iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/net/netfilter
History
Ali Abdallah c4edc3ccbc netfilter: conntrack: improve RST handling when tuple is re-used 
If we receive a SYN packet in original direction on an existing
connection tracking entry, we let this SYN through because conntrack
might be out-of-sync.

Conntrack gets back in sync when server responds with SYN/ACK and state
gets updated accordingly.

However, if server replies with RST, this packet might be marked as
INVALID because td_maxack value reflects the *old* conntrack state
and not the state of the originator of the RST.

Avoid td_maxack-based checks if previous packet was a SYN.

Unfortunately that is not be enough: an out of order ACK in original
direction updates last_index, so we still end up marking valid RST.

Thus disable the sequence check when we are not in established state and
the received RST has a sequence of 0.

Because marking RSTs as invalid usually leads to unwanted timeouts,
also skip RST sequence checks if a conntrack entry is already closing.

Such entries can already be evicted via GC in case the table is full.

Co-developed-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Ali Abdallah <aabdallah@suse.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2021-07-06 14:15:12 +02:00
..
ipset
netfilter: use nfnetlink_unicast()
2021-05-29 01:04:53 +02:00
ipvs
Merge ra.kernel.org:/pub/scm/linux/kernel/git/netdev/net
2021-06-07 13:01:52 -07:00
core.c
netfilter: add inet ingress support
2020-10-12 01:57:34 +02:00
Kconfig
netfilter: nfnetlink_hook: add depends-on nftables
2021-06-09 21:29:12 +02:00
Makefile
netfilter: nf_tables: add last expression
2021-06-17 03:23:00 +02:00
nf_conncount.c
treewide: Add SPDX license identifier for more missed files
2019-05-21 10:50:45 +02:00
nf_conntrack_acct.c
netfilter: nf_conntrack_acct.c: A typo fix
2021-03-28 17:31:14 -07:00
nf_conntrack_amanda.c
netfilter: nf_conntrack_sip: fix expectation clash
2019-07-16 13:16:59 +02:00
nf_conntrack_broadcast.c
netfilter: nf_conntrack_sip: fix expectation clash
2019-07-16 13:16:59 +02:00
nf_conntrack_core.c
netfilter: conntrack: nf_ct_gre_keymap_flush() removal
2021-07-02 02:07:01 +02:00
nf_conntrack_ecache.c
netfilter: nftables: add nf_ct_pernet() helper function
2021-06-07 12:23:37 +02:00
nf_conntrack_expect.c
netfilter: nftables: add nf_ct_pernet() helper function
2021-06-07 12:23:37 +02:00
nf_conntrack_extend.c
netfilter: conntrack: remove two export symbols
2019-12-17 22:59:31 +01:00
nf_conntrack_ftp.c
netfilter: remove BUG_ON() after skb_header_pointer()
2021-05-05 23:45:48 +02:00
nf_conntrack_h323_asn1.c
netfilter: Use fallthrough pseudo-keyword
2020-07-22 01:18:05 +02:00
nf_conntrack_h323_main.c
netfilter: fix clang-12 fmt string warnings
2021-06-01 23:53:51 +02:00
nf_conntrack_h323_types.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 484
2019-06-19 17:09:52 +02:00
nf_conntrack_helper.c
netfilter: nftables: add nf_ct_pernet() helper function
2021-06-07 12:23:37 +02:00
nf_conntrack_irc.c
netfilter: remove BUG_ON() after skb_header_pointer()
2021-05-05 23:45:48 +02:00
nf_conntrack_labels.c
netfilter: not mark a spinlock as __read_mostly
2019-08-27 18:07:03 +02:00
nf_conntrack_netbios_ns.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152
2019-05-30 11:26:32 -07:00
nf_conntrack_netlink.c
netfilter: ctnetlink: suspicious RCU usage in ctnetlink_dump_helpinfo
2021-07-02 02:29:20 +02:00
nf_conntrack_pptp.c
netfilter: remove BUG_ON() after skb_header_pointer()
2021-05-05 23:45:48 +02:00
nf_conntrack_proto_dccp.c
netfilter: conntrack: pass hook state to log functions
2021-06-18 14:47:43 +02:00
nf_conntrack_proto_generic.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
