summaryrefslogtreecommitdiffstats
path: root/net
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'audit.b37' of ↵Linus Torvalds2007-02-191-13/+39
|\ | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current * 'audit.b37' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: [PATCH] AUDIT_FD_PAIR [PATCH] audit config lockdown [PATCH] minor update to rule add/delete messages (ver 2)
| * [PATCH] AUDIT_FD_PAIRAl Viro2007-02-171-13/+39
| | | | | | | | | | | | | | | | Provide an audit record of the descriptor pair returned by pipe() and socketpair(). Rewritten from the original posted to linux-audit by John D. Ramsdell <ramsdell@mitre.org> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* | Merge git://git.kernel.org/pub/scm/linux/kernel/git/bunk/trivialLinus Torvalds2007-02-192-2/+2
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * git://git.kernel.org/pub/scm/linux/kernel/git/bunk/trivial: (25 commits) Documentation/kernel-docs.txt update. arch/cris: typo in KERN_INFO Storage class should be before const qualifier kernel/printk.c: comment fix update I/O sched Kconfig help texts - CFQ is now default, not AS. Remove duplicate listing of Cris arch from README kbuild: more doc. cleanups doc: make doc. for maxcpus= more visible drivers/net/eexpress.c: remove duplicate comment add a help text for BLK_DEV_GENERIC correct a dead URL in the IP_MULTICAST help text fix the BAYCOM_SER_HDX help text fix SCSI_SCAN_ASYNC help text trivial documentation patch for platform.txt Fix typos concerning hierarchy Fix comment typo "spin_lock_irqrestore". Fix misspellings of "agressive". drivers/scsi/a100u2w.c: trivial typo patch Correct trivial typo in log2.h. Remove useless FIND_FIRST_BIT() macro from cardbus.c. ...
| * | correct a dead URL in the IP_MULTICAST help textAdrian Bunk2007-02-171-1/+1
| | | | | | | | | | | | | | | | | | Reported in kernel Bugzilla #6216. Signed-off-by: Adrian Bunk <bunk@stusta.de>
| * | Various typo fixes.Robert P. J. Day2007-02-171-1/+1
| |/ | | | | | | | | | | | | | | Correct mis-spellings of "algorithm", "appear", "consistent" and (shame, shame) "kernel". Signed-off-by: Robert P. J. Day <rpjday@mindspring.com> Signed-off-by: Adrian Bunk <bunk@stusta.de>
* | Merge branch 'master' into upstreamJeff Garzik2007-02-17199-539/+764
|\|
| * [PATCH] sysctl: remove the proc_dir_entry member for the sysctl tablesEric W. Biederman2007-02-143-15/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | It isn't needed anymore, all of the users are gone, and all of the ctl_table initializers have been converted to use explicit names of the fields they are initializing. [akpm@osdl.org: NTFS fix] Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Cc: James Morris <jmorris@namei.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * [PATCH] sysctl: remove insert_at_head from register_sysctlEric W. Biederman2007-02-1430-32/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The semantic effect of insert_at_head is that it would allow new registered sysctl entries to override existing sysctl entries of the same name. Which is pain for caching and the proc interface never implemented. I have done an audit and discovered that none of the current users of register_sysctl care as (excpet for directories) they do not register duplicate sysctl entries. So this patch simply removes the support for overriding existing entries in the sys_sysctl interface since no one uses it or cares and it makes future enhancments harder. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Acked-by: Ralf Baechle <ralf@linux-mips.org> Acked-by: Martin Schwidefsky <schwidefsky@de.ibm.com> Cc: Russell King <rmk@arm.linux.org.uk> Cc: David Howells <dhowells@redhat.com> Cc: "Luck, Tony" <tony.luck@intel.com> Cc: Ralf Baechle <ralf@linux-mips.org> Cc: Paul Mackerras <paulus@samba.org> Cc: Martin Schwidefsky <schwidefsky@de.ibm.com> Cc: Andi Kleen <ak@muc.de> Cc: Jens Axboe <axboe@kernel.dk> Cc: Corey Minyard <minyard@acm.org> Cc: Neil Brown <neilb@suse.de> Cc: "John W. Linville" <linville@tuxdriver.com> Cc: James Bottomley <James.Bottomley@steeleye.com> Cc: Jan Kara <jack@ucw.cz> Cc: Trond Myklebust <trond.myklebust@fys.uio.no> Cc: Mark Fasheh <mark.fasheh@oracle.com> Cc: David Chinner <dgc@sgi.com> Cc: "David S. Miller" <davem@davemloft.net> Cc: Patrick McHardy <kaber@trash.net> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * [PATCH] sysctl: atalk: remove unnecessary insert_at_head flagEric W. Biederman2007-02-141-1/+1
| | | | | | | | | | | | | | Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Cc: Arnaldo Carvalho de Melo <acme@conectiva.com.br> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * [PATCH] sysctl: ax25: remove unnecessary insert_at_head flagEric W. Biederman2007-02-141-1/+1
| | | | | | | | | | | | | | Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Acked-by: Ralf Baechle <ralf@linux-mips.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * [PATCH] sysctl: dccp: remove unnecessary insert_at_head flagEric W. Biederman2007-02-141-1/+1
| | | | | | | | | | | | | | Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Cc: Arnaldo Carvalho de Melo <acme@conectiva.com.br> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * [PATCH] sysctl: decnet: remove unnecessary insert_at_head flagEric W. Biederman2007-02-141-1/+1
| | | | | | | | | | | | | | | | | | | | | | The sysctl numbers used are unique so setting the insert_at_head flag does not succeed in overriding any sysctls, and is just confusing because it doesn't. Clear the flag. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Cc: Patrick Caulfield <patrick@tykepenguin.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * [PATCH] sysctl: ipx: remove unnecessary insert_at_head flagEric W. Biederman2007-02-141-1/+1
| | | | | | | | | | | | | | | | | | | | The sysctl numbers used are unique so setting the insert_at_head flag servers no semantic purpose and is just confusing. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Cc: Arnaldo Carvalho de Melo <acme@conectiva.com.br> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * [PATCH] sysctl: llc: remove unnecessary insert_at_head flagEric W. Biederman2007-02-141-1/+1
| | | | | | | | | | | | | | | | | | | | The sysctl numbers used are unique so setting the insert_at_head flag serves no semantis purpose, and is just confusing. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Cc: Arnaldo Carvalho de Melo <acme@conectiva.com.br> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * [PATCH] sysctl: netrom: remove unnecessary insert_at_head flagEric W. Biederman2007-02-141-1/+1
| | | | | | | | | | | | | | | | | | | | The sysctl numbers used are unique so setting the insert_at_head flag serves no semantic purpose, so it is just confusing. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Acked-by: Ralf Baechle <ralf@linux-mips.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * [PATCH] sysctl: rose: remove unnecessary insert_at_head flagEric W. Biederman2007-02-141-1/+1
| | | | | | | | | | | | | | | | | | | | The sysctl numbers used are unique so setting the insert_at_head flag serves no semantic purpose. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Acked-by: Ralf Baechle <ralf@linux-mips.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * [PATCH] sysctl: sunrpc: don't unnecessarily set ctl_table->deEric W. Biederman2007-02-142-13/+2
| | | | | | | | | | | | | | | | | | | | | | We don't need this to prevent module unload races so remove the unnecessary code. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Cc: Trond Myklebust <trond.myklebust@fys.uio.no> Cc: Neil Brown <neilb@cse.unsw.edu.au> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * [PATCH] sysctl: sunrpc: remove unnecessary insert_at_head flagEric W. Biederman2007-02-142-2/+2
