mirror of
git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-11-20 13:44:53 +00:00
807192deb8
Pablo Neira Ayuso says: ==================== Netfilter fixes for net The following patchset contains Netfilter fixes for your net tree: 1) rbtree lookup from control plane returns the left-hand side element of the range when the interval end flag is set on. 2) osf extension is not supported from the input path, reject this from the control plane, from Fernando Fernandez Mancera. 3) xt_TEE is leaving output interface unset due to a recent incorrect netns rework, from Taehee Yoo. 4) xt_TEE allows to select an interface which does not belong to this netnamespace, from Taehee Yoo. 5) Zero private extension area in nft_compat, just like we do in x_tables, otherwise we leak kernel memory to userspace. 6) Missing .checkentry and .destroy entries in new DNAT extensions breaks it since we never load nf_conntrack dependencies, from Paolo Abeni. 7) Do not remove flowtable hook from netns exit path, the netdevice handler already deals with this, also from Taehee Yoo. 8) Only cleanup flowtable entries that reside in this netnamespace, also from Taehee Yoo. ==================== Signed-off-by: David S. Miller <davem@davemloft.net> |
||
|---|---|---|
| .. | ||
| ipset | ||
| ipvs | ||
| core.c | ||
| Kconfig | ||
| Makefile | ||
| nf_conncount.c | ||
| nf_conntrack_acct.c | ||
| nf_conntrack_amanda.c | ||
| nf_conntrack_broadcast.c | ||
| nf_conntrack_core.c | ||
| nf_conntrack_ecache.c | ||
| nf_conntrack_expect.c | ||
| nf_conntrack_extend.c | ||
| nf_conntrack_ftp.c | ||
| nf_conntrack_h323_asn1.c | ||
| nf_conntrack_h323_main.c | ||
| nf_conntrack_h323_types.c | ||
| nf_conntrack_helper.c | ||
| nf_conntrack_irc.c | ||
| nf_conntrack_labels.c | ||
| nf_conntrack_netbios_ns.c | ||
| nf_conntrack_netlink.c | ||
| nf_conntrack_pptp.c | ||
| nf_conntrack_proto.c | ||
| nf_conntrack_proto_dccp.c | ||
| nf_conntrack_proto_generic.c | ||
| nf_conntrack_proto_gre.c | ||
| nf_conntrack_proto_icmp.c | ||
| nf_conntrack_proto_icmpv6.c | ||
| nf_conntrack_proto_sctp.c | ||
| nf_conntrack_proto_tcp.c | ||
| nf_conntrack_proto_udp.c | ||
| nf_conntrack_sane.c | ||
| nf_conntrack_seqadj.c | ||
| nf_conntrack_sip.c | ||
| nf_conntrack_snmp.c | ||
| nf_conntrack_standalone.c | ||
| nf_conntrack_tftp.c | ||
| nf_conntrack_timeout.c | ||
| nf_conntrack_timestamp.c | ||
| nf_dup_netdev.c | ||
| nf_flow_table_core.c | ||
| nf_flow_table_inet.c | ||
| nf_flow_table_ip.c | ||
| nf_internals.h | ||
| nf_log.c | ||
| nf_log_common.c | ||
| nf_log_netdev.c | ||
| nf_nat_amanda.c | ||
| nf_nat_core.c | ||
| nf_nat_ftp.c | ||
| nf_nat_helper.c | ||
| nf_nat_irc.c | ||
| nf_nat_proto_common.c | ||
| nf_nat_proto_dccp.c | ||
