OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/net/netfilter
History
David S. Miller d6da83813f Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 
Pablo Neira Ayuso says:

====================
Netfilter fixes for net

The follow patchset contains Netfilter fixes for your net tree,
they are:

1) Fix compilation warning in x_tables with clang due to useless
   redundant reassignment, from Colin Ian King.

2) Add bugtrap to net_exit to catch uninitialized lists, patch
   from Vasily Averin.

3) Fix out of bounds memory reads in H323 conntrack helper, this
   comes with an initial patch to remove replace the obscure
   CHECK_BOUND macro as a dependency. From Eric Sesterhenn.

4) Reduce retransmission timeout when window is 0 in TCP conntrack,
   from Florian Westphal.

6) ctnetlink clamp timeout to INT_MAX if timeout is too large,
   otherwise timeout wraps around and it results in killing the
   entry that is being added immediately.

7) Missing CAP_NET_ADMIN checks in cthelper and xt_osf, due to
   no netns support. From Kevin Cernekee.

8) Missing maximum number of instructions checks in xt_bpf, patch
   from Jann Horn.

9) With no CONFIG_PROC_FS ipt_CLUSTERIP compilation breaks,
   patch from Arnd Bergmann.

10) Missing netlink attribute policy in nftables exthdr, from
    Florian Westphal.

