Eric Lee / smarc-fsl-linux-kernel

16 Oct, 2007

1 commit

3db05fea5 [NETFILTER]: Replace sk_buff ** with sk_buff * ... Browse Code »

With all the users of the double pointers removed, this patch mops up by
finally replacing all occurances of sk_buff ** in the netfilter API by
sk_buff *.

Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller

Herbert Xu
2007-10-16 03:26:29 +0800

12 Oct, 2007

1 commit

73aaf9355 [NETFILTER]: x_tables: add missing ip6t_modulename aliases ... Browse Code »

The patch will add MODULE_ALIAS("ip6t_") where missing,
otherwise you will get

ip6tables: No chain/target/match by that name

when xt_ is not already loaded.

Signed-off-by: Jan Engelhardt
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller

Jan Engelhardt
2007-10-12 05:36:40 +0800

11 Jul, 2007

3 commits

9f15c5302 [NETFILTER]: x_tables: mark matches and targets __read_mostly ... Browse Code »

Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller

Patrick McHardy
2007-07-11 13:17:15 +0800
a47362a22 [NETFILTER]: add some consts, remove some casts ... Browse Code »

Make a number of variables const and/or remove unneeded casts.

Signed-off-by: Jan Engelhardt
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller

Jan Engelhardt
2007-07-11 13:17:01 +0800
e1931b784 [NETFILTER]: x_tables: switch xt_target->checkentry to bool ... Browse Code »

Switch the return type of target checkentry functions to boolean.

Signed-off-by: Jan Engelhardt
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller

Jan Engelhardt
2007-07-11 13:16:59 +0800

26 Apr, 2007

1 commit

587aa6416 [NETFILTER]: Remove IPv4 only connection tracking/NAT ... Browse Code »

Remove the obsolete IPv4 only connection tracking/NAT as scheduled in
feature-removal-schedule.

Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller

Patrick McHardy
2007-04-26 13:25:34 +0800

09 Feb, 2007

1 commit

2822b0d92 [NETFILTER]: Remove useless comparisons before assignments ... Browse Code »

Remove unnecessary if() constructs before assignment.

Signed-off-by: Jan Engelhardt
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller

Jan Engelhardt
2007-02-09 04:39:11 +0800

14 Dec, 2006

1 commit

11078c371 [NETFILTER]: x_tables: add missing try to load conntrack from match/targets ... Browse Code »

CLUSTERIP, CONNMARK, CONNSECMARK, and connbytes need ip_conntrack or
layer 3 protocol module of nf_conntrack.

Signed-off-by: Yasuyuki Kozakai
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller

Yasuyuki Kozakai
2006-12-14 08:48:21 +0800

03 Dec, 2006

2 commits

f61801218 [NETFILTER]: nf_conntrack: split out the event cache ... Browse Code »

This patch splits out the event cache into its own file
nf_conntrack_ecache.c

Signed-off-by: Martin Josefsson
Signed-off-by: Patrick McHardy

Martin Josefsson
2006-12-03 13:31:06 +0800
82e91ffef [NET]: Turn nfmark into generic mark ... Browse Code »

nfmark is being used in various subsystems and has become
the defacto mark field for all kinds of packets. Therefore
it makes sense to rename it to `mark' and remove the
dependency on CONFIG_NETFILTER.

Signed-off-by: Thomas Graf
Signed-off-by: David S. Miller

Thomas Graf
2006-12-03 13:21:38 +0800

23 Sep, 2006

7 commits

7ce975b9d [NETFILTER]: xt_CONNMARK: add compat conversion functions ... Browse Code »

Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller

Patrick McHardy
2006-09-23 06:20:05 +0800
0719bdf1b [NETFILTER]: xt_CONNMARK.c build fix ... Browse Code »

net/netfilter/xt_CONNMARK.c: In function 'target':
net/netfilter/xt_CONNMARK.c:59: warning: implicit declaration of
function 'nf_conntrack_event_cache'

The warning is due to the following .config:
CONFIG_IP_NF_CONNTRACK=m
CONFIG_IP_NF_CONNTRACK_MARK=y
# CONFIG_IP_NF_CONNTRACK_EVENTS is not set
CONFIG_IP_NF_CONNTRACK_NETLINK=m

