sugar/linux
1
0
Fork 0
Code Activity
Files
bc01befdcf3e40979eb518085a075cbf0aacede0
linux/include/net
History
Pablo Neira Ayuso bc01befdcf netfilter: ctnetlink: add support for user-space expectation helpers 
This patch adds the basic infrastructure to support user-space
expectation helpers via ctnetlink and the netfilter queuing
infrastructure NFQUEUE. Basically, this patch:

* adds NF_CT_EXPECT_USERSPACE flag to identify user-space
  created expectations. I have also added a sanity check in
  __nf_ct_expect_check() to avoid that kernel-space helpers
  may create an expectation if the master conntrack has no
  helper assigned.
* adds some branches to check if the master conntrack helper
  exists, otherwise we skip the code that refers to kernel-space
  helper such as the local expectation list and the expectation
  policy.
* allows to set the timeout for user-space expectations with
  no helper assigned.
* a list of expectations created from user-space that depends
  on ctnetlink (if this module is removed, they are deleted).
* includes USERSPACE in the /proc output for expectations
  that have been created by a user-space helper.

This patch also modifies ctnetlink to skip including the helper
name in the Netlink messages if no kernel-space helper is set
(since no user-space expectation has not kernel-space kernel
assigned).

You can access an example user-space FTP conntrack helper at:
http://people.netfilter.org/pablo/userspace-conntrack-helpers/nf-ftp-helper-userspace-POC.tar.bz

