q3k
/
linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
linux/net/netfilter
History
Kelvie Wong 9768e1ace4 netfilter: nf_ct_expect: partially implement ctnetlink_change_expect 
This refreshes the "timeout" attribute in existing expectations if one is
given.

The use case for this would be for userspace helpers to extend the lifetime
of the expectation when requested, as this is not possible right now
without deleting/recreating the expectation.

I use this specifically for forwarding DCERPC traffic through:

DCERPC has a port mapper daemon that chooses a (seemingly) random port for
future traffic to go to. We expect this traffic (with a reasonable
timeout), but sometimes the port mapper will tell the client to continue
using the same port. This allows us to extend the expectation accordingly.

Signed-off-by: Kelvie Wong <kelvie@ieee.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		2012-05-08 19:40:59 +02:00
..
ipset net: cleanup unsigned to unsigned int 2012-04-15 12:44:40 -04:00
ipvs ipvs: ip_vs_proto: local functions should not be exposed globally 2012-05-08 19:40:54 +02:00
Kconfig netfilter: nf_ct_ext: add timeout extension 2012-03-07 17:41:25 +01:00
Makefile netfilter: nf_ct_ext: add timeout extension 2012-03-07 17:41:25 +01:00
core.c net: Delete all remaining instances of ctl_path 2012-04-20 21:22:30 -04:00
nf_conntrack_acct.c net: Convert all sysctl registrations to register_net_sysctl 2012-04-20 21:22:30 -04:00
nf_conntrack_amanda.c
nf_conntrack_broadcast.c netfilter: nf_conntrack: nf_conntrack snmp helper 2011-01-18 18:12:24 +01:00
nf_conntrack_core.c netfilter: nf_ct_helper: allow to disable automatic helper assignment 2012-05-08 19:35:18 +02:00
nf_conntrack_ecache.c netfilter: nf_ct_ecache: refactor notifier registration 2012-05-08 19:17:23 +02:00
nf_conntrack_expect.c netfilter: provide config option to disable ancient procfs parts 2011-12-27 20:45:28 +01:00
nf_conntrack_extend.c net: reintroduce missing rcu_assign_pointer() calls 2012-01-12 12:26:56 -08:00
nf_conntrack_ftp.c module_param: make bool parameters really bool (net & drivers/net) 2011-12-19 22:27:29 -05:00
nf_conntrack_h323_asn1.c netfilter: h323: bug in parsing of ASN1 SEQOF field 2011-04-04 15:21:02 +02:00
nf_conntrack_h323_main.c net: cleanup unsigned to unsigned int 2012-04-15 12:44:40 -04:00
nf_conntrack_h323_types.c
nf_conntrack_helper.c netfilter: nf_ct_helper: allow to disable automatic helper assignment 2012-05-08 19:35:18 +02:00
nf_conntrack_irc.c netfilter: add more values to enum ip_conntrack_info 2011-06-06 01:35:10 +02:00
nf_conntrack_l3proto_generic.c
nf_conntrack_netbios_ns.c netfilter: nf_conntrack: nf_conntrack snmp helper 2011-01-18 18:12:24 +01:00
nf_conntrack_netlink.c netfilter: nf_ct_expect: partially implement ctnetlink_change_expect 2012-05-08 19:40:59 +02:00
nf_conntrack_pptp.c netfilter: nf_ct_pptp: fix DNATed PPTP connection address translation 2011-08-30 15:23:03 +02:00
nf_conntrack_proto.c net: Convert nf_conntrack_proto to use register_net_sysctl 2012-04-20 21:22:30 -04:00
nf_conntrack_proto_dccp.c net: Convert all sysctl registrations to register_net_sysctl 2012-04-20 21:22:30 -04:00
nf_conntrack_proto_generic.c nf_conntrack_proto_generic: Stop using NLA_PUT*(). 2012-04-01 18:52:31 -04:00
nf_conntrack_proto_gre.c nf_conntrack_proto_gre: Stop using NLA_PUT*(). 2012-04-01 18:52:03 -04:00
nf_conntrack_proto_sctp.c nf_conntrack_proto_sctp: Stop using NLA_PUT*(). 2012-04-01 18:51:39 -04:00
nf_conntrack_proto_tcp.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-04-12 19:41:23 -04:00
nf_conntrack_proto_udp.c nf_conntrack_proto_udp{,lite}: Stop using NLA_PUT*(). 2012-04-01 18:48:06 -04:00
nf_conntrack_proto_udplite.c nf_conntrack_proto_udp{,lite}: Stop using NLA_PUT*(). 2012-04-01 18:48:06 -04:00
nf_conntrack_sane.c netfilter: add more values to enum ip_conntrack_info 2011-06-06 01:35:10 +02:00
nf_conntrack_sip.c netfilter: add more values to enum ip_conntrack_info 2011-06-06 01:35:10 +02:00
nf_conntrack_snmp.c netfilter: nf_conntrack: nf_conntrack snmp helper 2011-01-18 18:12:24 +01:00
nf_conntrack_standalone.c net: Convert all sysctl registrations to register_net_sysctl 2012-04-20 21:22:30 -04:00
nf_conntrack_tftp.c
nf_conntrack_timeout.c netfilter: nf_ct_ext: add timeout extension 2012-03-07 17:41:25 +01:00
