public-mirrors/linux
1
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-08-04 16:25:34 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
linux/net/netfilter
History
Pablo Neira Ayuso b20ab9cc63 netfilter: nf_ct_helper: better logging for dropped packets 
Connection tracking helpers have to drop packets under exceptional
situations. Currently, the user gets the following logging message
in case that happens:

	nf_ct_%s: dropping packet ...

However, depending on the helper, there are different reasons why a
packet can be dropped.

This patch modifies the existing code to provide more specific
error message in the scope of each helper to help users to debug
the reason why the packet has been dropped, ie:

	nf_ct_%s: dropping packet: reason ...

Thanks to Joe Perches for many formatting suggestions.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2013-02-19 02:48:05 +01:00
..
ipset netfilter: nfnetlink: add mutex per subsystem 2013-02-05 04:07:35 +01:00
ipvs net: remove redundant check for timer pending state before del_timer 2013-02-04 13:26:49 -05:00
core.c netfilter: kill support for per-af queue backends 2012-12-03 15:07:48 +01:00
Kconfig netfilter: fix missing dependencies for NETFILTER_XT_MATCH_CONNLABEL 2013-02-05 01:43:47 +01:00
Makefile netfilter: x_tables: add xt_bpf match 2013-01-21 12:20:19 +01:00
nf_conntrack_acct.c netfilter: nf_ct_acct: move initialization out of pernet_operations 2013-01-23 12:55:29 +01:00
nf_conntrack_amanda.c netfilter: nf_ct_helper: better logging for dropped packets 2013-02-19 02:48:05 +01:00
nf_conntrack_broadcast.c
nf_conntrack_core.c netfilter: nf_ct_proto: move initialization out of pernet_operations 2013-01-23 12:56:33 +01:00
nf_conntrack_ecache.c netfilter: nf_ct_ecache: move initialization out of pernet_operations 2013-01-23 12:55:50 +01:00
nf_conntrack_expect.c netfilter: nf_ct_expect: move initialization out of pernet_operations 2013-01-23 12:55:00 +01:00
nf_conntrack_extend.c netfilter: nf_ct_ext: support variable length extensions 2012-06-16 15:08:49 +02:00
nf_conntrack_ftp.c netfilter: nf_ct_helper: better logging for dropped packets 2013-02-19 02:48:05 +01:00
nf_conntrack_h323_asn1.c
nf_conntrack_h323_main.c netfilter: nf_ct_helper: better logging for dropped packets 2013-02-19 02:48:05 +01:00
nf_conntrack_h323_types.c
nf_conntrack_helper.c netfilter: nf_ct_helper: better logging for dropped packets 2013-02-19 02:48:05 +01:00
nf_conntrack_irc.c netfilter: nf_ct_helper: better logging for dropped packets 2013-02-19 02:48:05 +01:00
nf_conntrack_l3proto_generic.c
nf_conntrack_labels.c netfilter: nf_ct_labels: move initialization out of pernet_operations 2013-01-23 12:56:23 +01:00
nf_conntrack_netbios_ns.c
nf_conntrack_netlink.c netfilter: nfnetlink: add mutex per subsystem 2013-02-05 04:07:35 +01:00
nf_conntrack_pptp.c netfilter: nf_ct_pptp: Fix comment referring to incorrect RFC 2013-02-05 05:10:02 +01:00
nf_conntrack_proto.c netfilter: nf_conntrack: refactor l4proto support for netns 2013-01-23 14:40:53 +01:00
nf_conntrack_proto_dccp.c netfilter: nf_conntrack: refactor l4proto support for netns 2013-01-23 14:40:53 +01:00
nf_conntrack_proto_generic.c netfilter: nf_conntrack: generalize nf_ct_l4proto_net 2012-07-04 19:37:22 +02:00
