leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
a82c25c366b0963d33ddf699196e6cf57f6d89b1
linux/net/netfilter
History
Florian Westphal a82c25c366 Revert "netfilter: nat: force port remap to prevent shadowing well-known ports" 
This reverts commit 878aed8db3.

This change breaks existing setups where conntrack is used with
asymmetric paths.

In these cases, the NAT transformation occurs on the syn-ack instead of
the syn:

1. SYN    x:12345 -> y -> 443 // sent by initiator, receiverd by responder
2. SYNACK y:443 -> x:12345 // First packet seen by conntrack, as sent by responder
3. tuple_force_port_remap() gets called, sees:
  'tcp from 443 to port 12345 NAT' -> pick a new source port, inititor receives
4. SYNACK y:$RANDOM -> x:12345   // connection is never established

While its possible to avoid the breakage with NOTRACK rules, a kernel
update should not break working setups.

An alternative to the revert is to augment conntrack to tag
mid-stream connections plus more code in the nat core to skip NAT
for such connections, however, this leads to more interaction/integration
between conntrack and NAT.

Therefore, revert, users will need to add explicit nat rules to avoid
port shadowing.

Link: https://lore.kernel.org/netfilter-devel/20220302105908.GA5852@breakpoint.cc/#R
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2051413
Signed-off-by: Florian Westphal <fw@strlen.de>
2022-03-08 13:52:11 +01:00
..
ipset
netfilter: ipset: Fix oversized kvmalloc() calls
2021-09-14 00:50:01 +02:00
ipvs
ipvs: remove unused variable for ip_vs_new_dest
2021-11-30 22:46:08 +01:00
core.c
netfilter: fix use-after-free in __nf_register_net_hook()
2022-02-28 22:34:04 +01:00
Kconfig
netfilter: nf_tables: make counter support built-in
2021-12-23 01:07:35 +01:00
Makefile
netfilter: nf_tables: make counter support built-in
2021-12-23 01:07:35 +01:00
nf_conncount.c
treewide: Add SPDX license identifier for more missed files
2019-05-21 10:50:45 +02:00
nf_conntrack_acct.c
netfilter: nf_conntrack_acct.c: A typo fix
2021-03-28 17:31:14 -07:00
nf_conntrack_amanda.c
netfilter: nf_conntrack_sip: fix expectation clash
2019-07-16 13:16:59 +02:00
nf_conntrack_broadcast.c
netfilter: nf_conntrack_sip: fix expectation clash
2019-07-16 13:16:59 +02:00
nf_conntrack_core.c
netfilter: conntrack: don't increment invalid counter on NF_REPEAT
2022-01-16 00:55:27 +01:00
nf_conntrack_ecache.c
netfilter: ecache: remove nf_exp_event_notifier structure
2021-08-25 12:50:38 +02:00
nf_conntrack_expect.c
netfilter: conntrack: convert to refcount_t api
2022-01-09 23:30:13 +01:00
nf_conntrack_extend.c
netfilter: conntrack: remove two export symbols
2019-12-17 22:59:31 +01:00
nf_conntrack_ftp.c
netfilter: remove BUG_ON() after skb_header_pointer()
2021-05-05 23:45:48 +02:00
nf_conntrack_h323_asn1.c
netfilter: Use fallthrough pseudo-keyword
2020-07-22 01:18:05 +02:00
nf_conntrack_h323_main.c
netfilter: fix clang-12 fmt string warnings
2021-06-01 23:53:51 +02:00
nf_conntrack_h323_types.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 484
2019-06-19 17:09:52 +02:00
nf_conntrack_helper.c
netfilter: nftables: add nf_ct_pernet() helper function
2021-06-07 12:23:37 +02:00
nf_conntrack_irc.c
netfilter: remove BUG_ON() after skb_header_pointer()
2021-05-05 23:45:48 +02:00
nf_conntrack_labels.c
netfilter: not mark a spinlock as __read_mostly
2019-08-27 18:07:03 +02:00
nf_conntrack_netbios_ns.c
netfilter: nf_conntrack_netbios_ns: fix helper module alias
2022-01-11 10:41:44 +01:00
nf_conntrack_netlink.c
netfilter: ctnetlink: disable helper autoassign
2022-02-04 05:39:57 +01:00
nf_conntrack_pptp.c
netfilter: remove BUG_ON() after skb_header_pointer()
2021-05-05 23:45:48 +02:00
nf_conntrack_proto_dccp.c
