leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1e2d56a5d3
linux/include
History
Pablo Neira Ayuso 7210e4e38f netfilter: nf_tables: restrict nat/masq expressions to nat chain type 
This adds the missing validation code to avoid the use of nat/masq from
non-nat chains. The validation assumes two possible configuration
scenarios:

1) Use of nat from base chain that is not of nat type. Reject this
   configuration from the nft_*_init() path of the expression.

2) Use of nat from non-base chain. In this case, we have to wait until
   the non-base chain is referenced by at least one base chain via
   jump/goto. This is resolved from the nft_*_validate() path which is
   called from nf_tables_check_loops().

The user gets an -EOPNOTSUPP in both cases.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2014-10-13 20:42:00 +02:00
..
acpi Merge branches 'acpi-hotplug', 'acpi-scan', 'acpi-lpss', 'acpi-gpio' and 'acpi-video' 2014-09-25 22:59:30 +02:00
asm-generic ARM: 8168/1: extend __init_end to a page align address 2014-10-02 21:28:16 +01:00
clocksource
crypto crypto: drbg - backport "fix maximum value checks on 32 bit systems" 2014-09-05 15:52:28 +08:00
drm drm/radeon: add additional SI pci ids 2014-08-22 10:47:59 -04:00
dt-bindings ARM: SoC DT updates for 3.18 2014-10-08 17:22:23 -04:00
keys
kvm arm/arm64: KVM: vgic: delay vgic allocation until init time 2014-09-18 18:48:58 -07:00
linux net/phy: micrel: Add clock support for KSZ8021/KSZ8031 2014-10-10 15:35:13 -04:00
math-emu
media [media] vb2: fix VBI/poll regression 2014-09-21 20:57:30 -03:00
memory
misc
net netfilter: nf_tables: restrict nat/masq expressions to nat chain type 2014-10-13 20:42:00 +02:00
pcmcia
ras
rdma IB: ib_umem_release() should decrement mm->pinned_vm from ib_umem_get 2014-09-19 09:55:42 -07:00
rxrpc include/rxrpc/types.h: Remove unused header 2014-08-29 20:33:39 -07:00
scsi Merge remote-tracking branch 'scsi-queue/drivers-for-3.18' into for-linus 2014-10-07 13:48:12 -07:00
soc/tegra
sound ASoC: core: fix .info for SND_SOC_BYTES_TLV 2014-08-18 08:59:12 -05:00
target
trace Merge tag 'f2fs-for-3.18' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs 2014-10-08 12:53:15 -04:00
uapi Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2014-10-10 15:01:09 -04:00
video gpu: ipu-v3: Add ipu-cpmem unit 2014-08-18 14:17:41 +02:00
xen xen/arm: introduce XENFEAT_grant_map_identity 2014-09-11 18:11:52 +00:00
Kbuild