#
09c434b8 |
|
19-May-2019 |
Thomas Gleixner <tglx@linutronix.de> |
treewide: Add SPDX license identifier for more missed files Add SPDX license identifiers to all files which: - Have no license information of any form - Have MODULE_LICENCE("GPL*") inside which was used in the initial scan/conversion to ignore the file These files fall under the project license, GPL v2 only. The resulting SPDX license identifier is: GPL-2.0-only Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
#
13fa745d |
|
28-Feb-2017 |
Joe Perches <joe@perches.com> |
netfilter: Use pr_cont where appropriate Logging output was changed when simple printks without KERN_CONT are now emitted on a new line and KERN_CONT is required to continue lines so use pr_cont. Miscellanea: o realign arguments o use print_hex_dump instead of a local variant Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
#
2851940f |
|
31-Jan-2017 |
Michal Kubeček <mkubecek@suse.cz> |
netfilter: allow logging from non-init namespaces Commit 69b34fb996b2 ("netfilter: xt_LOG: add net namespace support for xt_LOG") disabled logging packets using the LOG target from non-init namespaces. The motivation was to prevent containers from flooding kernel log of the host. The plan was to keep it that way until syslog namespace implementation allows containers to log in a safe way. However, the work on syslog namespace seems to have hit a dead end somewhere in 2013 and there are users who want to use xt_LOG in all network namespaces. This patch allows to do so by setting /proc/sys/net/netfilter/nf_log_all_netns to a nonzero value. This sysctl is only accessible from init_net so that one cannot switch the behaviour from inside a container. Signed-off-by: Michal Kubecek <mkubecek@suse.cz> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
#
613dbd95 |
|
03-Nov-2016 |
Pablo Neira Ayuso <pablo@netfilter.org> |
netfilter: x_tables: move hook state into xt_action_param structure Place pointer to hook state in xt_action_param structure instead of copying the fields that we need. After this change xt_action_param fits into one cacheline. This patch also adds a set of new wrapper functions to fetch relevant hook state structure fields. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
#
ff107d27 |
|
25-Sep-2016 |
Liping Zhang <liping.zhang@spreadtrum.com> |
netfilter: nft_log: complete NFTA_LOG_FLAGS attr support NFTA_LOG_FLAGS attribute is already supported, but the related NF_LOG_XXX flags are not exposed to the userspace. So we cannot explicitly enable log flags to log uid, tcp sequence, ip options and so on, i.e. such rule "nft add rule filter output log uid" is not supported yet. So move NF_LOG_XXX macro definitions to the uapi/../nf_log.h. In order to keep consistent with other modules, change NF_LOG_MASK to refer to all supported log flags. On the other hand, add a new NF_LOG_DEFAULT_MASK to refer to the original default log flags. Finally, if user specify the unsupported log flags or NFTA_LOG_GROUP and NFTA_LOG_FLAGS are set at the same time, report EINVAL to the userspace. Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
#
abcdd9a62 |
|
26-Oct-2015 |
Ian Morris <ipm@chirality.org.uk> |
netfilter-bridge: brace placement Change brace placement to eliminate checkpatch error. No changes detected by objdiff. Signed-off-by: Ian Morris <ipm@chirality.org.uk> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
#
7f495ad9 |
|
26-Oct-2015 |
Ian Morris <ipm@chirality.org.uk> |
netfilter-bridge: use netdev style comments Changes comments to use netdev style. No changes detected by objdiff. Signed-off-by: Ian Morris <ipm@chirality.org.uk> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
#
686c9b50 |
|
18-Sep-2015 |
Eric W. Biederman <ebiederm@xmission.com> |
netfilter: x_tables: Use par->net instead of computing from the passed net devices Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
#
960649d1 |
|
22-Jun-2014 |
Pablo Neira Ayuso <pablo@netfilter.org> |