netfilter: conntrack: pass hook state to log functions
2021-06-18 14:47:43 +02:00
nf_conntrack_proto_generic.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
nf_conntrack_proto_gre.c
netfilter: conntrack: nf_ct_gre_keymap_flush() removal
2021-07-02 02:07:01 +02:00
nf_conntrack_proto_icmp.c
netfilter: conntrack: pass hook state to log functions
2021-06-18 14:47:43 +02:00
nf_conntrack_proto_icmpv6.c
netfilter: conntrack: pass hook state to log functions
2021-06-18 14:47:43 +02:00
nf_conntrack_proto_sctp.c
netfilter: conntrack: don't refresh sctp entries in closed state
2022-02-04 05:38:15 +01:00
nf_conntrack_proto_tcp.c
netfilter: conntrack: re-init state for retransmitted syn-ack
2022-02-04 05:39:51 +01:00
nf_conntrack_proto_udp.c
netfilter: conntrack: set on IPS_ASSURED if flows enters internal stream state
2021-11-01 09:28:54 +01:00
nf_conntrack_proto.c
netfilter: conntrack: skip confirmation and nat hooks in postrouting for vrf
2021-10-26 13:21:09 +01:00
nf_conntrack_sane.c
netfilter: remove BUG_ON() after skb_header_pointer()
2021-05-05 23:45:48 +02:00
nf_conntrack_seqadj.c
netfilter: conntrack, nat: prefer skb_ensure_writable
2019-05-31 18:02:45 +02:00
nf_conntrack_sip.c
netfilter: nf_conntrack_sip: fix expectation clash
2019-07-16 13:16:59 +02:00
nf_conntrack_snmp.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152
2019-05-30 11:26:32 -07:00
nf_conntrack_standalone.c
netfilter: conntrack: convert to refcount_t api
2022-01-09 23:30:13 +01:00
nf_conntrack_tftp.c
netfilter: nf_conntrack_sip: fix expectation clash
2019-07-16 13:16:59 +02:00
nf_conntrack_timeout.c
netfilter: update include directives.
2019-09-13 12:33:06 +02:00
nf_conntrack_timestamp.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 77
2019-05-24 17:37:51 +02:00
nf_dup_netdev.c
netfilter: nf_fwd_netdev: clear timestamp in forwarding path
2020-10-22 14:49:36 +02:00
nf_flow_table_core.c
netfilter: conntrack: convert to refcount_t api
2022-01-09 23:30:13 +01:00
nf_flow_table_inet.c
netfilter: flowtable: remove ipv4/ipv6 modules
2021-12-23 01:07:44 +01:00
nf_flow_table_ip.c
netfilter: flowtable: dst_check() from garbage collector path
2021-03-31 22:34:11 +02:00
nf_flow_table_offload.c
net/sched: act_ct: Fix flow table lookup failure with no originating ifindex
2022-03-01 22:08:31 +01:00
nf_hooks_lwtunnel.c
netfilter: add netfilter hooks to SRv6 data plane
2021-08-30 01:51:36 +02:00
nf_internals.h
netfilter: ctnetlink: add kernel side filtering for dump
2020-05-27 22:20:34 +02:00
nf_log_syslog.c
netfilter: nf_log_syslog: Unset bridge logger in pernet exit
2021-04-26 03:20:47 +02:00
nf_log.c
netfilter: nft_log: perform module load from nf_tables
2021-03-31 22:34:11 +02:00
nf_nat_amanda.c
netfilter: nf_conntrack_sip: fix expectation clash
2019-07-16 13:16:59 +02:00
nf_nat_core.c
Revert "netfilter: nat: force port remap to prevent shadowing well-known ports"
2022-03-08 13:52:11 +01:00
nf_nat_ftp.c
netfilter: nf_conntrack_sip: fix expectation clash
2019-07-16 13:16:59 +02:00
nf_nat_helper.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2019-06-22 08:59:24 -04:00
nf_nat_irc.c
netfilter: nf_conntrack_sip: fix expectation clash
2019-07-16 13:16:59 +02:00
nf_nat_masquerade.c
netfilter: nf_nat_masquerade: add netns refcount tracker to masq_dev_work
2021-12-16 12:49:34 +01:00
nf_nat_proto.c
netfilter: nat: move nf_xfrm_me_harder to where it is used
2021-04-26 03:20:07 +02:00
nf_nat_redirect.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2019-06-22 08:59:24 -04:00
nf_nat_sip.c
netfilter: nf_conntrack_sip: fix expectation clash
2019-07-16 13:16:59 +02:00
nf_nat_tftp.c
netfilter: nf_conntrack_sip: fix expectation clash
2019-07-16 13:16:59 +02:00
nf_queue.c
netfilter: nf_queue: handle socket prefetch
