korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-20 18:54:09 +08:00
Code Issues Packages Projects Releases Wiki Activity
97d32cf944
linux/net/netfilter
History
Florian Westphal 97d32cf944 netfilter: nfnetlink_queue: batch verdict support 
Introduces a new nfnetlink type that applies a given
verdict to all queued packets with an id <= the id in the verdict
message.

If a mark is provided it is applied to all matched packets.

This reduces the number of verdicts that have to be sent.
Applications that make use of this feature need to maintain
a timeout to send a batchverdict periodically to avoid starvation.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
2011-07-19 11:46:33 +02:00
..
ipset netfilter: ipset: whitespace and coding fixes detected by checkpatch.pl 2011-06-16 19:01:26 +02:00
ipvs IPVS: remove unused init and cleanup functions. 2011-06-14 09:07:32 +09:00
core.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2011-02-19 19:17:35 -08:00
Kconfig netfilter: xt_addrtype: replace rt6_lookup with nf_afinfo->route 2011-04-04 17:01:43 +02:00
Makefile netfilter: ipt_addrtype: rename to xt_addrtype 2011-03-15 20:16:20 +01:00
nf_conntrack_acct.c netfilter: complete the deprecation of CONFIG_NF_CT_ACCT 2010-06-25 14:46:56 +02:00
nf_conntrack_amanda.c netfilter: cleanup printk messages 2010-05-13 15:02:08 +02:00
nf_conntrack_broadcast.c netfilter: nf_conntrack: nf_conntrack snmp helper 2011-01-18 18:12:24 +01:00
nf_conntrack_core.c Fix common misspellings 2011-03-31 11:26:23 -03:00
nf_conntrack_ecache.c netfilter: ecache: always set events bits, filter them later 2011-02-01 16:06:30 +01:00
nf_conntrack_expect.c netfilter: nf_conntrack: use is_vmalloc_addr() 2011-01-14 15:45:56 +01:00
nf_conntrack_extend.c net,rcu: convert call_rcu(__nf_ct_ext_free_rcu) to kfree_rcu() 2011-05-07 22:51:07 -07:00
nf_conntrack_ftp.c netfilter: cleanup printk messages 2010-05-13 15:02:08 +02:00
nf_conntrack_h323_asn1.c netfilter: h323: bug in parsing of ASN1 SEQOF field 2011-04-04 15:21:02 +02:00
nf_conntrack_h323_main.c netfilter: af_info: add 'strict' parameter to limit lookup to .oif 2011-04-04 17:00:54 +02:00
nf_conntrack_h323_types.c
nf_conntrack_helper.c netfilter: nf_conntrack: use is_vmalloc_addr() 2011-01-14 15:45:56 +01:00
nf_conntrack_irc.c netfilter: cleanup printk messages 2010-05-13 15:02:08 +02:00
nf_conntrack_l3proto_generic.c
nf_conntrack_netbios_ns.c netfilter: nf_conntrack: nf_conntrack snmp helper 2011-01-18 18:12:24 +01:00
nf_conntrack_netlink.c rtnetlink: Compute and store minimum ifinfo dump size 2011-06-09 20:38:07 -07:00
nf_conntrack_pptp.c netfilter: nf_conntrack: add support for "conntrack zones" 2010-02-15 18:13:33 +01:00
nf_conntrack_proto_dccp.c Fix common misspellings 2011-03-31 11:26:23 -03:00
nf_conntrack_proto_generic.c sysctl net: Remove unused binary sysctl code 2009-11-12 02:05:06 -08:00
nf_conntrack_proto_gre.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
nf_conntrack_proto_sctp.c Fix common misspellings 2011-03-31 11:26:23 -03:00
nf_conntrack_proto_tcp.c netfilter: nf_ct_tcp: fix out of sync scenario while in SYN_RECV 2011-02-28 18:02:33 +01:00
nf_conntrack_proto_udp.c netfilter: nf_conntrack: pass template to l4proto ->error() handler 2010-02-15 17:45:08 +01:00
nf_conntrack_proto_udplite.c netfilter: nf_conntrack: pass template to l4proto ->error() handler 2010-02-15 17:45:08 +01:00
