iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/net/ipv6/netfilter
History
Florian Westphal 36ce9982ef xtables: move icmp/icmpv6 logic to xt_tcpudp 
icmp/icmp6 matches are baked into ip(6)_tables.ko.

This means that even if iptables-nft is used, a rule like
"-p icmp --icmp-type 1" will load the ip(6)tables modules.

Move them to xt_tcpdudp.ko instead to avoid this.

This will also allow to eventually add kconfig knobs to build kernels
that support iptables-nft but not iptables-legacy (old set/getsockopt
interface).

Signed-off-by: Florian Westphal <fw@strlen.de>
2023-03-22 21:48:59 +01:00
..
ip6_tables.c
xtables: move icmp/icmpv6 logic to xt_tcpudp
2023-03-22 21:48:59 +01:00
ip6t_ah.c
netfilter: ip6tables: Remove redundant null checks
2020-07-29 20:39:43 +02:00
ip6t_eui64.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
ip6t_frag.c
netfilter: ip6tables: Remove redundant null checks
2020-07-29 20:39:43 +02:00
ip6t_hbh.c
netfilter: ip6tables: Remove redundant null checks
2020-07-29 20:39:43 +02:00
ip6t_ipv6header.c
netfilter: move inline nf_ip6_ext_hdr() function to a more appropriate header.
2019-09-13 12:34:09 +02:00
ip6t_mh.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
ip6t_NPT.c
netfilter: ip6t_NPT: rewrite addresses in ICMPv6 original packet
2020-08-28 19:18:48 +02:00
ip6t_REJECT.c
netfilter: use actual socket sk for REJECT action
2020-12-01 14:33:55 +01:00
ip6t_rpfilter.c
netfilter: ip6t_rpfilter: Fix regression with VRF interfaces
2023-02-22 00:22:20 +01:00
ip6t_rt.c
netfilter: ip6t_rt: fix rt0_hdr parsing in rt_mt6
2021-10-14 23:08:35 +02:00
ip6t_srh.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152
2019-05-30 11:26:32 -07:00
ip6t_SYNPROXY.c
netfilter: Add MODULE_DESCRIPTION entries to kernel modules
2020-06-25 00:50:31 +02:00
ip6table_filter.c
netfilter: ip6tables: allow use of ip6t_do_table as hookfn
2021-10-14 23:06:53 +02:00
ip6table_mangle.c
netfilter: ip6tables: allow use of ip6t_do_table as hookfn
2021-10-14 23:06:53 +02:00
ip6table_nat.c
netfilter: ip6tables: allow use of ip6t_do_table as hookfn
2021-10-14 23:06:53 +02:00
ip6table_raw.c
netfilter: ip6tables: allow use of ip6t_do_table as hookfn
2021-10-14 23:06:53 +02:00
ip6table_security.c
netfilter: ip6tables: allow use of ip6t_do_table as hookfn
2021-10-14 23:06:53 +02:00
Kconfig
netfilter: Remove flowtable relics
2022-01-27 00:00:20 +01:00
Makefile
netfilter: Remove flowtable relics
2022-01-27 00:00:20 +01:00
nf_conntrack_reasm.c
net: dropreason: add SKB_DROP_REASON_DUP_FRAG
2022-10-31 20:14:26 -07:00
nf_defrag_ipv6_hooks.c
netfilter: conntrack: fix boot failure with nf_conntrack.enable_hooks=1
2021-09-28 13:04:55 +02:00
nf_dup_ipv6.c
netfilter: drop bridge nf reset from nf_reset
2019-10-01 18:42:15 +02:00
nf_reject_ipv6.c
netfilter: let reset rules clean out conntrack entries
2023-02-17 13:04:56 +01:00
nf_socket_ipv6.c
tcp: Access &tcp_hashinfo via net.
2022-09-20 10:21:49 -07:00
nf_tproxy_ipv6.c
netfilter: tproxy: fix deadlock due to missing BH disable
2023-03-06 12:09:48 +01:00
nft_dup_ipv6.c
netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters
2022-11-15 10:46:34 +01:00
nft_fib_ipv6.c
netfilter: rpfilter/fib: Set ->flowic_uid correctly for user namespaces.
2022-10-19 08:46:48 +02:00
nft_reject_ipv6.c
netfilter: nf_tables: do not reduce read-only expressions
2022-03-20 00:29:46 +01:00