redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/net/ipv6/netfilter
History
Jesper Dangaard Brouer 7cc9eb6ef7 netfilter: SYNPROXY: let unrelated packets continue 
Packets reaching SYNPROXY were default dropped, as they were most
likely invalid (given the recommended state matching).  This
patch, changes SYNPROXY target to let packets, not consumed,
continue being processed by the stack.

This will be more in line other target modules. As it will allow
more flexible configurations of handling, logging or matching on
packets in INVALID states.

Signed-off-by: Jesper Dangaard Brouer <brouer@redhat.com>
Acked-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		2013-09-04 11:44:23 +02:00
..
Kconfig netfilter: add IPv6 SYNPROXY target 2013-08-28 00:28:13 +02:00
Makefile netfilter: add IPv6 SYNPROXY target 2013-08-28 00:28:13 +02:00
ip6_tables.c netfilter: add my copyright statements 2013-04-18 20:27:55 +02:00
ip6t_MASQUERADE.c netfilter: nf_conntrack: don't send destroy events from iterator 2013-08-09 12:03:33 +02:00
ip6t_NPT.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-04-07 18:37:01 -04:00
ip6t_REJECT.c netfilter: ip[6]t_REJECT: tcp-reset using wrong MAC source if bridged 2013-08-28 00:13:12 +02:00
ip6t_SYNPROXY.c netfilter: SYNPROXY: let unrelated packets continue 2013-09-04 11:44:23 +02:00
ip6t_ah.c netfilter: ip6_tables: add flags parameter to ipv6_find_hdr() 2012-05-09 12:53:47 +02:00
ip6t_eui64.c netfilter: xtables: change hotdrop pointer to direct modification 2010-05-11 18:35:27 +02:00
ip6t_frag.c netfilter: ip6_tables: add flags parameter to ipv6_find_hdr() 2012-05-09 12:53:47 +02:00
ip6t_hbh.c netfilter: ip6_tables: add flags parameter to ipv6_find_hdr() 2012-05-09 12:53:47 +02:00
ip6t_ipv6header.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
ip6t_mh.c netfilter: xtables: change hotdrop pointer to direct modification 2010-05-11 18:35:27 +02:00
ip6t_rpfilter.c netfilter: xt_rpfilter: skip locally generated broadcast/multicast, too 2013-04-19 00:11:59 +02:00
ip6t_rt.c netfilter: ip6_tables: add flags parameter to ipv6_find_hdr() 2012-05-09 12:53:47 +02:00
ip6table_filter.c netfilter: PTR_RET can be used 2012-08-14 02:31:47 +02:00
ip6table_mangle.c netfilter: ipv6: propagate routing errors from ip6_route_me_harder() 2013-04-08 12:34:01 +02:00
ip6table_nat.c netfilter: nat: propagate errors from xfrm_me_harder() 2013-04-08 12:34:01 +02:00
ip6table_raw.c netfilter: PTR_RET can be used 2012-08-14 02:31:47 +02:00
ip6table_security.c netfilter: PTR_RET can be used 2012-08-14 02:31:47 +02:00
nf_conntrack_l3proto_ipv6.c netfilter: nf_conntrack: make sequence number adjustments usuable without NAT 2013-08-28 00:26:48 +02:00
nf_conntrack_proto_icmpv6.c netfilter: nf_log: prepare net namespace support for loggers 2013-04-05 20:12:54 +02:00
nf_conntrack_reasm.c netfilter: implement RFC3168 5.3 (ecn protection) for ipv6 fragmentation handling 2013-04-06 13:06:37 +02:00
nf_defrag_ipv6_hooks.c ipv6: use IS_ENABLED() 2012-11-01 12:41:35 -04:00
nf_nat_l3proto_ipv6.c netfilter: ipv6: using csum_ipv6_magic requires net/ip6_checksum.h 2012-09-05 17:46:06 -04:00
nf_nat_proto_icmpv6.c ipv6: use IS_ENABLED() 2012-11-01 12:41:35 -04:00