| | | | | | | | | | | | | | | | | | | | | | Because the sunrpc sysctls don't conflict with any other sysctls the setting the insert at head flag to register_sysctl has no semantic meaning. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Cc: Trond Myklebust <trond.myklebust@fys.uio.no> Cc: Neil Brown <neilb@cse.unsw.edu.au> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * [PATCH] sysctl: x25: remove unnecessary insert_at_head from ↵Eric W. Biederman2007-02-141-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | register_sysctl_table There has not been much maintenance on sysctl in years, and as a result is there is a lot to do to allow future interesting work to happen, and being ambitious I'm trying to do it all at once :) The patches in this series fall into several general categories. - Removal of useless attempts to override the standard sysctls - Registers of sysctl numbers in sysctl.h so someone else does not use the magic number and conflict. - C99 conversions so it becomes possible to change the layout of struct ctl_table without breaking everything. - Removal of useless claims of module ownership, in the proc dir entries - Removal of sys_sysctl support where people had used conflicting sysctl numbers. Trying to break glibc or other applications by changing the ABI is not cool. 9 instances of this in the kernel seems a little extreme. - General enhancements when I got the junk I could see out. This patch: Since x25 uses unique binary numbers inserting yourself at the head of the search list for sysctls so you can override already registered sysctls is pointless. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Cc: Ralf Baechle <ralf@linux-mips.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * [PATCH] remove many unneeded #includes of sched.hTim Schmielau2007-02-14135-135/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After Al Viro (finally) succeeded in removing the sched.h #include in module.h recently, it makes sense again to remove other superfluous sched.h includes. There are quite a lot of files which include it but don't actually need anything defined in there. Presumably these includes were once needed for macros that used to live in sched.h, but moved to other header files in the course of cleaning it up. To ease the pain, this time I did not fiddle with any header files and only removed #includes from .c-files, which tend to cause less trouble. Compile tested against 2.6.20-rc2 and 2.6.20-rc2-mm2 (with offsets) on alpha, arm, i386, ia64, mips, powerpc, and x86_64 with allnoconfig, defconfig, allmodconfig, and allyesconfig as well as a few randconfigs on x86_64 and all configs in arch/arm/configs on arm. I also checked that no new warnings were introduced by the patch (actually, some warnings are removed that were emitted by unnecessarily included header files). Signed-off-by: Tim Schmielau <tim@physik3.uni-rostock.de> Acked-by: Russell King <rmk+kernel@arm.linux.org.uk> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * [PATCH] knfsd: allow the server to provide a gid list when using AUTH_UNIX ↵NeilBrown2007-02-142-6/+224
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | authentication AUTH_UNIX authentication (the standard with NFS) has a limit of 16 groups ids. This causes problems for people in more than 16 groups. So allow the server to map a uid into a list of group ids based on local knowledge rather depending on the (possibly truncated) list from the client. If there is no process on the server responding to upcalls, the gidlist in the request will still be used. Signed-off-by: Neil Brown <neilb@suse.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| * Merge branch 'master' of /home/trondmy/kernel/linux-2.6/Trond Myklebust2007-02-1318-56/+175
| |\
| | * [IPSEC]: Fix the address family to refer encap_familyKazunori MIYAZAWA2007-02-131-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | Fix the address family to refer encap_family when comparing with a kernel generated xfrm_state Signed-off-by: Kazunori MIYAZAWA <miyazawa@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| | * [IPSEC]: changing API of xfrm6_tunnel_registerKazunori MIYAZAWA2007-02-134-11/+60