nf_conntrack_proto.c netfilter: rcu sparse cleanups 2010-11-15 19:45:13 +01:00
nf_conntrack_sane.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
nf_conntrack_sip.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-2.6 2011-05-17 14:18:25 -04:00
nf_conntrack_snmp.c netfilter: nf_conntrack: nf_conntrack snmp helper 2011-01-18 18:12:24 +01:00
nf_conntrack_standalone.c netfilter: nf_conntrack_standalone: Fix set-but-unused variables. 2011-04-17 17:03:33 -07:00
nf_conntrack_tftp.c netfilter: cleanup printk messages 2010-05-13 15:02:08 +02:00
nf_conntrack_timestamp.c netfilter: nf_conntrack_tstamp: add flow-based timestamp extension 2011-01-19 16:00:07 +01:00
nf_internals.h netfilter: cleanup printk messages 2010-05-13 15:02:08 +02:00
nf_log.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2011-03-03 21:27:42 -08:00
nf_queue.c Fix common misspellings 2011-03-31 11:26:23 -03:00
nf_sockopt.c net: Make setsockopt() optlen be unsigned. 2009-09-30 16:12:20 -07:00
nf_tproxy_core.c netfilter: tproxy: do not assign timewait sockets to skb->sk 2011-02-17 11:32:38 +01:00
nfnetlink_log.c netfilter: nfnetlink_log: Fix set-but-unused variables. 2011-04-17 17:02:51 -07:00
nfnetlink_queue.c netfilter: nfnetlink_queue: batch verdict support 2011-07-19 11:46:33 +02:00
nfnetlink.c netfilter: nfnetlink: add RCU in nfnetlink_rcv_msg() 2011-07-18 16:08:07 +02:00
x_tables.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-3.6 2011-05-11 14:26:58 -04:00
xt_addrtype.c netfilter: xt_addrtype: replace rt6_lookup with nf_afinfo->route 2011-04-04 17:01:43 +02:00
xt_AUDIT.c netfilter: add SELinux context support to AUDIT target 2011-06-30 13:31:57 +02:00
xt_CHECKSUM.c netfilter: add CHECKSUM target 2010-07-15 17:20:46 +02:00
xt_CLASSIFY.c netfilter: xt_CLASSIFY: add ARP support, allow CLASSIFY target on any table 2010-11-15 13:57:56 +01:00
xt_cluster.c netfilter: nf_conntrack: IPS_UNTRACKED bit 2010-06-08 16:09:52 +02:00
xt_comment.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_connbytes.c netfilter: xt_connbytes: Force CT accounting to be enabled 2010-06-25 14:44:07 +02:00
xt_connlimit.c netfilter: xt_connlimit: remove connlimit_rnd_inited 2011-03-15 13:26:32 +01:00
xt_connmark.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_CONNSECMARK.c netfilter: xtables: substitute temporary defines by final name 2010-05-11 18:31:17 +02:00
xt_conntrack.c netfilter: revert a2361c8735 2011-05-10 12:13:36 +02:00
xt_cpu.c netfilter: xtables: add missing aliases for autoloading via iptables 2011-01-18 06:33:54 +01:00
xt_CT.c netfilter: xt_CT: provide info on why a rule was rejected 2011-04-21 11:05:14 +02:00
xt_dccp.c netfilter: xtables: change hotdrop pointer to direct modification 2010-05-11 18:35:27 +02:00
xt_devgroup.c netfilter: xtables: add device group match 2011-02-03 00:05:43 +01:00
xt_dscp.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_DSCP.c netfilter: IPv6: fix DSCP mangle code 2011-05-10 10:00:21 +02:00
xt_esp.c netfilter: xtables: change hotdrop pointer to direct modification 2010-05-11 18:35:27 +02:00
xt_hashlimit.c netfilter: xt_hashlimit: use proto_ports_offset() to support AH message 2010-08-19 17:16:25 -07:00
xt_helper.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_hl.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_HL.c netfilter: xtables: substitute temporary defines by final name 2010-05-11 18:31:17 +02:00
