summaryrefslogtreecommitdiffstats
path: root/include/linux/netfilter/xt_connlimit.h
Commit message (Collapse)AuthorAgeFilesLines
* netfilter: xt_connlimit: remove revision 0Cong Wang2012-06-071-7/+2
| | | | | | | | It was scheduled to be removed. Cc: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* headers, xtables: Add missing #include <linux/netfilter.h>Ben Hutchings2011-08-261-0/+1
| | | | | | | | Various headers use union nf_inet_addr, defined in <linux/netfilter.h>. Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Acked-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* netfilter: xtables: add missing header inclusions for headers_checkJan Engelhardt2011-01-201-0/+2
| | | | | | | | | | Resolve these warnings on `make headers_check`: usr/include/linux/netfilter/xt_CT.h:7: found __[us]{8,16,32,64} type without #include <linux/types.h> ... Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* netfilter: xtables: remove duplicate memberJan Engelhardt2011-01-201-1/+1
| | | | | | | | | | | Accidentally missed removing the old out-of-union "inverse" member, which caused the struct size to change which then gives size mismatch warnings when using an old iptables. It is interesting to see that gcc did not warn about this before. (Filed http://gcc.gnu.org/bugzilla/show_bug.cgi?id=47376 ) Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* netfilter: xtables: connlimit revision 1Jan Engelhardt2011-01-191-0/+12
| | | | | | | | | | This adds destination address-based selection. The old "inverse" member is overloaded (memory-wise) with a new "flags" variable, similar to how J.Park did it with xt_string rev 1. Since revision 0 userspace only sets flag 0x1, no great changes are made to explicitly test for different revisions. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
* [NETFILTER]: Annotate start of kernel fields in NF headersJan Engelhardt2008-01-281-1/+1
| | | | | | Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: xt_connlimit: use the new union nf_inet_addrJan Engelhardt2008-01-281-2/+7
| | | | | | Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* netfilter endian regressionsAl Viro2007-07-261-2/+2
| | | | | | | no real bugs, just misannotations cropping up Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* [NETFILTER]: x_tables: add connlimit matchJan Engelhardt2007-07-141-0/+17
ipt_connlimit has been sitting in POM-NG for a long time. Here is a new shiny xt_connlimit with: * xtables'ified * will request the layer3 module (previously it hotdropped every packet when it was not loaded) * fixed: there was a deadlock in case of an OOM condition * support for any layer4 protocol (e.g. UDP/SCTP) * using jhash, as suggested by Eric Dumazet * ipv6 support Signed-off-by: Jan Engelhardt <jengelh@gmx.de> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
OpenPOWER on IntegriCloud