nf_conntrack_proto_gre.c
netfilter: conntrack: nf_ct_gre_keymap_flush() removal
2021-07-02 02:07:01 +02:00
nf_conntrack_proto_icmp.c
netfilter: conntrack: pass hook state to log functions
2021-06-18 14:47:43 +02:00
nf_conntrack_proto_icmpv6.c
netfilter: conntrack: pass hook state to log functions
2021-06-18 14:47:43 +02:00
nf_conntrack_proto_sctp.c
netfilter: conntrack: pass hook state to log functions
2021-06-18 14:47:43 +02:00
nf_conntrack_proto_tcp.c
netfilter: conntrack: improve RST handling when tuple is re-used
2021-07-06 14:15:12 +02:00
nf_conntrack_proto_udp.c
netfilter: conntrack: pass hook state to log functions
2021-06-18 14:47:43 +02:00
nf_conntrack_proto.c
netfilter: conntrack: nf_ct_gre_keymap_flush() removal
2021-07-02 02:07:01 +02:00
nf_conntrack_sane.c
netfilter: remove BUG_ON() after skb_header_pointer()
2021-05-05 23:45:48 +02:00
nf_conntrack_seqadj.c
netfilter: conntrack, nat: prefer skb_ensure_writable
2019-05-31 18:02:45 +02:00
nf_conntrack_sip.c
netfilter: nf_conntrack_sip: fix expectation clash
2019-07-16 13:16:59 +02:00
nf_conntrack_snmp.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152
2019-05-30 11:26:32 -07:00
nf_conntrack_standalone.c
netfilter: conntrack: Introduce udp offload timeout configuration
2021-06-07 12:23:37 +02:00
nf_conntrack_tftp.c
netfilter: nf_conntrack_sip: fix expectation clash
2019-07-16 13:16:59 +02:00
nf_conntrack_timeout.c
netfilter: update include directives.
2019-09-13 12:33:06 +02:00
nf_conntrack_timestamp.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 77
2019-05-24 17:37:51 +02:00
nf_dup_netdev.c
netfilter: nf_fwd_netdev: clear timestamp in forwarding path
2020-10-22 14:49:36 +02:00
nf_flow_table_core.c
netfilter: flowtable: Set offload timeouts according to proto values
2021-06-07 12:23:38 +02:00
nf_flow_table_inet.c
netfilter: Add MODULE_DESCRIPTION entries to kernel modules
2020-06-25 00:50:31 +02:00
nf_flow_table_ip.c
netfilter: flowtable: dst_check() from garbage collector path
2021-03-31 22:34:11 +02:00
nf_flow_table_offload.c
netfilter: flowtable: Set offload timeouts according to proto values
2021-06-07 12:23:38 +02:00
nf_internals.h
netfilter: ctnetlink: add kernel side filtering for dump
2020-05-27 22:20:34 +02:00
nf_log_syslog.c
netfilter: nf_log_syslog: Unset bridge logger in pernet exit
2021-04-26 03:20:47 +02:00
nf_log.c
netfilter: nft_log: perform module load from nf_tables
2021-03-31 22:34:11 +02:00
nf_nat_amanda.c
netfilter: nf_conntrack_sip: fix expectation clash
2019-07-16 13:16:59 +02:00
nf_nat_core.c
netfilter: nat: move nf_xfrm_me_harder to where it is used
2021-04-26 03:20:07 +02:00
nf_nat_ftp.c
netfilter: nf_conntrack_sip: fix expectation clash
2019-07-16 13:16:59 +02:00
nf_nat_helper.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2019-06-22 08:59:24 -04:00
nf_nat_irc.c
netfilter: nf_conntrack_sip: fix expectation clash
2019-07-16 13:16:59 +02:00
nf_nat_masquerade.c
netfilter: nf_nat_masquerade: unify ipv4/6 notifier registration
2019-04-11 20:59:34 +02:00
nf_nat_proto.c
netfilter: nat: move nf_xfrm_me_harder to where it is used
2021-04-26 03:20:07 +02:00
nf_nat_redirect.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2019-06-22 08:59:24 -04:00
nf_nat_sip.c
netfilter: nf_conntrack_sip: fix expectation clash
2019-07-16 13:16:59 +02:00
nf_nat_tftp.c
netfilter: nf_conntrack_sip: fix expectation clash
2019-07-16 13:16:59 +02:00
nf_queue.c
netfilter: nf_queue: prefer nf_queue_entry_free
2020-03-29 16:28:29 +02:00
nf_sockopt.c
netfilter: switch nf_setsockopt to sockptr_t
2020-07-24 15:41:54 -07:00
nf_synproxy_core.c
netfilter: synproxy: Fix out of bounds when parsing TCP options
2021-06-10 14:26:18 -07:00