| nf_nat_proto_sctp.c | ||
| nf_nat_proto_tcp.c | ||
| nf_nat_proto_udp.c | ||
| nf_nat_proto_unknown.c | ||
| nf_nat_redirect.c | ||
| nf_nat_sip.c | ||
| nf_nat_tftp.c | ||
| nf_queue.c | ||
| nf_sockopt.c | ||
| nf_synproxy_core.c | ||
| nf_tables_api.c | ||
| nf_tables_core.c | ||
| nf_tables_set_core.c | ||
| nf_tables_trace.c | ||
| nfnetlink.c | ||
| nfnetlink_acct.c | ||
| nfnetlink_cthelper.c | ||
| nfnetlink_cttimeout.c | ||
| nfnetlink_log.c | ||
| nfnetlink_osf.c | ||
| nfnetlink_queue.c | ||
| nft_bitwise.c | ||
| nft_byteorder.c | ||
| nft_chain_filter.c | ||
| nft_cmp.c | ||
| nft_compat.c | ||
| nft_connlimit.c | ||
| nft_counter.c | ||
| nft_ct.c | ||
| nft_dup_netdev.c | ||
| nft_dynset.c | ||
| nft_exthdr.c | ||
| nft_fib.c | ||
| nft_fib_inet.c | ||
| nft_fib_netdev.c | ||
| nft_flow_offload.c | ||
| nft_fwd_netdev.c | ||
| nft_hash.c | ||
| nft_immediate.c | ||
| nft_limit.c | ||
| nft_log.c | ||
| nft_lookup.c | ||
| nft_masq.c | ||
| nft_meta.c | ||
| nft_nat.c | ||
| nft_numgen.c | ||
| nft_objref.c | ||
| nft_osf.c | ||
| nft_payload.c | ||
| nft_queue.c | ||
| nft_quota.c | ||
| nft_range.c | ||
| nft_redir.c | ||
| nft_reject.c | ||
| nft_reject_inet.c | ||
| nft_rt.c | ||
| nft_set_bitmap.c | ||
| nft_set_hash.c | ||
| nft_set_rbtree.c | ||
| nft_socket.c | ||
| nft_tproxy.c | ||
| nft_tunnel.c | ||
| nft_xfrm.c | ||
| utils.c | ||
| x_tables.c | ||
| xt_addrtype.c | ||
| xt_AUDIT.c | ||
| xt_bpf.c | ||
| xt_cgroup.c | ||
| xt_CHECKSUM.c | ||
| xt_CLASSIFY.c | ||
| xt_cluster.c | ||
| xt_comment.c | ||
| xt_connbytes.c | ||
| xt_connlabel.c | ||
| xt_connlimit.c | ||
| xt_connmark.c | ||
| xt_CONNSECMARK.c | ||
| xt_conntrack.c | ||
| xt_cpu.c | ||
| xt_CT.c | ||
| xt_dccp.c | ||
| xt_devgroup.c | ||
| xt_DSCP.c | ||
| xt_dscp.c | ||
| xt_ecn.c | ||
| xt_esp.c | ||
| xt_hashlimit.c | ||
| xt_helper.c | ||
| xt_HL.c | ||
| xt_hl.c | ||
| xt_HMARK.c | ||
| xt_IDLETIMER.c | ||
| xt_ipcomp.c | ||
| xt_iprange.c | ||
| xt_ipvs.c | ||
| xt_l2tp.c | ||
| xt_LED.c | ||
| xt_length.c | ||
| xt_limit.c | ||
| xt_LOG.c | ||
| xt_mac.c | ||
| xt_mark.c | ||
| xt_multiport.c | ||
| xt_nat.c | ||
| xt_NETMAP.c | ||
| xt_nfacct.c | ||
| xt_NFLOG.c | ||
| xt_NFQUEUE.c | ||
| xt_osf.c | ||
| xt_owner.c | ||
| xt_physdev.c | ||
| xt_pkttype.c | ||
| xt_policy.c | ||
| xt_quota.c | ||
| xt_RATEEST.c | ||
| xt_rateest.c | ||
| xt_realm.c | ||
| xt_recent.c | ||
| xt_REDIRECT.c | ||
| xt_repldata.h | ||
| xt_sctp.c | ||
| xt_SECMARK.c | ||
| xt_set.c | ||
| xt_socket.c | ||
| xt_state.c | ||
| xt_statistic.c | ||
| xt_string.c | ||
| xt_TCPMSS.c | ||
| xt_tcpmss.c | ||
| xt_TCPOPTSTRIP.c | ||
| xt_tcpudp.c | ||
| xt_TEE.c | ||
| xt_time.c | ||
| xt_TPROXY.c | ||
| xt_TRACE.c | ||
| xt_u32.c | ||