linux/include/net/netfilter
David S. Miller fc14963f24 Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
Pablo Neira Ayuso says:

====================
Netfilter fixes for net

The following patchset contains Netfilter fixes for your net tree,
they are:

1) Fix incorrect timestamp in nfnetlink_queue introduced when addressing
   y2038 safe timestamp, from Florian Westphal.

2) Get rid of leftover conntrack definition from the previous merge
   window, oneliner from Florian.

3) Make nf_queue handler pernet to resolve race on dereferencing the
   hook state structure with netns removal, from Eric Biederman.

4) Ensure clean exit on unregistered helper ports, from Taehee Yoo.

5) Restore FLOWI_FLAG_KNOWN_NH in nf_dup_ipv6. This got lost while
   generalizing xt_TEE to add packet duplication support in nf_tables,
   from Paolo Abeni.

6) Insufficient netlink NFTA_SET_TABLE attribute check in
   nf_tables_getset(), from Phil Turnbull.

7) Reject helper registration on duplicated ports via modparams.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
2016-06-01 17:54:19 -07:00
..
ipv4 ipv4: Push struct net down into nf_send_reset 2015-09-29 20:21:31 +02:00
ipv6 netfilter: ipv6: avoid nf_iterate recursion 2015-11-23 17:54:45 +01:00
br_netfilter.h bridge: Pass net into br_validate_ipv4 and br_validate_ipv6 2015-09-29 20:21:32 +02:00
nf_conntrack_acct.h
nf_conntrack_core.h netfilter: conntrack: use a single hashtable for all namespaces 2016-05-05 16:39:47 +02:00
nf_conntrack_ecache.h netfilter: conntrack: move expectation event helper to ecache.c 2016-04-12 23:01:57 +02:00
nf_conntrack_expect.h netfilter: conntrack: use a single expectation table for all namespaces 2016-05-06 11:50:01 +02:00
nf_conntrack_extend.h
nf_conntrack_helper.h
nf_conntrack_l3proto.h
nf_conntrack_l4proto.h netfilter: conntrack: introduce clash resolution on insertion race 2016-05-05 16:39:50 +02:00
nf_conntrack_labels.h netfilter: connlabels: change nf_connlabels_get bit arg to 'highest used' 2016-04-18 20:39:48 +02:00
nf_conntrack_seqadj.h
nf_conntrack_synproxy.h
nf_conntrack_timeout.h netfilter: cttimeout: add netns support 2015-12-14 12:48:58 +01:00
nf_conntrack_timestamp.h
nf_conntrack_tuple.h
nf_conntrack_zones.h netfilter: nf_conntrack: make nf_ct_zone_dflt built-in 2015-09-02 16:32:56 -07:00
nf_conntrack.h netfilter: conntrack: use get_random_once for conntrack hash seed 2016-04-25 14:52:12 +02:00
nf_dup_netdev.h netfilter: nf_tables: add packet duplication to the netdev family 2016-01-03 21:04:23 +01:00
nf_log.h netfilter: restore rule tracing via nfnetlink_log 2015-03-19 11:14:48 +01:00
nf_nat_core.h netfilter: Pass net into nf_xfrm_me_harder 2015-09-18 22:00:22 +02:00
nf_nat_helper.h
nf_nat_l3proto.h netfilter: Pass priv instead of nf_hook_ops to netfilter hooks 2015-09-18 22:00:16 +02:00
nf_nat_l4proto.h
nf_nat_redirect.h
nf_nat.h
nf_queue.h netfilter: nf_queue: Make the queue_handler pernet 2016-05-25 11:54:22 +02:00
nf_tables_bridge.h
nf_tables_core.h netfilter: nf_tables: wrap tracing with a static key 2015-12-09 13:23:13 +01:00
nf_tables_ipv4.h netfilter: nf_tables: kill nft_pktinfo.ops 2015-09-18 21:58:01 +02:00
nf_tables_ipv6.h netfilter: nf_tables: kill nft_pktinfo.ops 2015-09-18 21:58:01 +02:00
nf_tables.h netfilter: nf_tables: allow set names up to 32 bytes 2016-05-05 16:39:51 +02:00
nfnetlink_log.h
nft_dup.h netfilter: nf_tables: add nft_dup expression 2015-08-07 11:49:49 +02:00
nft_masq.h netfilter: nft_masq: support port range 2016-03-02 20:05:27 +01:00
nft_meta.h netfilter: nf_tables: wrap tracing with a static key 2015-12-09 13:23:13 +01:00
nft_redir.h
nft_reject.h
xt_rateest.h