nf_tables_api.c
netfilter: nf_tables: Fix dereference of null pointer flow
2021-07-02 02:05:59 +02:00
nf_tables_core.c
netfilter: nf_tables: add last expression
2021-06-17 03:23:00 +02:00
nf_tables_offload.c
netfilter: nf_tables_offload: check FLOW_DISSECTOR_KEY_BASIC in VLAN transfer logic
2021-06-21 22:26:19 +02:00
nf_tables_trace.c
netfilter: nf_tables: add and use nft_thoff helper
2021-05-29 01:04:54 +02:00
nfnetlink_acct.c
netfilter: use nfnetlink_unicast()
2021-05-29 01:04:53 +02:00
nfnetlink_cthelper.c
Merge ra.kernel.org:/pub/scm/linux/kernel/git/netdev/net
2021-06-07 13:01:52 -07:00
nfnetlink_cttimeout.c
netfilter: use nfnetlink_unicast()
2021-05-29 01:04:53 +02:00
nfnetlink_hook.c
netfilter: nfnetlink_hook: fix check for snprintf() overflow
2021-06-21 22:05:29 +02:00
nfnetlink_log.c
netfilter: nfnetlink: add struct nfgenmsg to struct nfnl_info and use it
2021-06-07 12:23:36 +02:00
nfnetlink_osf.c
netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check
2021-05-05 22:26:09 +02:00
nfnetlink_queue.c
netfilter: nfnetlink: add struct nfgenmsg to struct nfnl_info and use it
2021-06-07 12:23:36 +02:00
nfnetlink.c
netfilter: add new hook nfnl subsystem
2021-06-07 12:41:10 +02:00
nft_bitwise.c
netfilter: nftables: add nft_parse_register_store() and use it
2021-01-27 23:16:02 +01:00
nft_byteorder.c
netfilter: nftables: add nft_parse_register_store() and use it
2021-01-27 23:16:02 +01:00
nft_chain_filter.c
netfilter: nf_tables: remove unused arg in nft_set_pktinfo_unspec()
2021-05-29 01:04:54 +02:00
nft_chain_nat.c
netfilter: nf_tables: remove unused arg in nft_set_pktinfo_unspec()
2021-05-29 01:04:54 +02:00
nft_chain_route.c
netfilter: nf_tables: remove unused arg in nft_set_pktinfo_unspec()
2021-05-29 01:04:54 +02:00
nft_cmp.c
netfilter: nftables_offload: VLAN id needs host byteorder in flow dissector
2021-04-18 22:02:21 +02:00
nft_compat.c
netfilter: nfnetlink: add struct nfgenmsg to struct nfnl_info and use it
2021-06-07 12:23:36 +02:00
nft_connlimit.c
netfilter: Add MODULE_DESCRIPTION entries to kernel modules
2020-06-25 00:50:31 +02:00
nft_counter.c
netfilter: nftables: counter hardware offload support
2021-04-18 22:04:49 +02:00
nft_ct.c
netfilter: nft_ct: skip expectations for confirmed conntrack
2021-06-02 12:43:34 +02:00
nft_dup_netdev.c
netfilter: nftables: add nft_parse_register_load() and use it
2021-01-27 22:53:29 +01:00
nft_dynset.c
netfilter: nftables: add nft_pernet() helper function
2021-04-26 03:58:17 +02:00
nft_exthdr.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2021-06-29 15:45:27 -07:00
nft_fib_inet.c
netfilter: Add MODULE_DESCRIPTION entries to kernel modules
2020-06-25 00:50:31 +02:00
nft_fib_netdev.c
netfilter: Add MODULE_DESCRIPTION entries to kernel modules
2020-06-25 00:50:31 +02:00
nft_fib.c
netfilter: nftables: add nft_parse_register_store() and use it
2021-01-27 23:16:02 +01:00
nft_flow_offload.c
netfilter: nf_tables: add and use nft_thoff helper
2021-05-29 01:04:54 +02:00
nft_fwd_netdev.c
netfilter: nftables: add nft_parse_register_load() and use it
2021-01-27 22:53:29 +01:00
nft_hash.c
netfilter: nftables: add nft_parse_register_store() and use it
2021-01-27 23:16:02 +01:00
nft_immediate.c
netfilter: nftables: add nft_parse_register_store() and use it
2021-01-27 23:16:02 +01:00
nft_last.c
netfilter: nf_tables: add last expression
2021-06-17 03:23:00 +02:00
nft_limit.c
netfilter: nft_limit: avoid possible divide error in nft_limit_init
2021-04-10 21:15:35 +02:00
nft_log.c
netfilter: nft_log: perform module load from nf_tables
2021-03-31 22:34:11 +02:00
nft_lookup.c
netfilter: nf_tables: prefer direct calls for set lookups
2021-05-29 01:04:27 +02:00
nft_masq.c
