- 25 Mar, 2010 8 commits
-
-
Jan Engelhardt authored
The semantic patch that was used: // <smpl> @@ @@ (NF_HOOK |NF_HOOK_THRESH |nf_hook )( -PF_INET6, +NFPROTO_IPV6, ...) // </smpl> Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
The semantic patch that was used: // <smpl> @@ @@ (NF_HOOK |NF_HOOK_COND |nf_hook )( -PF_INET, +NFPROTO_IPV4, ...) // </smpl> Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
The first argument to NF_HOOK* is an nfproto since quite some time. Commit v2.6.27-2457-gfdc9314c was the first to practically start using the new names. Do that now for the remaining NF_HOOK calls. The semantic patch used was: // <smpl> @@ @@ (NF_HOOK |NF_HOOK_THRESH )( -PF_BRIDGE, +NFPROTO_BRIDGE, ...) @@ @@ NF_HOOK( -PF_INET6, +NFPROTO_IPV6, ...) @@ @@ NF_HOOK( -PF_INET, +NFPROTO_IPV4, ...) // </smpl> Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
Supplement to 1159683e. Downgrade the log level to INFO for most checkentry messages as they are, IMO, just an extra information to the -EINVAL code that is returned as part of a parameter "constraint violation". Leave errors to real errors, such as being unable to create a LED trigger. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
Supplement to aa5fa318. The semantic patch for this change is: // <smpl> @@ struct xt_target_param *par; @@ -par->target->family +par->family @@ struct xt_tgchk_param *par; @@ -par->target->family +par->family @@ struct xt_tgdtor_param *par; @@ -par->target->family +par->family // </smpl> Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
- 19 Mar, 2010 2 commits
-
-
Zhitong Wang authored
Remove unused headers in net/ipv4/netfilter/nf_nat_h323.c Signed-off-by: Zhitong Wang <zhitong.wangzt@alibaba-inc.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
-
Zhitong Wang authored
Remove unused headers in net/ipv6/netfilter/ip6t_LOG.c Signed-off-by: Zhitong Wang <zhitong.wangzt@alibaba-inc.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
-
- 18 Mar, 2010 12 commits
-
-
Jan Engelhardt authored
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
ENOMEM is a very obvious error code (cf. EINVAL), so I think we do not really need a warning message. Not to mention that if the allocation fails, the user is most likely going to get a stack trace from slab already. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
This will save one full padding chunk (8 bytes on x86_64) per target. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
This member is taking up a "long" per match, yet is only used by one module out of the roughly 90 modules, ip6t_hbh. ip6t_hbh can be restructured a little to accomodate for the lack of the .data member. This variant uses checking the par->match address, which should avoid having to add two extra functions, including calls, i.e. (hbh_mt6: call hbhdst_mt6(skb, par, NEXTHDR_OPT), dst_mt6: call hbhdst_mt6(skb, par, NEXTHDR_DEST)) Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
The matches can have .family = NFPROTO_UNSPEC, and though that is not the case for the touched modules, it seems better to just use the nfproto from the caller. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
Restore alphabetical ordering of the list and put the xt_osf option into its 'right' place again. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
I do not see a point of allowing the MAC module to work with devices that don't possibly have one, e.g. various tunnel interfaces such as tun and sit. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
XT_ALIGN is already applied on matchsize/targetsize in x_tables.c, so it is not strictly needed in the extensions. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Patrick McHardy authored
-
- 17 Mar, 2010 18 commits
-
-
Zhitong Wang authored
Remove unused headers in net/netfilter/nfnetlink.c Signed-off-by: Zhitong Wang <zhitong.wangzt@alibaba-inc.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
-
Tim Gardner authored
Signed-off-by: Tim Gardner <tim.gardner@canonical.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
-
Tim Gardner authored
One of the problems with the way xt_recent is implemented is that there is no efficient way to remove expired entries. Of course, one can write a rule '-m recent --remove', but you have to know beforehand which entry to delete. This commit adds reaper logic which checks the head of the LRU list when a rule is invoked that has a '--seconds' value and XT_RECENT_REAP set. If an entry ceases to accumulate time stamps, then it will eventually bubble to the top of the LRU list where it is then reaped. Signed-off-by: Tim Gardner <tim.gardner@canonical.com> Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
-
Jan Engelhardt authored
The compat option was introduced in October 2008. Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
It had IPv6 for quite a while already :-) Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
Cc: Kuo-Lang Tseng <kuo-lang.tseng@intel.com> Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
It is being superseded by xt_CT (-j CT --notrack). Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
Two arguments for combining the two: - xt_mark is pretty useless without xt_MARK - the actual code is so small anyway that the kmod metadata and the module in its loaded state totally outweighs the combined actual code size. i586-before: -rw-r--r-- 1 jengelh users 3821 Feb 10 01:01 xt_MARK.ko -rw-r--r-- 1 jengelh users 2592 Feb 10 00:04 xt_MARK.o -rw-r--r-- 1 jengelh users 3274 Feb 10 01:01 xt_mark.ko -rw-r--r-- 1 jengelh users 2108 Feb 10 00:05 xt_mark.o text data bss dec hex filename 354 264 0 618 26a xt_MARK.o 223 176 0 399 18f xt_mark.o And the runtime size is like 14 KB. i586-after: -rw-r--r-- 1 jengelh users 3264 Feb 18 17:28 xt_mark.o Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
Jan Engelhardt authored
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-
David S. Miller authored
Signed-off-by: David S. Miller <davem@davemloft.net>
-
Joe Perches authored
Convert DPRINTK, commonly used for debugging, to netif_<level> Remove #define PFX Use #define pr_fmt Consistently use no periods for non-sentence logging messages Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Jason Gunthorpe authored
IEEE 802.3ae clause 45 specifies a somewhat modified MDIO protocol for use by 10GIGE phys. The main change is a 21 bit address split into a 5 bit device ID and a 16 bit register offset. The definition is designed so that normal and extended devices can run on the same MDIO bus. Extend mdio-bitbang to do the new protocol. At the MDIO bus level the protocol is requested by or'ing MII_ADDR_C45 into the register offset. Make phy_read/phy_write/etc pass a full 32 bit register offset. This does not attempt to make the phy layer support C45 style PHYs, just to provide the MDIO bus support. Tested against a Broadcom 10GE phy with ID 0x206034, and several Broadcom 10/100/1000 Phys in normal mode. Signed-off-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Rafael J. Wysocki authored
Use the PCI runtime power management framework to add basic PCI runtime PM support to the e1000e driver. Namely, make the driver suspend the device when the link is off and set it up for generating a wakeup event after the link has been detected again. [This feature is disabled until the user space enables it with the help of the /sys/devices/.../power/contol device attribute.] Based on a patch from Matthew Garrett. Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl> Signed-off-by: David S. Miller <davem@davemloft.net>
-
Rafael J. Wysocki authored
Use the PCI runtime power management framework to add basic PCI runtime PM support to the r8169 driver. Namely, make the driver suspend the device when the link is not present and set it up for generating a wakeup event after the link has been detected again. [This feature is disabled until the user space enables it with the help of the /sys/devices/.../power/contol device attribute.] Signed-off-by: Rafael J. Wysocki <rjw@sisk.pl> Signed-off-by: David S. Miller <davem@davemloft.net>
-