leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
226a88de47
linux/net/netfilter
History
Stefano Brivio 226a88de47 netfilter: nft_set_rbtree: Handle outcomes of tree rotations in overlap detection 
Checks for partial overlaps on insertion assume that end elements
are always descendant nodes of their corresponding start, because
they are inserted later. However, this is not the case if a
previous delete operation caused a tree rotation as part of
rebalancing.

Taking the issue reported by Andreas Fischer as an example, if we
omit delete operations, the existing procedure works because,
equivalently, we are inserting a start item with value 40 in the
this region of the red-black tree with single-sized intervals:

                                  overlap flag
                   10 (start)
                  /  \            false
                      20 (start)
                     /  \         false
                         30 (start)
                        /  \      false
                            60 (start)
                           /  \   false
                         50 (end)
                        /  \      false
                      20 (end)
                     /  \         false
                         40 (start)

if we now delete interval 30 - 30, the tree can be rearranged in
a way similar to this (note the rotation involving 50 - 50):

                                  overlap flag
                   10 (start)
                  /  \            false
                      20 (start)
                     /  \         false
                         25 (start)
                        /  \      false
                            70 (start)
                           /  \   false
                         50 (end)
                        /  \      true (from rule a1.)
                      50 (start)
                     /  \         true
                   40 (start)

and we traverse interval 50 - 50 from the opposite direction
compared to what was expected.

To deal with those cases, add a start-before-start rule, b4.,
that covers traversal of existing intervals from the right.

We now need to restrict start-after-end rule b3. to cases
where there are no occurring nodes between existing start and
end elements, because addition of rule b4. isn't sufficient to
ensure that the pre-existing end element we encounter while
descending the tree corresponds to a start element of an
interval that we already traversed entirely.

Different types of overlap detection on trees with rotations
resulting from re-balancing will be covered by nft test case
sets/0044interval_overlap_1.