2022-03-01 11:51:15 +01:00
nf_sockopt.c
netfilter: switch nf_setsockopt to sockptr_t
2020-07-24 15:41:54 -07:00
nf_synproxy_core.c
netfilter: conntrack: convert to refcount_t api
2022-01-09 23:30:13 +01:00
nf_tables_api.c
netfilter: nf_tables: prefer kfree_rcu(ptr, rcu) variant
2022-02-23 09:22:46 +01:00
nf_tables_core.c
netfilter: nf_tables: add rule blob layout
2022-01-09 23:35:17 +01:00
nf_tables_offload.c
netfilter: nf_tables_offload: incorrect flow offload action array size
2022-02-20 01:22:20 +01:00
nf_tables_trace.c
netfilter: nf_tables: add rule blob layout
2022-01-09 23:35:17 +01:00
nfnetlink_acct.c
netfilter: use nfnetlink_unicast()
2021-05-29 01:04:53 +02:00
nfnetlink_cthelper.c
Merge ra.kernel.org:/pub/scm/linux/kernel/git/netdev/net
2021-06-07 13:01:52 -07:00
nfnetlink_cttimeout.c
netfilter: use nfnetlink_unicast()
2021-05-29 01:04:53 +02:00
nfnetlink_hook.c
net: Don't include filter.h from net/sock.h
2021-12-29 08:48:14 -08:00
nfnetlink_log.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next
2022-01-09 15:59:23 -08:00
nfnetlink_osf.c
netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check
2021-05-05 22:26:09 +02:00
nfnetlink_queue.c
netfilter: nf_queue: fix possible use-after-free
2022-03-01 11:50:35 +01:00
nfnetlink.c
netfilter: add new hook nfnl subsystem
2021-06-07 12:41:10 +02:00
nft_bitwise.c
netfilter: nft_bitwise: track register operations
2022-01-09 23:35:17 +01:00
nft_byteorder.c
netfilter: nft_byteorder: track register operations
2022-01-27 00:07:24 +01:00
nft_chain_filter.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2021-10-22 11:41:16 +01:00
nft_chain_nat.c
netfilter: nf_tables: remove unused arg in nft_set_pktinfo_unspec()
2021-05-29 01:04:54 +02:00
nft_chain_route.c
netfilter: nf_tables: remove unused arg in nft_set_pktinfo_unspec()
2021-05-29 01:04:54 +02:00
nft_cmp.c
netfilter: nftables_offload: VLAN id needs host byteorder in flow dissector
2021-04-18 22:02:21 +02:00
nft_compat.c
netfilter: log: work around missing softdep backend module
2021-09-21 03:46:56 +02:00
nft_connlimit.c
netfilter: nft_connlimit: memleak if nf_ct_netns_get() fails
2022-01-13 12:26:04 +01:00
nft_counter.c
netfilter: nf_tables: make counter support built-in
2021-12-23 01:07:35 +01:00
nft_ct.c
netfilter: nft_ct: fix use after free when attaching zone template
2022-01-27 00:03:09 +01:00
nft_dup_netdev.c
netfilter: nf_tables_offload: incorrect flow offload action array size
2022-02-20 01:22:20 +01:00
nft_dynset.c
netfilter: nft_dynset: relax superfluous check on set updates
2021-10-07 19:53:15 +02:00
nft_exthdr.c
netfilter: nft_payload: don't allow th access for fragments
2022-02-04 05:38:15 +01:00
nft_fib_inet.c
netfilter: Add MODULE_DESCRIPTION entries to kernel modules
2020-06-25 00:50:31 +02:00
nft_fib_netdev.c
netfilter: Add MODULE_DESCRIPTION entries to kernel modules
2020-06-25 00:50:31 +02:00
nft_fib.c
netfilter: nftables: add nft_parse_register_store() and use it
2021-01-27 23:16:02 +01:00
nft_flow_offload.c
netfilter: nf_tables: add and use nft_thoff helper
2021-05-29 01:04:54 +02:00
nft_fwd_netdev.c
netfilter: nf_tables_offload: incorrect flow offload action array size
2022-02-20 01:22:20 +01:00
nft_hash.c
netfilter: nftables: add nft_parse_register_store() and use it
2021-01-27 23:16:02 +01:00
nft_immediate.c
netfilter: nf_tables_offload: incorrect flow offload action array size
2022-02-20 01:22:20 +01:00
nft_last.c
netfilter: nf_tables: typo NULL check in _clone() function
2022-01-10 21:09:43 -08:00
nft_limit.c
netfilter: nft_limit: fix stateful object memory leak
2022-02-21 15:52:14 +01:00
nft_log.c
netfilter: nft_log: perform module load from nf_tables
2021-03-31 22:34:11 +02:00
nft_lookup.c
netfilter: nf_tables: prefer direct calls for set lookups