xt_IDLETIMER.c netfilter: xtables: add missing aliases for autoloading via iptables 2011-01-18 06:33:54 +01:00
xt_iprange.c Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2011-02-04 14:28:58 -08:00
xt_ipvs.c IPVS: netns, use ip_vs_proto_data as param. 2011-01-13 10:30:27 +09:00
xt_LED.c netfilter: xtables: add missing aliases for autoloading via iptables 2011-01-18 06:33:54 +01:00
xt_length.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_limit.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_mac.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_mark.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_multiport.c netfilter: xtables: change hotdrop pointer to direct modification 2010-05-11 18:35:27 +02:00
xt_NFLOG.c netfilter: xtables: substitute temporary defines by final name 2010-05-11 18:31:17 +02:00
xt_NFQUEUE.c netfilter: allow NFQUEUE bypass if no listener is available 2011-01-18 16:08:30 +01:00
xt_NOTRACK.c netfilter: nf_conntrack: IPS_UNTRACKED bit 2010-06-08 16:09:52 +02:00
xt_osf.c net,rcu: convert call_rcu(xt_osf_finger_free_rcu) to kfree_rcu() 2011-05-07 22:51:12 -07:00
xt_owner.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_physdev.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_pkttype.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_policy.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_quota.c xt_quota: report initial quota value instead of current value to userspace 2010-07-23 14:07:47 +02:00
xt_rateest.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_RATEEST.c pkt_sched: gen_kill_estimator() rcu fixes 2010-06-11 18:37:08 -07:00
xt_realm.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_recent.c llseek: automatically add .llseek fop 2010-10-15 15:53:27 +02:00
xt_repldata.h netfilter: xtables: generate initial table on-demand 2010-02-10 17:50:47 +01:00
xt_sctp.c netfilter: xt_sctp: use WORD_ROUND macro to calculate length of multiple of 4 bytes 2010-06-09 14:47:40 +02:00
xt_SECMARK.c secmark: make secmark object handling generic 2010-10-21 10:12:48 +11:00
xt_set.c netfilter: ipset: whitespace and coding fixes detected by checkpatch.pl 2011-06-16 19:01:26 +02:00
xt_socket.c netfilter: tproxy: do not assign timewait sockets to skb->sk 2011-02-17 11:32:38 +01:00
xt_state.c netfilter: nf_conntrack: IPS_UNTRACKED bit 2010-06-08 16:09:52 +02:00
xt_statistic.c netfilter: xt_statistic: remove nth_lock spinlock 2010-06-01 12:00:41 +02:00
xt_string.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00
xt_tcpmss.c netfilter: xtables: change hotdrop pointer to direct modification 2010-05-11 18:35:27 +02:00
xt_TCPMSS.c netfilter: af_info: add 'strict' parameter to limit lookup to .oif 2011-04-04 17:00:54 +02:00
xt_TCPOPTSTRIP.c netfilter: xtables: substitute temporary defines by final name 2010-05-11 18:31:17 +02:00
xt_tcpudp.c netfilter: xtables: change hotdrop pointer to direct modification 2010-05-11 18:35:27 +02:00
xt_TEE.c ipv6: Convert to use flowi6 where applicable. 2011-03-12 15:08:54 -08:00
xt_time.c netfilter: remove unnecessary returns from void function()s 2010-05-13 15:16:27 +02:00
xt_TPROXY.c netfilter: tproxy: do not assign timewait sockets to skb->sk 2011-02-17 11:32:38 +01:00
xt_TRACE.c netfilter: xtables: substitute temporary defines by final name 2010-05-11 18:31:17 +02:00
xt_u32.c netfilter: xtables: deconstify struct xt_action_param for matches 2010-05-11 18:33:37 +02:00