Reported-by: Andreas Fischer <netfilter@d9c.eu>
Bugzilla: https://bugzilla.netfilter.org/show_bug.cgi?id=1449
Cc: <stable@vger.kernel.org> # 5.6.x
Fixes: 7c84d41416 ("netfilter: nft_set_rbtree: Detect partial overlaps on insertion")
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2020-08-21 17:36:52 +02:00
..
ipset netfilter: Use fallthrough pseudo-keyword 2020-07-22 01:18:05 +02:00
ipvs Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2020-08-03 16:03:18 -07:00
core.c netfilter: Avoid assigning 'const' pointer to non-const pointer 2020-04-15 21:36:41 +01:00
Kconfig netfilter: Replace HTTP links with HTTPS ones 2020-07-29 20:09:18 +02:00
Makefile x86: update AS_* macros to binutils >=2.23, supporting ADX and AVX2 2020-04-09 00:12:48 +09:00
nf_conncount.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
nf_conntrack_acct.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
nf_conntrack_amanda.c netfilter: nf_conntrack_sip: fix expectation clash 2019-07-16 13:16:59 +02:00
nf_conntrack_broadcast.c netfilter: nf_conntrack_sip: fix expectation clash 2019-07-16 13:16:59 +02:00
nf_conntrack_core.c A set of locking fixes and updates: 2020-08-10 19:07:44 -07:00
nf_conntrack_ecache.c netfilter: ecache: don't look for ecache extension on dying/unconfirmed conntracks 2019-10-26 12:36:42 +02:00
nf_conntrack_expect.c netfilter: update include directives. 2019-09-13 12:33:06 +02:00
nf_conntrack_extend.c netfilter: conntrack: remove two export symbols 2019-12-17 22:59:31 +01:00
nf_conntrack_ftp.c treewide: Remove uninitialized_var() usage 2020-07-16 12:35:15 -07:00
nf_conntrack_h323_asn1.c netfilter: Use fallthrough pseudo-keyword 2020-07-22 01:18:05 +02:00
nf_conntrack_h323_main.c netfilter: nf_conntrack_sip: fix expectation clash 2019-07-16 13:16:59 +02:00
nf_conntrack_h323_types.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 484 2019-06-19 17:09:52 +02:00
nf_conntrack_helper.c netfilter: update include directives. 2019-09-13 12:33:06 +02:00
nf_conntrack_irc.c netfilter: nf_conntrack_sip: fix expectation clash 2019-07-16 13:16:59 +02:00
nf_conntrack_labels.c netfilter: not mark a spinlock as __read_mostly 2019-08-27 18:07:03 +02:00
nf_conntrack_netbios_ns.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
nf_conntrack_netlink.c netfilter: ctnetlink: memleak in filter initialization error path 2020-06-10 19:33:34 +02:00
nf_conntrack_pptp.c netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build 2020-05-27 13:39:08 +02:00
nf_conntrack_proto_dccp.c netfilter: conntrack: dccp, sctp: handle null timeout argument 2020-01-08 23:31:22 +01:00
nf_conntrack_proto_generic.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
nf_conntrack_proto_gre.c netfilter: Update obsolete comments referring to ip_conntrack 2019-07-16 13:17:00 +02:00
nf_conntrack_proto_icmp.c netfilter: ctnetlink: add kernel side filtering for dump 2020-05-27 22:20:34 +02:00
nf_conntrack_proto_icmpv6.c netfilter: ctnetlink: add kernel side filtering for dump 2020-05-27 22:20:34 +02:00
nf_conntrack_proto_sctp.c netfilter: conntrack: allow sctp hearbeat after connection re-use 2020-08-20 14:13:49 +02:00
nf_conntrack_proto_tcp.c netfilter: Use fallthrough pseudo-keyword 2020-07-22 01:18:05 +02:00
nf_conntrack_proto_udp.c netfilter: conntrack: allow insertion of clashing entries 2020-02-17 10:55:14 +01:00
nf_conntrack_proto.c netfilter: Use fallthrough pseudo-keyword 2020-07-22 01:18:05 +02:00
nf_conntrack_sane.c netfilter: nf_conntrack_sip: fix expectation clash 2019-07-16 13:16:59 +02:00
nf_conntrack_seqadj.c netfilter: conntrack, nat: prefer skb_ensure_writable 2019-05-31 18:02:45 +02:00
nf_conntrack_sip.c netfilter: nf_conntrack_sip: fix expectation clash 2019-07-16 13:16:59 +02:00
nf_conntrack_snmp.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
nf_conntrack_standalone.c netfilter: Use fallthrough pseudo-keyword 2020-07-22 01:18:05 +02:00
nf_conntrack_tftp.c netfilter: nf_conntrack_sip: fix expectation clash 2019-07-16 13:16:59 +02:00
nf_conntrack_timeout.c netfilter: update include directives. 2019-09-13 12:33:06 +02:00
nf_conntrack_timestamp.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 77 2019-05-24 17:37:51 +02:00
nf_dup_netdev.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nf_flow_table_core.c netfilter: flowtable: Set offload timeout when adding flow 2020-08-03 12:37:24 +02:00
nf_flow_table_inet.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nf_flow_table_ip.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2020-03-30 19:40:46 -07:00
nf_flow_table_offload.c net: sched: Pass qdisc reference in struct flow_block_offload 2020-07-13 17:22:21 -07:00
nf_internals.h netfilter: ctnetlink: add kernel side filtering for dump 2020-05-27 22:20:34 +02:00
nf_log_common.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
nf_log_netdev.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
nf_log.c sysctl: pass kernel pointers to ->proc_handler 2020-04-27 02:07:40 -04:00
nf_nat_amanda.c netfilter: nf_conntrack_sip: fix expectation clash 2019-07-16 13:16:59 +02:00
nf_nat_core.c netfilter: Use fallthrough pseudo-keyword 2020-07-22 01:18:05 +02:00
nf_nat_ftp.c netfilter: nf_conntrack_sip: fix expectation clash 2019-07-16 13:16:59 +02:00
nf_nat_helper.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-22 08:59:24 -04:00
nf_nat_irc.c netfilter: nf_conntrack_sip: fix expectation clash 2019-07-16 13:16:59 +02:00
