davidlt/kernel-ark
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
666953df35
kernel-ark/net
History
Alexey Dobriyan 666953df35 [NETFILTER]: ip_tables: per-netns FILTER/MANGLE/RAW tables for real 
Commit 9335f047fe aka
"[NETFILTER]: ip_tables: per-netns FILTER, MANGLE, RAW"
added per-netns _view_ of iptables rules. They were shown to user, but
ignored by filtering code. Now that it's possible to at least ping loopback,
per-netns tables can affect filtering decisions.

netns is taken in case of
	PRE_ROUTING, LOCAL_IN -- from in device,
	POST_ROUTING, LOCAL_OUT -- from out device,
	FORWARD -- from in device which should be equal to out device's netns.
		   This code is relatively new, so BUG_ON was plugged.

Wrappers were added to a) keep code the same from CONFIG_NET_NS=n users
(overwhelming majority), b) consolidate code in one place -- similar
changes will be done in ipv6 and arp netfilter code.

Signed-off-by: Alexey Dobriyan <adobriyan@sw.ru>
Signed-off-by: Patrick McHardy <kaber@trash.net>
2008-04-14 09:56:02 +02:00
..
9p Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2008-04-03 14:33:42 -07:00
802
8021q Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2008-04-02 22:35:23 -07:00
appletalk [NET] NETNS: Omit net_device->nd_net without CONFIG_NET_NS. 2008-03-26 04:39:53 +09:00
atm [ATM]: Use SEQ_START_TOKEN 2008-04-10 03:33:03 -07:00
ax25 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2008-03-27 18:48:56 -07:00
bluetooth Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2008-04-02 22:35:23 -07:00
bridge [NET] NETNS: Omit sock->sk_net without CONFIG_NET_NS. 2008-03-26 04:39:55 +09:00
can [NET] NETNS: Omit net_device->nd_net without CONFIG_NET_NS. 2008-03-26 04:39:53 +09:00
core [SKB]: __skb_append = __skb_queue_after 2008-04-14 00:05:09 -07:00
dccp [NETNS][DCCPV6]: Make per-net socket lookup. 2008-04-13 22:33:06 -07:00
decnet [NET] NETNS: Omit sock->sk_net without CONFIG_NET_NS. 2008-03-26 04:39:55 +09:00
econet [NET] NETNS: Omit net_device->nd_net without CONFIG_NET_NS. 2008-03-26 04:39:53 +09:00
ethernet
ieee80211 the scheduled ieee80211 softmac removal 2008-03-13 16:02:31 -04:00
ipv4 [NETFILTER]: ip_tables: per-netns FILTER/MANGLE/RAW tables for real 2008-04-14 09:56:02 +02:00
ipv6 [NETFILTER]: {ip,ip6}t_LOG: print MARK value in log output 2008-04-14 09:56:01 +02:00
ipx [NET] NETNS: Omit net_device->nd_net without CONFIG_NET_NS. 2008-03-26 04:39:53 +09:00
irda Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2008-03-27 18:48:56 -07:00
iucv iucv: Delay bus registration until core is ready. 2008-04-10 02:12:45 -07:00
key LSM: Make the Labeled IPsec hooks more stack friendly 2008-04-12 19:07:52 -07:00
lapb
llc Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2008-04-02 22:35:23 -07:00
mac80211 mac80211: fix key debugfs default_key link 2008-04-08 16:46:36 -04:00
netfilter [NETFILTER]: nf_conntrack: less hairy ifdefs around proc and sysctl 2008-04-14 09:56:01 +02:00
netlabel [NET] NETNS: Omit net_device->nd_net without CONFIG_NET_NS. 2008-03-26 04:39:53 +09:00
netlink [NET] NETNS: Omit namespace comparision without CONFIG_NET_NS. 2008-03-26 04:40:00 +09:00
netrom [NET] NETNS: Omit sock->sk_net without CONFIG_NET_NS. 2008-03-26 04:39:55 +09:00
packet [NET] NETNS: Omit sock->sk_net without CONFIG_NET_NS. 2008-03-26 04:39:55 +09:00
rfkill
rose Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2008-04-02 22:35:23 -07:00
rxrpc Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2008-04-03 14:33:42 -07:00
sched Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2008-04-02 22:35:23 -07:00
sctp [SCTP]: Remove an unused parameter from sctp_cmd_hb_timer_update 2008-04-12 18:55:12 -07:00
sunrpc Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2008-04-03 14:33:42 -07:00
tipc [TIPC]: Improve socket time conversions 2008-04-13 21:35:11 -07:00
unix [AF_UNIX]: Use SEQ_START_TOKEN 2008-04-12 19:04:38 -07:00
wanrouter
wireless cfg80211: default to regulatory max power for channel 2008-04-08 16:44:41 -04:00
x25 [NET] NETNS: Omit sock->sk_net without CONFIG_NET_NS. 2008-03-26 04:39:55 +09:00
xfrm LSM: Make the Labeled IPsec hooks more stack friendly 2008-04-12 19:07:52 -07:00
compat.c
Kconfig [IPV4]: Fix size description of CONFIG_INET. 2008-03-04 15:18:22 +09:00
Makefile
nonet.c
socket.c [NETNS]: Introduce a netns_core structure. 2008-03-31 19:41:14 -07:00
sysctl_net.c
TUNABLE