OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/net/ipv6
History
Herbert Xu 8b7817f3a9 [IPSEC]: Add ICMP host relookup support 
RFC 4301 requires us to relookup ICMP traffic that does not match any
policies using the reverse of its payload.  This patch implements this
for ICMP traffic that originates from or terminates on localhost.

This is activated on outbound with the new policy flag XFRM_POLICY_ICMP,
and on inbound by the new state flag XFRM_STATE_ICMP.

On inbound the policy check is now performed by the ICMP protocol so
that it can repeat the policy check where necessary.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
 		2008-01-28 14:57:23 -08:00
..
netfilter [NETFILTER]: {nfnetlink,ip,ip6}_queue: kill issue_verdict 2008-01-28 14:56:15 -08:00
Kconfig [IPV6] MIP6: Loadable module support for MIPv6. 2007-07-10 22:15:42 -07:00
Makefile [IPV6]: Make the ipv6/sysctl_net_ipv6.c compilation cleaner 2008-01-28 14:56:29 -08:00
addrconf.c [NET]: Remove unused "mibalign" argument for snmp_mib_init(). 2008-01-28 14:57:02 -08:00
addrconf_core.c [IPV6]: ipv6_addr_type() doesn't know about RFC4193 addresses. 2007-07-31 02:28:21 -07:00
addrlabel.c [NET]: Make rtnetlink infrastructure network namespace aware (v3) 2008-01-28 14:54:25 -08:00
af_inet6.c [IPV6]: make the protocol initialization to return an error code 2008-01-28 14:57:13 -08:00
ah6.c [IPSEC]: Move state lock into x->type->input 2008-01-28 14:53:52 -08:00
anycast.c [NET]: Make core networking code use seq_open_private 2007-10-10 16:55:33 -07:00
datagram.c [IPV6]: IPV6_MULTICAST_IF setting is ignored on link-local connect() 2008-01-08 23:52:21 -08:00
esp6.c [IPSEC]: Move state lock into x->type->input 2008-01-28 14:53:52 -08:00
exthdrs.c [IPV6]: make extended headers to return an error at initialization 2008-01-28 14:57:10 -08:00
exthdrs_core.c [NET] IPV6: Fix whitespace errors. 2007-02-10 23:19:42 -08:00
fib6_rules.c [IPV6]: Make fib6_rules_init to return an error code. 2008-01-28 14:56:46 -08:00
icmp.c [IPSEC]: Add ICMP host relookup support 2008-01-28 14:57:23 -08:00
inet6_connection_sock.c [IPV6] __inet6_csk_dst_store(): fix check-after-use 2007-10-15 12:26:32 -07:00
inet6_hashtables.c [IPV6]: Mischecked tw match in __inet6_check_established. 2008-01-20 20:31:36 -08:00
ip6_fib.c [IPV6] route6/fib6: Don't panic a kmem_cache_create. 2008-01-28 14:56:48 -08:00
ip6_flowlabel.c [IPV6]: make flowlabel to return an error 2008-01-28 14:57:10 -08:00
ip6_input.c [IPv6] RAW: Compact the API for the kernel 2008-01-28 14:54:29 -08:00
ip6_output.c [NETFILTER]: Introduce NF_INET_ hook values 2008-01-28 14:53:55 -08:00
ip6_tunnel.c [IPV6]: Add ip6_local_out 2008-01-28 14:53:47 -08:00
ipcomp6.c [IPSEC]: Forbid BEET + ipcomp for now 2008-01-28 14:53:43 -08:00
ipv6_sockglue.c [IPV6]: make the protocol initialization to return an error code 2008-01-28 14:57:13 -08:00
mcast.c [NETFILTER]: Introduce NF_INET_ hook values 2008-01-28 14:53:55 -08:00
mip6.c [IPSEC]: Move state lock into x->type->input 2008-01-28 14:53:52 -08:00
ndisc.c [NET]: Make rtnetlink infrastructure network namespace aware (v3) 2008-01-28 14:54:25 -08:00
netfilter.c [NETFILTER]: nf_queue: move list_head/skb/id to struct nf_info 2008-01-28 14:56:14 -08:00
proc.c [UDP]: Restore missing inDatagrams increments 2008-01-28 14:56:33 -08:00
protocol.c [IPV6]: Decentralize EXPORT_SYMBOLs. 2007-04-25 22:23:36 -07:00
raw.c [IPV6]: make the protocol initialization to return an error code 2008-01-28 14:57:13 -08:00
reassembly.c [IPV6]: make frag to return an error at initialization 2008-01-28 14:57:11 -08:00
route.c [IPV6]: route6 remove ifdef for fib_rules 2008-01-28 14:56:59 -08:00
sit.c [IPV6]: Add RFC4214 support 2008-01-28 14:55:09 -08:00
sysctl_net_ipv6.c [IPV6]: Use sysctl paths to register ipv6 sysctl tables 2008-01-28 14:56:30 -08:00
tcp_ipv6.c [IPV6]: make the protocol initialization to return an error code 2008-01-28 14:57:13 -08:00
tunnel6.c [IPV6]: Replace sk_buff ** with sk_buff * in input handlers 2007-10-15 12:50:28 -07:00
udp.c [IPV6]: make the protocol initialization to return an error code 2008-01-28 14:57:13 -08:00
udp_impl.h [IPV6]: Replace sk_buff ** with sk_buff * in input handlers 2007-10-15 12:50:28 -07:00
udplite.c [IPV6]: make the protocol initialization to return an error code 2008-01-28 14:57:13 -08:00
xfrm6_input.c [IPSEC]: Use the correct family for input state lookup 2008-01-28 14:55:49 -08:00
xfrm6_mode_beet.c [IPSEC]: Separate inner/outer mode processing on input 2008-01-28 14:53:46 -08:00
xfrm6_mode_ro.c [IPSEC]: Make x->lastused an unsigned long 2008-01-28 14:53:52 -08:00
xfrm6_mode_transport.c [IPSEC]: Use IPv6 calling convention as the convention for x->mode->output 2007-10-10 16:55:54 -07:00
xfrm6_mode_tunnel.c [IPSEC]: Separate inner/outer mode processing on input 2008-01-28 14:53:46 -08:00
xfrm6_output.c [NETFILTER]: Introduce NF_INET_ hook values 2008-01-28 14:53:55 -08:00
xfrm6_policy.c [IPSEC]: Added xfrm_decode_session_reverse and xfrmX_policy_check_reverse 2008-01-28 14:57:22 -08:00
xfrm6_state.c [IPV6]: Make xfrm6_init to return an error code. 2008-01-28 14:56:45 -08:00
xfrm6_tunnel.c [IPSEC]: Get nexthdr from caller in xfrm6_rcv_spi 2007-10-17 21:29:25 -07:00