nf_nat_masquerade.c netfilter: nf_nat_masquerade: unify ipv4/6 notifier registration 2019-04-11 20:59:34 +02:00
nf_nat_proto.c netfilter: nat: never update the UDP checksum when it's 0 2020-04-26 23:57:18 +02:00
nf_nat_redirect.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-22 08:59:24 -04:00
nf_nat_sip.c netfilter: nf_conntrack_sip: fix expectation clash 2019-07-16 13:16:59 +02:00
nf_nat_tftp.c netfilter: nf_conntrack_sip: fix expectation clash 2019-07-16 13:16:59 +02:00
nf_queue.c netfilter: nf_queue: prefer nf_queue_entry_free 2020-03-29 16:28:29 +02:00
nf_sockopt.c netfilter: switch nf_setsockopt to sockptr_t 2020-07-24 15:41:54 -07:00
nf_synproxy_core.c netfilter: Use fallthrough pseudo-keyword 2020-07-22 01:18:05 +02:00
nf_tables_api.c netfilter: nf_tables: free chain context when BINDING flag is missing 2020-08-13 04:17:46 +02:00
nf_tables_core.c netfilter: Use fallthrough pseudo-keyword 2020-07-22 01:18:05 +02:00
nf_tables_offload.c net: sched: Pass qdisc reference in struct flow_block_offload 2020-07-13 17:22:21 -07:00
nf_tables_trace.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
nfnetlink_acct.c netfilter: Replace HTTP links with HTTPS ones 2020-07-29 20:09:18 +02:00
nfnetlink_cthelper.c netfilter: nfnetlink_cthelper: unbreak userspace helper support 2020-05-25 20:39:14 +02:00
nfnetlink_cttimeout.c netfilter: Use fallthrough pseudo-keyword 2020-07-22 01:18:05 +02:00
nfnetlink_log.c treewide: Remove uninitialized_var() usage 2020-07-16 12:35:15 -07:00
nfnetlink_osf.c netfilter: nf_osf: avoid passing pointer to local var 2020-04-29 21:17:57 +02:00
nfnetlink_queue.c treewide: Remove uninitialized_var() usage 2020-07-16 12:35:15 -07:00
nfnetlink.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_bitwise.c netfilter: bitwise: use more descriptive variable-names. 2020-03-15 15:20:16 +01:00
nft_byteorder.c netfilter: nf_tables: Introduce new 64-bit helper register functions 2019-08-26 11:01:00 +02:00
nft_chain_filter.c netfilter: revert introduction of egress hook 2020-03-18 16:35:48 -07:00
nft_chain_nat.c netfilter: nft_chain_nat: inet family is missing module ownership 2020-03-06 18:00:43 +01:00
nft_chain_route.c netfilter: nf_tables: merge route type into core 2019-04-08 23:01:42 +02:00
nft_cmp.c netfilter: Use fallthrough pseudo-keyword 2020-07-22 01:18:05 +02:00
nft_compat.c netfilter: nft_compat: remove flush counter optimization 2020-08-10 13:03:36 +02:00
nft_connlimit.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_counter.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_ct.c netfilter: Use fallthrough pseudo-keyword 2020-07-22 01:18:05 +02:00
nft_dup_netdev.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_dynset.c netfilter: nft_dynset: validate set expression definition 2020-03-30 02:05:38 +02:00
nft_exthdr.c netfilter: nf_tables: nft_exthdr: the presence return value should be little-endian 2020-08-10 13:02:43 +02:00
nft_fib_inet.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_fib_netdev.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_fib.c netfilter: Use fallthrough pseudo-keyword 2020-07-22 01:18:05 +02:00
nft_flow_offload.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_fwd_netdev.c net: Fix CONFIG_NET_CLS_ACT=n and CONFIG_NFT_FWD_NETDEV={y, m} build 2020-03-25 12:24:33 -07:00
nft_hash.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_immediate.c netfilter: nf_tables: Fix a use after free in nft_immediate_destroy() 2020-07-15 20:15:19 +02:00
nft_limit.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_log.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_lookup.c netfilter: nf_tables: do not update stateful expressions if lookup is inverted 2020-04-05 23:26:36 +02:00
nft_masq.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_meta.c netfilter: nft_meta: fix iifgroup matching 2020-08-02 04:10:20 +02:00
nft_nat.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_numgen.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_objref.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_osf.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_payload.c netfilter: Use fallthrough pseudo-keyword 2020-07-22 01:18:05 +02:00
nft_queue.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_quota.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_range.c netfilter: nf_tables: validate NFT_DATA_VALUE after nft_data_init() 2019-12-09 13:14:03 +01:00
nft_redir.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_reject_inet.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_reject.c netfilter: introduce support for reject at prerouting stage 2020-06-30 18:21:02 +02:00
nft_rt.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
nft_set_bitmap.c netfilter: nf_tables: do not update stateful expressions if lookup is inverted 2020-04-05 23:26:36 +02:00
nft_set_hash.c netfilter: nf_tables: make all set structs const 2020-03-15 15:20:16 +01:00
nft_set_pipapo_avx2.c nft_set_pipapo: Prepare for single ranged field usage 2020-03-15 15:27:46 +01:00
nft_set_pipapo_avx2.h x86: update AS_* macros to binutils >=2.23, supporting ADX and AVX2 2020-04-09 00:12:48 +09:00
nft_set_pipapo.c netfilter: Replace HTTP links with HTTPS ones 2020-07-29 20:09:18 +02:00
nft_set_pipapo.h nft_set_pipapo: Prepare for single ranged field usage 2020-03-15 15:27:46 +01:00
nft_set_rbtree.c netfilter: nft_set_rbtree: Handle outcomes of tree rotations in overlap detection 2020-08-21 17:36:52 +02:00
nft_socket.c netfilter: nft_socket: fix erroneous socket assignment 2019-09-02 23:20:59 +02:00
