summaryrefslogtreecommitdiff
path: root/staging/tools.c
AgeCommit message (Collapse)AuthorFilesLines
2013-05-13staging: add mausezahn staging directoryDaniel Borkmann1-0/+1344
After some back and forth, we decided that it is easier to maintain mausezahn in a staging directory until it is fully reworked and cleaned up to be ready to be fully integrated. This way, it is better than having it in a separate branch, and we can also accept patches from outside more easily. Also, while at it, fix up some function mismatches with libcli. Signed-off-by: Daniel Borkmann <dborkman@redhat.com> Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-07-21 23:27:13 +0000
netfilter.org>2016-12-06 21:42:00 +0100 commit834184b1f3a4635efbdfdae5fb437f109f6605fa (patch) tree6ea25a837123c698a7feead4ee5e2d0f2e74cda4 /net/ipv6 parent481fa3734769b67f00ed09a42f2a6a8cbd00b869 (diff)
netfilter: defrag: only register defrag functionality if needed
nf_defrag modules for ipv4 and ipv6 export an empty stub function. Any module that needs the defragmentation hooks registered simply 'calls' this empty function to create a phony module dependency -- modprobe will then load the defrag module too. This extends netfilter ipv4/ipv6 defragmentation modules to delay the hook registration until the functionality is requested within a network namespace instead of module load time for all namespaces. Hooks are only un-registered on module unload or when a namespace that used such defrag functionality exits. We have to use struct net for this as the register hooks can be called before netns initialization here from the ipv4/ipv6 conntrack module init path. There is no unregister functionality support, defrag will always be active once it was requested inside a net namespace. The reason is that defrag has impact on nft and iptables rulesets (without defrag we might see framents). Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/ipv6')