This change was introduced by:
http://www.kernel.org/git/?p=linux/kernel/git/davem/net-2.6.19.git;a=commit;h=76e4b41009b8a2e9dd246135cf43c7fe39553aa5

Proposed solution (based on the define in
include/net/netfilter/nf_conntrack_compat.h:

Signed-off-by: Benoit Boissinot
Acked-by: Pablo Neira Ayuso
Signed-off-by: Andrew Morton
Signed-off-by: David S. Miller

Benoit Boissinot
2006-09-23 06:18:27 +0800
efa741656 [NETFILTER]: x_tables: remove unused size argument to check/destroy functions ... Browse Code »

The size is verified by x_tables and isn't needed by the modules anymore.

Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller

Patrick McHardy
2006-09-23 05:55:34 +0800
fe1cb1087 [NETFILTER]: x_tables: remove unused argument to target functions ... Browse Code »

Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller

Patrick McHardy
2006-09-23 05:55:33 +0800
4470bbc74 [NETFILTER]: x_tables: make use of mass registation helpers ... Browse Code »

Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller

Patrick McHardy
2006-09-23 05:55:32 +0800
90528e6fe [NETFILTER]: xt_CONNMARK: use tabs for indentation ... Browse Code »

Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller

Patrick McHardy
2006-09-23 05:55:30 +0800
2521c12cf [NETFILTER]: conntrack: introduce connection mark event ... Browse Code »

This patch introduces the mark event. ctnetlink can use this to know if
the mark needs to be dumped.

Signed-off-by: Pablo Neira Ayuso
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller

Pablo Neira Ayuso
2006-09-23 05:55:24 +0800

29 Mar, 2006

1 commit

65b4b4e81 [NETFILTER]: Rename init functions. ... Browse Code »

Every netfilter module uses `init' for its module_init() function and
`fini' or `cleanup' for its module_exit() function.

Problem is, this creates uninformative initcall_debug output and makes
ctags rather useless.

So go through and rename them all to $(filename)_init and
$(filename)_fini.

Signed-off-by: Andrew Morton
Signed-off-by: David S. Miller

Andrew Morton
2006-03-29 09:02:48 +0800

23 Mar, 2006

1 commit

a45049c51 [NETFILTER]: x_tables: set the protocol family in x_tables targets/matches ... Browse Code »

Set the family field in xt_[matches|targets] registered.

Signed-off-by: Pablo Neira Ayuso
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller

Pablo Neira Ayuso
2006-03-23 05:55:40 +0800

21 Mar, 2006

2 commits

c49867347 [NETFILTER]: x_tables: add xt_{match,target} arguments to match/target functions ... Browse Code »

Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller

Patrick McHardy
2006-03-21 10:02:56 +0800
5d04bff09 [NETFILTER]: Convert x_tables matches/targets to centralized error checking ... Browse Code »

Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller

Patrick McHardy
2006-03-21 10:01:58 +0800

13 Jan, 2006

1 commit

2e4e6a17a [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables ... Browse Code »

This monster-patch tries to do the best job for unifying the data
structures and backend interfaces for the three evil clones ip_tables,
ip6_tables and arp_tables. In an ideal world we would never have
allowed this kind of copy+paste programming... but well, our world
isn't (yet?) ideal.

o introduce a new x_tables module
o {ip,arp,ip6}_tables depend on this x_tables module
o registration functions for tables, matches and targets are only
wrappers around x_tables provided functions
o all matches/targets that are used from ip_tables and ip6_tables
are now implemented as xt_FOOBAR.c files and provide module aliases
to ipt_FOOBAR and ip6t_FOOBAR
o header files for xt_matches are in include/linux/netfilter/,
include/linux/netfilter_{ipv4,ipv6} contains compatibility wrappers
around the xt_FOOBAR.h headers

Based on this patchset we're going to further unify the code,
gradually getting rid of all the layer 3 specific assumptions.

Signed-off-by: Harald Welte
Signed-off-by: David S. Miller

Harald Welte
2006-01-13 06:06:43 +0800