16 Oct, 2007
1 commit
-
With all the users of the double pointers removed, this patch mops up by
finally replacing all occurances of sk_buff ** in the netfilter API by
sk_buff *.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller
11 Jul, 2007
3 commits
-
Make all initialized struct seq_operations in net/ const
Signed-off-by: Philippe De Muyter
Signed-off-by: David S. Miller -
Queue handlers are registered/unregistered in only process context.
Signed-off-by: Yasuyuki Kozakai
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
The queue handlers registered by ip[6]_queue.ko at initialization should
not be unregistered according to requests from userland program
using nfnetlink_queue. If we allow that, there is no way to register
the handlers of built-in ip[6]_queue again.Signed-off-by: Yasuyuki Kozakai
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
13 Feb, 2007
2 commits
-
Signed-off-by: YOSHIFUJI Hideaki
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Many struct file_operations in the kernel can be "const". Marking them const
moves these to the .rodata section, which avoids false sharing with potential
dirty data. In addition it'll catch accidental writes at compile time to
these shared resources.Signed-off-by: Arjan van de Ven
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
23 Sep, 2006
1 commit
-
Handle GSO packets in nf_queue by segmenting them before queueing to
avoid breaking GSO in case they get mangled.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
25 Jul, 2006
1 commit
-
In case of an unknown verdict or NF_STOP the packet leaks. Unknown verdicts
can happen when userspace is buggy. Reinject the packet in case of NF_STOP,
drop on unknown verdicts.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
01 Jul, 2006
1 commit
-
Signed-off-by: Jörn Engel
Signed-off-by: Adrian Bunk
10 Apr, 2006
1 commit
-
Change the queue rerouter intrastructure to a generic usable
infrastructure for address family specific operations as a base for
some cleanups.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
28 Feb, 2006
5 commits
-
The comparison wants to find out if the last list iteration reached the
end of the list. It needs to compare the iterator with the list head to
do this, not the element it is looking for.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
The only point of registering a queue handler is to provide an outfn,
so there is no need to check for it.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Packets should be rerouted when they come back from userspace, not before.
Also move the queue_rerouters to RCU to avoid taking the queue_handler_lock
for each reinjected packet.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Every rerouter needs to provide a save and a reroute function, we don't
need to check for them. But we do need to check if a rerouter is registered
at all for the current family, with bridging for example packets of
unregistered families can hit nf_queue.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller -
Use the registered data structure instead of copying it.
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
06 Nov, 2005
1 commit
-
With the new nf_queue generalization in 2.6.14, we've introduced a bug
that causes an oops as soon as a packet is queued but no queue handler
registered. This patch fixes it.Signed-off-by: Harald Welte
Signed-off-by: Arnaldo Carvalho de Melo
30 Aug, 2005
3 commits
-
This adds EEXIST to distinguish between the following return values:
0: nobody was registered, registration successful
EEXIST: the exact same handler was already registered, no registration
required
EBUSY: somebody else is registered, registration unsuccessful.Signed-off-by: Harald Welte
Signed-off-by: David S. Miller -
This patch adds a /proc/net/netfilter/nf_queue file, similar to the
recently-added /proc/net/netfilter/nf_log. It indicates which queue
handler is registered to which protocol family. This is useful since
there are now multiple queue handlers in the treee (ip[6]_queue,
nfnetlink_queue).Signed-off-by: Harald Welte
Signed-off-by: David S. Miller -
This patch doesn't introduce any code changes, but merely splits the
core netfilter code into four separate files. It also moves it from
it's old location in net/core/ to the recently-created net/netfilter/
directory.Signed-off-by: Harald Welte
Signed-off-by: David S. Miller