summaryrefslogtreecommitdiffstats
path: root/net/netfilter/xt_CONNSECMARK.c
Commit message (Collapse)AuthorAgeFilesLines
* [NETFILTER]: x_tables: mark matches and targets __read_mostlyPatrick McHardy2007-07-101-1/+1
| | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: add some consts, remove some castsJan Engelhardt2007-07-101-2/+2
| | | | | | | | Make a number of variables const and/or remove unneeded casts. Signed-off-by: Jan Engelhardt <jengelh@gmx.de> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: x_tables: switch xt_target->checkentry to boolJan Engelhardt2007-07-101-6/+6
| | | | | | | | Switch the return type of target checkentry functions to boolean. Signed-off-by: Jan Engelhardt <jengelh@gmx.de> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: Remove IPv4 only connection tracking/NATPatrick McHardy2007-04-251-9/+9
| | | | | | | | Remove the obsolete IPv4 only connection tracking/NAT as scheduled in feature-removal-schedule. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: Remove useless comparisons before assignmentsJan Engelhardt2007-02-081-4/+2
| | | | | | | | Remove unnecessary if() constructs before assignment. Signed-off-by: Jan Engelhardt <jengelh@gmx.de> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: x_tables: add missing try to load conntrack from match/targetsYasuyuki Kozakai2006-12-131-1/+13
| | | | | | | | | CLUSTERIP, CONNMARK, CONNSECMARK, and connbytes need ip_conntrack or layer 3 protocol module of nf_conntrack. Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: x_tables: Fix typos after conversion to use mass registation helperThomas Graf2006-09-221-4/+4
| | | | | Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: x_tables: remove unused size argument to check/destroy functionsPatrick McHardy2006-09-221-1/+1
| | | | | | | The size is verified by x_tables and isn't needed by the modules anymore. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: x_tables: remove unused argument to target functionsPatrick McHardy2006-09-221-1/+1
| | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [NETFILTER]: x_tables: make use of mass registation helpersPatrick McHardy2006-09-221-34/+23
| | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
* [SECMARK]: Add CONNSECMARK xtables targetJames Morris2006-06-171-0/+155
Add a new xtables target, CONNSECMARK, which is used to specify rules for copying security marks from packets to connections, and for copyying security marks back from connections to packets. This is similar to the CONNMARK target, but is more limited in scope in that it only allows copying of security marks to and from packets, as this is all it needs to do. A typical scenario would be to apply a security mark to a 'new' packet with SECMARK, then copy that to its conntrack via CONNMARK, and then restore the security mark from the connection to established and related packets on that connection. Signed-off-by: James Morris <jmorris@namei.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: David S. Miller <davem@davemloft.net>
OpenPOWER on IntegriCloud