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch changes xfrm6_tunnel register and deregister interface to prepare for solving the conflict of device tunnels with inter address family IPsec tunnel. There is no device which conflicts with IPv4 over IPv6 IPsec tunnel. Signed-off-by: Kazunori MIYAZAWA <miyazawa@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| | * [IPSEC]: make sit use the xfrm4_tunnel_registerKazunori MIYAZAWA2007-02-132-12/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | This patch makes sit use xfrm4_tunnel_register instead of inet_add_protocol. It solves conflict of sit device with inter address family IPsec tunnel. Signed-off-by: Kazunori MIYAZAWA <miyazawa@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| | * [IPSEC]: Changing API of xfrm4_tunnel_register.Kazunori MIYAZAWA2007-02-134-12/+77
| | | | | | | | | | | | | | | | | | | | | | | | | | | This patch changes xfrm4_tunnel register and deregister interface to prepare for solving the conflict of device tunnels with inter address family IPsec tunnel. Signed-off-by: Kazunori MIYAZAWA <miyazawa@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| | * [TCP]: Prevent pseudo garbage in SYN's advertized windowIlpo Järvinen2007-02-131-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | TCP may advertize up to 16-bits window in SYN packets (no window scaling allowed). At the same time, TCP may have rcv_wnd (32-bits) that does not fit to 16-bits without window scaling resulting in pseudo garbage into advertized window from the low-order bits of rcv_wnd. This can happen at least when mss <= (1<<wscale) (see tcp_select_initial_window). This patch fixes the handling of SYN advertized windows (compile tested only). In worst case (which is unlikely to occur though), the receiver advertized window could be just couple of bytes. I'm not sure that such situation would be handled very well at all by the receiver!? Fortunately, the situation normalizes after the first non-SYN ACK is received because it has the correct, scaled window. Alternatively, tcp_select_initial_window could be changed to prevent too large rcv_wnd in the first place. [ tcp_make_synack() has the same bug, and I've added a fix for that to this patch -DaveM ] Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
| | * [NET_SCHED]: sch_hfsc: replace ASSERT macro by WARN_ONPatrick McHardy2007-02-131-14/+1
| | | | | | | | | | | | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
| | * [BRIDGE] br_if: Fix oops in port_carrier_checkJarek Poplawski2007-02-132-3/+9
| | | | | | | | | | | | | | | | | | Signed-off-by: Jarek Poplawski <jarkao2@o2.pl> Acked-by: Stephen Hemminger <shemminger@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| | * [NETFILTER]: Clear GSO bits for TCP reset packetHerbert Xu2007-02-131-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The TCP reset packet is copied from the original. This includes all the GSO bits which do not apply to the new packet. So we should clear those bits. Spotted by Patrick McHardy. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
| | * [XFRM]: Fix IPv4 tunnel mode decapsulation with IPV6=nPatrick McHardy2007-02-121-0/+1
| | | | | | | | | | | | | | | | | | | | | Add missing break when CONFIG_IPV6=n. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
| | * [IPV6] HASHTABLES: Use appropriate seed for caluculating ehash index.YOSHIFUJI Hideaki2007-02-121-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Tetsuo Handa <handat@pm.nttdata.co.jp> told me that connect(2) with TCPv6 socket almost always took a few minutes to return when we did not have any ports available in the range of net.ipv4.ip_local_port_range. The reason was that we used incorrect seed for calculating index of hash when we check established sockets in __inet6_check_established(). Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | Merge branch 'master' of /home/trondmy/kernel/linux-2.6/Trond Myklebust2007-02-12630-11073/+16129
| |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: net/sunrpc/auth_gss/gss_krb5_crypto.c net/sunrpc/auth_gss/gss_spkm3_token.c net/sunrpc/clnt.c Merge with mainline and fix conflicts.