nf_conntrack_proto_gre.c netfilter: nf_conntrack: refactor l4proto support for netns 2013-01-23 14:40:53 +01:00
nf_conntrack_proto_sctp.c netfilter: nf_conntrack: refactor l4proto support for netns 2013-01-23 14:40:53 +01:00
nf_conntrack_proto_tcp.c netfilter: ctnetlink: nla_policy updates 2012-12-03 15:13:10 +01:00
nf_conntrack_proto_udp.c netfilter: nf_conntrack: generalize nf_ct_l4proto_net 2012-07-04 19:37:22 +02:00
nf_conntrack_proto_udplite.c netfilter: nf_conntrack: refactor l4proto support for netns 2013-01-23 14:40:53 +01:00
nf_conntrack_sane.c netfilter: nf_ct_helper: better logging for dropped packets 2013-02-19 02:48:05 +01:00
nf_conntrack_sip.c netfilter: nf_ct_helper: better logging for dropped packets 2013-02-19 02:48:05 +01:00
nf_conntrack_snmp.c netfilter: nf_ct_snmp: add include file 2013-01-18 00:28:18 +01:00
nf_conntrack_standalone.c netfilter: nf_conntrack: fix compilation if sysctl are disabled 2013-01-23 15:14:31 +01:00
nf_conntrack_tftp.c netfilter: nf_ct_helper: better logging for dropped packets 2013-02-19 02:48:05 +01:00
nf_conntrack_timeout.c netfilter: nf_ct_timeout: move initialization out of pernet_operations 2013-01-23 12:56:02 +01:00
nf_conntrack_timestamp.c netfilter: nf_ct_tstamp: move initialization out of pernet_operations 2013-01-23 12:55:39 +01:00
nf_internals.h netfilter: pass 'nf_hook_ops' instead of 'list_head' to nf_queue() 2012-09-03 13:52:54 +02:00
nf_log.c various: Fix spelling of "registered" in comments. 2012-11-19 14:29:46 +01:00
nf_nat_amanda.c netfilter: nf_ct_helper: better logging for dropped packets 2013-02-19 02:48:05 +01:00
nf_nat_core.c netfilter: nf_nat: remove obsolete rcu_read_unlock call 2012-09-21 12:09:25 +02:00
nf_nat_ftp.c netfilter: nf_ct_helper: better logging for dropped packets 2013-02-19 02:48:05 +01:00
nf_nat_helper.c netfilter: add protocol independent NAT core 2012-08-30 03:00:14 +02:00
nf_nat_irc.c netfilter: nf_ct_helper: better logging for dropped packets 2013-02-19 02:48:05 +01:00
nf_nat_proto_common.c netfilter: add protocol independent NAT core 2012-08-30 03:00:14 +02:00
nf_nat_proto_dccp.c netfilter: add protocol independent NAT core 2012-08-30 03:00:14 +02:00
nf_nat_proto_sctp.c netfilter: add protocol independent NAT core 2012-08-30 03:00:14 +02:00
nf_nat_proto_tcp.c netfilter: add protocol independent NAT core 2012-08-30 03:00:14 +02:00
nf_nat_proto_udp.c netfilter: add protocol independent NAT core 2012-08-30 03:00:14 +02:00
nf_nat_proto_udplite.c netfilter: add protocol independent NAT core 2012-08-30 03:00:14 +02:00
nf_nat_proto_unknown.c netfilter: add protocol independent NAT core 2012-08-30 03:00:14 +02:00
nf_nat_sip.c netfilter: nf_ct_helper: better logging for dropped packets 2013-02-19 02:48:05 +01:00
nf_nat_tftp.c netfilter: nf_ct_helper: better logging for dropped packets 2013-02-19 02:48:05 +01:00
nf_queue.c netfilter: kill support for per-af queue backends 2012-12-03 15:07:48 +01:00
nf_sockopt.c
nf_tproxy_core.c
nfnetlink.c netfilter: nfnetlink: add mutex per subsystem 2013-02-05 04:07:35 +01:00
nfnetlink_acct.c netlink: Rename pid to portid to avoid confusion 2012-09-10 15:30:41 -04:00
nfnetlink_cthelper.c netfilter: nf_ct_ftp: add sequence tracking pickup facility for injected entries 2012-09-24 14:29:40 +02:00
nfnetlink_cttimeout.c netfilter: cttimeout: fix buffer overflow 2012-11-21 23:50:14 +01:00