2021-05-29 01:04:27 +02:00
nft_masq.c
netfilter: nftables: add nft_parse_register_load() and use it
2021-01-27 22:53:29 +01:00
nft_meta.c
netfilter: nft_meta: cancel register tracking after meta update
2022-01-09 23:35:17 +01:00
nft_nat.c
netfilter: nft_nat: allow to specify layer 4 protocol NAT only
2021-07-23 14:18:03 +02:00
nft_numgen.c
netfilter: nft_numgen: move stateful fields out of expression data
2022-01-09 23:35:16 +01:00
nft_objref.c
netfilter: add and use nft_set_do_lookup helper
2021-05-28 21:11:41 +02:00
nft_osf.c
netfilter: nft_osf: check for TCP packet before further processing
2021-06-16 20:51:50 +02:00
nft_payload.c
netfilter: nft_payload: don't allow th access for fragments
2022-02-04 05:38:15 +01:00
nft_queue.c
netfilter: nftables: add nft_parse_register_load() and use it
2021-01-27 22:53:29 +01:00
nft_quota.c
netfilter: nf_tables: typo NULL check in _clone() function
2022-01-10 21:09:43 -08:00
nft_range.c
netfilter: nftables: add nft_parse_register_load() and use it
2021-01-27 22:53:29 +01:00
nft_redir.c
netfilter: nftables: add nft_parse_register_load() and use it
2021-01-27 22:53:29 +01:00
nft_reject_inet.c
netfilter: nf_tables: add and use nft_sk helper
2021-05-29 01:04:53 +02:00
nft_reject_netdev.c
net: Don't include filter.h from net/sock.h
2021-12-29 08:48:14 -08:00
nft_reject.c
netfilter: nft_reject: unify reject init and dump into nft_reject
2020-10-31 10:40:42 +01:00
nft_rt.c
netfilter: nftables: add nft_parse_register_store() and use it
2021-01-27 23:16:02 +01:00
nft_set_bitmap.c
netfilter: nf_tables: prefer direct calls for set lookups
2021-05-29 01:04:27 +02:00
nft_set_hash.c
netfilter: nf_tables: prefer direct calls for set lookups
2021-05-29 01:04:27 +02:00
nft_set_pipapo_avx2.c
netfilter: nft_set_pipapo_avx2: remove redundant pointer lt
2021-12-24 16:58:17 +01:00
nft_set_pipapo_avx2.h
netfilter: nf_tables: prefer direct calls for set lookups
2021-05-29 01:04:27 +02:00
nft_set_pipapo.c
netfilter: nft_set_pipapo: allocate pcpu scratch maps on clone
2022-01-06 10:43:24 +01:00
nft_set_pipapo.h
netfilter: nf_tables: prefer direct calls for set lookups
2021-05-29 01:04:27 +02:00
nft_set_rbtree.c
netfilter: nf_tables: prefer direct calls for set lookups
2021-05-29 01:04:27 +02:00
nft_socket.c
netfilter: nft_socket: fix build with CONFIG_SOCK_CGROUP_DATA=n
2021-04-27 22:34:05 +02:00
nft_synproxy.c
netfilter: nft_synproxy: unregister hooks on init error path
2022-02-10 16:33:57 +01:00
nft_tproxy.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2021-06-29 15:45:27 -07:00
nft_tunnel.c
netfilter: nftables: add nft_parse_register_store() and use it
2021-01-27 23:16:02 +01:00
nft_xfrm.c
netfilter: nftables: add nft_parse_register_store() and use it
2021-01-27 23:16:02 +01:00
utils.c
netfilter: use actual socket sk rather than skb sk when routing harder
2020-10-30 12:57:39 +01:00
x_tables.c
proc: remove PDE_DATA() completely
2022-01-22 08:33:37 +02:00
xt_addrtype.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_AUDIT.c
netfilter: fix clang-12 fmt string warnings
2021-06-01 23:53:51 +02:00
xt_bpf.c
bpf: Refactor BPF_PROG_RUN into a function
2021-08-17 00:45:07 +02:00
xt_cgroup.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_CHECKSUM.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_CLASSIFY.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_cluster.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_comment.c
treewide: Add SPDX license identifier for more missed files
2019-05-21 10:50:45 +02:00
xt_connbytes.c
netfilter: x_tables: use pr ratelimiting in all remaining spots
2018-02-14 21:05:38 +01:00
xt_connlabel.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_connlimit.c
netfilter: update include directives.
