leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
e9dc865340
linux/net/ipv4/netfilter
History
Eric W. Biederman e9dc865340 [NET]: Make device event notification network namespace safe 
Every user of the network device notifiers is either a protocol
stack or a pseudo device.  If a protocol stack that does not have
support for multiple network namespaces receives an event for a
device that is not in the initial network namespace it quite possibly
can get confused and do the wrong thing.

To avoid problems until all of the protocol stacks are converted
this patch modifies all netdev event handlers to ignore events on
devices that are not in the initial network namespace.

As the rest of the code is made network namespace aware these
checks can be removed.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-10 16:49:09 -07:00
..
arp_tables.c [NETFILTER]: Fix/improve deadlock condition on module removal netfilter 2007-09-11 11:28:26 +02:00
arpt_mangle.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
arptable_filter.c [NETFILTER]: Clean up table initialization 2007-05-10 23:47:43 -07:00
ip_queue.c [NET]: Make device event notification network namespace safe 2007-10-10 16:49:09 -07:00
ip_tables.c [NETFILTER]: Fix/improve deadlock condition on module removal netfilter 2007-09-11 11:28:26 +02:00
ipt_addrtype.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
ipt_ah.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
ipt_CLUSTERIP.c [NET]: Make /proc/net per network namespace 2007-10-10 16:49:06 -07:00
ipt_ecn.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
ipt_ECN.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
ipt_iprange.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
ipt_LOG.c [NETFILTER]: Fix logging regression 2007-07-24 15:29:55 -07:00
ipt_MASQUERADE.c [NET]: Make device event notification network namespace safe 2007-10-10 16:49:09 -07:00
ipt_NETMAP.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
ipt_owner.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
ipt_recent.c [NET]: Make /proc/net per network namespace 2007-10-10 16:49:06 -07:00
ipt_REDIRECT.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
ipt_REJECT.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
ipt_SAME.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
ipt_tos.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
ipt_TOS.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
ipt_ttl.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
ipt_TTL.c [NETFILTER]: x_tables: mark matches and targets __read_mostly 2007-07-10 22:17:15 -07:00
ipt_ULOG.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
iptable_filter.c [NETFILTER]: iptable_{filter,mangle}: more descriptive "happy cracking" message 2007-05-10 23:47:59 -07:00
iptable_mangle.c [NETFILTER]: iptable_{filter,mangle}: more descriptive "happy cracking" message 2007-05-10 23:47:59 -07:00
iptable_raw.c [NETFILTER]: iptable_raw: ignore short packets sent by SOCK_RAW sockets 2007-05-10 23:47:59 -07:00
Kconfig [NETFILTER]: ipt_SAME: add to feature-removal-schedule 2007-07-10 22:18:16 -07:00
Makefile [NETFILTER]: Remove IPv4 only connection tracking/NAT 2007-04-25 22:25:34 -07:00
nf_conntrack_l3proto_ipv4_compat.c [NET]: Make /proc/net per network namespace 2007-10-10 16:49:06 -07:00
nf_conntrack_l3proto_ipv4.c [NETFILTER]: Fix/improve deadlock condition on module removal netfilter 2007-09-11 11:28:26 +02:00
nf_conntrack_proto_icmp.c [NETFILTER]: nf_conntrack: mark protocols __read_mostly 2007-07-14 20:48:19 -07:00
nf_nat_amanda.c [NETFILTER]: nf_conntrack_expect: function naming unification 2007-07-10 22:17:53 -07:00
nf_nat_core.c netfilter endian regressions 2007-07-26 11:11:56 -07:00
nf_nat_ftp.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
nf_nat_h323.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
nf_nat_helper.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
nf_nat_irc.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
nf_nat_pptp.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
nf_nat_proto_gre.c [NETFILTER]: Convert DEBUGP to pr_debug 2007-07-10 22:18:20 -07:00
nf_nat_proto_icmp.c [NETFILTER]: nf_conntrack/nf_nat: fix incorrect config ifdefs 2007-03-05 13:25:19 -08:00
nf_nat_proto_tcp.c [NETFILTER]: nf_conntrack/nf_nat: fix incorrect config ifdefs 2007-03-05 13:25:19 -08:00
nf_nat_proto_udp.c [NETFILTER]: nf_conntrack/nf_nat: fix incorrect config ifdefs 2007-03-05 13:25:19 -08:00
nf_nat_proto_unknown.c [NETFILTER]: Add NAT support for nf_conntrack 2006-12-02 22:07:13 -08:00
nf_nat_rule.c netfilter endian regressions 2007-07-26 11:11:56 -07:00
nf_nat_sip.c [NETFILTER]: nf_nat_sip: don't drop short packets 2007-08-14 13:14:58 -07:00
nf_nat_snmp_basic.c [NETFILTER]: nf_conntrack: reduce masks to a subset of tuples 2007-07-10 22:17:55 -07:00
nf_nat_standalone.c [NETFILTER]: nf_nat: add symbolic dependency on IPv4 conntrack 2007-08-07 18:12:01 -07:00
nf_nat_tftp.c [NETFILTER]: nf_conntrack_expect: function naming unification 2007-07-10 22:17:53 -07:00