leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity
04dac0111d
linux/include/net/netfilter
History
Pablo Neira Ayuso 04dac0111d netfilter: nf_conntrack: improve nf_conn object traceability 
This patch modifies the conntrack subsystem so that all existing
allocated conntrack objects can be found in any of the following
places:

* the hash table, this is the typical place for alive conntrack objects.
* the unconfirmed list, this is the place for newly created conntrack objects
  that are still traversing the stack.
* the dying list, this is where you can find conntrack objects that are dying
  or that should die anytime soon (eg. once the destroy event is delivered to
  the conntrackd daemon).

Thus, we make sure that we follow the track for all existing conntrack
objects. This patch, together with some extension of the ctnetlink interface
to dump the content of the dying and unconfirmed lists, will help in case
to debug suspected nf_conn object leaks.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2012-12-03 15:06:33 +01:00
..
ipv4
ipv6 netfilter: fix compilation when conntrack is disabled but tproxy is enabled 2011-01-12 20:25:08 +01:00
nf_conntrack_acct.h netfilter: nf_conntrack: use atomic64 for accounting counters 2011-12-18 01:19:19 +01:00
nf_conntrack_core.h netfilter: nf_ct_generic: add namespace support 2012-06-07 14:58:39 +02:00
nf_conntrack_ecache.h netlink: Rename pid to portid to avoid confusion 2012-09-10 15:30:41 -04:00
nf_conntrack_expect.h netfilter: add protocol independent NAT core 2012-08-30 03:00:14 +02:00
nf_conntrack_extend.h netfilter: nf_ct_ext: support variable length extensions 2012-06-16 15:08:49 +02:00
nf_conntrack_helper.h netfilter: add user-space connection tracking helper infrastructure 2012-06-16 15:40:02 +02:00
nf_conntrack_l3proto.h netfilter: nf_conntrack: remove now unused sysctl for nf_conntrack_l[3|4]proto 2012-06-07 14:58:41 +02:00
nf_conntrack_l4proto.h netfilter: nf_conntrack: generalize nf_ct_l4proto_net 2012-07-04 19:37:22 +02:00
nf_conntrack_timeout.h netfilter: nf_conntrack: add nf_ct_timeout_lookup 2012-09-03 13:33:03 +02:00
nf_conntrack_timestamp.h netfilter: nf_conntrack: fix linker error with NF_CONNTRACK_TIMESTAMP=n 2011-01-20 20:46:52 +01:00
nf_conntrack_tuple.h netfilter: nf_nat: export NAT definitions to userspace 2011-12-23 14:36:43 +01:00
nf_conntrack_zones.h netfilter: nf_defrag_ipv4: fix compilation error with NF_CONNTRACK=n 2010-02-18 19:04:44 +01:00
nf_conntrack.h netfilter: nf_conntrack: improve nf_conn object traceability 2012-12-03 15:06:33 +01:00
nf_log.h treewide: use __printf not __attribute__((format(printf,...))) 2011-10-31 17:30:54 -07:00
nf_nat_core.h netfilter: add protocol independent NAT core 2012-08-30 03:00:14 +02:00
nf_nat_helper.h netfilter: nf_nat: add protoff argument to packet mangling functions 2012-08-30 03:00:13 +02:00
nf_nat_l3proto.h netfilter: ipv6: add IPv6 NAT support 2012-08-30 03:00:17 +02:00
nf_nat_l4proto.h netfilter: ipv6: add IPv6 NAT support 2012-08-30 03:00:17 +02:00
nf_nat.h netfilter: ip6tables: add MASQUERADE target 2012-08-30 03:00:18 +02:00
nf_queue.h
nf_tproxy_core.h net: use IS_ENABLED(CONFIG_IPV6) 2011-12-11 18:25:16 -05:00
nfnetlink_log.h nfnetlink_log: do not expose NFULNL_COPY_DISABLED to user-space 2010-07-15 11:27:41 +02:00
nfnetlink_queue.h netfilter: fix missing symbols if CONFIG_NETFILTER_NETLINK_QUEUE_CT unset 2012-06-18 21:09:17 -07:00
xt_log.h netfilter: xt_LOG: don't use xchg() for simple assignment 2012-03-26 14:00:28 +02:00
xt_rateest.h Merge branch 'master' of /repos/git/net-next-2.6 2010-06-15 17:31:06 +02:00