nft_synproxy.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_tproxy.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 2019-12-26 13:11:40 -08:00
nft_tunnel.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_xfrm.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
utils.c netfilter: Use fallthrough pseudo-keyword 2020-07-22 01:18:05 +02:00
x_tables.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next 2020-08-05 20:13:21 -07:00
xt_addrtype.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_AUDIT.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_bpf.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_cgroup.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_CHECKSUM.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_CLASSIFY.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_cluster.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_comment.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
xt_connbytes.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_connlabel.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_connlimit.c netfilter: update include directives. 2019-09-13 12:33:06 +02:00
xt_connmark.c netfilter: Replace HTTP links with HTTPS ones 2020-07-29 20:09:18 +02:00
xt_CONNSECMARK.c netfilter: Replace HTTP links with HTTPS ones 2020-07-29 20:09:18 +02:00
xt_conntrack.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_cpu.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_CT.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_dccp.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_devgroup.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_dscp.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_DSCP.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-22 08:59:24 -04:00
xt_ecn.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_esp.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_hashlimit.c netfilter: Replace zero-length array with flexible-array member 2020-03-15 15:20:16 +01:00
xt_helper.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_hl.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_HL.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-22 08:59:24 -04:00
xt_HMARK.c icmp: remove duplicate code 2019-11-05 14:03:11 -08:00
xt_IDLETIMER.c netfilter: xt_IDLETIMER: target v1 - match Android layout 2020-04-05 23:26:37 +02:00
xt_ipcomp.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
xt_iprange.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2019-06-25 01:32:59 +02:00
xt_ipvs.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
xt_l2tp.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_LED.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 164 2019-05-30 11:26:38 -07:00
xt_length.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_limit.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_LOG.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_mac.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_mark.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_MASQUERADE.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_multiport.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_nat.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
xt_NETMAP.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_nfacct.c netfilter: Replace HTTP links with HTTPS ones 2020-07-29 20:09:18 +02:00
xt_NFLOG.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_NFQUEUE.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_osf.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
xt_owner.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2019-06-25 01:32:59 +02:00
xt_physdev.c netfilter: inline xt_hashlimit, ebt_802_3 and xt_physdev headers 2019-09-13 12:32:48 +02:00
xt_pkttype.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_policy.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_quota.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
xt_rateest.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_RATEEST.c treewide: Use sizeof_field() macro 2019-12-09 10:36:44 -08:00
xt_realm.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_recent.c netfilter: Replace zero-length array with flexible-array member 2020-03-15 15:20:16 +01:00
xt_REDIRECT.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_repldata.h
xt_sctp.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
xt_SECMARK.c netfilter: cleanup unused macro 2020-03-15 15:20:16 +01:00
xt_set.c netfilter: inline four headers files into another one. 2019-08-13 12:14:26 +02:00
xt_socket.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_state.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_statistic.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_string.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_tcpmss.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_TCPMSS.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-22 08:59:24 -04:00
xt_TCPOPTSTRIP.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-22 08:59:24 -04:00
xt_tcpudp.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
xt_TEE.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 3 2019-05-21 11:28:40 +02:00
xt_time.c netfilter: Replace HTTP links with HTTPS ones 2020-07-29 20:09:18 +02:00
xt_TPROXY.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_TRACE.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
xt_u32.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00