netfilter: bridge: add generic packet logger This adds the generic plain text packet loggger for bridged packets. It routes the logging message to the real protocol packet logger. I decided not to refactor the ebt_log code for two reasons: 1) The ebt_log output is not consistent with the IPv4 and IPv6 Netfilter packet loggers. The output is different for no good reason and it adds redundant code to handle packet logging. 2) To avoid breaking backward compatibility for applications outthere that are parsing the specific ebt_log output, the ebt_log output has been left as is. So only nftables will use the new consistent logging format for logged bridged packets. More decisions coming in this patch: 1) This also removes ebt_log as default logger for bridged packets. Thus, nf_log_packet() routes packet to this new packet logger instead. This doesn't break backward compatibility since nf_log_packet() is not used to log packets in plain text format from anywhere in the ebtables/netfilter bridge code. 2) The new bridge packet logger also performs a lazy request to register the real IPv4, ARP and IPv6 netfilter packet loggers. If the real protocol logger is no available (not compiled or the module is not available in the system, not packet logging happens. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
#
5962815a |
|
18-Jun-2014 |
Pablo Neira Ayuso <pablo@netfilter.org> |
netfilter: nf_log: use an array of loggers instead of list Now that legacy ulog targets are not available anymore in the tree, we can have up to two possible loggers: 1) The plain text logging via kernel logging ring. 2) The nfnetlink_log infrastructure which delivers log messages to userspace. This patch replaces the list of loggers by an array of two pointers per family for each possible logger and it also introduces a new field to the nf_logger structure which indicates the position in the logger array (based on the logger type). This prepares a follow up patch that consolidates the nf_log_packet() interface by allowing to specify the logger as parameter. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
#
31a5b837 |
|
18-Dec-2013 |
tanxiaojun <tanxiaojun@huawei.com> |
bridge: add space before '(/{', after ',', etc. Spaces required before the open parenthesis '(', before the open brace '{', after that ',' and around that '?/:'. Signed-off-by: Tan Xiaojun <tanxiaojun@huawei.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
8cdb46da |
|
14-May-2013 |
Hans Schillstrom <hans@schillstrom.com> |
netfilter: log: netns NULL ptr bug when calling from conntrack Since (69b34fb netfilter: xt_LOG: add net namespace support for xt_LOG), we hit this: [ 4224.708977] BUG: unable to handle kernel NULL pointer dereference at 0000000000000388 [ 4224.709074] IP: [<ffffffff8147f699>] ipt_log_packet+0x29/0x270 when callling log functions from conntrack both in and out are NULL i.e. the net pointer is invalid. Adding struct net *net in call to nf_logfn() will secure that there always is a vaild net ptr. Reported as netfilter's bugzilla bug 818: https://bugzilla.netfilter.org/show_bug.cgi?id=818 Reported-by: Ronald <ronald645@gmail.com> Signed-off-by: Hans Schillstrom <hans@schillstrom.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
#
7d278924 |
|
24-Mar-2013 |
Gao feng <gaofeng@cn.fujitsu.com> |
netfilter: ebt_log: add net namespace support for ebt_log Add pernet support to ebt_log by means of the new nf_log_set function added in (30e0c6a netfilter: nf_log: prepare net namespace support for loggers). Since syslog ns has yet not been implemented, we don't want the containers to DDOS host's syslogd. So only enable ebt_log only from init_net and wait for syslog ns support. Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
#
30e0c6a6 |
|
24-Mar-2013 |
Gao feng <gaofeng@cn.fujitsu.com> |
netfilter: nf_log: prepare net namespace support for loggers This patch adds netns support to nf_log and it prepares netns support for existing loggers. It is composed of four major changes. 1) nf_log_register has been split to two functions: nf_log_register and nf_log_set. The new nf_log_register is used to globally register the nf_logger and nf_log_set is used for enabling pernet support from nf_loggers. Per netns is not yet complete after this patch, it comes in separate follow up patches. 2) Add net as a parameter of nf_log_bind_pf. Per netns is not yet complete after this patch, it only allows to bind the nf_logger to the protocol family from init_net and it skips other cases. 3) Adapt all nf_log_packet callers to pass netns as parameter. After this patch, this function only works for init_net. 4) Make the sysctl net/netfilter/nf_log pernet. Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
#
16af511a |
|
11-Sep-2012 |
Joe Perches <joe@perches.com> |
netfilter: log: Fix log-level processing auto75914331@hushmail.com reports that iptables does not correctly output the KERN_<level>. $IPTABLES -A RULE_0_in -j LOG --log-level notice --log-prefix "DENY in: " result with linux 3.6-rc5 Sep 12 06:37:29 xxxxx kernel: <5>DENY in: IN=eth0 OUT= MAC=....... result with linux 3.5.3 and older: Sep 9 10:43:01 xxxxx kernel: DENY in: IN=eth0 OUT= MAC...... commit 04d2c8c83d0 ("printk: convert the format for KERN_<LEVEL> to a 2 byte pattern") updated the syslog header style but did not update netfilter uses. Do so. Use KERN_SOH and string concatenation instead of "%c" KERN_SOH_ASCII as suggested by Eric Dumazet. Signed-off-by: Joe Perches <joe@perches.com> cc: auto75914331@hushmail.com Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
