linux.git/net/netfilter/nfnetlink_queue.c, branch v2.6.15 Linux kernel source tree [NETFILTER] nfnetlink: unconditionally require CAP_NET_ADMIN 2005-11-14T23:24:59+00:00 Harald Welte laforge@netfilter.org 2005-11-14T23:24:59+00:00 37d2e7a20d745035b600f1a6be56cbb9c7259419 This patch unconditionally requires CAP_NET_ADMIN for all nfnetlink messages. It also removes the per-message cap_required field, since all existing subsystems use CAP_NET_ADMIN for all their messages anyway. Patrick McHardy owes me a beer if we ever need to re-introduce this. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net> 
This patch unconditionally requires CAP_NET_ADMIN for all nfnetlink
messages.  It also removes the per-message cap_required field, since all
existing subsystems use CAP_NET_ADMIN for all their messages anyway.

Patrick McHardy owes me a beer if we ever need to re-introduce this.

Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
[NETFILTER] nfnetlink: Use kzalloc 2005-11-05T18:35:27+00:00 Harald Welte laforge@netfilter.org 2005-11-03T18:20:07+00:00 10dfdc69ea07d5a6c24406755f5e8de95a1b8901 These is a cleanup patch, kzalloc can be used in a couple of cases Signed-off-by: Samir Bellabes <sbellabes@mandriva.com> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com> 
These is a cleanup patch, kzalloc can be used in a couple of cases

Signed-off-by: Samir Bellabes <sbellabes@mandriva.com>
Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
[NET]: Fix packet timestamping. 2005-10-03T20:57:23+00:00 Herbert Xu herbert@gondor.apana.org.au 2005-10-03T20:57:23+00:00 325ed8239309cb29f10ea58c5a668058ead11479 I've found the problem in general. It affects any 64-bit architecture. The problem occurs when you change the system time. Suppose that when you boot your system clock is forward by a day. This gets recorded down in skb_tv_base. You then wind the clock back by a day. From that point onwards the offset will be negative which essentially overflows the 32-bit variables they're stored in. In fact, why don't we just store the real time stamp in those 32-bit variables? After all, we're not going to overflow for quite a while yet. When we do overflow, we'll need a better solution of course. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net> 
I've found the problem in general.  It affects any 64-bit
architecture.  The problem occurs when you change the system time.

Suppose that when you boot your system clock is forward by a day.
This gets recorded down in skb_tv_base.  You then wind the clock back
by a day.  From that point onwards the offset will be negative which
essentially overflows the 32-bit variables they're stored in.

In fact, why don't we just store the real time stamp in those 32-bit
variables? After all, we're not going to overflow for quite a while
yet.

When we do overflow, we'll need a better solution of course.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
[NETFILTER]: Fix HW checksum handling in nfnetlink_queue 2005-09-06T22:10:00+00:00 Patrick McHardy kaber@trash.net 2005-09-06T22:10:00+00:00 e7dfb09a3624a32df2dd00683875d0e56406a603 Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net> 
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
[NETFILTER] remove bogus hand-coded htonll() from nenetlink_queue 2005-09-06T01:09:08+00:00 Harald Welte laforge@netfilter.org 2005-09-06T01:09:08+00:00 aa07ca5793414ce257ad98809147bd1dbb7a3837 htonll() is nothing else than cpu_to_be64(), so we'd rather call the latter. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net> 
htonll() is nothing else than cpu_to_be64(), so we'd rather call the
latter.

Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
[NETFILTER]: net/netfilter/nfnetlink*: make functions static 2005-09-06T01:06:45+00:00 Adrian Bunk bunk@stusta.de 2005-09-06T01:06:45+00:00 395dde20fb06153feb65d79d7fe83eda41bf50e7 This patch makes needlessly global functions static. Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: David S. Miller <davem@davemloft.net> 
This patch makes needlessly global functions static.

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
[NET]: Store skb->timestamp as offset to a base timestamp 2005-08-29T22:58:24+00:00 Patrick McHardy kaber@trash.net 2005-08-15T00:24:31+00:00 a61bbcf28a8cb0ba56f8193d512f7222e711a294 Reduces skb size by 8 bytes on 64-bit. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net> 
Reduces skb size by 8 bytes on 64-bit.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
[NETFILTER]: add /proc/net/netfilter interface to nf_queue 2005-08-29T22:51:18+00:00 Harald Welte laforge@netfilter.org 2005-08-10T03:23:11+00:00 bbd86b9fc469b7e91dc7444e6abb8930811d79cb This patch adds a /proc/net/netfilter/nf_queue file, similar to the recently-added /proc/net/netfilter/nf_log. It indicates which queue handler is registered to which protocol family. This is useful since there are now multiple queue handlers in the treee (ip[6]_queue, nfnetlink_queue). Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net> 
This patch adds a /proc/net/netfilter/nf_queue file, similar to the
recently-added /proc/net/netfilter/nf_log.  It indicates which queue
handler is registered to which protocol family.  This is useful since
there are now multiple queue handlers in the treee (ip[6]_queue,
nfnetlink_queue).

Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
[NETFILTER]: add correct bridging support to nfnetlink_{queue,log} 2005-08-29T22:51:15+00:00 Harald Welte laforge@netfilter.org 2005-08-10T03:22:10+00:00 fbcd923c3e0c8ec9e4ed64f5a4e5766807b32729 This patch adds support for passing the real 'physical' device ifindex down to userspace via nfnetlink_log and nfnetlink_queue. This feature basically obsoletes net/bridge/netfilter/ebt_ulog.c, and it is likely ebt_ulog.c will die with one of the next couple of patches. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net> 
This patch adds support for passing the real 'physical' device ifindex
down to userspace via nfnetlink_log and nfnetlink_queue.

This feature basically obsoletes net/bridge/netfilter/ebt_ulog.c, and
it is likely ebt_ulog.c will die with one of the next couple of
patches.

Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
[NETFILTER]: attribute count is an attribute of message type, not subsytem 2005-08-29T22:39:14+00:00 Harald Welte laforge@netfilter.org 2005-08-10T03:03:40+00:00 927ccbcc28dceee29dad876982768cca29738564 Prior to this patch, every nfnetlink subsystem had to specify it's attribute count. However, in reality the attribute count depends on the message type within the subsystem, not the subsystem itself. This patch moves 'attr_count' from 'struct nfnetlink_subsys' into nfnl_callback to fix this. Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net> 
Prior to this patch, every nfnetlink subsystem had to specify it's
attribute count.  However, in reality the attribute count depends on
the message type within the subsystem, not the subsystem itself.  This
patch moves 'attr_count' from 'struct nfnetlink_subsys' into
nfnl_callback to fix this.

Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>