dect/linux-2.6
Archived
14
0
Fork 0
Code Releases Activity
This repository has been archived on 2022-02-17. You can view files and clone it, but cannot push or open issues or pull requests.
linux-2.6/include/linux/netfilter_ipv4
History
Harald Welte 188bab3ae0 [NETFILTER]: Fix invalid module autoloading by splitting iptable_nat 
When you've enabled conntrack and NAT as a module (standard case in all
distributions), and you've also enabled the new conntrack netlink
interface, loading ip_conntrack_netlink.ko will auto-load iptable_nat.ko.
This causes a huge performance penalty, since for every packet you iterate
the nat code, even if you don't want it.

This patch splits iptable_nat.ko into the NAT core (ip_nat.ko) and the
iptables frontend (iptable_nat.ko).  Threfore, ip_conntrack_netlink.ko will
only pull ip_nat.ko, but not the frontend.  ip_nat.ko will "only" allocate
some resources, but not affect runtime performance.

This separation is also a nice step in anticipation of new packet filters
(nf-hipac, ipset, pkttables) being able to use the NAT core.

Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-09-26 15:25:11 -07:00
..
ip_conntrack.h [NETFILTER] Fix conntrack event cache deadlock/oops 2005-09-22 23:46:57 -07:00
ip_conntrack_amanda.h
ip_conntrack_core.h [NETFILTER]: kill __ip_ct_expect_unlink_destroy 2005-09-06 15:10:46 -07:00
ip_conntrack_ftp.h
ip_conntrack_helper.h
ip_conntrack_icmp.h
ip_conntrack_irc.h
ip_conntrack_pptp.h [NETFILTER] remove unneeded structure definition from conntrack helper 2005-09-22 23:45:44 -07:00
ip_conntrack_proto_gre.h [NETFILTER]: Add new PPTP conntrack and NAT helper 2005-09-19 15:33:08 -07:00
ip_conntrack_protocol.h
ip_conntrack_sctp.h
ip_conntrack_tcp.h
ip_conntrack_tftp.h
ip_conntrack_tuple.h [NETFILTER] Fix sparse endian warnings in pptp helper 2005-09-22 23:45:24 -07:00
ip_nat.h
ip_nat_core.h [NETFILTER]: Fix invalid module autoloading by splitting iptable_nat 2005-09-26 15:25:11 -07:00
ip_nat_helper.h
ip_nat_pptp.h [NETFILTER]: Add new PPTP conntrack and NAT helper 2005-09-19 15:33:08 -07:00
ip_nat_protocol.h
ip_nat_rule.h [NETFILTER]: Handle NAT module load race 2005-09-06 15:09:43 -07:00
ip_queue.h
ip_tables.h [NETFILTER]: Add goto target 2005-08-29 16:04:18 -07:00
ipt_addrtype.h
ipt_ah.h
ipt_CLASSIFY.h
ipt_CLUSTERIP.h
ipt_comment.h
ipt_connbytes.h [NETFILTER]: Nicer names for ipt_connbytes constants 2005-08-29 15:58:17 -07:00
ipt_CONNMARK.h
ipt_connmark.h
ipt_conntrack.h
ipt_dccp.h [NETFILTER]: New iptables DCCP protocol header match 2005-08-29 15:54:28 -07:00
ipt_dscp.h
ipt_DSCP.h
ipt_ecn.h
ipt_ECN.h
ipt_esp.h
ipt_hashlimit.h
ipt_helper.h
ipt_iprange.h
ipt_length.h
ipt_limit.h
ipt_LOG.h [NETFILTER]: Extend netfilter logging API 2005-08-29 15:38:07 -07:00
ipt_mac.h
ipt_MARK.h
ipt_mark.h
ipt_multiport.h
ipt_NFQUEUE.h [NETFILTER]: Add "nfnetlink_queue" netfilter queue handler over nfnetlink 2005-08-29 15:36:56 -07:00
ipt_owner.h
ipt_physdev.h
ipt_pkttype.h
ipt_realm.h
ipt_recent.h
ipt_REJECT.h
ipt_SAME.h
ipt_sctp.h
ipt_state.h
ipt_string.h [NETFILTER]: Add string match 2005-08-29 16:04:07 -07:00
ipt_TCPMSS.h
ipt_tcpmss.h
ipt_TOS.h
ipt_tos.h
ipt_TTL.h [NETFILTER]: Add new iptables TTL target 2005-08-29 16:13:22 -07:00
ipt_ttl.h
ipt_ULOG.h
listhelp.h