#
e6373c4c |
|
11-Dec-2011 |
Igor Maravić <igorm@etf.rs> |
net:bridge: use IS_ENABLED Use IS_ENABLED(CONFIG_FOO) instead of defined(CONFIG_FOO) || defined (CONFIG_FOO_MODULE) Signed-off-by: Igor Maravić <igorm@etf.rs> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
75f2811c |
|
30-Nov-2011 |
Jesse Gross <jesse@nicira.com> |
ipv6: Add fragment reporting to ipv6_skip_exthdr(). While parsing through IPv6 extension headers, fragment headers are skipped making them invisible to the caller. This reports the fragment offset of the last header in order to make it possible to determine whether the packet is fragmented and, if so whether it is a first or last fragment. Signed-off-by: Jesse Gross <jesse@nicira.com>
|
#
4b560b44 |
|
05-Jul-2009 |
Jan Engelhardt <jengelh@medozas.de> |
netfilter: xtables: substitute temporary defines by final name Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
#
d6b00a53 |
|
25-Mar-2010 |
Jan Engelhardt <jengelh@medozas.de> |
netfilter: xtables: change targets to return error code Part of the transition of done by this semantic patch: // <smpl> @ rule1 @ struct xt_target ops; identifier check; @@ ops.checkentry = check; @@ identifier rule1.check; @@ check(...) { <... -return true; +return 0; ...> } @@ identifier rule1.check; @@ check(...) { <... -return false; +return -EINVAL; ...> } // </smpl> Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
#
135367b8 |
|
19-Mar-2010 |
Jan Engelhardt <jengelh@medozas.de> |
netfilter: xtables: change xt_target.checkentry return type Restore function signatures from bool to int so that we can report memory allocation failures or similar using -ENOMEM rather than always having to pass -EINVAL back. // <smpl> @@ type bool; identifier check, par; @@ -bool check +int check (struct xt_tgchk_param *par) { ... } // </smpl> Minus the change it does to xt_ct_find_proto. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
|
#
fc0e3df4 |
|
15-Feb-2010 |
Florian Westphal <fwestphal@astaro.com> |
netfilter: ebtables: avoid explicit XT_ALIGN() in match/targets This will cause trouble once CONFIG_COMPAT support is added to ebtables. xt_compat_*_offset() calculate the kernel/userland structure size delta using: XT_ALIGN(size) - COMPAT_XT_ALIGN(size) If the match/target sizes are aligned at registration time, delta is always zero. Should have zero effect for existing systems: xtables uses XT_ALIGN() whenever it deals with match/target sizes. Signed-off-by: Florian Westphal <fwestphal@astaro.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
|
#
be39ee11 |
|
10-Aug-2009 |
Tobias Klauser <klto@zhaw.ch> |
netfilter: ebtables: Use %pM conversion specifier ebt_log uses its own implementation of print_mac to print MAC addresses. This patch converts it to use the %pM conversion specifier for printk. Signed-off-by: Tobias Klauser <klto@zhaw.ch> Signed-off-by: Patrick McHardy <kaber@trash.net>
|
#
704b3ea3 |
|
26-Mar-2009 |
Eric Leblond <eric@inl.fr> |
netfilter: fix warning about invalid const usage This patch fixes the declaration of the logger structure in ebt_log and ebt_ulog: I forgot to remove the const option from their declaration in the commit ca735b3aaa945626ba65a3e51145bfe4ecd9e222 ("netfilter: use a linked list of loggers"). Pointed-out-by: Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by: Eric Leblond <eric@inl.fr> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
21454aaa |
|
31-Oct-2008 |
Harvey Harrison <harvey.harrison@gmail.com> |
net: replace NIPQUAD() in net/*/ Using NIPQUAD() with NIPQUAD_FMT, %d.%d.%d.%d or %u.%u.%u.%u can be replaced with %pI4 Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
5b095d989 |
|
29-Oct-2008 |
Harvey Harrison <harvey.harrison@gmail.com> |
net: replace %p6 with %pI6 Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
b189db5d |
|
28-Oct-2008 |
Harvey Harrison <harvey.harrison@gmail.com> |
net: remove NIP6(), NIP6_FMT, NIP6_SEQFMT and final users Open code NIP6_FMT in the one call inside sscanf and one user of NIP6() that could use %p6 in the netfilter code. Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
af5d6dc2 |
|
08-Oct-2008 |
Jan Engelhardt <jengelh@medozas.de> |
netfilter: xtables: move extension arguments into compound structure (5/6) This patch does this for target extensions' checkentry functions. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
