linux/net/netfilter
Eric W. Biederman b4b510290b [NET]: Support multiple network namespaces with netlink
Each netlink socket will live in exactly one network namespace,
this includes the controlling kernel sockets.

This patch updates all of the existing netlink protocols
to only support the initial network namespace.  Request
by clients in other namespaces will get -ECONREFUSED.
As they would if the kernel did not have the support for
that netlink protocol compiled in.

As each netlink protocol is updated to be multiple network
namespace safe it can register multiple kernel sockets
to acquire a presence in the rest of the network namespaces.

The implementation in af_netlink is a simple filter implementation
at hash table insertion and hash table look up time.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-10 16:49:09 -07:00
..
core.c [NET]: Make /proc/net per network namespace 2007-10-10 16:49:06 -07:00
Kconfig [NETFILTER]: xt_connlimit needs to depend on nf_conntrack 2007-07-18 02:38:32 -07:00
Makefile [NETFILTER]: nf_conntrack: UDPLITE support 2007-07-14 20:48:44 -07:00
nf_conntrack_amanda.c [NETFILTER]: nf_conntrack: reduce masks to a subset of tuples 2007-07-10 22:17:55 -07:00
nf_conntrack_core.c netfilter endian regressions 2007-07-26 11:11:56 -07:00
nf_conntrack_ecache.c [NETFILTER]: nf_conntrack_expect: function naming unification 2007-07-10 22:17:53 -07:00
nf_conntrack_expect.c [NET]: Make /proc/net per network namespace 2007-10-10 16:49:06 -07:00
nf_conntrack_extend.c [NETFILTER]: nf_conntrack: introduce extension infrastructure 2007-07-10 22:17:17 -07:00
nf_conntrack_ftp.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
nf_conntrack_h323_asn1.c [NETFILTER]: nf_conntrack_h323: check range first in sequence extension 2007-07-10 22:16:54 -07:00
nf_conntrack_h323_main.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
nf_conntrack_h323_types.c [NETFILTER]: nf_conntrack_h323: fix ASN.1 types 2007-05-24 16:42:26 -07:00
nf_conntrack_helper.c netfilter endian regressions 2007-07-26 11:11:56 -07:00
nf_conntrack_irc.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
nf_conntrack_l3proto_generic.c [NETFILTER]: nf_conntrack: mark protocols __read_mostly 2007-07-14 20:48:19 -07:00
nf_conntrack_netbios_ns.c [NETFILTER]: nf_conntrack: reduce masks to a subset of tuples 2007-07-10 22:17:55 -07:00
nf_conntrack_netlink.c [NETFILTER]: ctnetlink: return EEXIST instead of EINVAL for existing nat'ed conntracks 2007-08-07 18:11:26 -07:00
nf_conntrack_pptp.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
nf_conntrack_proto_generic.c [NETFILTER]: nf_conntrack: mark protocols __read_mostly 2007-07-14 20:48:19 -07:00
nf_conntrack_proto_gre.c [NETFILTER]: nf_conntrack: mark protocols __read_mostly 2007-07-14 20:48:19 -07:00
nf_conntrack_proto_sctp.c [NETFILTER]: nf_conntrack: mark protocols __read_mostly 2007-07-14 20:48:19 -07:00
nf_conntrack_proto_tcp.c [NETFILTER]: Clean up duplicate includes in net/netfilter/ 2007-07-24 15:31:05 -07:00
nf_conntrack_proto_udp.c [NETFILTER]: Clean up duplicate includes in net/netfilter/ 2007-07-24 15:31:05 -07:00
nf_conntrack_proto_udplite.c [NETFILTER]: Clean up duplicate includes in net/netfilter/ 2007-07-24 15:31:05 -07:00
nf_conntrack_proto.c [NETLINK]: Possible cleanups. 2007-04-26 00:57:41 -07:00
nf_conntrack_sane.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
nf_conntrack_sip.c [NETFILTER]: nf_conntrack_sip: fix SIP-URI parsing 2007-08-14 13:14:35 -07:00
nf_conntrack_standalone.c [NET]: Make /proc/net per network namespace 2007-10-10 16:49:06 -07:00
nf_conntrack_tftp.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
nf_internals.h [NETFILTER]: Fix whitespace errors 2007-02-12 11:15:49 -08:00
nf_log.c [NET] NETFILTER: Fix whitespace errors. 2007-07-19 10:44:21 +09:00
nf_queue.c [NET]: Make all initialized struct seq_operations const. 2007-07-10 23:07:31 -07:00
nf_sockopt.c [NETFILTER]: Fix/improve deadlock condition on module removal netfilter 2007-09-11 11:28:26 +02:00
nf_sysctl.c [PATCH] sysctl: remove insert_at_head from register_sysctl 2007-02-14 08:09:59 -08:00
nfnetlink_log.c [NET]: Support multiple network namespaces with netlink 2007-10-10 16:49:09 -07:00
nfnetlink_queue.c [NET]: Support multiple network namespaces with netlink 2007-10-10 16:49:09 -07:00
nfnetlink.c [NET]: Support multiple network namespaces with netlink 2007-10-10 16:49:09 -07:00
x_tables.c [NET]: Make /proc/net per network namespace 2007-10-10 16:49:06 -07:00
xt_CLASSIFY.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_comment.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_connbytes.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_connlimit.c netfilter endian regressions 2007-07-26 11:11:56 -07:00
xt_connmark.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_CONNMARK.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_CONNSECMARK.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_conntrack.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_dccp.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_dscp.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_DSCP.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_esp.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_hashlimit.c [NET]: Make /proc/net per network namespace 2007-10-10 16:49:06 -07:00
xt_helper.c [NETFILTER]: xt_helper: use RCU 2007-07-10 22:18:19 -07:00
xt_length.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_limit.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_mac.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_mark.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_MARK.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_multiport.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_NFLOG.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_NFQUEUE.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_NOTRACK.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_physdev.c [NETFILTER]: Clean up duplicate includes in net/netfilter/ 2007-07-24 15:31:05 -07:00
xt_pkttype.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_policy.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_quota.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_realm.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_sctp.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_SECMARK.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_state.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_statistic.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_string.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_tcpmss.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_TCPMSS.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_tcpudp.c [NETFILTER]: xt_tcpudp: fix wrong struct in udp_checkentry 2007-08-30 22:36:43 -07:00
xt_TRACE.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
xt_u32.c [NETFILTER]: netfilter: xt_u32 bug correction 2007-08-14 13:13:28 -07:00