]> err.no Git - linux-2.6/commit
[NETFILTER]: x_tables: add connlimit match
authorJan Engelhardt <jengelh@gmx.de>
Sun, 15 Jul 2007 03:47:26 +0000 (20:47 -0700)
committerDavid S. Miller <davem@davemloft.net>
Sun, 15 Jul 2007 03:47:26 +0000 (20:47 -0700)
commit370786f9cfd430cb424f00ce4110e75bb1b95a19
treedf0e51882850f8db8da8f6e4ab746179b1993b9c
parenta887c1c148ffb3eb1c193e9869ca5297c6e22078
[NETFILTER]: x_tables: add connlimit match

ipt_connlimit has been sitting in POM-NG for a long time.
Here is a new shiny xt_connlimit with:

 * xtables'ified
 * will request the layer3 module
   (previously it hotdropped every packet when it was not loaded)
 * fixed: there was a deadlock in case of an OOM condition
 * support for any layer4 protocol (e.g. UDP/SCTP)
 * using jhash, as suggested by Eric Dumazet
 * ipv6 support

Signed-off-by: Jan Engelhardt <jengelh@gmx.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
include/linux/netfilter/xt_connlimit.h [new file with mode: 0644]
net/netfilter/Kconfig
net/netfilter/Makefile
net/netfilter/xt_connlimit.c [new file with mode: 0644]