linux/net/netfilter
Jan Engelhardt 370786f9cf [NETFILTER]: x_tables: add connlimit match
ipt_connlimit has been sitting in POM-NG for a long time.
Here is a new shiny xt_connlimit with:

 * xtables'ified
 * will request the layer3 module
   (previously it hotdropped every packet when it was not loaded)
 * fixed: there was a deadlock in case of an OOM condition
 * support for any layer4 protocol (e.g. UDP/SCTP)
 * using jhash, as suggested by Eric Dumazet
 * ipv6 support

Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-07-14 20:47:26 -07:00
..
core.c [NETFILTER]: add some consts, remove some casts 2007-07-10 22:17:01 -07:00
Kconfig [NETFILTER]: x_tables: add connlimit match 2007-07-14 20:47:26 -07:00
Makefile [NETFILTER]: x_tables: add connlimit match 2007-07-14 20:47:26 -07:00
nf_conntrack_amanda.c [NETFILTER]: nf_conntrack: reduce masks to a subset of tuples 2007-07-10 22:17:55 -07:00
nf_conntrack_core.c [NETFILTER]: nf_conntrack: Introduces nf_ct_get_tuplepr and uses it 2007-07-14 20:45:14 -07:00
nf_conntrack_ecache.c [NETFILTER]: nf_conntrack_expect: function naming unification 2007-07-10 22:17:53 -07:00
nf_conntrack_expect.c [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
nf_conntrack_extend.c [NETFILTER]: nf_conntrack: introduce extension infrastructure 2007-07-10 22:17:17 -07:00
nf_conntrack_ftp.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
nf_conntrack_h323_asn1.c [NETFILTER]: nf_conntrack_h323: check range first in sequence extension 2007-07-10 22:16:54 -07:00
nf_conntrack_h323_main.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
nf_conntrack_h323_types.c [NETFILTER]: nf_conntrack_h323: fix ASN.1 types 2007-05-24 16:42:26 -07:00
nf_conntrack_helper.c [NETFILTER]: nf_conntrack_helper: use hashtable for conntrack helpers 2007-07-10 22:18:13 -07:00
nf_conntrack_irc.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
nf_conntrack_l3proto_generic.c [NETFILTER]: nf_conntrack: make l3proto->prepare() generic and renames it 2007-07-14 20:44:50 -07:00
nf_conntrack_netbios_ns.c [NETFILTER]: nf_conntrack: reduce masks to a subset of tuples 2007-07-10 22:17:55 -07:00
nf_conntrack_netlink.c [NETFILTER]: nf_conntrack_expect: maintain per conntrack expectation list 2007-07-10 22:18:02 -07:00
nf_conntrack_pptp.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
nf_conntrack_proto_generic.c [NETFILTER]: Remove changelogs and CVS IDs 2007-04-25 22:27:35 -07:00
nf_conntrack_proto_gre.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
nf_conntrack_proto_sctp.c [NETFILTER]: {ip, nf}_conntrack_sctp: fix remotely triggerable NULL ptr dereference (CVE-2007-2876) 2007-07-10 23:24:52 -07:00
nf_conntrack_proto_tcp.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
nf_conntrack_proto_udp.c [NETFILTER]: Remove changelogs and CVS IDs 2007-04-25 22:27:35 -07:00
nf_conntrack_proto.c [NETLINK]: Possible cleanups. 2007-04-26 00:57:41 -07:00
nf_conntrack_sane.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
nf_conntrack_sip.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
nf_conntrack_standalone.c [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
nf_conntrack_tftp.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
nf_internals.h [NETFILTER]: Fix whitespace errors 2007-02-12 11:15:49 -08:00
nf_log.c [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
nf_queue.c [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
nf_sockopt.c [NETFILTER]: Fix whitespace errors 2007-02-12 11:15:49 -08:00
nf_sysctl.c [PATCH] sysctl: remove insert_at_head from register_sysctl 2007-02-14 08:09:59 -08:00
nfnetlink_log.c [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
nfnetlink_queue.c [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
nfnetlink.c [NETLINK]: Switch cb_lock spinlock to mutex and allow to override it 2007-04-25 22:29:03 -07:00
x_tables.c [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
xt_CLASSIFY.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_comment.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_connbytes.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_connlimit.c [NETFILTER]: x_tables: add connlimit match 2007-07-14 20:47:26 -07:00
xt_connmark.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_CONNMARK.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_CONNSECMARK.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_conntrack.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_dccp.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_dscp.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_DSCP.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_esp.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_hashlimit.c [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
xt_helper.c [NETFILTER]: xt_helper: use RCU 2007-07-10 22:18:19 -07:00
xt_length.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_limit.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_mac.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_mark.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_MARK.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_multiport.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_NFLOG.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_NFQUEUE.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_NOTRACK.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_physdev.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_pkttype.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_policy.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_quota.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_realm.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_sctp.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_SECMARK.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_state.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_statistic.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_string.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_tcpmss.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_TCPMSS.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_tcpudp.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_TRACE.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_u32.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00