2019-09-13 12:33:06 +02:00
xt_connmark.c
netfilter: Replace HTTP links with HTTPS ones
2020-07-29 20:09:18 +02:00
xt_CONNSECMARK.c
netfilter: Replace HTTP links with HTTPS ones
2020-07-29 20:09:18 +02:00
xt_conntrack.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_cpu.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_CT.c
netfilter: conntrack: convert to refcount_t api
2022-01-09 23:30:13 +01:00
xt_dccp.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_devgroup.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_dscp.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_DSCP.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2019-06-22 08:59:24 -04:00
xt_ecn.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_esp.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_hashlimit.c
proc: remove PDE_DATA() completely
2022-01-22 08:33:37 +02:00
xt_helper.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_hl.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_HL.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2019-06-22 08:59:24 -04:00
xt_HMARK.c
netfilter: xt_HMARK: Use ip_is_fragment() helper
2020-08-28 19:55:51 +02:00
xt_IDLETIMER.c
netfilter: xt_IDLETIMER: replace snprintf in show functions with sysfs_emit
2021-11-08 12:14:05 +01:00
xt_ipcomp.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152
2019-05-30 11:26:32 -07:00
xt_iprange.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
2019-06-25 01:32:59 +02:00
xt_ipvs.c
treewide: Add SPDX license identifier for more missed files
2019-05-21 10:50:45 +02:00
xt_l2tp.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_LED.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 164
2019-05-30 11:26:38 -07:00
xt_length.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_limit.c
netfilter: x_tables: improve limit_mt scalability
2021-05-29 01:04:52 +02:00
xt_LOG.c
netfilter: log: work around missing softdep backend module
2021-09-21 03:46:56 +02:00
xt_mac.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_mark.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_MASQUERADE.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_multiport.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_nat.c
netfilter: Add MODULE_DESCRIPTION entries to kernel modules
2020-06-25 00:50:31 +02:00
xt_NETMAP.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_nfacct.c
netfilter: Remove unnecessary conversion to bool
2020-12-01 09:45:29 +01:00
xt_NFLOG.c
netfilter: log: work around missing softdep backend module
2021-09-21 03:46:56 +02:00
xt_NFQUEUE.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_osf.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13
2019-05-21 11:28:45 +02:00
xt_owner.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
2019-06-25 01:32:59 +02:00
xt_physdev.c
netfilter: inline xt_hashlimit, ebt_802_3 and xt_physdev headers
2019-09-13 12:32:48 +02:00
xt_pkttype.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_policy.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_quota.c
treewide: Add SPDX license identifier for more missed files
2019-05-21 10:50:45 +02:00
xt_rateest.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_RATEEST.c
net: sched: Merge Qdisc::bstats and Qdisc::cpu_bstats data types
2021-10-18 12:54:41 +01:00
xt_realm.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_recent.c
proc: remove PDE_DATA() completely
2022-01-22 08:33:37 +02:00
xt_REDIRECT.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_repldata.h
xt_sctp.c
treewide: Add SPDX license identifier for more missed files
2019-05-21 10:50:45 +02:00
xt_SECMARK.c
netfilter: xt_SECMARK: add new revision to fix structure layout
2021-05-03 23:02:44 +02:00
xt_set.c
netfilter: inline four headers files into another one.
2019-08-13 12:14:26 +02:00
xt_socket.c
netfilter: xt_socket: missing ifdef CONFIG_IP6_NF_IPTABLES dependency
2022-02-13 23:55:48 +01:00
xt_state.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_statistic.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_string.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_tcpmss.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_TCPMSS.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2019-06-22 08:59:24 -04:00
xt_TCPOPTSTRIP.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2019-06-22 08:59:24 -04:00
xt_tcpudp.c
treewide: Add SPDX license identifier for more missed files
2019-05-21 10:50:45 +02:00
xt_TEE.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 3
2019-05-21 11:28:40 +02:00
xt_time.c
netfilter: Replace HTTP links with HTTPS ones
2020-07-29 20:09:18 +02:00
xt_TPROXY.c
netfilter: disable defrag once its no longer needed
2021-04-26 03:20:07 +02:00
xt_TRACE.c
netfilter: nf_log: add module softdeps
2021-03-31 22:34:10 +02:00
xt_u32.c
treewide: Add SPDX license identifier for more missed files
2019-05-21 10:50:45 +02:00