nf_conntrack_timestamp.c net: Convert all sysctl registrations to register_net_sysctl 2012-04-20 21:22:30 -04:00
nf_internals.h
nf_log.c net: Convert all sysctl registrations to register_net_sysctl 2012-04-20 21:22:30 -04:00
nf_queue.c netfilter: nf_queue: fix queueing of bridged gro skbs 2012-02-09 20:47:53 +01:00
nf_sockopt.c
nf_tproxy_core.c netfilter: tproxy: do not assign timewait sockets to skb->sk 2011-02-17 11:32:38 +01:00
nfnetlink.c net: cleanup unsigned to unsigned int 2012-04-15 12:44:40 -04:00
nfnetlink_acct.c nfnetlink_acct: Stop using NLA_PUT*(). 2012-04-01 18:46:29 -04:00
nfnetlink_cttimeout.c nfnetlink_cttimeout: Stop using NLA_PUT*(). 2012-04-01 18:46:00 -04:00
nfnetlink_log.c nfnetlink_log: Stop using NLA_PUT*(). 2012-04-01 18:43:44 -04:00
nfnetlink_queue.c nfnetlink_queue: Stop using NLA_PUT*(). 2012-04-01 18:43:44 -04:00
x_tables.c net: Fix files explicitly needing to include module.h 2011-10-31 19:30:28 -04:00
xt_AUDIT.c ipv6: Add fragment reporting to ipv6_skip_exthdr(). 2011-12-03 09:35:10 -08:00
xt_CHECKSUM.c
xt_CLASSIFY.c netfilter: xt_CLASSIFY: add ARP support, allow CLASSIFY target on any table 2010-11-15 13:57:56 +01:00
xt_CONNSECMARK.c
xt_CT.c netfilter: xt_CT: fix wrong checking in the timeout assignment path 2012-04-30 10:40:36 +02:00
xt_DSCP.c netfilter: IPv6: fix DSCP mangle code 2011-05-10 10:00:21 +02:00
xt_HL.c netfilter: Reduce switch/case indent 2011-07-01 16:11:15 -07:00
xt_IDLETIMER.c netfilter: Remove unnecessary OOM logging messages 2011-11-01 09:19:49 +01:00
xt_LED.c netfilter: xtables: add missing aliases for autoloading via iptables 2011-01-18 06:33:54 +01:00
xt_LOG.c netfilter: xt_LOG: use CONFIG_IP6_NF_IPTABLES instead of CONFIG_IPV6 2012-03-22 11:50:56 +01:00
xt_NFLOG.c
xt_NFQUEUE.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xt_NOTRACK.c
xt_RATEEST.c net,rcu: Convert call_rcu(xt_rateest_free_rcu) to kfree_rcu() 2011-07-20 14:10:19 -07:00
xt_SECMARK.c secmark: make secmark object handling generic 2010-10-21 10:12:48 +11:00
xt_TCPMSS.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xt_TCPOPTSTRIP.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xt_TEE.c netfilter: ip6_route_output() never returns NULL. 2012-02-22 15:30:15 -05:00
xt_TPROXY.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xt_TRACE.c
xt_addrtype.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xt_cluster.c
xt_comment.c
xt_connbytes.c Merge branch 'nf-next' of git://1984.lsi.us.es/net-next 2011-12-25 02:21:45 -05:00
xt_connlimit.c netfilter: xt_connlimit: remove connlimit_rnd_inited 2011-03-15 13:26:32 +01:00
xt_connmark.c
xt_conntrack.c netfilter: revert a2361c8735 2011-05-10 12:13:36 +02:00
xt_cpu.c netfilter: xtables: add missing aliases for autoloading via iptables 2011-01-18 06:33:54 +01:00
xt_dccp.c
xt_devgroup.c netfilter: xtables: add device group match 2011-02-03 00:05:43 +01:00
xt_dscp.c
xt_ecn.c netfilter: xtables: collapse conditions in xt_ecn 2011-12-27 20:45:25 +01:00
xt_esp.c
xt_hashlimit.c netfilter: xt_hashlimit: fix unused variable warning if IPv6 disabled 2012-01-16 13:40:54 +01:00
xt_helper.c
xt_hl.c netfilter: Reduce switch/case indent 2011-07-01 16:11:15 -07:00
xt_iprange.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2011-02-04 14:28:58 -08:00
xt_ipvs.c IPVS: netns, use ip_vs_proto_data as param. 2011-01-13 10:30:27 +09:00
xt_length.c
xt_limit.c
xt_mac.c
xt_mark.c
xt_multiport.c
xt_nfacct.c netfilter: xtables: add nfacct match to support extended accounting 2011-12-25 02:43:17 +01:00
xt_osf.c net,rcu: convert call_rcu(xt_osf_finger_free_rcu) to kfree_rcu() 2011-05-07 22:51:12 -07:00
xt_owner.c
xt_physdev.c
xt_pkttype.c
xt_policy.c
xt_quota.c net: Fix files explicitly needing to include module.h 2011-10-31 19:30:28 -04:00
xt_rateest.c netfilter: xt_rateest: fix xt_rateest_mt_checkentry() 2011-07-29 16:24:46 +02:00
xt_realm.c
xt_recent.c net: cleanup unsigned to unsigned int 2012-04-15 12:44:40 -04:00
xt_repldata.h
xt_sctp.c
xt_set.c Remove redundant linux/version.h includes from net/ 2011-06-21 16:03:17 -07:00
xt_socket.c net:netfilter: use IS_ENABLED 2011-12-16 15:49:52 -05:00
xt_state.c
xt_statistic.c net: Fix files explicitly needing to include module.h 2011-10-31 19:30:28 -04:00
xt_string.c
xt_tcpmss.c
xt_tcpudp.c
xt_time.c
xt_u32.c