|
#
7eb35586 |
|
08-Oct-2008 |
Jan Engelhardt <jengelh@medozas.de> |
netfilter: xtables: move extension arguments into compound structure (4/6) This patch does this for target extensions' target functions. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
|
#
043ef46c |
|
08-Oct-2008 |
Jan Engelhardt <jengelh@medozas.de> |
netfilter: move Ebtables to use Xtables Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
|
#
2d06d4a5 |
|
08-Oct-2008 |
Jan Engelhardt <jengelh@medozas.de> |
netfilter: change Ebtables function signatures to match Xtables's Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
|
#
001a18d3 |
|
08-Oct-2008 |
Jan Engelhardt <jengelh@medozas.de> |
netfilter: add dummy members to Ebtables code to ease transition to Xtables Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
|
#
0ac6ab1f |
|
08-Oct-2008 |
Jan Engelhardt <jengelh@medozas.de> |
netfilter: Change return types of targets/watchers for Ebtables extensions Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
|
#
19eda879 |
|
08-Oct-2008 |
Jan Engelhardt <jengelh@medozas.de> |
netfilter: change return types of check functions for Ebtables extensions Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
|
#
18219d3f |
|
08-Oct-2008 |
Jan Engelhardt <jengelh@medozas.de> |
netfilter: ebtables: do centralized size checking Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
|
#
ee999d8b |
|
08-Oct-2008 |
Jan Engelhardt <jengelh@medozas.de> |
netfilter: x_tables: use NFPROTO_* in extensions Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
|
#
76108cea |
|
08-Oct-2008 |
Jan Engelhardt <jengelh@medozas.de> |
netfilter: Use unsigned types for hooknum and pf vars and (try to) consistently use u_int8_t for the L3 family. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
|
#
f586287e |
|
17-Jun-2008 |
Randy Dunlap <randy.dunlap@oracle.com> |
bridge: fix IPV6=n build Fix bridge netfilter code so that it uses CONFIG_IPV6 as needed: net/built-in.o: In function `ebt_filter_ip6': ebt_ip6.c:(.text+0x87c37): undefined reference to `ipv6_skip_exthdr' net/built-in.o: In function `ebt_log_packet': ebt_log.c:(.text+0x88dee): undefined reference to `ipv6_skip_exthdr' make[1]: *** [.tmp_vmlinux1] Error 1 Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
93f65158 |
|
09-Jun-2008 |
Kuo-lang Tseng <kuo-lang.tseng@intel.com> |
netfilter: ebtables: add IPv6 support It implements matching functions for IPv6 address & traffic class (merged from the patch sent by Jan Engelhardt [jengelh@computergmbh.de] http://marc.info/?l=netfilter-devel&m=120182168424052&w=2), protocol, and layer-4 port id. Corresponding watcher logging function is also added for IPv6. Signed-off-by: Kuo-lang Tseng <kuo-lang.tseng@intel.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
f776c4cd |
|
31-Jan-2008 |
Jan Engelhardt <jengelh@computergmbh.de> |
[NETFILTER]: ebtables: Update modules' descriptions Update the MODULES_DESCRIPTION() tags for all Ebtables modules. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
abfdf1c4 |
|
31-Jan-2008 |
Jan Engelhardt <jengelh@computergmbh.de> |
[NETFILTER]: ebtables: remove casts, use consts Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
7b2f9631 |
|
17-Dec-2007 |
Patrick McHardy <kaber@trash.net> |
[NETFILTER]: nf_log: constify struct nf_logger and nf_log_packet loginfo arg Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
f01ffbd6 |
|
17-Dec-2007 |
Patrick McHardy <kaber@trash.net> |
[NETFILTER]: nf_log: move logging stuff to seperate header Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
62c79318 |
|
24-Jul-2007 |
Jesper Juhl <jesper.juhl@gmail.com> |
[NETFILTER]: Clean up duplicate includes in net/bridge/ This patch cleans up duplicate includes in net/bridge/ Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
7e2acc7e |
|
24-Jul-2007 |
Patrick McHardy <kaber@trash.net> |
[NETFILTER]: Fix logging regression Loading one of the LOG target fails if a different target has already registered itself as backend for the same family. This can affect the ipt_LOG and ipt_ULOG modules when both are loaded. Reported and tested by: <t.artem@mailcity.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
3b5018d6 |
|
12-Apr-2007 |
Patrick McHardy <kaber@trash.net> |
[NETFILTER]: {eb,ip6,ip}t_LOG: remove remains of LOG target overloading All LOG targets always use their internal logging function nowadays, so remove the incorrect error message and handle real errors (!= -EEXIST) by failing to load. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
e92ad99c |
|
12-Feb-2007 |
Patrick McHardy <kaber@trash.net> |
