Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-12-02 00:51:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
fd77846152
linux/net/ipv4/netfilter
History
Eric Paris fd77846152 security: remove the security_netlink_recv hook as it is equivalent to capable() 
Once upon a time netlink was not sync and we had to get the effective
capabilities from the skb that was being received.  Today we instead get
the capabilities from the current task.  This has rendered the entire
purpose of the hook moot as it is now functionally equivalent to the
capable() call.

Signed-off-by: Eric Paris <eparis@redhat.com>
2012-01-05 18:53:01 -05:00
..
arp_tables.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-next-2.6 2011-04-19 11:24:06 -07:00
arpt_mangle.c netfilter: arpt_mangle: fix return values of checkentry 2011-02-01 16:03:46 +01:00
arptable_filter.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
ip_queue.c security: remove the security_netlink_recv hook as it is equivalent to capable() 2012-01-05 18:53:01 -05:00
ip_tables.c netfilter: ip_tables: fix compile with debug 2011-06-16 17:16:37 +02:00
ipt_ah.c netfilter: xtables: change hotdrop pointer to direct modification 2010-05-11 18:35:27 +02:00
ipt_CLUSTERIP.c netfilter: Reduce switch/case indent 2011-07-01 16:11:15 -07:00
ipt_ecn.c netfilter: ipt_ecn: fix inversion for IP header ECN match 2011-06-16 17:24:55 +02:00
ipt_ECN.c netfilter: xtables: substitute temporary defines by final name 2010-05-11 18:31:17 +02:00
ipt_LOG.c netfilter: xt_LOG: do print MAC header on FORWARD 2010-11-15 11:23:06 +01:00
ipt_MASQUERADE.c netfilter: add more values to enum ip_conntrack_info 2011-06-06 01:35:10 +02:00
ipt_NETMAP.c netfilter: nf_nat: support user-specified SNAT rules in LOCAL_IN 2010-06-17 06:12:26 +02:00
ipt_REDIRECT.c netfilter: xtables: substitute temporary defines by final name 2010-05-11 18:31:17 +02:00
ipt_REJECT.c netfilter: Fix ip_route_me_harder triggering ip_rt_bug 2011-06-29 05:47:32 -07:00
ipt_ULOG.c netfilter: xtables: substitute temporary defines by final name 2010-05-11 18:31:17 +02:00
iptable_filter.c netfilter: cleanup printk messages 2010-05-13 15:02:08 +02:00
iptable_mangle.c netfilter: do not omit re-route check on NF_QUEUE verdict 2011-01-20 10:23:26 +01:00
iptable_raw.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
iptable_security.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
Kconfig netfilter: ipt_addrtype: rename to xt_addrtype 2011-03-15 20:16:20 +01:00
Makefile netfilter: ipt_addrtype: rename to xt_addrtype 2011-03-15 20:16:20 +01:00
nf_conntrack_l3proto_ipv4_compat.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 into HEAD 2011-01-13 10:29:21 +09:00
nf_conntrack_l3proto_ipv4.c netfilter: nf_nat: avoid double seq_adjust for loopback 2011-06-16 17:29:22 +02:00
nf_conntrack_proto_icmp.c netfilter: nf_conntrack: fix ct refcount leak in l4proto->error() 2011-06-06 01:37:02 +02:00
nf_defrag_ipv4.c ip: introduce ip_is_fragment helper inline function 2011-06-21 20:33:34 -07:00
nf_nat_amanda.c netfilter: nf_nat_amanda: rename a variable 2010-11-15 18:45:12 +01:00
nf_nat_core.c netfilter: add more values to enum ip_conntrack_info 2011-06-06 01:35:10 +02:00
nf_nat_ftp.c netfilter: nf_nat: better error handling of nf_ct_expect_related() in helpers 2010-09-22 08:34:12 +02:00
nf_nat_h323.c netfilter: nf_nat: better error handling of nf_ct_expect_related() in helpers 2010-09-22 08:34:12 +02:00
nf_nat_helper.c netfilter: nf_nat: fix crash in nf_nat_csum 2011-06-06 01:36:46 +02:00
nf_nat_irc.c netfilter: nf_nat: better error handling of nf_ct_expect_related() in helpers 2010-09-22 08:34:12 +02:00
nf_nat_pptp.c netfilter: nf_conntrack: add support for "conntrack zones" 2010-02-15 18:13:33 +01:00
nf_nat_proto_common.c net: Compute protocol sequence numbers and fragment IDs using MD5. 2011-08-06 18:33:19 -07:00
nf_nat_proto_dccp.c netfilter: nf_nat: make unique_tuple return void 2010-08-02 17:20:54 +02:00
nf_nat_proto_gre.c netfilter: nf_nat: don't check if the tuple is unique when there isn't any other choice 2010-08-02 17:35:49 +02:00
nf_nat_proto_icmp.c netfilter: nf_nat: don't check if the tuple is unique when there isn't any other choice 2010-08-02 17:35:49 +02:00
nf_nat_proto_sctp.c netfilter: nf_nat: make unique_tuple return void 2010-08-02 17:20:54 +02:00
nf_nat_proto_tcp.c netfilter: nf_nat: make unique_tuple return void 2010-08-02 17:20:54 +02:00
nf_nat_proto_udp.c netfilter: nf_nat: make unique_tuple return void 2010-08-02 17:20:54 +02:00
nf_nat_proto_udplite.c netfilter: nf_nat: make unique_tuple return void 2010-08-02 17:20:54 +02:00
nf_nat_proto_unknown.c netfilter: nf_nat: make unique_tuple return void 2010-08-02 17:20:54 +02:00
nf_nat_rule.c netfilter: add more values to enum ip_conntrack_info 2011-06-06 01:35:10 +02:00
nf_nat_sip.c netfilter: nf_nat: better error handling of nf_ct_expect_related() in helpers 2010-09-22 08:34:12 +02:00
nf_nat_snmp_basic.c netfilter: Reduce switch/case indent 2011-07-01 16:11:15 -07:00
nf_nat_standalone.c ip: introduce ip_is_fragment helper inline function 2011-06-21 20:33:34 -07:00
nf_nat_tftp.c netfilter: fix some coding styles and remove moduleparam.h 2010-04-13 11:25:41 +02:00