dect
/
linux-2.6
Archived
13
0
Fork 0
Code Releases Activity
This repository has been archived on 2022-02-17. You can view files and clone it, but cannot push or open issues or pull requests.
linux-2.6/include/linux/netfilter
History
James Morris 100468e9c0 [SECMARK]: Add CONNSECMARK xtables target 
Add a new xtables target, CONNSECMARK, which is used to specify rules
for copying security marks from packets to connections, and for
copyying security marks back from connections to packets.  This is
similar to the CONNMARK target, but is more limited in scope in that
it only allows copying of security marks to and from packets, as this
is all it needs to do.

A typical scenario would be to apply a security mark to a 'new' packet
with SECMARK, then copy that to its conntrack via CONNMARK, and then
restore the security mark from the connection to established and
related packets on that connection.

Signed-off-by: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
 		2006-06-17 21:30:03 -07:00
..
nf_conntrack_common.h [NETFILTER]: conntrack: add fixed timeout flag in connection tracking 2006-06-17 21:28:59 -07:00
nf_conntrack_ftp.h [NETFILTER]: Add nf_conntrack subsystem. 2005-11-09 16:38:16 -08:00
nf_conntrack_sctp.h [NETFILTER]: Add nf_conntrack subsystem. 2005-11-09 16:38:16 -08:00
nf_conntrack_tcp.h [NETFILTER]: Add nf_conntrack subsystem. 2005-11-09 16:38:16 -08:00
nf_conntrack_tuple_common.h [NETFILTER]: Add nf_conntrack subsystem. 2005-11-09 16:38:16 -08:00
nfnetlink.h [NETFILTER]: ctnetlink: avoid unneccessary event message generation 2006-03-20 18:03:59 -08:00
nfnetlink_conntrack.h [NETFILTER]: ctnetlink: fix NAT configuration 2006-06-17 21:29:01 -07:00
nfnetlink_log.h [NETFILTER] nfnetlink_log: add sequence numbers for log events 2006-03-20 17:15:11 -08:00
nfnetlink_queue.h
x_tables.h [NETFILTER] x_tables: fix compat related crash on non-x86 2006-05-01 20:48:32 -07:00
xt_CLASSIFY.h [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
xt_CONNMARK.h [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
xt_CONNSECMARK.h [SECMARK]: Add CONNSECMARK xtables target 2006-06-17 21:30:03 -07:00
xt_MARK.h [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
xt_NFQUEUE.h [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
xt_SECMARK.h [SECMARK]: Add xtables SECMARK target 2006-06-17 21:29:59 -07:00
xt_comment.h [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
xt_connbytes.h [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
xt_connmark.h [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
xt_conntrack.h [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
xt_dccp.h [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
xt_esp.h [NETFILTER]: x_tables: unify IPv4/IPv6 esp match 2006-04-01 02:22:30 -08:00
xt_helper.h [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
xt_length.h [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
xt_limit.h [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
xt_mac.h [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
xt_mark.h [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
xt_multiport.h [NETFILTER]: x_tables: unify IPv4/IPv6 multiport match 2006-04-01 02:22:54 -08:00
xt_physdev.h [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
xt_pkttype.h [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
xt_policy.h [NETFILTER]: x_tables: replace IPv4/IPv6 policy match by address family independant version 2006-03-20 18:03:40 -08:00
xt_quota.h [NETFILTER]: x_tables: add quota match 2006-06-17 21:28:49 -07:00
xt_realm.h [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
xt_sctp.h [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
xt_state.h [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
xt_statistic.h [NETFILTER]: x_tables: add statistic match 2006-06-17 21:28:51 -07:00
xt_string.h [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
xt_tcpmss.h [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00
xt_tcpudp.h [NETFILTER] x_tables: Abstraction layer for {ip,ip6,arp}_tables 2006-01-12 14:06:43 -08:00