nfnetlink_log.c netfilter: nfnetlink_log: fix possible compilation issue due to missing include 2012-12-17 01:16:17 +01:00
nfnetlink_queue_core.c netfilter: kill support for per-af queue backends 2012-12-03 15:07:48 +01:00
nfnetlink_queue_ct.c netfilter: nfnetlink_queue: fix sparse warning due to missing include 2012-06-23 02:13:38 +02:00
x_tables.c netfilter: x_tables: print correct hook names for ARP 2013-01-13 12:54:12 +01:00
xt_addrtype.c
xt_AUDIT.c
xt_bpf.c netfilter: x_tables: add xt_bpf match 2013-01-21 12:20:19 +01:00
xt_CHECKSUM.c
xt_CLASSIFY.c
xt_cluster.c
xt_comment.c
xt_connbytes.c Merge branch 'nf-next' of git://1984.lsi.us.es/net-next 2011-12-25 02:21:45 -05:00
xt_connlabel.c netfilter: add connlabel conntrack extension 2013-01-18 00:28:15 +01:00
xt_connlimit.c netfilter: xt_connlimit: remove revision 0 2012-06-07 14:58:39 +02:00
xt_connmark.c
xt_CONNSECMARK.c
xt_conntrack.c
xt_cpu.c
xt_CT.c netfilter: xt_CT: add alias flag 2013-02-05 01:49:26 +01:00
xt_dccp.c
xt_devgroup.c
xt_dscp.c
xt_DSCP.c
xt_ecn.c netfilter: xtables: collapse conditions in xt_ecn 2011-12-27 20:45:25 +01:00
xt_esp.c
xt_hashlimit.c netfilter: xt_hashlimit: fix namespace destroy path 2012-12-26 18:14:48 +01:00
xt_helper.c
xt_HL.c
xt_hl.c
xt_HMARK.c ipv6: Move ipv6_find_hdr() out of Netfilter code. 2012-11-09 17:05:07 -08:00
xt_IDLETIMER.c
xt_iprange.c
xt_ipvs.c ipvs: API change to avoid rescan of IPv6 exthdr 2012-09-28 11:34:33 +09:00
xt_LED.c
xt_length.c
xt_limit.c netfilter: xt_limit: have r->cost != 0 case work 2012-09-26 01:33:16 +02:00
xt_LOG.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2012-10-02 11:11:09 -07:00
xt_mac.c netfilter: Convert compare_ether_addr to ether_addr_equal 2012-05-09 20:49:18 -04:00
xt_mark.c
xt_multiport.c
xt_nat.c netfilter: xt_nat: fix incorrect hooks for SNAT and DNAT targets 2012-10-15 13:39:12 +02:00
xt_NETMAP.c netfilter: combine ipt_NETMAP and ip6t_NETMAP 2012-09-21 12:11:08 +02:00
xt_nfacct.c netfilter: xtables: add nfacct match to support extended accounting 2011-12-25 02:43:17 +01:00
xt_NFLOG.c
xt_NFQUEUE.c netfilter: sparse endian fixes 2012-08-20 12:45:57 +02:00
xt_osf.c netfilter: sparse endian fixes 2012-08-20 12:45:57 +02:00
xt_owner.c userns: xt_owner: Add basic user namespace support. 2012-08-14 21:55:30 -07:00
xt_physdev.c
xt_pkttype.c
xt_policy.c
xt_quota.c
xt_rateest.c
xt_RATEEST.c
xt_realm.c
xt_recent.c netfilter: xt_recent: avoid high order page allocations 2013-01-04 20:14:42 +01:00
xt_REDIRECT.c netfilter: combine ipt_REDIRECT and ip6t_REDIRECT 2012-09-21 12:12:05 +02:00
xt_repldata.h
xt_sctp.c
xt_SECMARK.c
xt_set.c netfilter: ipset: Support to match elements marked with "nomatch" 2012-09-22 22:44:34 +02:00
xt_socket.c netfilter: xt_socket: fix compilation warnings with gcc 4.7 2012-09-03 13:31:39 +02:00
xt_state.c
xt_statistic.c
xt_string.c
xt_tcpmss.c
xt_TCPMSS.c net: Convert net_ratelimit uses to net_<level>_ratelimited 2012-05-15 13:45:03 -04:00
xt_TCPOPTSTRIP.c
xt_tcpudp.c
xt_TEE.c netfilter: xt_TEE: don't use destination address found in header 2012-10-17 11:00:31 +02:00
xt_time.c netfilter: xt_time: add support to ignore day transition 2012-09-24 14:29:01 +02:00
xt_TPROXY.c net: Fix (nearly-)kernel-doc comments for various functions 2012-07-10 23:13:45 -07:00
xt_TRACE.c
xt_u32.c