| * | NFS: disconnect before retrying NFSv4 requests over TCPChuck Lever2007-02-122-0/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | RFC3530 section 3.1.1 states an NFSv4 client MUST NOT send a request twice on the same connection unless it is the NULL procedure. Section 3.1.1 suggests that the client should disconnect and reconnect if it wants to retry a request. Implement this by adding an rpc_clnt flag that an ULP can use to specify that the underlying transport should be disconnected on a major timeout. The NFSv4 client asserts this new flag, and requests no retries after a minor retransmit timeout. Note that disconnecting on a retransmit is in general not safe to do if the RPC client does not reuse the TCP port number when reconnecting. See http://bugzilla.linux-nfs.org/show_bug.cgi?id=6 Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| * | NFSv4: Ensure non-root user can trigger a referral automountTrond Myklebust2007-02-031-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | Currently only root can trigger a referral automount because only root can access rpc_pipefs directories. Enabling read access to non-root should be harmless (they can still not access the pipes themselves) and will suffice to fix this problem. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| * | SUNRPC: fix print format for tk_pidChuck Lever2007-02-0310-198/+228
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The tk_pid field is an unsigned short. The proper print format specifier for that type is %5u, not %4d. Also clean up some miscellaneous print formatting nits. Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| * | SUNRPC: fix print format for tk_pid in auth_gss supportChuck Lever2007-02-0313-63/+73
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The tk_pid field is an unsigned short. The proper print format specifier for that type is %5u, not %4d. Also clean up some miscellaneous print formatting nits. Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| * | RPC: Clean up rpc_execute...Trond Myklebust2007-02-032-16/+10
| | | | | | | | | | | | | | | | | | | | | | | | The error values are already propagated through task->tk_status, and none of the callers check one without checking the other, so we can drop the return value. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
| * | RPC: Fix double free in portmapper codeTrond Myklebust2007-02-031-3/+5
| | | | | | | | | | | | | | | | | | rpc_run_task is guaranteed to always call ->rpc_release. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* | | Merge branch 'gfar' of ↵Jeff Garzik2007-02-17594-9984/+10151
|\ \ \ | | |/ | |/| | | | master.kernel.org:/pub/scm/linux/kernel/git/galak/powerpc into upstream
| * | [XFRM]: Fix OOPSes in xfrm_audit_log().David S. Miller2007-02-123-11/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | Make sure that this function is called correctly, and add BUG() checking to ensure the arguments are sane. Based upon a patch by Joy Latten. Signed-off-by: David S. Miller <davem@davemloft.net>
| * | [TCP]: cleanup of htcp (resend)Stephen Hemminger2007-02-121-28/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Minor non-invasive cleanups: * white space around operators and line wrapping * use const * use __read_mostly Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | [TCP]: Use read mostly for CUBIC parameters.Stephen Hemminger2007-02-121-10/+10
| | | | | | | | | | | | | | | | | | | | | | | | These module parameters should be in the read mostly area to avoid cache pollution. Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | [NETFILTER]: nf_conntrack_tcp: make sysctl variables staticPatrick McHardy2007-02-121-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | sysctls are registered by the protocol module itself since 2.6.19, no need to have them visible to others. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | [NETFILTER]: ip6t_mh: drop piggyback payload packet on MH packetsMasahide NAKAMURA2007-02-121-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Regarding RFC3775, MH payload proto field should be IPPROTO_NONE. Otherwise it must be discarded (and the receiver should send ICMP error). We assume filter should drop such piggyback everytime to disallow slipping through firewall rules, even the final receiver will discard it. Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | [NETFILTER]: Fix whitespace errorsYOSHIFUJI Hideaki2007-02-1243-422/+422
| | | | | | | | | | | | | | | | | | Signed-off-by: YOSHIFUJI Hideaki <yoshfuji@linux-ipv6.org> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | [NETFILTER]: Kconfig: improve dependency handlingPatrick McHardy2007-02-123-7/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead of depending on internally needed options and letting users figure out what is needed, select them when needed: - IP_NF_IPTABLES, IP_NF_ARPTABLES and IP6_NF_IPTABLES select NETFILTER_XTABLES - NETFILTER_XT_TARGET_CONNMARK, NETFILTER_XT_MATCH_CONNMARK and IP_NF_TARGET_CLUSTERIP select NF_CONNTRACK_MARK - NETFILTER_XT_MATCH_CONNBYTES selects NF_CT_ACCT Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | [NETFILTER]: xt_mac/xt_CLASSIFY: use IPv6 hook names for IPv6 registrationPatrick McHardy2007-02-122-6/+9
| | | | | | | | | | | | | | | | | | | | | | | | Use NF_IP6_ instead of NF_IP_. The values are identical, this is merely cleanup. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | [NETFILTER]: nf_conntrack: change nf_conntrack_l[34]proto_unregister to voidPatrick McHardy2007-02-121-33/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | No caller checks the return value, and since its usually called within the module unload path there's nothing a module could do about errors anyway, so BUG on invalid conditions and return void. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
| * | [NETFILTER]: nf_conntrack: properly use RCU for nf_conntrack_destroyed callbackPatrick McHardy2007-02-122-6/+10
| | | | | | | | | | | | | | | Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>