netfilter: nftables: add nft_parse_register_load() and use it
2021-01-27 22:53:29 +01:00
nft_meta.c
netfilter: nftables: add nft_parse_register_store() and use it
2021-01-27 23:16:02 +01:00
nft_nat.c
netfilter: nftables: add nft_parse_register_load() and use it
2021-01-27 22:53:29 +01:00
nft_numgen.c
netfilter: nftables: add nft_parse_register_store() and use it
2021-01-27 23:16:02 +01:00
nft_objref.c
netfilter: add and use nft_set_do_lookup helper
2021-05-28 21:11:41 +02:00
nft_osf.c
netfilter: nft_osf: check for TCP packet before further processing
2021-06-16 20:51:50 +02:00
nft_payload.c
netfilter: nf_tables: add and use nft_thoff helper
2021-05-29 01:04:54 +02:00
nft_queue.c
netfilter: nftables: add nft_parse_register_load() and use it
2021-01-27 22:53:29 +01:00
nft_quota.c
netfilter: Add MODULE_DESCRIPTION entries to kernel modules
2020-06-25 00:50:31 +02:00
nft_range.c
netfilter: nftables: add nft_parse_register_load() and use it
2021-01-27 22:53:29 +01:00
nft_redir.c
netfilter: nftables: add nft_parse_register_load() and use it
2021-01-27 22:53:29 +01:00
nft_reject_inet.c
netfilter: nf_tables: add and use nft_sk helper
2021-05-29 01:04:53 +02:00
nft_reject_netdev.c
netfilter: nft_reject: add reject verdict support for netdev
2020-10-31 10:41:00 +01:00
nft_reject.c
netfilter: nft_reject: unify reject init and dump into nft_reject
2020-10-31 10:40:42 +01:00
nft_rt.c
netfilter: nftables: add nft_parse_register_store() and use it
2021-01-27 23:16:02 +01:00
nft_set_bitmap.c
netfilter: nf_tables: prefer direct calls for set lookups
2021-05-29 01:04:27 +02:00
nft_set_hash.c
netfilter: nf_tables: prefer direct calls for set lookups
2021-05-29 01:04:27 +02:00
nft_set_pipapo_avx2.c
netfilter: nft_set_pipapo_avx2: fix up description warnings
2021-06-01 23:53:51 +02:00
nft_set_pipapo_avx2.h
netfilter: nf_tables: prefer direct calls for set lookups
2021-05-29 01:04:27 +02:00
nft_set_pipapo.c
netfilter: nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to non-AVX2 version
2021-05-14 01:42:52 +02:00
nft_set_pipapo.h
netfilter: nf_tables: prefer direct calls for set lookups
2021-05-29 01:04:27 +02:00
nft_set_rbtree.c
netfilter: nf_tables: prefer direct calls for set lookups
2021-05-29 01:04:27 +02:00
nft_socket.c
netfilter: nft_socket: fix build with CONFIG_SOCK_CGROUP_DATA=n
2021-04-27 22:34:05 +02:00
nft_synproxy.c
netfilter: nf_tables: add and use nft_thoff helper
2021-05-29 01:04:54 +02:00
nft_tproxy.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2021-06-29 15:45:27 -07:00
nft_tunnel.c
netfilter: nftables: add nft_parse_register_store() and use it
2021-01-27 23:16:02 +01:00
nft_xfrm.c
netfilter: nftables: add nft_parse_register_store() and use it
2021-01-27 23:16:02 +01:00
utils.c
netfilter: use actual socket sk rather than skb sk when routing harder
2020-10-30 12:57:39 +01:00
x_tables.c
netfilter: allow to turn off xtables compat layer
2021-04-26 18:16:56 +02:00
xt_addrtype.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_AUDIT.c
netfilter: fix clang-12 fmt string warnings
2021-06-01 23:53:51 +02:00
xt_bpf.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_cgroup.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_CHECKSUM.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_CLASSIFY.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_cluster.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_comment.c
treewide: Add SPDX license identifier for more missed files
2019-05-21 10:50:45 +02:00
xt_connbytes.c
netfilter: x_tables: use pr ratelimiting in all remaining spots
2018-02-14 21:05:38 +01:00
xt_connlabel.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_connlimit.c
netfilter: update include directives.