[NETFILTER]: nf_log: minor cleanups - rename nf_logging to nf_loggers since its an array of registered loggers - rename nf_log_unregister_logger() to nf_log_unregister() to make it symetrical to nf_log_register() and convert all users Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
9d6f229f |
|
09-Feb-2007 |
YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> |
[NET] BRIDGE: Fix whitespace errors. Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
a8d0f952 |
|
07-Feb-2007 |
Patrick McHardy <kaber@trash.net> |
[NET]: Add UDPLITE support in a few missing spots Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
47c183fa |
|
14-Nov-2006 |
Al Viro <viro@zeniv.linux.org.uk> |
[BRIDGE]: Annotations. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
5c170a09 |
|
19-May-2006 |
Philip Craig <philipc@snapgear.com> |
[NETFILTER]: fix format specifier for netfilter log targets The prefix argument for nf_log_packet is a format specifier, so don't pass the user defined string directly to it. Signed-off-by: Philip Craig <philipc@snapgear.com> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
65b4b4e8 |
|
28-Mar-2006 |
Andrew Morton <akpm@osdl.org> |
[NETFILTER]: Rename init functions. Every netfilter module uses `init' for its module_init() function and `fini' or `cleanup' for its module_exit() function. Problem is, this creates uninformative initcall_debug output and makes ctags rather useless. So go through and rename them all to $(filename)_init and $(filename)_fini. Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
bafac2a5 |
|
27-Feb-2006 |
Patrick McHardy <kaber@trash.net> |
[NETFILTER]: Restore {ipt,ip6t,ebt}_LOG compatibility The nfnetlink_log infrastructure changes broke compatiblity of the LOG targets. They currently use whatever log backend was registered first, which means that if ipt_ULOG was loaded first, no messages will be printed to the ring buffer anymore. Restore compatiblity by using the old log functions by default and only use the nf_log backend if the user explicitly said so. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
ab67a4d5 |
|
17-Jan-2006 |
Patrick McHardy <kaber@trash.net> |
[EBTABLES]: Handle SCTP/DCCP in ebt_{ip,log} Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
2e4e6a17 |
|
12-Jan-2006 |
Harald Welte <laforge@netfilter.org> |
[NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables This monster-patch tries to do the best job for unifying the data structures and backend interfaces for the three evil clones ip_tables, ip6_tables and arp_tables. In an ideal world we would never have allowed this kind of copy+paste programming... but well, our world isn't (yet?) ideal. o introduce a new x_tables module o {ip,arp,ip6}_tables depend on this x_tables module o registration functions for tables, matches and targets are only wrappers around x_tables provided functions o all matches/targets that are used from ip_tables and ip6_tables are now implemented as xt_FOOBAR.c files and provide module aliases to ipt_FOOBAR and ip6t_FOOBAR o header files for xt_matches are in include/linux/netfilter/, include/linux/netfilter_{ipv4,ipv6} contains compatibility wrappers around the xt_FOOBAR.h headers Based on this patchset we're going to further unify the code, gradually getting rid of all the layer 3 specific assumptions. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
14c85021 |
|
26-Dec-2005 |
Arnaldo Carvalho de Melo <acme@mandriva.com> |
[INET_SOCK]: Move struct inet_sock & helper functions to net/inet_sock.h To help in reducing the number of include dependencies, several files were touched as they were getting needed headers indirectly for stuff they use. Thanks also to Alan Menegotto for pointing out that net/dccp/proto.c had linux/dccp.h include twice. Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
d5228a4f |
|
14-Dec-2005 |
Bart De Schuymer <bdschuym@pandora.be> |
[NETFILTER] ebtables: Support nf_log API from ebt_log and ebt_ulog This makes ebt_log and ebt_ulog use the new nf_log api. This enables the bridging packet filter to log packets e.g. via nfnetlink_log. Signed-off-by: Bart De Schuymer <bdschuym@pandora.be> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
85c1937b |
|
28-Jun-2005 |
David S. Miller <davem@davemloft.net> |
[EBTABLES]: Fix thinkos in ebt_log.c When converting over the skb_header_pointer(), I converted parts of this module incorrectly. Kill the 'u' union in ebt_log() and all the bogus references to it. Signed-off-by: David S. Miller <davem@davemloft.net>
|
#
1da177e4 |
|
16-Apr-2005 |
Linus Torvalds <torvalds@ppc970.osdl.org> |
Linux-2.6.12-rc2 Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip!
|