 14:23:13 -07:00