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
2010-09-28 21:06:34 +02:00
..
9p
net/9p: Implement TXATTRCREATE 9p call
2010-08-02 14:28:34 -05:00
bluetooth
Bluetooth: Use 3-DH5 payload size for default ERTM max PDU size
2010-08-10 07:59:11 -04:00
caif
caif-driver: Add CAIF-SPI Protocol driver.
2010-06-29 00:08:21 -07:00
irda
irda: use net_device_stats from struct net_device
2010-08-21 23:32:31 -07:00
iucv
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
2010-03-30 22:02:32 +09:00
netfilter
netfilter: ctnetlink: add support for user-space expectation helpers
2010-09-28 21:06:34 +02:00
netns
ipv6: ip6mr: support multiple tables
2010-05-11 14:40:55 +02:00
phonet
phonet: use call_rcu for phonet device free
2010-06-09 16:14:25 -07:00
sctp
net/sctp: Use pr_fmt and pr_<level>
2010-08-26 14:11:48 -07:00
tc_act
net/sched: add ACT_CSUM action to update packets checksums
2010-08-20 01:42:59 -07:00
tipc
tipc: Update commenting in TIPC API
2010-05-12 23:02:23 -07:00
act_api.h
pkt_sched: gen_kill_estimator() rcu fixes
2010-06-11 18:37:08 -07:00
addrconf.h
net: Add checking to rcu_dereference() primitives
2010-02-25 09:41:03 +01:00
af_ieee802154.h
af_rxrpc.h
af_unix.h
af_unix: Allow credentials to work across user and pid namespaces.
2010-06-16 14:58:16 -07:00
ah.h
net: cleanup include/net
2009-11-04 05:06:25 -08:00
arp.h
atmclip.h
ax25.h
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
2010-03-30 22:02:32 +09:00
ax88796.h
cfg80211.h
cfg80211: allow changing port control protocol
2010-08-27 13:27:07 -04:00
checksum.h
cipso_ipv4.h
cls_cgroup.h
cls_cgroup: Fix rcu lockdep warning
2010-09-03 09:55:24 -07:00
compat.h
net: fix compat_sys_recvmmsg parameter type
2009-12-11 15:07:56 -08:00
datalink.h
dcbnl.h
dn_dev.h
net: use __packed annotation
2010-06-03 03:21:52 -07:00
dn_fib.h
decnet: Remove unused FIB metric macros.
2010-03-27 19:23:46 -07:00
dn_neigh.h
dn_nsp.h
net: use __packed annotation
2010-06-03 03:21:52 -07:00
dn_route.h
net-next: remove useless union keyword
2010-06-10 23:31:35 -07:00
dn.h
dsa.h
dsfield.h
dst_ops.h
dst.h
net: check for refcount if pop a stacked dst_entry
2010-06-04 15:56:00 -07:00
esp.h
ethoc.h
fib_rules.h
net: fib_rules: mark arguments to fib_rules_register const and __net_initdata
2010-04-26 16:02:04 +02:00
flow.h
flow: virtualize flow cache entry methods
2010-04-07 03:43:18 -07:00
garp.h
gen_stats.h
net: cleanup include/net
2009-11-04 05:06:25 -08:00
genetlink.h
net: CONFIG_NET_NS reduction
2010-06-02 05:16:23 -07:00
gre.h
PPTP: PPP over IPv4 (Point-to-Point Tunneling Protocol)
2010-08-21 23:05:39 -07:00
icmp.h
ipv4: raw: move struct raw_sock and raw_sk() to include/net/raw.h
2010-04-13 14:49:31 -07:00
ieee80211_radiotap.h
wireless: update radiotap parser
2010-02-08 16:50:53 -05:00
ieee802154_netdev.h
ieee802154: add an mlme_ops call to retrieve PHY object
2009-11-06 14:32:18 +03:00
ieee802154.h
if_inet6.h
ipv6: Replace inet6_ifaddr->dead with state
2010-05-18 15:36:06 -07:00
inet6_connection_sock.h
net: replace ipfragok with skb->local_df
2010-04-15 23:36:37 -07:00
inet6_hashtables.h
tcp: Fix a connect() race with timewait sockets
2009-12-08 20:17:51 -08:00
inet_common.h
inet, inet6: make tcp_sendmsg() and tcp_sendpage() through inet_sendmsg() and inet_sendpage()
2010-07-12 20:21:46 -07:00
inet_connection_sock.h
tcp: Add TCP_USER_TIMEOUT socket option.
2010-08-30 13:23:33 -07:00
inet_ecn.h
inet_frag.h
fragment: add fast path for in-order fragments
2010-06-30 13:44:29 -07:00
inet_hashtables.h
tcp: Fix a connect() race with timewait sockets
2009-12-08 20:17:51 -08:00
inet_sock.h
net - IP_NODEFRAG option for IPv4 socket
2010-06-23 13:16:38 -07:00
inet_timewait_sock.h
net: suppress RCU lockdep false positive in twsk_net()
2010-04-27 12:39:01 -07:00
inetpeer.h
inetpeer: restore small inet_peer structures
2010-06-16 11:55:39 -07:00
ip6_checksum.h
ip6_fib.h
net-next: remove useless union keyword
2010-06-10 23:31:35 -07:00
ip6_route.h
net: sk_dst_cache RCUification
2010-04-13 01:41:33 -07:00
ip6_tunnel.h
net: use __packed annotation
2010-06-03 03:21:52 -07:00
ip_fib.h
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
2009-11-06 00:55:55 -08:00
ip_vs.h
ipvs: make rerouting optional with snat_reroute
2010-09-21 17:38:57 +02:00
ip.h
net: simplify flags for tx timestamping
2010-08-19 00:08:30 -07:00
ipcomp.h
percpu: add __percpu sparse annotations to net
2010-02-16 23:05:38 -08:00
ipconfig.h
ipip.h
net-next: remove useless union keyword
2010-06-10 23:31:35 -07:00
ipv6.h
snmp: 64bit ipstats_mib for all arches
2010-06-30 13:31:19 -07:00
ipx.h
net: use __packed annotation
2010-06-03 03:21:52 -07:00
iw_handler.h
include/net/iw_handler.h: Use SIOCIWFIRST not SIOCSIWCOMMIT in comment
2010-03-31 14:49:12 -04:00
lapb.h
lib80211.h
lib80211: remove unused host_build_iv option
2010-07-26 15:09:04 -04:00
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h
llc: use a device based hash table to speed up multicast delivery
2009-12-26 20:43:57 -08:00
llc_if.h
llc_pdu.h
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
llc.h
llc: convert llc_sap_list to RCU
2009-12-26 20:46:28 -08:00
mac80211.h
mac80211: support runtime interface type changes
2010-08-27 13:53:31 -04:00
mip6.h
net: use __packed annotation
2010-06-03 03:21:52 -07:00
mld.h
ipv6 mcast: Introduce include/net/mld.h for MLD definitions.
2010-04-23 13:35:55 +09:00
ndisc.h
net: use __packed annotation
2010-06-03 03:21:52 -07:00
neighbour.h
net/neighbour.h: fix typo
2010-06-30 12:06:52 -07:00
net_namespace.h
nsproxy: remove INIT_NSPROXY()
2010-03-12 15:52:40 -08:00
netdma.h
netevent.h
netlabel.h
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
2010-03-30 22:02:32 +09:00
netlink.h
net: Fix a typo in netlink.h
2010-06-23 12:58:40 -07:00
netrom.h
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
2010-03-30 22:02:32 +09:00
nexthop.h
nl802154.h
p8022.h
pkt_cls.h
net: rename skb->iif to skb->skb_iif
2009-11-20 15:35:04 -08:00
pkt_sched.h
net: Define accessors to manipulate QDISC_STATE_RUNNING
2010-06-02 03:23:51 -07:00
protocol.h
net: drop capability from protocol definitions
2009-11-05 21:40:17 -08:00
psnap.h
raw.h
include/net/raw.h: Convert raw_seq_private macro to inline
2010-09-08 13:42:22 -07:00
rawv6.h
red.h
net: cleanup include/net
2009-11-04 05:06:25 -08:00
regulatory.h
wireless: only use alpha2 regulatory information from country IE
2010-07-20 16:44:35 -04:00
request_sock.h
tcp: account SYN-ACK timeouts & retransmissions
2010-01-17 19:09:39 -08:00
rose.h
route.h
net-next: remove useless union keyword
2010-06-10 23:31:35 -07:00
rtnetlink.h
rtnetlink: support specifying device flags on device creation
2010-02-27 02:43:40 -08:00
sch_generic.h
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
2010-07-07 15:59:38 -07:00
scm.h
scm: Capture the full credentials of the scm sender.
2010-06-16 14:55:56 -07:00
slhc_vj.h
snmp.h
snmp: 64bit ipstats_mib for all arches
2010-06-30 13:31:19 -07:00
sock.h
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
2010-09-09 22:27:33 -07:00
stp.h
tcp_states.h
tcp.h
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
2010-09-09 22:27:33 -07:00
timewait_sock.h
transp_v6.h
IPv6: Add dontfrag argument to relevant functions
2010-04-23 23:35:28 -07:00
udp.h
udp: add rehash on connect()
2010-09-08 21:45:01 -07:00
udplite.h
wext.h
wext: refactor
2009-10-07 16:39:43 -04:00
wimax.h
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial
2009-12-09 19:43:33 -08:00
wpan-phy.h
ieee802154: add support for creation/removal of logic interfaces
2009-11-06 14:32:24 +03:00
x25.h
X25: Move accept approve flag to bitfield
2010-05-17 17:39:27 -07:00
x25device.h
X25: Add if_x25.h and x25 to device identifiers
2010-04-22 16:12:36 -07:00
xfrm.h
xfrm: fix XFRMA_MARK extraction in xfrm_mark_get
2010-06-30 10:43:31 -07:00