2019-09-13 12:33:06 +02:00
xt_connmark.c
netfilter: Replace HTTP links with HTTPS ones
2020-07-29 20:09:18 +02:00
xt_CONNSECMARK.c
netfilter: Replace HTTP links with HTTPS ones
2020-07-29 20:09:18 +02:00
xt_conntrack.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_cpu.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_CT.c
netfilter: xt_CT: Remove redundant assignment to ret
2021-05-29 01:04:53 +02:00
xt_dccp.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_devgroup.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_dscp.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_DSCP.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2019-06-22 08:59:24 -04:00
xt_ecn.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_esp.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_hashlimit.c
netfilter: Replace zero-length array with flexible-array member
2020-03-15 15:20:16 +01:00
xt_helper.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_hl.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_HL.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2019-06-22 08:59:24 -04:00
xt_HMARK.c
netfilter: xt_HMARK: Use ip_is_fragment() helper
2020-08-28 19:55:51 +02:00
xt_IDLETIMER.c
netfilter: xt_IDLETIMER: target v1 - match Android layout
2020-04-05 23:26:37 +02:00
xt_ipcomp.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152
2019-05-30 11:26:32 -07:00
xt_iprange.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
2019-06-25 01:32:59 +02:00
xt_ipvs.c
treewide: Add SPDX license identifier for more missed files
2019-05-21 10:50:45 +02:00
xt_l2tp.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_LED.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 164
2019-05-30 11:26:38 -07:00
xt_length.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_limit.c
netfilter: x_tables: improve limit_mt scalability
2021-05-29 01:04:52 +02:00
xt_LOG.c
netfilter: nf_log: add module softdeps
2021-03-31 22:34:10 +02:00
xt_mac.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_mark.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_MASQUERADE.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_multiport.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_nat.c
netfilter: Add MODULE_DESCRIPTION entries to kernel modules
2020-06-25 00:50:31 +02:00
xt_NETMAP.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_nfacct.c
netfilter: Remove unnecessary conversion to bool
2020-12-01 09:45:29 +01:00
xt_NFLOG.c
netfilter: nf_log: add module softdeps
2021-03-31 22:34:10 +02:00
xt_NFQUEUE.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_osf.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13
2019-05-21 11:28:45 +02:00
xt_owner.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
2019-06-25 01:32:59 +02:00
xt_physdev.c
netfilter: inline xt_hashlimit, ebt_802_3 and xt_physdev headers
2019-09-13 12:32:48 +02:00
xt_pkttype.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_policy.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_quota.c
treewide: Add SPDX license identifier for more missed files
2019-05-21 10:50:45 +02:00
xt_rateest.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_RATEEST.c
netfilter: xt_RATEEST: reject non-null terminated string from userspace
2020-12-27 11:52:26 +01:00
xt_realm.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_recent.c
netfilter: xt_recent: Fix attempt to update deleted entry
2021-02-04 00:33:08 +01:00
xt_REDIRECT.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_repldata.h
xt_sctp.c
treewide: Add SPDX license identifier for more missed files
2019-05-21 10:50:45 +02:00
xt_SECMARK.c
netfilter: xt_SECMARK: add new revision to fix structure layout
2021-05-03 23:02:44 +02:00
xt_set.c
netfilter: inline four headers files into another one.
2019-08-13 12:14:26 +02:00
xt_socket.c
netfilter: disable defrag once its no longer needed
2021-04-26 03:20:07 +02:00
xt_state.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_statistic.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_string.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_tcpmss.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_TCPMSS.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2019-06-22 08:59:24 -04:00
xt_TCPOPTSTRIP.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2019-06-22 08:59:24 -04:00
xt_tcpudp.c
treewide: Add SPDX license identifier for more missed files
2019-05-21 10:50:45 +02:00
xt_TEE.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 3
2019-05-21 11:28:40 +02:00
xt_time.c
netfilter: Replace HTTP links with HTTPS ones
2020-07-29 20:09:18 +02:00
xt_TPROXY.c
netfilter: disable defrag once its no longer needed
2021-04-26 03:20:07 +02:00
xt_TRACE.c
netfilter: nf_log: add module softdeps
2021-03-31 22:34:10 +02:00
xt_u32.c
treewide: Add SPDX license identifier for more missed files
2019-05-21 10:50:45 +02:00