11) Enable conntrack with IPv6 MASQUERADE rules, as a357b3f80b
    should have done in first place, from Konstantin Khlebnikov.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
 		2017-12-13 14:12:20 -05:00
..
ipset Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2017-11-08 14:22:50 +09:00
ipvs Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2017-11-15 11:56:19 -08:00
Kconfig
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
core.c netfilter: core: remove erroneous warn_on 2017-09-08 18:55:52 +02:00
nf_conntrack_acct.c
nf_conntrack_amanda.c
nf_conntrack_broadcast.c
nf_conntrack_core.c Modules updates for v4.15 2017-11-15 13:46:33 -08:00
nf_conntrack_ecache.c
nf_conntrack_expect.c treewide: setup_timer() -> timer_setup() 2017-11-21 15:57:07 -08:00
nf_conntrack_extend.c net: Replace NF_CT_ASSERT() with WARN_ON(). 2017-09-04 13:25:19 +02:00
nf_conntrack_ftp.c
nf_conntrack_h323_asn1.c netfilter: nf_ct_h323: Extend nf_h323_error_boundary to work on bits as well 2017-11-20 12:03:41 +01:00
nf_conntrack_h323_main.c
nf_conntrack_h323_types.c
nf_conntrack_helper.c
nf_conntrack_irc.c
nf_conntrack_l3proto_generic.c
nf_conntrack_labels.c
nf_conntrack_netbios_ns.c
nf_conntrack_netlink.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 2017-12-13 14:12:20 -05:00
nf_conntrack_pptp.c
nf_conntrack_proto.c netfilter: conntrack: move nf_ct_netns_{get,put}() to core 2017-11-06 16:48:39 +01:00
nf_conntrack_proto_dccp.c netfilter: conntrack: remove pf argument from l4 packet functions 2017-10-24 18:01:49 +02:00
nf_conntrack_proto_generic.c netfilter: conntrack: remove pf argument from l4 packet functions 2017-10-24 18:01:49 +02:00
nf_conntrack_proto_gre.c netfilter: conntrack: remove pf argument from l4 packet functions 2017-10-24 18:01:49 +02:00
nf_conntrack_proto_sctp.c netfilter: conntrack: remove pf argument from l4 packet functions 2017-10-24 18:01:49 +02:00
nf_conntrack_proto_tcp.c netfilter: conntrack: lower timeout to RETRANS seconds if window is 0 2017-11-20 13:30:24 +01:00
nf_conntrack_proto_udp.c netfilter: conntrack: remove pf argument from l4 packet functions 2017-10-24 18:01:49 +02:00
nf_conntrack_sane.c
nf_conntrack_seqadj.c
nf_conntrack_sip.c
nf_conntrack_snmp.c
nf_conntrack_standalone.c net: Replace NF_CT_ASSERT() with WARN_ON(). 2017-09-04 13:25:19 +02:00
nf_conntrack_tftp.c
nf_conntrack_timeout.c
nf_conntrack_timestamp.c
nf_dup_netdev.c
nf_internals.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
nf_log.c
nf_log_common.c
nf_log_netdev.c
nf_nat_amanda.c
nf_nat_core.c netfilter: nat: use test_and_clear_bit when deleting ct from bysource list 2017-10-24 17:54:47 +02:00
nf_nat_ftp.c treewide: Fix function prototypes for module_param_call() 2017-10-31 15:30:37 +01:00
nf_nat_helper.c
nf_nat_irc.c treewide: Fix function prototypes for module_param_call() 2017-10-31 15:30:37 +01:00
nf_nat_proto_common.c
nf_nat_proto_dccp.c
nf_nat_proto_sctp.c
nf_nat_proto_tcp.c
nf_nat_proto_udp.c
nf_nat_proto_unknown.c
nf_nat_redirect.c net: Replace NF_CT_ASSERT() with WARN_ON(). 2017-09-04 13:25:19 +02:00
nf_nat_sip.c
nf_nat_tftp.c
nf_queue.c
nf_sockopt.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
nf_synproxy_core.c
nf_tables_api.c netfilter: exit_net cleanup check added 2017-11-20 12:03:41 +01:00
nf_tables_core.c
nf_tables_inet.c
nf_tables_netdev.c
nf_tables_trace.c
nfnetlink.c
nfnetlink_acct.c
nfnetlink_cthelper.c netfilter: nfnetlink_cthelper: Add missing permission checks 2017-12-04 11:30:09 +01:00
nfnetlink_cttimeout.c
nfnetlink_log.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 2017-12-13 14:12:20 -05:00
nfnetlink_queue.c netfilter: exit_net cleanup check added 2017-11-20 12:03:41 +01:00
nft_bitwise.c
nft_byteorder.c
nft_cmp.c
nft_compat.c
nft_counter.c
nft_ct.c netfilter: conntrack: move nf_ct_netns_{get,put}() to core 2017-11-06 16:48:39 +01:00
nft_dup_netdev.c
nft_dynset.c
nft_exthdr.c netfilter: exthdr: add missign attributes to policy 2017-12-11 13:46:04 +01:00
nft_fib.c
nft_fib_inet.c
nft_fib_netdev.c
nft_fwd_netdev.c
nft_hash.c
nft_immediate.c
nft_limit.c
nft_log.c
nft_lookup.c
nft_masq.c
nft_meta.c
nft_nat.c
nft_numgen.c
nft_objref.c
nft_payload.c
nft_queue.c
nft_quota.c
nft_range.c
nft_redir.c
nft_reject.c
nft_reject_inet.c
nft_rt.c
nft_set_bitmap.c netfilter: nf_tables: get set elements via netlink 2017-11-07 01:00:31 +01:00
nft_set_hash.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2017-11-08 14:22:50 +09:00
nft_set_rbtree.c netfilter: nf_tables: get set elements via netlink 2017-11-07 01:00:31 +01:00
x_tables.c netfilter: exit_net cleanup check added 2017-11-20 12:03:41 +01:00
xt_AUDIT.c
xt_CHECKSUM.c
xt_CLASSIFY.c
xt_CONNSECMARK.c
xt_CT.c
xt_DSCP.c
xt_HL.c
xt_HMARK.c
xt_IDLETIMER.c treewide: setup_timer() -> timer_setup() 2017-11-21 15:57:07 -08:00
xt_LED.c treewide: setup_timer() -> timer_setup() 2017-11-21 15:57:07 -08:00
xt_LOG.c
xt_NETMAP.c net: Replace NF_CT_ASSERT() with WARN_ON(). 2017-09-04 13:25:19 +02:00
xt_NFLOG.c
xt_NFQUEUE.c
xt_RATEEST.c
xt_REDIRECT.c
xt_SECMARK.c
xt_TCPMSS.c
xt_TCPOPTSTRIP.c
xt_TEE.c
xt_TPROXY.c
xt_TRACE.c
xt_addrtype.c
xt_bpf.c netfilter: xt_bpf: add overflow checks 2017-12-04 11:41:20 +01:00
xt_cgroup.c
xt_cluster.c
xt_comment.c
xt_connbytes.c
xt_connlabel.c
xt_connlimit.c netfilter: xt_connlimit: remove mask argument 2017-11-06 14:47:30 +01:00
xt_connmark.c
xt_conntrack.c
xt_cpu.c
xt_dccp.c
xt_devgroup.c
xt_dscp.c
xt_ecn.c
xt_esp.c
xt_hashlimit.c netfilter: xt_hashlimit: fix build error caused by 64bit division 2017-09-08 18:55:53 +02:00
xt_helper.c
xt_hl.c
xt_ipcomp.c
xt_iprange.c
xt_ipvs.c
xt_l2tp.c
xt_length.c
xt_limit.c
xt_mac.c
xt_mark.c
xt_multiport.c
xt_nat.c net: Replace NF_CT_ASSERT() with WARN_ON(). 2017-09-04 13:25:19 +02:00
xt_nfacct.c
xt_osf.c netfilter: xt_osf: Add missing permission checks 2017-12-06 09:01:18 +01:00
xt_owner.c
xt_physdev.c
xt_pkttype.c
xt_policy.c
xt_quota.c
xt_rateest.c
xt_realm.c
xt_recent.c
xt_repldata.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xt_sctp.c
xt_set.c
xt_socket.c netfilter: xt_socket: Restore mark from full sockets only 2017-09-26 20:04:34 +02:00
xt_state.c
xt_statistic.c
xt_string.c
xt_tcpmss.c
xt_tcpudp.c
xt_time.c
xt_u32.c